qubes-core-agent-linux

Author	SHA1	Message	Date
Marek Marczykowski-Górecki	550b8f2dcd	version 3.1.20	2016-12-04 22:03:11 +01:00
Rusty Bird	214105a38f	v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument Fixes QubesOS/qubes-issues#2472 from commit `3f600d03fa` (cherry picked from commit `0d243250f2`)	2016-12-04 22:02:33 +01:00
Jean-Philippe Ouellet	e5663fedb1	Keep Makefile DRY (cherry picked from commit `0fb3e503d3`)	2016-12-04 22:00:42 +01:00
Marek Marczykowski-Górecki	1d74a44967	version 3.1.19	2016-11-20 17:06:30 +01:00
Marek Marczykowski-Górecki	d77e9a7955	Revert "network: disable proxy_arp" Proxy ARP apparently is still needed for HVMs. This reverts commit `fa8b05a83c`. Fixes QubesOS/qubes-issues#1421 (cherry picked from commit `696a0918d5`)	2016-11-19 00:31:41 +01:00
Rudd-O	d5fb315a4e	Eliminate race condition with qubes-setup-dnat-to-ns qubes-setup-dnat-to-ns is called multiple times during boot. Of particular interest are the two invocations done by: 1. `/usr/lib/qubes/init/network-proxy.setup.sh` (`qubes-network.service`) 2. `/usr/lib/qubes/init/misc-post.sh` (`qubes-misc-post.service`) These can, and do often, run in parallel. Often enough that the `PR-QBS` `nat` chain can end up with eight rules instead of four, or (worse) zero rules. This commit represents the proper boot ordering of these services, where the post startup must happen after Qubes has already started its iptables, firewall, network setup and netwatcher. This eliminates the race. (cherry picked from commit `b7d8d66bb1`)	2016-11-19 00:30:53 +01:00
Marek Marczykowski-Górecki	322550eb3d	network: minor setup-ip fix Don't exit with non-zero exit code just because custom hook isn't installed (cherry picked from commit `8afc07c513`)	2016-11-19 00:30:12 +01:00
Marek Marczykowski-Górecki	3d09db136b	systemd: fix syntax error in preset file Services needs to be named with full unit name. Fixes QubesOS/qubes-issues#2188 (cherry picked from commit `1fd69636f8`)	2016-11-19 00:29:07 +01:00
Marek Marczykowski-Górecki	4b362d761b	network: reload NM connection after setting it up Apparently NM monitor only its main configuration for changes, but not connection files. Force reloading it. (cherry picked from commit `d99a563542`)	2016-11-19 00:28:59 +01:00
Marek Marczykowski-Górecki	d7df915c5b	systemd: improve ordering of systemd units - qubes-misc-post.service is no longer responsible for mounting /rw - both qubes-sysinit.service and qubes-mount-dirs.service are part of basic.target, so no need to mention them explicitly (as long as DefaultDependencies=yes) QubesOS/qubes-issues#2198 (cherry picked from commit `60d16ea587`)	2016-11-19 00:28:11 +01:00
Marek Marczykowski-Górecki	5266da4dad	systemd: include tor-disabling drop-ins in the package QubesOS/qubes-issues#1625 (cherry picked from commit `ed434ad63f`)	2016-11-19 00:27:14 +01:00
Marek Marczykowski-Górecki	d8be1ff572	systemd: load xen-privcmd module It is needed for vchan communication. It was loaded implicitly by mount /proc/xen, but since we're moving away from this legacy interface, load it explicitly. QubesOS/qubes-issues#2194 (cherry picked from commit `48a35d40d1`)	2016-11-19 00:26:24 +01:00
Marek Marczykowski-Górecki	ef0f5d55c3	systemd: order qubes-mount-dirs.service before local-fs.target The service is really responsible for mounting /rw and /home, so should be ordered before local-fs.target - this will allow other services to use standard ordering targets. This probably makes Before=qubes-gui-agent.service not needed anymore, but do not remove it yet without extensive testing to not risk regression. Fixes QubesOS/qubes-issues#2194 (cherry picked from commit `e0e89f153f`)	2016-11-19 00:26:10 +01:00
