diff --git a/BUILD.md b/BUILD.md index f8494b6..5e64476 100644 --- a/BUILD.md +++ b/BUILD.md @@ -104,23 +104,13 @@ Create a .rpm: ## Qubes OS -
- :memo: Expand this section if you want to use containers instead of disposable qubes. -
- - Create a Debian or Fedora-based development standalone qube with at least - 8GB of private storage space, and follow the relevant instructions above for - the respective template. - - Remember to set the environment variable `DZ_USE_CONTAINERS=1`, before executing - Dangerzone. - - Over time, you may need to increase disk space or prune outdated container - images if you run into build issues on this VM. -
> :warning: Native Qubes support is in alpha stage, so the instructions below > require switching between qubes, and are subject to change. +> +> If you want to build Dangerzone on Qubes and use containers instead of disposable +> qubes, please follow the intructions of Fedora / Debian instead. + ### Initial Setup @@ -248,10 +238,10 @@ can run the following commands in the `dz` app qube: poetry shell # run the CLI -./dev_scripts/dangerzone-cli --help +QUBES_CONVERSION=1 ./dev_scripts/dangerzone-cli --help # run the GUI -./dev_scripts/dangerzone +QUBES_CONVERSION=1 ./dev_scripts/dangerzone ``` Create a .rpm: diff --git a/dangerzone/cli.py b/dangerzone/cli.py index 1d31c05..2361399 100644 --- a/dangerzone/cli.py +++ b/dangerzone/cli.py @@ -6,11 +6,10 @@ import click from colorama import Back, Fore, Style from . import args, errors -from .conversion.common import running_on_qubes from .document import ARCHIVE_SUBDIR, SAFE_EXTENSION from .isolation_provider.container import Container from .isolation_provider.dummy import Dummy -from .isolation_provider.qubes import Qubes +from .isolation_provider.qubes import Qubes, is_qubes_native_conversion from .logic import DangerzoneCore from .util import get_version @@ -65,7 +64,7 @@ def cli_main( if getattr(sys, "dangerzone_dev", False) and dummy_conversion: dangerzone = DangerzoneCore(Dummy()) - elif running_on_qubes(): + elif is_qubes_native_conversion(): dangerzone = DangerzoneCore(Qubes()) else: dangerzone = DangerzoneCore(Container(enable_timeouts=enable_timeouts)) diff --git a/dangerzone/conversion/common.py b/dangerzone/conversion/common.py index 5f6de42..93cd1b2 100644 --- a/dangerzone/conversion/common.py +++ b/dangerzone/conversion/common.py @@ -19,10 +19,7 @@ TIMEOUT_MIN: float = 60 # (seconds) def running_on_qubes() -> bool: # https://www.qubes-os.org/faq/#what-is-the-canonical-way-to-detect-qubes-vm - if os.environ.get("DZ_USE_CONTAINERS", "0") == "0": - return os.path.exists("/usr/share/qubes/marker-vm") - else: - return False + return os.path.exists("/usr/share/qubes/marker-vm") async def read_stream( diff --git a/dangerzone/gui/__init__.py b/dangerzone/gui/__init__.py index 1e5495b..08fa44e 100644 --- a/dangerzone/gui/__init__.py +++ b/dangerzone/gui/__init__.py @@ -21,11 +21,10 @@ else: from PySide2 import QtCore, QtGui, QtWidgets from .. import args, errors -from ..conversion.common import running_on_qubes from ..document import Document from ..isolation_provider.container import Container from ..isolation_provider.dummy import Dummy -from ..isolation_provider.qubes import Qubes +from ..isolation_provider.qubes import Qubes, is_qubes_native_conversion from ..util import get_resource_path, get_version from .logic import DangerzoneGui from .main_window import MainWindow @@ -105,7 +104,7 @@ def gui_main( if getattr(sys, "dangerzone_dev", False) and dummy_conversion: dummy = Dummy() dangerzone = DangerzoneGui(app, isolation_provider=dummy) - elif running_on_qubes(): + elif is_qubes_native_conversion(): qubes = Qubes() dangerzone = DangerzoneGui(app, isolation_provider=qubes) else: diff --git a/dangerzone/isolation_provider/qubes.py b/dangerzone/isolation_provider/qubes.py index 9a9eb9d..7ddb9be 100644 --- a/dangerzone/isolation_provider/qubes.py +++ b/dangerzone/isolation_provider/qubes.py @@ -19,8 +19,9 @@ from .base import IsolationProvider log = logging.getLogger(__name__) +from ..conversion.common import running_on_qubes from ..conversion.pixels_to_pdf import PixelsToPDF -from ..util import get_subprocess_startupinfo, get_tmp_dir +from ..util import get_resource_path, get_subprocess_startupinfo, get_tmp_dir CONVERTED_FILE_PATH = ( # FIXME won't work for parallel conversions (see #454) @@ -173,3 +174,20 @@ class Qubes(IsolationProvider): bufsize_bytes = len(temp_file.getvalue()).to_bytes(4) wpipe.write(bufsize_bytes) wpipe.write(temp_file.getvalue()) + + +def is_qubes_native_conversion() -> bool: + """Returns True if the conversion should be run using Qubes OS's diposable + VMs and False if not.""" + if running_on_qubes(): + if getattr(sys, "dangerzone_dev", False): + return os.environ.get("QUBES_CONVERSION", "0") == "1" + + # XXX If Dangerzone is installed check if container image was shipped + # This disambiguates if it is running a Qubes targetted build or not + # (Qubes-specific builds don't ship the container image) + + compressed_container_path = get_resource_path("container.tar.gz") + return not os.path.exists(compressed_container_path) + else: + return False