Commit Graph

355 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
cce22c9517
qrexec-policy: new DispVM handling - $dispvm:DISP_VM keyword
Add support for `$dispvm:DISP_VM` syntax in target specification. At the
same time update the code for core3 API for handling DispVMs.

QubesOS/qubes-issues#2253
2016-09-05 14:38:46 +02:00
Marek Marczykowski-Górecki
009e2e6adb
qrexec-policy: prefer using VM objects
Pass VM object instead of just name - it will make extending much
easier. For example new DispVM handling.

QubesOS/qubes-issues#2253
2016-09-05 14:38:46 +02:00
Marek Marczykowski-Górecki
849b295384
qrexec: add option to wait for VM-VM connection termination
Normally when qrexec-client setup VM-VM connection it exits
immediatelly. But it may be useful to wait for the connection to
terminate - for example to cleanup DispVM.

qrexec-daemon (the one that allocated vchan port) do receive such
notification, so expose such option to qrexec-client.

QubesOS/qubes-issues#2253
2016-08-17 02:41:22 +02:00
Marek Marczykowski-Górecki
9192bb0d44
qrexec: don't call exit directly from qrexec-policy main
Use `return` instead. This makes possible to implement unit tests on
this function. And also makes static analysis a little happier.
2016-08-17 02:41:22 +02:00
Marek Marczykowski-Górecki
9a5bd57d1b
qrexec: switch to ArgumentParser in qrexec-policy 2016-08-17 02:41:22 +02:00
Marek Marczykowski-Górecki
8a780cb7f5
qrexec: reformat qrexec-policy
No functional change, just make it slightly less painful to read...
2016-08-16 02:58:04 +02:00
Marek Marczykowski-Górecki
92c3ba578a
appmenus: register event handlers on QubesVM, not BaseVM
It is critical to call rename-related events in the right order related
to those in QubesVM, because handler at QubesVM renames VM directory.

After "qubes/events: fix event handlers ordering" in qubes-core-admin it
is (again) possible to deterministically order event handler from
extension in relation to those from the class itself. But since ordering
on object class have higher priority (first from base class), those
handlers needs to be attached to the same class.
2016-08-15 23:53:11 +02:00
Marek Marczykowski-Górecki
da9205c78a
tests/appmenus: fix template cloning code
create_on_disk no longer handle cloning files.
2016-08-15 23:52:35 +02:00
Marek Marczykowski-Górecki
3abee97e13
appmenus: adjust for QubesArgumentParser API change 2016-08-15 23:52:13 +02:00
Marek Marczykowski-Górecki
86ef6906ad
appmenus: don't crash on VM without files on disk
Such VM can still trigger some appmenus-related action, for example
label change. This may happen during tests, or backup restore. And
probably some other cases.
2016-08-15 23:49:59 +02:00
Marek Marczykowski-Górecki
fe209dfd24
appmenus: clone default whitelists for VM type
Don't bother with checking whether it is a template or not - when
cloning VM disk files, copy those files anyway (if exist of course).
2016-08-08 14:38:50 +02:00
Marek Marczykowski-Górecki
daf1fd4759
systemd: enable xen-init-dom0.service
This is the right upstream service to init dom0 entries. Instead of our
own script.
2016-08-08 01:15:56 +02:00
Marek Marczykowski-Górecki
c34427e264
rpm: make sure /usr/bin/python (not /bin/python) is used
Otherwise rpm will fail to resolve dependencies (no package provides
/bin/python).
2016-08-08 00:51:50 +02:00
Marek Marczykowski-Górecki
bf140ae175
appmenus: misc API sync with core-admin
- there is no longer vm.is_netvm/is_disposablevm.
- 'domain-create-on-disk' even have no longer 'source_template' argument
2016-08-08 00:51:49 +02:00
Marek Marczykowski-Górecki
19609705fc
appmenus: do nothing if VM isn't created on disk yet
This may be a case during backup restore - some properties may be
modifier before restoring actual files.

QubesOS/qubes-issues#1897
2016-08-08 00:51:49 +02:00
Marek Marczykowski-Górecki
aef9aa2dd3
appmenus: few more tests
QubesOS/qubes-issues#1897
2016-08-08 00:51:49 +02:00
Marek Marczykowski-Górecki
0fbc644fd9
appmenus: fix handling custom templates
QubesOS/qubes-issues#1897
2016-08-08 00:51:49 +02:00
Marek Marczykowski-Górecki
f688cba49c
appmenus: adjust checking label color
Checking icon color is hard...

QubesOS/qubes-issues#1606
2016-08-08 00:51:48 +02:00
Marek Marczykowski-Górecki
7dccbd1ead
appmenus: convert shell scripts to python
Fixes QubesOS/qubes-issues#1897
2016-08-08 00:51:48 +02:00
Marek Marczykowski-Górecki
9690f52dc5
appmenus: add more tests
QubesOS/qubes-issues#1897
2016-08-08 00:51:48 +02:00
Marek Marczykowski-Górecki
e846f26bd3
appmenus: convert qvm-sync-appmenus to core3 API
QubesOS/qubes-issues#1897
2016-08-08 00:51:48 +02:00
Marek Marczykowski-Górecki
54a5dd92cf
appmenus: indentation
QubesOS/qubes-issues#1897
2016-08-08 00:51:47 +02:00
Marek Marczykowski-Górecki
c32fbe14aa
appmenus: add simple unit tests
QubesOS/qubes-issues#1897
2016-08-08 00:51:47 +02:00
Marek Marczykowski-Górecki
acee13bf53
appmenus: use setuptools for packaging
QubesOS/qubes-issues#1897
2016-08-08 00:51:47 +02:00
Marek Marczykowski-Górecki
d446f849d8
appmenus: initial conversion to core3 API
This commits change code itself for core3 API, but doesn't plug it
anywhere yet.

