Skip to content

Commit

Permalink
fix: exclude Whonix qubes by distribution feature
Browse files Browse the repository at this point in the history 
The feature is more reliable than the whonix-updatevm tag as the tag can
be deleted for other Whonix tags to take effect to target different
gateways, which is the case for the Bitcoin formula.
  • Loading branch information
@ben-grande
ben-grande committed Jul 25, 2024
1 parent f8aa555 commit 2b7f555
Showing 1 changed file with 17 additions and 11 deletions.
28 changes: 17 additions & 11 deletions salt/sys-cacher/files/admin/tag.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,26 +10,34 @@
import qubesadmin # pylint: disable=import-error
import qubesadmin.vm # pylint: disable=import-error

def get_clients(qubes, wanted_dist, extraneous=False):
def get_clients(qubes, extraneous=False): # pylint: disable=too-many-branches
"""Get qubes tagged for ACNG"""
wanted_dist = ["debian", "fedora", "arch", "ubuntu", "kicksecure"]
unwanted_dist = ["whonix"]
domains = []
for qube in qubes.domains: # pylint: disable=invalid-name
if qube.klass == "TemplateVM" and "whonix-updatevm" not in qube.tags:
if qube.klass == "TemplateVM":
os_dist = qube.features.get("os-distribution")
os_dist_like = qube.features.get("os-distribution-like")
if os_dist_like is not None:
os_dist_like_list = os_dist_like.split()

if extraneous and "updatevm-sys-cacher" in qube.tags:
if (os_dist not in wanted_dist \
and os_dist_like is None) \
or (os_dist_like is not None and
if os_dist in unwanted_dist:
domains.append(qube.name)
elif "whonix-updatevm" in qube.tags:
domains.append(qube.name)
elif os_dist not in wanted_dist and os_dist_like is None:
domains.append(qube.name)
elif os_dist_like is not None and \
not any(domain in os_dist_like_list
for domain in wanted_dist
)
):
for domain in wanted_dist):
domains.append(qube.name)
else:
if os_dist in unwanted_dist:
continue
if "whonix-updatevm" in qube.tags:
continue
if os_dist in wanted_dist:
domains.append(qube.name)
elif os_dist_like is not None:
Expand All @@ -48,10 +56,8 @@ def main(): # pylint: disable=missing-function-docstring
parser.add_argument("--extraneous", action="store_true",
help="List only extraneously tagged qubes")
args = parser.parse_args()

wanted_dist = ["debian", "fedora", "arch", "ubuntu", "kicksecure"]
qubes = qubesadmin.Qubes()
domains = get_clients(qubes, wanted_dist, extraneous=args.extraneous)
domains = get_clients(qubes, extraneous=args.extraneous)
print("\n".join(domains))


Expand Down

0 comments on commit 2b7f555

Please sign in to comment.