From dde44ee6ef33577158bd0b28a83a3851be5b7afb Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Tue, 5 Jul 2011 11:03:31 +0200 Subject: [PATCH 1/8] qrexec: add qrexec_client_vm.c --- rpm_spec/core-appvm.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rpm_spec/core-appvm.spec b/rpm_spec/core-appvm.spec index 6021862..c13daa1 100644 --- a/rpm_spec/core-appvm.spec +++ b/rpm_spec/core-appvm.spec @@ -81,6 +81,7 @@ cp qvm-copy-to-vm2.kde $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-trigger-copy-to-vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes +cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes cp dvm_file_editor qfile-agent qfile-agent-dvm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes cp ../common/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir} @@ -142,6 +143,7 @@ rm -rf $RPM_BUILD_ROOT %{kde_service_dir}/qvm-dvm.desktop /usr/lib/qubes/qvm-trigger-copy-to-vm /usr/lib/qubes/qrexec_agent +/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent /usr/lib/qubes/qfile-agent-dvm /usr/lib/qubes/qfile-unpacker From b5d30a9d54583c9a9ac88aa21480ce0b583a08b0 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Tue, 5 Jul 2011 18:35:03 +0200 Subject: [PATCH 2/8] qrexec: last two missing pieces of the new rpc infrastructure --- rpm_spec/core-appvm.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/rpm_spec/core-appvm.spec b/rpm_spec/core-appvm.spec index c13daa1..dfc7e06 100644 --- a/rpm_spec/core-appvm.spec +++ b/rpm_spec/core-appvm.spec @@ -82,11 +82,14 @@ cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-trigger-copy-to-vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes +cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes cp dvm_file_editor qfile-agent qfile-agent-dvm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes cp ../common/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir} cp qvm-copy.desktop qvm-dvm.desktop $RPM_BUILD_ROOT/%{kde_service_dir} mkdir -p $RPM_BUILD_ROOT/mnt/removable +mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc + mkdir -p $RPM_BUILD_ROOT/etc/X11 cp xorg-preload-apps.conf $RPM_BUILD_ROOT/etc/X11 @@ -144,10 +147,12 @@ rm -rf $RPM_BUILD_ROOT /usr/lib/qubes/qvm-trigger-copy-to-vm /usr/lib/qubes/qrexec_agent /usr/lib/qubes/qrexec_client_vm +/usr/lib/qubes/qubes_rpc_multiplexer /usr/lib/qubes/qfile-agent /usr/lib/qubes/qfile-agent-dvm /usr/lib/qubes/qfile-unpacker %dir /mnt/removable +%dir /etc/qubes_rpc /usr/bin/qubes_timestamp %dir /home_volatile %attr(700,user,user) /home_volatile/user From b87da183cec7e2f25eec9220adf1bf0283a03694 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 10:17:58 +0200 Subject: [PATCH 3/8] qrexec: adjust intervm file copy code to the new qrexec API --- appvm/qfile-agent.c | 128 ++++++++++++----------------------- appvm/qvm-copy-to-vm | 48 +++---------- appvm/qvm-copy-to-vm2.gnome | 18 ++--- appvm/qvm-copy-to-vm2.kde | 19 ++---- appvm/qvm-trigger-copy-to-vm | 46 ------------- rpm_spec/core-appvm.spec | 4 +- 6 files changed, 68 insertions(+), 195 deletions(-) delete mode 100755 appvm/qvm-trigger-copy-to-vm diff --git a/appvm/qfile-agent.c b/appvm/qfile-agent.c index 530bbb2..4b37738 100644 --- a/appvm/qfile-agent.c +++ b/appvm/qfile-agent.c @@ -20,24 +20,33 @@ enum { }; unsigned long crc32_sum; -int write_all_with_crc(int fd, void *buf, int size) { +int write_all_with_crc(int fd, void *buf, int size) +{ crc32_sum = Crc32_ComputeBuf(crc32_sum, buf, size); return write_all(fd, buf, size); } - -char *client_flags; void do_notify_progress(long long total, int flag) { - FILE *progress; - if (!client_flags[0]) + char *du_size_env = getenv("FILECOPY_TOTAL_SIZE"); + char *progress_type_env = getenv("PROGRESS_TYPE"); + char *saved_stdout_env = getenv("SAVED_FD_1"); + if (!progress_type_env) return; - progress = fopen(client_flags, "w"); - if (!progress) - return; - fprintf(progress, "%d %lld %s", getpid(), total, - flag == PROGRESS_FLAG_DONE ? "DONE" : "BUSY"); - fclose(progress); + if (!strcmp(progress_type_env, "console") && du_size_env) { + char msg[256]; + snprintf(msg, sizeof(msg), "sent %lld/%lld KB\r", + total / 1024, strtoull(du_size_env, NULL, 0)); + write(2, msg, strlen(msg)); + if (flag == PROGRESS_FLAG_DONE) + write(2, "\n", 1); + } + if (!strcmp(progress_type_env, "gui") && saved_stdout_env) { + char msg[256]; + snprintf(msg, sizeof(msg), "%lld\n", total); + write(strtoul(saved_stdout_env, NULL, 0), msg, + strlen(msg)); + } } void notify_progress(int size, int flag) @@ -136,25 +145,6 @@ int do_fs_walk(char *file) return 0; } -void send_vmname(char *vmname) -{ - char buf[FILECOPY_VMNAME_SIZE]; - memset(buf, 0, sizeof(buf)); - strncat(buf, vmname, sizeof(buf) - 1); - if (!write_all(1, buf, sizeof buf)) - exit(1); -} - -char *get_item(char *data, char **current, int size) -{ - char *ret; - if ((unsigned long) *current >= (unsigned long) data + size) - return NULL; - ret = *current; - *current += strlen(ret) + 1; - return ret; -} - void notify_end_and_wait_for_result() { struct result_header hdr; @@ -168,26 +158,40 @@ void notify_end_and_wait_for_result() /* wait for result */ if (!read_all(0, &hdr, sizeof(hdr))) { - exit(1); // hopefully remote has produced error message + exit(1); // hopefully remote has produced error message } if (hdr.error_code != 0) { - gui_fatal("Error writing files: %s", strerror(hdr.error_code)); + gui_fatal("Error writing files: %s", + strerror(hdr.error_code)); } if (hdr.crc32 != crc32_sum) { gui_fatal("File transfer failed: checksum mismatch"); } } -void parse_entry(char *data, int datasize) +char *get_abs_path(char *cwd, char *pathname) { - char *current = data; - char *vmname, *entry, *sep; - vmname = get_item(data, ¤t, datasize); - client_flags = get_item(data, ¤t, datasize); + char *ret; + if (pathname[0] == '/') + return strdup(pathname); + asprintf(&ret, "%s/%s", cwd, pathname); + return ret; +} + +int main(int argc, char **argv) +{ + int i; + char *entry; + char *cwd; + char *sep; + + signal(SIGPIPE, SIG_IGN); notify_progress(0, PROGRESS_FLAG_INIT); - send_vmname(vmname); crc32_sum = 0; - while ((entry = get_item(data, ¤t, datasize))) { + cwd = getcwd(NULL, 0); + for (i = 1; i < argc; i++) { + entry = get_abs_path(cwd, argv[i]); + do { sep = rindex(entry, '/'); if (!sep) @@ -200,53 +204,9 @@ void parse_entry(char *data, int datasize) else if (chdir(entry)) gui_fatal("chdir to %s", entry); do_fs_walk(sep + 1); + free(entry); } notify_end_and_wait_for_result(); notify_progress(0, PROGRESS_FLAG_DONE); -} - -void process_spoolentry(char *entry_name) -{ - char *abs_spool_entry_name; - int entry_fd; - struct stat st; - char *entry; - int entry_size; - asprintf(&abs_spool_entry_name, "%s/%s", FILECOPY_SPOOL, - entry_name); - entry_fd = open(abs_spool_entry_name, O_RDONLY); - unlink(abs_spool_entry_name); - if (entry_fd < 0 || fstat(entry_fd, &st)) - gui_fatal("bad file copy spool entry"); - entry_size = st.st_size; - entry = calloc(1, entry_size + 1); - if (!entry) - gui_fatal("malloc"); - if (!read_all(entry_fd, entry, entry_size)) - gui_fatal("read filecopy entry"); - close(entry_fd); - parse_entry(entry, entry_size); -} - -void scan_spool(char *name) -{ - struct dirent *ent; - DIR *dir = opendir(name); - if (!dir) - gui_fatal("opendir %s", name); - while ((ent = readdir(dir))) { - char *fname = ent->d_name; - if (fname[0] != '.') { - process_spoolentry(fname); - break; - } - } - closedir(dir); -} - -int main() -{ - signal(SIGPIPE, SIG_IGN); - scan_spool(FILECOPY_SPOOL); return 0; } diff --git a/appvm/qvm-copy-to-vm b/appvm/qvm-copy-to-vm index eaf8c8f..bcf333d 100755 --- a/appvm/qvm-copy-to-vm +++ b/appvm/qvm-copy-to-vm @@ -20,50 +20,24 @@ # # -if [ x"$1" = "x--without-progress" ] ; then - DO_PROGRESS=0 - shift -else - DO_PROGRESS=1 -fi - if [ $# -lt 2 ] ; then echo usage: $0 '[--without-progress] dest_vmname file [file]+' exit 1 fi +if [ x"$1" = "x--without-progress" ] ; then + export PROGRESS_TYPE=none + shift +else + export PROGRESS_TYPE=console +fi + + VM="$1" shift -if [ $DO_PROGRESS = 1 ] ; then - SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) +if [ $PROGRESS_TYPE = console ] ; then + export FILECOPY_TOTAL_SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) fi -export PROGRESS_FILE=$(mktemp) -/usr/lib/qubes/qvm-trigger-copy-to-vm $VM "$@" -while ! [ -s $PROGRESS_FILE ] ; do - sleep 0.1 -done - -while true ; do - read agentpid sentsize agentstatus < $PROGRESS_FILE - if [ "x"$agentstatus = x ] ; then continue ; fi - if ! [ -e /proc/$agentpid ] ; then break ; fi - if [ "x"$agentstatus = xDONE ] ; then break ; fi - CURRSIZE=$(($sentsize/1024)) - if [ $DO_PROGRESS = 1 ] ; then - echo -ne "\r sent $CURRSIZE/$SIZE KB " - fi - sleep 0.4 -done - -rm -f $PROGRESS_FILE -if [ $DO_PROGRESS = 1 ] ; then - echo -fi - -if ! [ "x"$agentstatus = xDONE ] ; then - exit 1 -else - exit 0 -fi +exec /usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent $VM qubes.Filecopy "$@" diff --git a/appvm/qvm-copy-to-vm2.gnome b/appvm/qvm-copy-to-vm2.gnome index 8fabd2d..be9dc7e 100755 --- a/appvm/qvm-copy-to-vm2.gnome +++ b/appvm/qvm-copy-to-vm2.gnome @@ -25,19 +25,11 @@ if [ X$VM = X ] ; then exit 0 ; fi SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) -export PROGRESS_FILE=$(mktemp) -/usr/lib/qubes/qvm-trigger-copy-to-vm $VM "$@" -while ! [ -s $PROGRESS_FILE ] ; do - sleep 0.1 -done -(while true ; do - read agentpid sentsize agentstatus < $PROGRESS_FILE - if [ "x"$agentstatus = x ] ; then continue ; fi - if ! [ -e /proc/$agentpid ] ; then break ; fi - if [ "x"$agentstatus = xdone ] ; then break ; fi +export PROGRESS_TYPE=gui + +/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent \ + $VM qubes.Filecopy "$@" | +(while read sentsize ; do CURRSIZE=$(($sentsize/1024)) echo $((100*$CURRSIZE/$SIZE)) - sleep 0.1 done) | zenity --progress --text="Copying files to domain: $VM..." --auto-close - -rm -f $PROGRESS_FILE diff --git a/appvm/qvm-copy-to-vm2.kde b/appvm/qvm-copy-to-vm2.kde index 7600bb5..478df92 100755 --- a/appvm/qvm-copy-to-vm2.kde +++ b/appvm/qvm-copy-to-vm2.kde @@ -27,23 +27,16 @@ SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) REF=$(kdialog --progressbar "Copy progress") qdbus $REF org.freedesktop.DBus.Properties.Set "" maximum $SIZE -export PROGRESS_FILE=$(mktemp) -/usr/lib/qubes/qvm-trigger-copy-to-vm $VM "$@" -while ! [ -s $PROGRESS_FILE ] ; do - sleep 0.1 -done -while true ; do - read agentpid sentsize agentstatus < $PROGRESS_FILE - if [ "x"$agentstatus = x ] ; then continue ; fi - if ! [ -e /proc/$agentpid ] ; then break ; fi - if [ "x"$agentstatus = xdone ] ; then break ; fi +export PROGRESS_TYPE=gui + +/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent \ + $VM qubes.Filecopy "$@" | +(while read sentsize ; do CURRSIZE=$(($sentsize/1024)) qdbus $REF org.freedesktop.DBus.Properties.Set "" value $CURRSIZE - sleep 0.4 -done +done) qdbus $REF close -rm -f $PROGRESS_FILE # we do not want a dozen error messages, do we # if ! [ "x"$agentstatus = xDONE ] ; then # kdialog --sorry 'Abnormal file copy termination; see /var/log/qubes/qrexec.xid.log in dom0 for more details' diff --git a/appvm/qvm-trigger-copy-to-vm b/appvm/qvm-trigger-copy-to-vm deleted file mode 100755 index 56dcdef..0000000 --- a/appvm/qvm-trigger-copy-to-vm +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/sh -# -# The Qubes OS Project, http://www.qubes-os.org -# -# Copyright (C) 2010 Rafal Wojtczuk -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# -# - -if [ $# -lt 2 ] ; then - echo usage: $0 'vmname file [file]*' - exit 1 -fi - -FILECOPY_SPOOL=/home/user/.filecopyspool -if ! [ -e $FILECOPY_SPOOL ] ; then - mkdir $FILECOPY_SPOOL -fi - -REQ_FILE_TMP=$FILECOPY_SPOOL/.req.$$ -echo -ne "$1""\x00" > $REQ_FILE_TMP -echo -ne "$PROGRESS_FILE""\x00" >> $REQ_FILE_TMP - -shift -for FILE in "$@" ; do - if ! [ "X""${FILE:0:1}" = X/ ] ; then - FILE="$PWD"/"$FILE" - fi - echo -ne "$FILE""\x00" >> $REQ_FILE_TMP -done - -mv $REQ_FILE_TMP $FILECOPY_SPOOL/req.$$ -echo -n FCPR > /var/run/qubes/qrexec_agent diff --git a/rpm_spec/core-appvm.spec b/rpm_spec/core-appvm.spec index dfc7e06..7786259 100644 --- a/rpm_spec/core-appvm.spec +++ b/rpm_spec/core-appvm.spec @@ -79,7 +79,6 @@ cp qvm-copy-to-vm $RPM_BUILD_ROOT/usr/bin mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.kde $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes -cp qvm-trigger-copy-to-vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes @@ -89,6 +88,7 @@ mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir} cp qvm-copy.desktop qvm-dvm.desktop $RPM_BUILD_ROOT/%{kde_service_dir} mkdir -p $RPM_BUILD_ROOT/mnt/removable mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc +cp qubes.Filecopy $RPM_BUILD_ROOT/etc/qubes_rpc mkdir -p $RPM_BUILD_ROOT/etc/X11 @@ -144,7 +144,6 @@ rm -rf $RPM_BUILD_ROOT /usr/lib/qubes/dvm_file_editor %{kde_service_dir}/qvm-copy.desktop %{kde_service_dir}/qvm-dvm.desktop -/usr/lib/qubes/qvm-trigger-copy-to-vm /usr/lib/qubes/qrexec_agent /usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qubes_rpc_multiplexer @@ -153,6 +152,7 @@ rm -rf $RPM_BUILD_ROOT /usr/lib/qubes/qfile-unpacker %dir /mnt/removable %dir /etc/qubes_rpc +/etc/qubes_rpc/qubes.Filecopy /usr/bin/qubes_timestamp %dir /home_volatile %attr(700,user,user) /home_volatile/user From dc33f0c9a7d8c50a9619964207a98c8101557eba Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 12:32:20 +0200 Subject: [PATCH 4/8] qrexec: adjust DispVM code to the new qrexec API Note, we have qvm-open-in-vm totally for free. --- appvm/Makefile | 8 ++-- appvm/{qfile-agent-dvm.c => qopen-in-vm.c} | 46 ++----------------- appvm/qubes.OpenInVM | 1 + appvm/qubes.OpenInVM.policy | 2 + appvm/qvm-open-in-dvm2 | 14 +----- appvm/qvm-open-in-vm | 28 +++++++++++ appvm/{dvm_file_editor.c => vm-file-editor.c} | 0 rpm_spec/core-appvm.spec | 11 +++-- 8 files changed, 48 insertions(+), 62 deletions(-) rename appvm/{qfile-agent-dvm.c => qopen-in-vm.c} (68%) create mode 100644 appvm/qubes.OpenInVM create mode 100644 appvm/qubes.OpenInVM.policy create mode 100755 appvm/qvm-open-in-vm rename appvm/{dvm_file_editor.c => vm-file-editor.c} (100%) diff --git a/appvm/Makefile b/appvm/Makefile index d1e1040..42bb636 100644 --- a/appvm/Makefile +++ b/appvm/Makefile @@ -1,9 +1,9 @@ CC=gcc CFLAGS=-g -Wall -I../common -fPIC -pie -all: dvm_file_editor qfile-agent-dvm qfile-agent qfile-unpacker -dvm_file_editor: dvm_file_editor.o ../common/ioall.o +all: vm-file-editor qopen-in-vm qfile-agent qfile-unpacker +vm-file-editor: vm-file-editor.o ../common/ioall.o $(CC) -pie -g -o $@ $^ -qfile-agent-dvm: qfile-agent-dvm.o ../common/ioall.o ../common/gui-fatal.o +qopen-in-vm: qopen-in-vm.o ../common/ioall.o ../common/gui-fatal.o $(CC) -pie -g -o $@ $^ qfile-agent: qfile-agent.o ../common/ioall.o ../common/gui-fatal.o ../common/copy_file.o ../common/crc32.o $(CC) -pie -g -o $@ $^ @@ -11,4 +11,4 @@ qfile-unpacker: qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o ../comm $(CC) -pie -g -o $@ $^ clean: - rm -f qfile-agent-dvm qfile-agent qfile-unpacker dvm_file_editor *.o *~ + rm -f qopen-in-vm qfile-agent qfile-unpacker vm-file-editor *.o *~ diff --git a/appvm/qfile-agent-dvm.c b/appvm/qopen-in-vm.c similarity index 68% rename from appvm/qfile-agent-dvm.c rename to appvm/qopen-in-vm.c index 5db430c..80f99c3 100644 --- a/appvm/qfile-agent-dvm.c +++ b/appvm/qopen-in-vm.c @@ -93,47 +93,11 @@ void talk_to_daemon(char *fname) recv_file(fname); } -void process_spoolentry(char *entry_name) -{ - char *abs_spool_entry_name; - int entry_fd; - struct stat st; - char *filename; - int entry_size; - asprintf(&abs_spool_entry_name, "%s/%s", DVM_SPOOL, entry_name); - entry_fd = open(abs_spool_entry_name, O_RDONLY); - unlink(abs_spool_entry_name); - if (entry_fd < 0 || fstat(entry_fd, &st)) - gui_fatal("bad dvm_entry"); - entry_size = st.st_size; - filename = calloc(1, entry_size + DVM_FILENAME_SIZE); - if (!filename) - gui_fatal("malloc"); - if (!read_all(entry_fd, filename, entry_size)) - gui_fatal("read dvm entry %s", abs_spool_entry_name); - close(entry_fd); - talk_to_daemon(filename); -} - -void scan_spool(char *name) -{ - struct dirent *ent; - DIR *dir = opendir(name); - if (!dir) - gui_fatal("opendir %s", name); - while ((ent = readdir(dir))) { - char *fname = ent->d_name; - if (!strcmp(fname, ".") || !strcmp(fname, "..")) - continue; - process_spoolentry(fname); - break; - } - closedir(dir); -} - -int main() +int main(int argc, char ** argv) { signal(SIGPIPE, SIG_IGN); - scan_spool(DVM_SPOOL); + if (argc!