* qrexec-agent-restart:
dom0: when qrexec-agent disconnects, try to reconnect

Since max chunk size was increased to 64k, lets not do that on stack
anymore.

Suggested-by: Sim...

QubesOS/qubes-issues#4909

Model new MSG_TRIGGER_SERVICE (vm->dom0) on MSG_EXEC_CMDLINE - put
service name at the end and m...

Vchan can hold (in current configuration) up to 64k of data in one go.
Do not force context swit...

Do not exit when qrexec-agent disconnects, instead try to reconnect.
This allows to restart qrex...

Don't break when including them multiple times.

There is no reason to split writes to child process into arbitrary chunk
sizes. The FD has O_NON...

Suggested-by: Simon Gaiser <[email protected]>

- allow agent to be older than daemon
- save negotiated version for further use

QubesOS/qubes-i...

QubesOS/qubes-issues#4909

Do not assume libqrexec-utils installed in the system.

Since we use virtualenv with system packages, it must match what is
shipped in xenial.

There is absolutely no point in changing parameters order, just for the
sake of change.
Bring ba...

Compare "api name", not "display name" when selecting default target in
confirmation dialog.
And...

libxenvchan currently can't handle loopback connections. Since error
reporting on vchan connecti...

Besides pylint being picky, it detected few real bugs:
- RPCNAME_ALLOWED_CHARS -> RPCNAME_ALLOW...

Make it possible to import this test in travis.

* origin/pr/2: (31 commits)
qrexec: test for implicit deny rule in !compat-4.0 and bugfix
A ...

QubesOS/qubes-issues#

QubesOS/qubes-issues#4225

For now just put files in the repository. Package them later

QubesOS/qubes-issues#4955

QubesOS/qubes-issues#4955

Desktop file starting the agent + dbus policy.
Moved from core-admin at 56ec271606659977d5f58666...

Required for documentation build

Set defaults for variables, make it link with locally build library.

QubesOS/qubes-issues#4955

Move from core-agent-linux package, as it belongs to qrexec agent.

Rename base rpm to match repository name - less confusion
Drop debug package hack - not really n...

Use lower version from (local, remote).

QubesOS/qubes-issues#4909

For all three spec files, tarball (and dir name inside) is named
qubes-core-qrexec-(version). Pa...

Avoid race conditions with services ordered shortly after qrexec start.
Make systemd know when q...

Use lower version from (local, remote).

QubesOS/qubes-issues#4909

Among other things, this enable various hardening options.

QubesOS/qubes-issues#2259

Periodically (every 10s) check if connection is still alive, otherwise
killing remote domain (as...

This really only tests loading, but should be enough for the current
code state. But by no means...

Some are from @marmarek's review. Thanks!

The suffix ".policy" is mandatory.

Rationale: qubes.ClipboardPaste

- change !compat-4 to !compat-4.0 per @marmarek
- fix $include: inside compat files
- install 35...

Currently not packaged

This is work in progress. Currently, $include: in old files is broken.

Probably currently is broken.

Those are various consistency fixes.

From @marmarek's review.

Qrexec daemon is hereby fixed, but there are other processes, like
qubesadmin tools, which may s...

Import from core-agent-linux 6799aad15ed58454fc70c8341cd891f89bf4c15

- much of higher-level tests fixed, still more to go
- AllowResolution.actual_target renamed .ta...

For now, run it as python -m unittest qrexec/tests/policy_parser.py -v

Specification of comments amended per @marmarek's review.

New format is in Documentation. At the time of this writing, it is still
not finished.

qrexec.call() is meant to be universal Python API to call qrexec
services. It is detected whethe...

Draft for final review.

This is code imported from:
- core-agent-linux a850e3aaee93b40fc613a7d5276988f30d12a179
- core-...