QubesOS/qubes-issues#1897
2016-08-08 00:51:46 +02:00
Marek Marczykowski-Górecki
b91eace873
dom0-updates: convert to core3 API 2016-08-08 00:47:18 +02:00
Marek Marczykowski-Górecki
0568d2ae3b
qrexec: initial convert qrexec-policy to core3 API 2016-08-08 00:47:18 +02:00
Wojtek Porczyk
6ca61dc709
Renamed imgconverter module 2016-08-08 00:47:18 +02:00
Marek Marczykowski-Górecki
769e70e76a
version 3.2.5 2016-07-17 04:57:35 +02:00
Marek Marczykowski-Górecki
db32b65d81
appmenus: add xterm in Disposable VM menu entry
Fixes QubesOS/qubes-issues#1612
2016-07-17 00:00:47 +02:00
Marek Marczykowski-Górecki
7080c0371d
appmenus: force X-Qubes-VM category for all VM-related entries
This will ease filtering entries when constructing applications menu.
For example '<OnlyUnallocated/>' key used in Xfce4 before looks to
introduce some problems.

Fixes QubesOS/qubes-issues#2129
2016-07-15 11:31:27 +02:00
Marek Marczykowski-Górecki
e90c8a97ff
appmenus: fix detection of desktop environment
In Fedora 23-based dom0, DESKTOP_SESSION environment contains full path
to session file, instead of just basename.

QubesOS/qubes-issues#1606
2016-07-14 04:32:16 +02:00
Marek Marczykowski-Górecki
6cd45f88c5
Merge remote-tracking branch 'qubesos/pr/8'
* qubesos/pr/8:
  Don't probe disk contents of loop* or xvd*
  Copy unmodified(!) 60-persistent-storage.rules from Fedora 23
2016-06-26 22:03:18 +02:00
Rusty Bird
fe6846d5eb
Add AEM services to 75-qubes-dom0.preset
They will only start if booted with rd.antievilmaid anyway.
2016-06-26 15:17:38 +00:00
Rusty Bird
ae7656e348
Don't probe disk contents of loop* or xvd*
Adds a standalone rule to the very top of 60-persistent-storage.rules.
2016-06-26 12:51:20 +00:00
Rusty Bird
e85363da20
Copy unmodified(!) 60-persistent-storage.rules from Fedora 23 2016-06-26 12:36:31 +00:00
Marek Marczykowski-Górecki
db8aa6cf15
version 3.2.4 2016-06-24 23:07:32 +02:00
Marek Marczykowski-Górecki
d9b37eec6c
dom0-updates: whitespace fixes 2016-06-24 02:24:52 +02:00
Marek Marczykowski-Górecki
3eed63b892
Merge remote-tracking branch 'ttasket/ttasket-patch-3'
Fixes QubesOS/qubes-issues#2061

* ttasket/ttasket-patch-3:
  Fixes
  Re-create private.img if missing
  Try to handle private.img (fail)
  Fix syntax
  Backup root.img
  Update qubes-dom0-update
  Backup root.img
  Backup root.img
  Support in-place template reinstalls - for testing
  Add template reinstall support
2016-06-24 02:22:45 +02:00
ttasket
fbb58918af Fixes
Moved create private.img before yum.
Shutdown templatevm first -- don't want to query possibly compromised vm running old private.img.
Issue #2061
2016-06-21 15:15:34 -04:00
ttasket
ef1ab34234 Re-create private.img if missing
This restores the netvm setting and also re-creates private.img if older rpm scriptlet doesn't create it.
Issue #2061
2016-06-21 10:57:57 -04:00
ttasket
577944c8fb Try to handle private.img (fail)
mv and rm private.img like root.img, but this results in no private.img after reinstall.
do not use.
2016-06-20 14:04:55 -04:00
ttasket
457b275800 Fix syntax
@marmarek This works on my system.
2016-06-20 13:36:30 -04:00
ttasket
32a4269f4a Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails.
Also preserves Netvm prefs setting.
2016-06-18 12:00:00 -04:00
ttasket
d316624f61 Update qubes-dom0-update 2016-06-18 05:24:18 -04:00
ttasket
8c7a225070 Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails. Fixed PKGS test.
2016-06-18 04:22:23 -04:00
ttasket
6c7c25d9e7 Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails.
2016-06-18 03:02:46 -04:00
ttasket
17627cdf3c Support in-place template reinstalls - for testing
This doesn't yet prevent appvms from starting with invalid template during the reinstall, and doesn't deal with the Netvm setting problem.
For issue #2061
2016-06-16 07:59:28 -04:00
ttasket
6b315b1dad Add template reinstall support
Issue #2061
Simple implementation checks for --action=reinstall but adds no sanity checks.
2016-06-12 12:05:28 -04:00
Marek Marczykowski-Górecki
30aac6b6a8
version 3.2.3 2016-06-07 06:13:07 +02:00