=2) + gui_fatal("OpenInVM - no file given?"); + talk_to_daemon(argv[1]); return 0; -} +} diff --git a/appvm/qubes.OpenInVM b/appvm/qubes.OpenInVM new file mode 100644 index 0000000..48db906 --- /dev/null +++ b/appvm/qubes.OpenInVM @@ -0,0 +1 @@ +/usr/lib/qubes/vm-file-editor diff --git a/appvm/qubes.OpenInVM.policy b/appvm/qubes.OpenInVM.policy new file mode 100644 index 0000000..e103d39 --- /dev/null +++ b/appvm/qubes.OpenInVM.policy @@ -0,0 +1,2 @@ +anyvm dispvm allow +anyvm anyvm ask diff --git a/appvm/qvm-open-in-dvm2 b/appvm/qvm-open-in-dvm2 index eb0d4e2..365c564 100755 --- a/appvm/qvm-open-in-dvm2 +++ b/appvm/qvm-open-in-dvm2 @@ -25,16 +25,4 @@ if ! [ $# = 1 ] ; then exit 1 fi -FILE="$1" -if ! [ "X""${FILE:0:1}" = X/ ] ; then - FILE="$PWD"/"$1" -fi - -DVMSPOOL=/home/user/.dvmspool -if ! [ -e $DVMSPOOL ] ; then - mkdir $DVMSPOOL || exit 1 -fi - -echo -n "$FILE" > $DVMSPOOL/req.$$ -echo -n DVMR > /var/run/qubes/qrexec_agent - +exec /usr/lib/qubes/qrexec_client_vm "/usr/lib/qubes/qopen-in-vm" dispvm qubes.OpenInVM "$1" diff --git a/appvm/qvm-open-in-vm b/appvm/qvm-open-in-vm new file mode 100755 index 0000000..dc77ffe --- /dev/null +++ b/appvm/qvm-open-in-vm @@ -0,0 +1,28 @@ +#!/bin/bash +# +# The Qubes OS Project, http://www.qubes-os.org +# +# Copyright (C) 2010 Rafal Wojtczuk +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# + +if ! [ $# = 2 ] ; then + echo "Usage: $0 vmname filename" + exit 1 +fi + +exec /usr/lib/qubes/qrexec_client_vm "/usr/lib/qubes/qopen-in-vm" "$1" qubes.OpenInVM "$2" diff --git a/appvm/dvm_file_editor.c b/appvm/vm-file-editor.c similarity index 100% rename from appvm/dvm_file_editor.c rename to appvm/vm-file-editor.c diff --git a/rpm_spec/core-appvm.spec b/rpm_spec/core-appvm.spec index 7786259..ce783b2 100644 --- a/rpm_spec/core-appvm.spec +++ b/rpm_spec/core-appvm.spec @@ -75,6 +75,7 @@ cp qubes_core_appvm $RPM_BUILD_ROOT/etc/init.d/ mkdir -p $RPM_BUILD_ROOT/var/lib/qubes mkdir -p $RPM_BUILD_ROOT/usr/bin cp qubes_timestamp qvm-open-in-dvm2 $RPM_BUILD_ROOT/usr/bin +cp qvm-open-in-vm $RPM_BUILD_ROOT/usr/bin cp qvm-copy-to-vm $RPM_BUILD_ROOT/usr/bin mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.kde $RPM_BUILD_ROOT/usr/lib/qubes @@ -82,14 +83,14 @@ cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes -cp dvm_file_editor qfile-agent qfile-agent-dvm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes +cp vm-file-editor qfile-agent qopen-in-vm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes cp ../common/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir} cp qvm-copy.desktop qvm-dvm.desktop $RPM_BUILD_ROOT/%{kde_service_dir} mkdir -p $RPM_BUILD_ROOT/mnt/removable mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc cp qubes.Filecopy $RPM_BUILD_ROOT/etc/qubes_rpc - +cp qubes.OpenInVM $RPM_BUILD_ROOT/etc/qubes_rpc mkdir -p $RPM_BUILD_ROOT/etc/X11 cp xorg-preload-apps.conf $RPM_BUILD_ROOT/etc/X11 @@ -140,19 +141,21 @@ rm -rf $RPM_BUILD_ROOT /usr/lib/qubes/qvm-copy-to-vm2.kde /usr/lib/qubes/qvm-copy-to-vm2.gnome /usr/bin/qvm-open-in-dvm2 +/usr/bin/qvm-open-in-vm /usr/lib/qubes/meminfo-writer -/usr/lib/qubes/dvm_file_editor +/usr/lib/qubes/vm-file-editor %{kde_service_dir}/qvm-copy.desktop %{kde_service_dir}/qvm-dvm.desktop /usr/lib/qubes/qrexec_agent /usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qubes_rpc_multiplexer /usr/lib/qubes/qfile-agent -/usr/lib/qubes/qfile-agent-dvm +/usr/lib/qubes/qopen-in-vm /usr/lib/qubes/qfile-unpacker %dir /mnt/removable %dir /etc/qubes_rpc /etc/qubes_rpc/qubes.Filecopy +/etc/qubes_rpc/qubes.OpenInVM /usr/bin/qubes_timestamp %dir /home_volatile %attr(700,user,user) /home_volatile/user From 9b831e32cb7397e4019f16365fe8c803aa1c2222 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 14:09:36 +0200 Subject: [PATCH 5/8] qrexec: adjust appmenu syncing to the new qrexec api --- common/qubes_trigger_sync_appmenus.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/qubes_trigger_sync_appmenus.sh b/common/qubes_trigger_sync_appmenus.sh index fc5301a..de258c6 100755 --- a/common/qubes_trigger_sync_appmenus.sh +++ b/common/qubes_trigger_sync_appmenus.sh @@ -3,5 +3,5 @@ UPDATEABLE=`/usr/bin/xenstore-read qubes_vm_updateable` if [ "$UPDATEABLE" = "True" ]; then - echo -n SYNC > /var/run/qubes/qrexec_agent + /usr/lib/qubes/qrexec_vm /bin/grep dom0 qubes.SyncAppMenus -H = /usr/share/applications/*.desktop fi From 3ea7aca257832b28143d7d42b008732e05930acf Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 14:21:35 +0200 Subject: [PATCH 6/8] qrexec: change qrexec_client_vm syntax to be nicer to read Now the local_program is just before arguments, which is nicer. --- appvm/qvm-copy-to-vm | 2 +- appvm/qvm-copy-to-vm2.gnome | 3 +-- appvm/qvm-copy-to-vm2.kde | 4 ++-- appvm/qvm-open-in-dvm2 | 2 +- appvm/qvm-open-in-vm | 2 +- common/qubes_trigger_sync_appmenus.sh | 2 +- 6 files changed, 7 insertions(+), 8 deletions(-) diff --git a/appvm/qvm-copy-to-vm b/appvm/qvm-copy-to-vm index bcf333d..26ee876 100755 --- a/appvm/qvm-copy-to-vm +++ b/appvm/qvm-copy-to-vm @@ -40,4 +40,4 @@ if [ $PROGRESS_TYPE = console ] ; then export FILECOPY_TOTAL_SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) fi -exec /usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent $VM qubes.Filecopy "$@" +exec /usr/lib/qubes/qrexec_client_vm $VM qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" diff --git a/appvm/qvm-copy-to-vm2.gnome b/appvm/qvm-copy-to-vm2.gnome index be9dc7e..cb2b86e 100755 --- a/appvm/qvm-copy-to-vm2.gnome +++ b/appvm/qvm-copy-to-vm2.gnome @@ -27,8 +27,7 @@ SIZE=$(du --apparent-size -c "$@" | tail -1 | cut -f 1) export PROGRESS_TYPE=gui -/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent \ - $VM qubes.Filecopy "$@" | +/usr/lib/qubes/qrexec_client_vm $VM qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" | (while read sentsize ; do CURRSIZE=$(($sentsize/1024)) echo $((100*$CURRSIZE/$SIZE)) diff --git a/appvm/qvm-copy-to-vm2.kde b/appvm/qvm-copy-to-vm2.kde index 478df92..5c56df0 100755 --- a/appvm/qvm-copy-to-vm2.kde +++ b/appvm/qvm-copy-to-vm2.kde @@ -29,8 +29,8 @@ qdbus $REF org.freedesktop.DBus.Properties.Set "" maximum $SIZE export PROGRESS_TYPE=gui -/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qfile-agent \ - $VM qubes.Filecopy "$@" | +/usr/lib/qubes/qrexec_client_vm $VM qubes.Filecopy \ + /usr/lib/qubes/qfile-agent "$@" | (while read sentsize ; do CURRSIZE=$(($sentsize/1024)) qdbus $REF org.freedesktop.DBus.Properties.Set "" value $CURRSIZE diff --git a/appvm/qvm-open-in-dvm2 b/appvm/qvm-open-in-dvm2 index 365c564..dcc7195 100755 --- a/appvm/qvm-open-in-dvm2 +++ b/appvm/qvm-open-in-dvm2 @@ -25,4 +25,4 @@ if ! [ $# = 1 ] ; then exit 1 fi -exec /usr/lib/qubes/qrexec_client_vm "/usr/lib/qubes/qopen-in-vm" dispvm qubes.OpenInVM "$1" +exec /usr/lib/qubes/qrexec_client_vm dispvm qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" "$1" diff --git a/appvm/qvm-open-in-vm b/appvm/qvm-open-in-vm index dc77ffe..ffd087e 100755 --- a/appvm/qvm-open-in-vm +++ b/appvm/qvm-open-in-vm @@ -25,4 +25,4 @@ if ! [ $# = 2 ] ; then exit 1 fi -exec /usr/lib/qubes/qrexec_client_vm "/usr/lib/qubes/qopen-in-vm" "$1" qubes.OpenInVM "$2" +exec /usr/lib/qubes/qrexec_client_vm "$1" qubes.OpenInVM "/usr/lib/qubes/qopen-in-vm" "$2" diff --git a/common/qubes_trigger_sync_appmenus.sh b/common/qubes_trigger_sync_appmenus.sh index de258c6..5390c2d 100755 --- a/common/qubes_trigger_sync_appmenus.sh +++ b/common/qubes_trigger_sync_appmenus.sh @@ -3,5 +3,5 @@ UPDATEABLE=`/usr/bin/xenstore-read qubes_vm_updateable` if [ "$UPDATEABLE" = "True" ]; then - /usr/lib/qubes/qrexec_vm /bin/grep dom0 qubes.SyncAppMenus -H = /usr/share/applications/*.desktop + /usr/lib/qubes/qrexec_client_vm dom0 qubes.SyncAppMenus /bin/grep -H = /usr/share/applications/*.desktop fi From 601d0ec931cca5fbb93eb84b5610dc544e9b62c5 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 14:44:40 +0200 Subject: [PATCH 7/8] qrexec: adjust updates fetching to the new qrexec api --- common/qubes_download_dom0_updates.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/qubes_download_dom0_updates.sh b/common/qubes_download_dom0_updates.sh index cb771a3..df67b92 100755 --- a/common/qubes_download_dom0_updates.sh +++ b/common/qubes_download_dom0_updates.sh @@ -67,4 +67,4 @@ else fi # qvm-copy-to-vm works only from user -su -c "qvm-copy-to-vm @dom0updates $DOM0_UPDATES_DIR/packages/*.rpm" user +su -c "/usr/lib/qubes/qrexec_client_vm dom0 qubes.ReceiveUpdates /usr/lib/qubes/qfile-agent $DOM0_UPDATES_DIR/packages/*.rpm" user From f8d3c0df217276a049c1ee912ec23227fceb07c2 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Thu, 7 Jul 2011 11:17:00 +0200 Subject: [PATCH 8/8] qrexec: git add missing files --- appvm/qubes.Filecopy | 1 + appvm/qubes.Filecopy.policy | 1 + 2 files changed, 2 insertions(+) create mode 100644 appvm/qubes.Filecopy create mode 100644 appvm/qubes.Filecopy.policy diff --git a/appvm/qubes.Filecopy b/appvm/qubes.Filecopy new file mode 100644 index 0000000..d82fa22 --- /dev/null +++ b/appvm/qubes.Filecopy @@ -0,0 +1 @@ +/usr/lib/qubes/qfile-unpacker diff --git a/appvm/qubes.Filecopy.policy b/appvm/qubes.Filecopy.policy new file mode 100644 index 0000000..39296a1 --- /dev/null +++ b/appvm/qubes.Filecopy.policy @@ -0,0 +1 @@ +anyvm anyvm ask,user=root