Marek Marczykowski-Górecki	0fe42e2da4	Revert "systemd: preset xendriverdomain on update" This doesn't help when xen update is installed after this one. So, deal with it in xen %post itself. This reverts commit `f2257e1e3b`. QubesOS/qubes-issues#2141 (cherry picked from commit `10cadc58a0`)	2016-11-19 00:24:19 +01:00
Marek Marczykowski-Górecki	b0116ae545	systemd: preset xendriverdomain on update Make sure it is enabled, regardless of update installation order. (cherry picked from commit `f2257e1e3b`)	2016-11-19 00:21:38 +01:00
Olivier MEDOC	ef0155b15e	archlinux: fix update-proxy-configs to use pacman.d drop-ins (cherry picked from commit `7cea09711a`)	2016-11-19 00:21:38 +01:00
Olivier MEDOC	c439fe3934	archlinux: ensure repositories are the last pacman.d files included (cherry picked from commit `a346de7e46`)	2016-11-19 00:21:38 +01:00
Olivier MEDOC	66f103bbf7	archlinux: Setup default package repository (cherry picked from commit `d449d75162`)	2016-11-19 00:21:38 +01:00
Olivier MEDOC	70190e2490	archlinux: switch to usage of pacman.d drop-ins (cherry picked from commit `b6a6d4e4e0`)	2016-11-19 00:21:00 +01:00
Olivier MEDOC	0a74cf593b	archlinux: remove unnecessary glib-compile-scheme This is now automatically handled through pacman hooks (cherry picked from commit `245c6d1716`)	2016-11-19 00:20:56 +01:00
Olivier MEDOC	b042596702	archlinux: provide automatic qubes-trigger-sync-appmenus through pacman hooks (cherry picked from commit `c82b82d7b4`)	2016-11-19 00:20:52 +01:00
Olivier MEDOC	81a10ecad7	archlinux: update installer script in prevision of pacman.d drop-ins (cherry picked from commit `051d806f0a`)	2016-11-19 00:20:47 +01:00
Rusty Bird	c82f1466e2	Enable xendriverdomain.service in 75-qubes-vm.preset (cherry picked from commit `0cc4803a9d`)	2016-11-19 00:20:20 +01:00
Patrick Schleizer	30a6785cd2	add comment link to feature request 'implement /etc/PackageKit/conf.d' (cherry picked from commit `80e68e90d9`)	2016-11-19 00:20:09 +01:00
Patrick Schleizer	4fa41e3203	add comment link to feature request 'implement /etc/dnf.conf.d drop-in configuration folder' (cherry picked from commit `62d5b96355`)	2016-11-19 00:20:02 +01:00
Rusty Bird	cd4e851d72	Remove 'if true' wrapper from `06a0d30d50` (cherry picked from commit `ae1a334a1d`)	2016-11-19 00:19:51 +01:00
Rusty Bird	a4b2fc11f4	Do block until good random is available again (cherry picked from commit `cb55dfa6ae`)	2016-11-19 00:19:40 +01:00
Rusty Bird	ead3aad5c7	dvm, then xendriverdomain, then qrexec-agent Fixes QubesOS/qubes-issues#2126 Fixes QubesOS/qubes-issues#1990 (cherry picked from commit `fbf4c93730`)	2016-11-19 00:19:33 +01:00
Rusty Bird	319aca1277	Order network management units after network-pre.target Network management software should order itself after network-pre.target (man 7 systemd.special) so that other units can order themselves before the beginning of network initialization. (qubes-misc-post too because it calls setup-ip.) Relevant for QubesOS/qubes-issues#2108 (cherry picked from commit `ca03e093f7`)	2016-11-19 00:18:41 +01:00
Marek Marczykowski-Górecki	193eb55330	version 3.1.18	2016-07-28 00:17:22 +02:00
Marek Marczykowski-Górecki	a4b53f557a	qvm-open-in-vm: fix wrapping URL in HTML file The first line of HTML wasn't written to the file. Fixes QubesOS/qubes-issues#2205	2016-07-28 00:15:39 +02:00
