def install(packages):
lib.print_header("installing packages on dom0")
_command = "qubes-dom0-update -y {}".format(lib.parse_packages(packages))
lib.run(command=_command, target="dom0", user="******")
lib.print_sub("dom0 package installation finished")
def test_dom0_command_is_executed_as_root():
with patch("qsm.lib.check_call", return_value=0,
autospec=True) as mock_check_call:
lib.run("ls -l", "dom0", "root")
_arg = mock_check_call.call_args[0][0]
assert re.search(r"sudo --user=root",
_arg), "dom0 command was not executed as root"
def create(name, label, options="", exists_ok=True):
lib.print_header("creating vm {}".format(name))
_command = "qvm-create --quiet --label {} {} {} 2>/dev/null".format(
label, options, name)
if exists_ok:
try:
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
except lib.QsmProcessError as error:
if error.returncode != constants.QVM_CREATE_DOMAIN_ALREADY_EXISTS: # is not exit code 1
# some other error occurred
raise error
lib.print_sub_warning("{} already exists, using that".format(name))
return
else:
not_exists_or_throws(name)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{} creation finished".format(name))
def test_domU_command_is_executed():
with patch("qsm.lib.check_call", return_value=0,
autospec=True) as mock_check_call:
lib.run("ls -l", "domU", "user")
_arg = mock_check_call.call_args[0][0]
assert re.search(r"^qvm-run[\w\W]+domU",
_arg), "command was not executed in domU"
def uninstall(target, packages):
lib.print_header("removing packages from {}".format(target))
_packages = lib.parse_packages(packages)
lib.run(command=remote.remove(_packages), target=target, user="******")
lib.print_sub("{} package uninstallation finished".format(target))
def install(target, packages):
lib.print_header("installing packages on {}".format(target))
_packages = lib.parse_packages(packages)
lib.run(command=remote.install(_packages), target=target, user="******")
lib.print_sub("{} package installation finished".format(target))
def test_domU_command_is_executed_as_root():
with patch("qsm.lib.check_call", return_value=0,
autospec=True) as mock_check_call:
lib.run("ls -l", "domU", "root")
_arg = mock_check_call.call_args[0][0]
assert re.search(r"^qvm-run[\w\W]+--user root",
_arg), "domU command not executed as root"
def start(target):
lib.print_header("starting {}".format(target))
exists_or_throws(target)
_command = "qvm-start --skip-if-running {}".format(target)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{} started".format(target))
def clone(source, target):
lib.print_header("cloning {} into {}".format(source, target))
exists_or_throws(source)
not_exists_or_throws(target)
_command = "qvm-clone --quiet {} {} 2>/dev/null".format(source, target)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{} created".format(target))
def vm_prefs(target, prefs):
assert type(prefs) is dict, "prefs should be a dict"
lib.print_header("setting prefs for {}".format(target))
exists_or_throws(target)
for _key, _value in prefs.items():
_command = "qvm-prefs -s {} {} \'{}\'".format(target, _key, _value)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{}: {}".format(_key, _value))
def enable_services(target, services):
assert type(services) is list, "services should be a list"
lib.print_header("enabling services on {}...".format(target))
exists_or_throws(target)
for _service in services:
_command = "qvm-service --enable {} {}".format(target, _service)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{}".format(_service))
def stop(target, timeout=120):
lib.print_header("stopping {}".format(target))
exists_or_throws(target)
if is_running(target):
_command = "qvm-shutdown --wait --timeout {} {}".format(
timeout, target)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{} stopped".format(target))
return
lib.print_sub_warning("{} already stopped".format(target))
def is_template(target):
"""
Check that a domain is a template.
This will return False if the domain doesn't exists.
"""
_command = "qvm-check --quiet --template {} 2>/dev/null".format(target)
try:
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
except lib.QsmProcessError as error:
if error.returncode != constants.QVM_CHECK_DOMAIN_IS_A_TEMPLATE: # is not exit code 0
return False
return True
def is_running(target):
_command = "qvm-check --quiet --running {} 2>/dev/null".format(target)
try:
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
except lib.QsmProcessError as error:
if error.returncode != constants.QVM_CHECK_IS_NOT_RUNNING: # is not exit code 1
# some other error occurred
lib.print_sub(
"a problem occurred when checking that {} is running".format(
target),
failed=True)
raise error
return False # is exit code 1 == domain is not running
return True
def exists(target):
_command = "qvm-check --quiet {} 2>/dev/null".format(target)
try:
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
except lib.QsmProcessError as error:
if error.returncode != constants.QVM_CHECK_EXISTS_NOT_FOUND: # is not exit code 2
# some other error occurred
lib.print_sub(
"a problem occurred when checking that {} exists".format(
target),
failed=True)
raise error
return False # is exit code 2 == domain doesn't exist
return True
def remove(target, shutdown_ok=False):
lib.print_header("removing {}".format(target))
_command = "qvm-remove --quiet --force {}".format(target)
if exists(target): # pep.. shhh
if shutdown_ok:
stop(target)
else:
is_stopped_or_throws(target)
lib.run(command=_command,
target="dom0",
user=getpass.getuser(),
show_message=False)
lib.print_sub("{} removal finished".format(target))
return
lib.print_sub_warning("{} doesn't exist, continuing...".format(target))
def firewall(target, action, dsthost, dstports, icmptype=None, proto="tcp"):
assert exists_or_throws(target)
assert action in ["accept", "drop"
], "action should be accept or drop: {}".format(action)
lib.assert_valid_dstports(dstports)
assert lib.is_ip(
dsthost,
network=True), "dsthost should be a valid ip address: {}".format(
dsthost)
assert proto in ["tcp", "udp", "icmp"
], "proto must be icmp, tcp, or udp: {}".format(proto)
_command = "qvm-firewall {0} add action={1} dsthost={2} proto={3}".format(
target, action, dsthost, proto)
if icmptype is not None:
assert type(icmptype) is int and 0 <= icmptype <= 43, \
"icmptype must be an integer, 0 <= n <= 43: {}".format(icmptype)
assert proto == "icmp", "proto must be icmp if setting icmp type: {}".format(
proto)
_command += " icmptype={}".format(icmptype)
lib.run(_command, target, "user", show_message=False)
def update(target):
lib.print_header("updating {}".format(target))
lib.run(command=remote.update(), target=target, user="******")
lib.print_sub("{} update finished".format(target))
def update():
lib.print_header("updating dom0")
lib.run(command="qubes-dom0-update -y", target="dom0", user="******")
lib.print_sub("dom0 update finished")