Marek Marczykowski-Górecki
5035fc7eed
Remove iptables config
...
Dom0 have no network at all, it isn't needed.
2015-03-31 22:55:25 +02:00
Marek Marczykowski-Górecki
2866196dad
version 3.0.1
2015-03-26 23:53:33 +01:00
Marek Marczykowski-Górecki
3c151ca509
dom0-update: allow to specify custom yum action
...
This can be useful for actions like "downgrade", "reinstall" etc.
Needs additional testing if whole distribution upgrade using
"distro-sync" action will work as expected.
2015-03-26 00:58:10 +01:00
Marek Marczykowski-Górecki
51c736a92c
qrexec: enable compiler optimization
2015-03-20 12:16:28 +01:00
Marek Marczykowski-Górecki
18d079a99a
qrexec: fix compiler warnings
2015-03-20 12:16:19 +01:00
Marek Marczykowski-Górecki
b07475efea
qrexec: make the log writable by qubes group
...
Otherwise if VM was started as root, it will never start as normal user
again.
2015-03-20 03:06:06 +01:00
Marek Marczykowski-Górecki
04816e014b
qrexec: do not exit from qrexec-client until local process exit code is sent
2015-03-17 22:55:15 +01:00
Marek Marczykowski-Górecki
662813dc18
appmenus: recreate appmenus for the template itself after update
2015-03-11 00:00:37 +01:00
Marek Marczykowski-Górecki
735788dbd6
appmenus: do not force GUI connection when retrieving appmenus
...
There could be no GUI available - for example at firstboot.
2015-03-10 23:59:30 +01:00
Marek Marczykowski-Górecki
e76007fe20
qrexec: periodically check if remote domain/process still exists
2015-02-22 18:25:14 +01:00
Marek Marczykowski-Górecki
9ea5790a9b
appmenus: really call kbuildsycoca4 only once after template update ( #886 )
2015-02-22 02:08:49 +01:00
Marek Marczykowski-Górecki
5645b4c307
qrexec: wait for remote exit code, even when both stdin/out are closed
2015-02-17 03:57:17 +01:00
Marek Marczykowski-Górecki
61eb2e7764
qrexec: fix handling of remote exit code
2015-02-11 16:11:38 +01:00
Marek Marczykowski-Górecki
d031126737
Add "--" to separate options from (untrusted) non-options arguments
...
This will prevent passing an option instead of command (qvm-run) /
domain name (qrexec-policy). In both cases when VM tries to pass some
option it would fail because missing argument then - VM can not pass
additional arguments, so if one act as an option, one argument will be
missing).
2015-02-10 01:57:33 +01:00
Marek Marczykowski-Górecki
4449d51d98
udev: prevent race with kpartx -d
...
udevd calls (internal) blkid, which opens the device, so kpartx -d
cannot remove it.
2015-02-01 04:05:05 +01:00
Marek Marczykowski-Górecki
a28e6e1044
appmenus: call kbuildsycoca4 only once after template update ( #886 )
2015-01-30 01:57:19 +01:00
Marek Marczykowski-Górecki
04770e4037
version 3.0.0
2014-11-22 16:24:11 +01:00
Marek Marczykowski-Górecki
af66472c36
rpm: add missing vchan-devel build requires
2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
1d017449d0
qrexec: fix compile warnings
2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
6efbbb88da
qrexec: new protocol - direct data vchan connections
2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
0ba692c85a
code style: change tabs to spaces
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
6e47f12118
Revert "qrexec: fix deadlock in qrexec-client"
...
This reverts commit 79abec9038
.
The problem will not be applicable in new protocol, where vchan
connection is directly between VMs, so there is no longer two connected
qrexec-clients - always one end of data flow in qrexec-client is vchan,
which provide information about amount of data to read or buffer
space to write (lack of the later in case of pipes was a cause of the
original problem).
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
9a1c071f40
qrexec-policy: remove trailing spaces
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
29d94c6478
dracut: change the way to include ehci-pci module
...
Apparently add_drivers doesn't work. Looking at kernel-modules dracut
code, it can only be used for block-device driver and only makes sense
in --host-only mode.
So add additional module, which unconditionally install kernel modules.
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
76e3a34e7c
dracut: include ehci-pci module in initramfs image
...
In recent kernel releases this additional module is required
to support USB 2.0 controllers.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
0eaae9790c
Use QubesVMMConnection object
...
Introduced in core-admin:
af521bd Wrap all VMM connection related object into QubesVMMConnection
class
2014-11-19 15:21:41 +01:00
Marek Marczykowski
43770dae36
qrexec: handle vchan connect errors
2014-11-19 15:21:41 +01:00
Marek Marczykowski
d08831cc7e
qrexec: get domain name from cmdline
...
libvchan_get_domain_name will be removed
2014-11-19 15:21:41 +01:00
Marek Marczykowski
6d2755abe6
Use libvirt in qrexec-policy
...
Import connection for core qubes module.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
7bdf7b3f36
use domain name in error messages and log file name
...
Should be much more convenient than XID.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
9215c09656
update for new vchan API
2014-11-19 15:21:40 +01:00
Marek Marczykowski-Górecki
8f2a03e672
rpm: fix permissions of /etc/qubes-rpc{,/policy}
...
Group qubes should have write right there.
2014-10-30 06:40:34 +01:00
Marek Marczykowski-Górecki
28dfdddc0e
Minor fixes in messages
2014-10-28 05:28:13 +01:00
Marek Marczykowski-Górecki
be43682df1
version 2.0.24
2014-10-25 01:47:13 +02:00
Marek Marczykowski-Górecki
6cca9a377f
qrexec: add -q option to silence "Waiting for VM's qrexec agent" message
2014-10-24 22:03:46 +02:00
Marek Marczykowski-Górecki
1e8b3ea876
rpm: do not save removed udev script
...
As Qubes dom0 is standalone system, not an addon to Fedora (for some
time...), we do not longer need to save such scripts to handle
package remove.
2014-09-30 23:51:10 +02:00
Marek Marczykowski-Górecki
40178a161e
appmenus: mute output when verbose=False
2014-09-18 07:46:00 +02:00
Marek Marczykowski-Górecki
a0eda3023f
version 2.0.23
2014-09-09 22:29:31 +02:00
Marek Marczykowski-Górecki
4758fc1781
appmenus: create apps.tempicons directory if missing ( #896 )
2014-09-09 02:13:08 +02:00
Joanna Rutkowska
808d63c6b6
version 2.0.22
2014-07-12 14:02:46 +02:00
Joanna Rutkowska
df0db675f2
Merge branch 'master' of http://git.woju.eu/qubes/core-admin-linux
2014-07-12 14:01:58 +02:00
Wojciech Zygmunt Porczyk
0f7730c2e3
appmenus: use new label icons
2014-07-10 16:28:05 +02:00
Joanna Rutkowska
5e101ea389
version 2.0.21
2014-07-06 13:44:54 +02:00
Marek Marczykowski-Górecki
9687180a62
udev: prevent dom0 processes from accessing templates root image
2014-07-04 04:29:31 +02:00
Marek Marczykowski-Górecki
7bfa26bd2f
version 2.0.20
2014-07-01 03:47:12 +02:00
Marek Marczykowski-Górecki
79abec9038
qrexec: fix deadlock in qrexec-client
...
When VM-VM qrexec service is called, two qrexec-clients are connected in
dom0. If both VMs are sending data simultaneously it can happen that
both qrexec-client processes will call write(2) and none of them will be
reading -> deadlock.
Solve it by handling I/O in two separate threads (one for reading from
VM, another for writing), at any time qrexec-client is ready to accept
data from either direction.
2014-07-01 03:24:46 +02:00
Marek Marczykowski-Górecki
6ab53c9456
version 2.0.19
2014-06-30 16:17:23 +02:00
Marek Marczykowski-Górecki
a74b69ce08
dom0-updates: ensure that metadata are available to normal user
2014-06-30 16:16:59 +02:00
Marek Marczykowski-Górecki
a013cb3eca
dom0-updates: call "apper --updates" to go directly to updates tab
2014-06-30 16:16:08 +02:00
Marek Marczykowski-Górecki
8627ef9a80
dom0-updates: use GUI tool appropriate to current DE ( #824 )
2014-06-29 22:02:00 +02:00