Easy dependency switch if only preload is in chain #733
Conversation
qubes/app.py
Outdated
| and getattr(obj, prop.__name__) == vm | ||
| ): | ||
| if getattr(obj, "is_preload") and ( | ||
| prop.__name__ in ["default_dispvm", "template"] |
There was a problem hiding this comment.
You sure about default_dispvm here?
There was a problem hiding this comment.
Yes, see logs from qubesmanager tests:
'This qube cannot be removed. It is used as: <br> - <b>default_dispvm</b> for qube <b>anon-whonix</b>
There was a problem hiding this comment.
if it's really used as default_dispvm for anon-whonix the removal should be blocked... the only thing that shouldn't be blocked is being a template (only) for preloaded disposables, that you are going to kill/remove below anyway.
There was a problem hiding this comment.
Hum, then I need to do it another way because a disposable qube has the default_dispvm property set to its template, so it must be only if those two properties matches.
qubes/vm/mix/dvmtemplate.py
Outdated
| if newvalue: | ||
| return | ||
| if any(self.dispvms): | ||
| if any(True for disp in self.dispvms if not disp.is_preload): |
There was a problem hiding this comment.
| if any(True for disp in self.dispvms if not disp.is_preload): | |
| if any(not disp.is_preload for disp in self.dispvms): |
?
ben-grande
force-pushed
the
preload-template-switch
branch
from
e427a69 to
0947f51
Compare
|
CI says typo: |
ben-grande
force-pushed
the
preload-template-switch
branch
from
0947f51 to
a30519b
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #733 +/- ##
==========================================
+ Coverage 70.43% 70.70% +0.26%
==========================================
Files 61 61
Lines 13755 13814 +59
==========================================
+ Hits 9689 9767 +78
+ Misses 4066 4047 -19
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
ben-grande
force-pushed
the
preload-template-switch
branch
2 times, most recently
from
28276e3 to
0e2a25d
Compare
| ) | ||
|
|
||
| @qubes.events.handler("domain-pre-delete") | ||
| def on_domain_pre_deleted(self, event, vm): |
There was a problem hiding this comment.
I don't like the code duplication.
Especially the part some lines below "see 'journalctl'" because not everything is returned to the caller. The preloads are introducing one extra discrepancy on top of device assignment only seen from dom0 journal.
I think there should be an API method to check if the qube is deletale and if not, the (vm, prop) is returned via exception. What do you think?
There was a problem hiding this comment.
It's done this way because the caller may not see the whole system (it can be for example a GUIVM with access to a subset of qubes). Returning the whole list may leak info about other qubes that the caller should not see.
The utility function in core-admin-client is supposed to find where the qube is used - based on what the caller actually can see.
There was a problem hiding this comment.
Make sense, thanks for the explanation.
ben-grande
force-pushed
the
preload-template-switch
branch
7 times, most recently
from
c202c55 to
c2093bf
Compare
|
Are integration tests necessary seen that coverage is high? |
ben-grande
force-pushed
the
preload-template-switch
branch
from
c2093bf to
b52c6c7
Compare
| "Cannot remove %s as it is used by %s", | ||
| vm, | ||
| ", ".join( | ||
| ":".join(str(i) for i in tup) for tup in dependencies |
There was a problem hiding this comment.
All the client tools, qvm-remove and qube-manager show a nice view of dependencies, the journal/logs were not showing them. Discovered that qube names can end with a . dot... I guess and hope : will never be allowed in qube names.
| if isinstance(obj, qubes.app.Qubes): | ||
| dependencies.append(('"GLOBAL"', prop.__name__)) | ||
| elif not obj.property_is_default(prop): | ||
| dependencies.append((obj.name, prop.__name__)) |
There was a problem hiding this comment.
I didn't find a better name than "GLOBAL" for the global property, it is using quotes to distinguish from a qube name. It prints as such:
ERROR: Cannot remove default-dvm as it is used by disp-test:template, sys-firewall:template, sys-usb:template, "GLOBAL":default_dispvm
There was a problem hiding this comment.
I don't like quotes in here - it isn't really obvious it means the term is special, it looks more like a bug (inconsistent quoting)... Maybe @GLOBAL, as we use @ already for keywords?
ben-grande
force-pushed
the
preload-template-switch
branch
from
b52c6c7 to
ed344a6
Compare
ben-grande
force-pushed
the
preload-template-switch
branch
3 times, most recently
from
04d170e to
8181764
Compare
|
mypy is not happy |
ben-grande
force-pushed
the
preload-template-switch
branch
from
8181764 to
ff0fa1e
Compare
|
Didn't identify any related failure on openqa. |
| if isinstance(obj, qubes.app.Qubes): | ||
| dependencies.append(('"GLOBAL"', prop.__name__)) | ||
| elif not obj.property_is_default(prop): | ||
| dependencies.append((obj.name, prop.__name__)) |
There was a problem hiding this comment.
I don't like quotes in here - it isn't really obvious it means the term is special, it looks more like a bug (inconsistent quoting)... Maybe @GLOBAL, as we use @ already for keywords?
ben-grande
force-pushed
the
preload-template-switch
branch
from
36008ef to
f316eb8
Compare
qubes/app.py
Outdated
| ) | ||
|
|
||
| if preloads: | ||
| vm.remove_preload_excess(0, reason="domain will be deleted") |
There was a problem hiding this comment.
I don't like the asynchronous nature of this handling. It means, by the time qvm-remove completes, there may still be some (preloaded) disposables referencing this template. While you can't await in this function, you can in domain-remove-from-disk handler.
ben-grande
force-pushed
the
preload-template-switch
branch
4 times, most recently
from
b0c6f95 to
e032059
Compare
If it is not done on the test, it will be handled by "qubes/tests/__init__.py", which will attempt to kill the domain. If the preloaded disposable was still starting, exceptions will be handled by also attempting to kill the domain. Both methods will trigger the "_bare_cleanup()", sometimes indirectly via "cleanup()" or "_auto_cleanup()", but if "_bare_cleanup()" happens on the other call, not the one that called kill, it will not await and will attempt to remove the domain from the disk while it is still running (not completely killed). For: QubesOS#742 For: QubesOS/qubes-issues#1512 Fixes: QubesOS/qubes-issues#10369
ben-grande
force-pushed
the
preload-template-switch
branch
2 times, most recently
from
981b6d5 to
4e1ef76
Compare
ben-grande
force-pushed
the
preload-template-switch
branch
from
4e1ef76 to
67b8fcb
Compare
3 participants
Fixes: QubesOS/qubes-issues#10227
For: QubesOS/qubes-issues#1512
Missing some tests.
PR is based on top of: