qvm-open-in-vm: implement --view-only option
Implement option to disallow (ignore in fact) modifications of file
opened in another VM (including DispVM).
This commit implements actual services part and handling in wrapping scripts.
Fixes QubesOS/qubes-issues#1118
(cherry picked from commit ef557ca460)
This commit is contained in:
Marek Marczykowski-Górecki
parent
84741bf187
commit
06b6276c1c
|
|
@ -9,6 +9,7 @@
|
|||
#include <stdlib.h>
|
||||
#include <libqubes-rpc-filecopy.h>
|
||||
#include <unistd.h>
|
||||
#include <getopt.h>
|
||||
#include <gui-fatal.h>
|
||||
#include "dvm2.h"
|
||||
|
||||
|
|
@ -92,17 +93,35 @@ void recv_file(const char *fname)
|
|||
actually_recv_file(fname, tempfile, tmpfd);
|
||||
}
|
||||
|
||||
void talk_to_daemon(const char *fname)
|
||||
{
|
||||
send_file(fname);
|
||||
recv_file(fname);
|
||||
}
|
||||
|
||||
int main(int argc, char ** argv)
|
||||
{
|
||||
char *fname;
|
||||
int view_only = 0;
|
||||
int ret;
|
||||
const struct option opts[] = {
|
||||
{"view-only", no_argument, &view_only, 1},
|
||||
{0}
|
||||
};
|
||||
|
||||
while ((ret=getopt_long(argc, argv, "", opts, NULL)) != -1) {
|
||||
if (ret == '?') {
|
||||
exit(2);
|
||||
}
|
||||
}
|
||||
|
||||
signal(SIGPIPE, SIG_IGN);
|
||||
if (argc!=2)
|
||||
|
||||
if (optind >= argc)
|
||||
gui_fatal("OpenInVM - no file given?");
|
||||
talk_to_daemon(argv[1]);
|
||||
fname = argv[optind];
|
||||
send_file(fname);
|
||||
if (!view_only) {
|
||||
recv_file(fname);
|
||||
} else {
|
||||
/* discard received data */
|
||||
int null_fd = open("/dev/null", O_WRONLY);
|
||||
copy_fd_all(null_fd, 0);
|
||||
close(null_fd);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,9 +20,10 @@
|
|||
#
|
||||
#
|
||||
|
||||
if ! [ $# = 1 ] ; then
|
||||
echo "Usage: $0 filename"
|
||||
if ! [ $# = 1 ] && ! [ $# = 2 ]; then
|
||||
echo "Usage: $0 [--view-only] filename"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
exec qvm-open-in-vm '$dispvm' "$1"
|
||||
# shellcheck disable=SC2016
|
||||
exec qvm-open-in-vm '$dispvm' "$@"
|
||||
|
|
|
|||
|
|
@ -20,16 +20,37 @@
|
|||
#
|
||||
#
|
||||
|
||||
if ! [ $# = 2 ] ; then
|
||||
echo "Usage: $0 vmname filename"
|
||||
exit 1
|
||||
usage() {
|
||||
echo "Usage: $0 [--view-only] vmname filename"
|
||||
exit 2
|
||||
}
|
||||
|
||||
qopen_opts=
|
||||
target=
|
||||
filename=
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
if [ "x$1" = "x--view-only" ]; then
|
||||
qopen_opts=--view-only
|
||||
elif [ -z "$target" ]; then
|
||||
target="$1"
|
||||
elif [ -z "$filename" ]; then
|
||||
filename="$1"
|
||||
else
|
||||
usage
|
||||
fi
|
||||
shift
|
||||
done
|
||||
|
||||
if [ -z "$target" ] || [ -z "$filename" ]; then
|
||||
usage
|
||||
fi
|
||||
|
||||
case "$2" in
|
||||
case "$filename" in
|
||||
*://*)
|
||||
exec /usr/lib/qubes/qrexec-client-vm "$1" qubes.OpenURL /bin/echo "$2"
|
||||
exec /usr/lib/qubes/qrexec-client-vm "$target" qubes.OpenURL /bin/echo "$filename"
|
||||
;;
|
||||
*)
|
||||
exec /usr/lib/qubes/qrexec-client-vm "$1" qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" "$2"
|
||||
exec /usr/lib/qubes/qrexec-client-vm "$target" qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" $qopen_opts "$filename"
|
||||
;;
|
||||
esac
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user