Marek Marczykowski-Górecki	3bff27460e	upgrade: package for simplify upgrade from R3.1 to R3.2	2016-06-26 10:48:00 +02:00
Marek Marczykowski-Górecki	5518828c59	version 3.1.17	2016-06-25 15:48:13 +02:00
Patrick Schleizer	cc000332b5	Do not start tor@default service in TemplateVM. Not doing that already for the tor service. Since the actual tor service was renamed to tor@default by upstream. (cherry picked from commit `191b2a4cd9`)	2016-06-21 04:59:51 +02:00
Marek Marczykowski-Górecki	73abc86ea8	debian: add missing pkg-config build depends (cherry picked from commit `762189a0ae`)	2016-06-21 04:59:38 +02:00
Marek Marczykowski-Górecki	96c909bbd2	Prefer 'dnf' over 'yum' for template update QubesOS/qubes-issues#1282 (cherry picked from commit `520894e623`)	2016-06-21 04:58:57 +02:00
unman	56b98cfe74	Fall back to gnome utilities if kdialog not present (cherry picked from commit `8471605e6d`)	2016-06-21 04:58:29 +02:00
Patrick Schleizer	999f6a0dcd	fix indent (cherry picked from commit `3db93cdc87`)	2016-06-21 04:58:14 +02:00
Marek Marczykowski-Górecki	8b89bff635	qvm-open-in-vm: escape URL when wrapping it in HTML Thanks @v6ak for the report and solution. Fixes QubesOS/qubes-issues#1462 (cherry picked from commit `ff2678d2f5`)	2016-06-21 04:57:52 +02:00
Marek Marczykowski-Górecki	5c1ba0bc84	systemd: order units checking for qubes-service after qubes-sysinit Files in /var/run/qubes-service are created by qubes-sysinit.service. So defer that condition check after that service start. Thanks @adrelanos for the report. Fixes QubesOS/qubes-issues#1985 (cherry picked from commit `5e08e2bc1d`)	2016-06-21 04:57:34 +02:00
Patrick Schleizer	d4eb750da5	do not start the Tor service inside Qubes TemplateVMs Private data inside /var/lib/tor should not be shared. Tor should not be run inside TemplateVMs. https://github.com/QubesOS/qubes-issues/issues/1625#issuecomment-172369781 (cherry picked from commit `aee3f5ed12`)	2016-06-21 04:57:27 +02:00
Patrick Schleizer	904c30d57e	fixed sh syntax error https://forums.whonix.org/t/qvm-run-fails-in-whonix-vms Thanks to entr0py for the bug report! (cherry picked from commit `69780ef762`)	2016-06-21 04:55:20 +02:00
Marek Marczykowski-Górecki	514a108ef4	Remove obsolete policy files Qrexec policy is really stored in core-admin repo. (cherry picked from commit `4d015432ce`)	2016-06-21 04:55:05 +02:00
Olivier MEDOC	3eb1d4e7f2	archlinux: fix remaining loginctl privilege issues with invalid pam.d configuration (cherry picked from commit `ccb9a5b992`)	2016-06-21 04:54:53 +02:00
Marek Marczykowski-Górecki	af8181ee48	version 3.1.16	2016-03-29 17:27:21 +02:00
Marek Marczykowski-Górecki	a1ce500aae	qubes-rpc: fix SVG icon scaling rsvg-convert doesn't scale the image. Do it with convert, only when really needed. Don't upscale the icon after converting to raster version. Fixes QubesOS/qubes-issues#1884 (cherry picked from commit `7b5f2b77d1`)	2016-03-29 17:26:54 +02:00
Marek Marczykowski-Górecki	d90e2b0cd7	network: run setup-ip only on xen frontend interfaces Fixes QubesOS/qubes-issues#1882 (cherry picked from commit `00698173ed`)	2016-03-29 14:43:36 +02:00
Rusty Bird	7f12d7a659	Remove exec in last line of qvm-copy-to-vm (cherry picked from commit `428d8f09bf`)	2016-03-29 14:43:36 +02:00
Patrick Schleizer	4875303030	minor indent (cherry picked from commit `5a1ea4f5e5`)	2016-03-29 14:43:36 +02:00
Patrick Schleizer	8e9149e9b6	use 'true' rather than ':' for consistency (cherry picked from commit `77d51a69ea`)	2016-03-29 14:43:35 +02:00

1 2 3 4 5 ...

1751 Commits