Skip to content

Commit

Permalink
fix: dom0 qrexec call target qube
Browse files Browse the repository at this point in the history
  • Loading branch information
@ben-grande
ben-grande committed Dec 21, 2023
1 parent b6c5298 commit f161fbf
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 22 deletions.
22 changes: 8 additions & 14 deletions salt/sys-git/files/client/git-core/git-init-qrexec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ is_git_repo(){
helper="${0##*/git-}"
case "${1-}" in
-h|--?help) usage;;
"") qube="@default";;
*) qube="${1}";;
"") authority="@default";;
*) authority="${1}";;
esac
case "${2-}" in
"") is_git_repo; repo="$(basename "$(git rev-parse --show-toplevel)")";;
Expand All @@ -40,18 +40,12 @@ default_qube="sys-git"
rpc_cmd="${vendor}.${rpc}+${repo}"

if command -v qrexec-client-vm >/dev/null; then
exec qrexec-client-vm -- "${qube}" "${rpc_cmd}"
exec qrexec-client-vm -- "${authority}" "${rpc_cmd}"
elif command -v qrexec-client >/dev/null; then
qubes_version="$(awk -F '=' '/^VERSION_ID=/{print $2}' /etc/os-release)"
if test "$(echo "${qubes_version}" | tr -d ".")" -le 41; then
if test "${qube}" = "@default"; then
qube="${default_qube}"
fi
else
policy="$(qrexec-policy --assume-yes-for-ask dom0 "${qube}" "${rpc_cmd}")"
qube="$(echo "${policy}" | awk -F '=' '/^target=/{print $2}')"
if test "${authority}" = "@default"; then
authority="${default_qube}"
fi
exec qrexec-client -d "${qube}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
else
die "Qrexec programs not found: qrexec-client-vm, qrexec-client"
exec qrexec-client -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
fi

die "Qrexec programs not found: qrexec-client-vm, qrexec-client"
10 changes: 2 additions & 8 deletions salt/sys-git/files/client/git-core/git-remote-qrexec-connect
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,14 +69,8 @@ if command -v qrexec-client-vm >/dev/null; then
log "->" qrexec-client-vm -- "${authority}" "${rpc_cmd}"
exec qrexec-client-vm -- "${authority}" "${rpc_cmd}"
elif command -v qrexec-client >/dev/null; then
qubes_version="$(awk -F '=' '/^VERSION_ID=/{print $2}' /etc/os-release)"
if test "$(echo "${qubes_version}" | tr -d ".")" -le 41; then
if test "${authority}" = "@default"; then
authority="${default_qube}"
fi
else
policy="$(qrexec-policy --assume-yes-for-ask dom0 "${authority}" "${rpc_cmd}")"
authority="$(echo "${policy}" | awk -F '=' '/^target=/{print $2}')"
if test "${authority}" = "@default"; then
authority="${default_qube}"
fi
log "->" qrexec-client -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
exec qrexec-client -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
Expand Down

0 comments on commit f161fbf

Please sign in to comment.