Commit Graph

21 Commits

Author SHA1 Message Date
unman
194e0bc3cc
Prompt to create policy file for qubes-rpc if not present. 2017-04-20 22:27:36 +01:00
Marek Marczykowski-Górecki
981a11cee1
qrexec: really do not match 'dom0' at '$anyvm', as documented
Design documentation says:
'note string dom0 does not match the $anyvm pattern; all other names do'

This behaviour was broken, because 'is not' in python isn't the same as
string comparison. In theory this could result in some service
erroneously allowed to execute in dom0, but in practice such services are
not installed in dom0 at all, so the only impact was misleading error
message.

Fixes QubesOS/qubes-issues#2031
Reported by @Jeeppler
2016-11-18 02:51:25 +01:00
Marek Marczykowski-Górecki
610902a5c1
Revert "qrexec: fix "yes to all" for qrexec calls with custom argument"
Do not copy policy file at arbitrary time.
This reverts commit 1dff6361b7.
2016-10-31 14:17:54 +01:00
Marek Marczykowski-Górecki
1dff6361b7
qrexec: fix "yes to all" for qrexec calls with custom argument
If argument-specific policy file do not exists, create one based on
generic one.

Fixes QubesOS/qubes-issues#2403
Reported by @Rudd-O
2016-10-28 13:28:04 +02:00
Marek Marczykowski-Górecki
0607d9021a
qrexec: add support for service argument
Fixes QubesOS/qubes-issues#1876
2016-03-27 04:31:11 +02:00
Marek Marczykowski-Górecki
fa8ebeb42d Fix typo in "d9d48e8 qrexec: use tray notification when..."
Fixes QubesOS/qubes-issues#1446

Thanks HW42 for the report.
2015-12-28 00:59:45 +01:00
Marek Marczykowski-Górecki
d9d48e8948
qrexec: use tray notification when VM needs to be started
For both successful start and the failed one

Fixes QubesOS/qubes-issues#1446
2015-12-26 02:09:06 +01:00
Marek Marczykowski-Górecki
c8ce468c7f
qrexec: fallback to kdialog if zenity is not installed
Fixes QubesOS/qubes-issues#1277
2015-10-11 01:55:46 +02:00
Marek Marczykowski-Górecki
63e74a01d3
qrexec: fix handling autostarting RPC target VM
Do not reimplement manual VM state checking in qrexec-policy.
`qubes.xml` is loaded anyway, so just use QubesVM object to check if
domain is running.

Fixes QubesOS/qubes-issues#1283
2015-10-11 01:52:40 +02:00
Marek Marczykowski-Górecki
6efbbb88da qrexec: new protocol - direct data vchan connections 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
9a1c071f40 qrexec-policy: remove trailing spaces 2014-11-19 15:21:42 +01:00
Marek Marczykowski
0eaae9790c Use QubesVMMConnection object
Introduced in core-admin:
af521bd Wrap all VMM connection related object into QubesVMMConnection
class
2014-11-19 15:21:41 +01:00
Marek Marczykowski
6d2755abe6 Use libvirt in qrexec-policy
Import connection for core qubes module.
2014-11-19 15:21:41 +01:00
Marek Marczykowski-Górecki
28dfdddc0e Minor fixes in messages 2014-10-28 05:28:13 +01:00
Marek Marczykowski-Górecki
9de6171a43 qubes-rpc: log (local) service output to syslog, discard stderr from VMs (#842)
Basically - store the logs where the service is running.
2014-05-05 05:27:08 +02:00
Vincent Penquerc'h
97c7c97420 qrexec-policy: warn if some data is ignored
Something like vm1 vm2 allow, user=foo would be 4 items,
and the user part would be ignored by the parser.
It might or might not be better to error out instead of
just warning, though...
2014-01-06 17:54:46 +01:00
Marek Marczykowski-Górecki
05390894be Qrexec: log allowed RPC calls 2013-10-27 19:23:09 +01:00
Marek Marczykowski-Górecki
0ab5a89895 Minor whitespace fix 2013-10-27 19:22:47 +01:00
Marek Marczykowski-Górecki
c95cd3a054 qrexec: validate target domain (#743) 2013-08-15 00:01:56 +02:00
Marek Marczykowski-Górecki
aedd97bb3a qrexec: minor formating fix 2013-08-15 00:01:41 +02:00
Marek Marczykowski
158bfff3cf Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:24:17 +01:00