Easy dependency switch if only preload is in chain

[ben-grande]

Fixes: QubesOS/qubes-issues#10227
For: QubesOS/qubes-issues#1512

---

Missing some tests.

[marmarek]

You sure about default_dispvm here?

[ben-grande]

Yes, see logs from qubesmanager tests:

'This qube cannot be removed. It is used as: <br> - <b>default_dispvm</b> for qube <b>anon-whonix</b>

[marmarek]

if it's really used as default_dispvm for anon-whonix the removal should be blocked... the only thing that shouldn't be blocked is being a template (only) for preloaded disposables, that you are going to kill/remove below anyway.

[ben-grande]

Hum, then I need to do it another way because a disposable qube has the default_dispvm property set to its template, so it must be only if those two properties matches.

[marmarek]

Suggested change

	if any(True for disp in self.dispvms if not disp.is_preload):
	if any(not disp.is_preload for disp in self.dispvms):

?

[ben-grande]

Better

[marmarek]

CI says typo:

AttributeError: 'DispVM' object has no attribute 'is_prelaod'. Did you mean: 'is_preload'?

[codecov]

Codecov Report

❌ Patch coverage is 90.90909% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 70.70%. Comparing base (7e72d38) to head (ed344a6).
⚠️ Report is 14 commits behind head on main.

Files with missing lines	Patch %	Lines
qubes/vm/dispvm.py	25.00%	6 Missing ⚠️
qubes/vm/mix/dvmtemplate.py	98.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #733      +/-   ##
==========================================
+ Coverage   70.61%   70.70%   +0.09%     
==========================================
  Files          61       61              
  Lines       13642    13728      +86     
==========================================
+ Hits         9633     9707      +74     
- Misses       4009     4021      +12     

Flag	Coverage Δ
unittests	70.70% <90.90%> (+0.09%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[ben-grande]

I don't like the code duplication.

• qubes.app
• qubesadmin.tools.qvm_remove
• qubesmanager.settings

Especially the part some lines below "see 'journalctl'" because not everything is returned to the caller. The preloads are introducing one extra discrepancy on top of device assignment only seen from dom0 journal.

I think there should be an API method to check if the qube is deletale and if not, the (vm, prop) is returned via exception. What do you think?

[marmarek]

It's done this way because the caller may not see the whole system (it can be for example a GUIVM with access to a subset of qubes). Returning the whole list may leak info about other qubes that the caller should not see.
The utility function in core-admin-client is supposed to find where the qube is used - based on what the caller actually can see.

[ben-grande]

Make sense, thanks for the explanation.

[ben-grande]

Are integration tests necessary seen that coverage is high?

[ben-grande]

All the client tools, qvm-remove and qube-manager show a nice view of dependencies, the journal/logs were not showing them. Discovered that qube names can end with a . dot... I guess and hope : will never be allowed in qube names.

[ben-grande]

I didn't find a better name than "GLOBAL" for the global property, it is using quotes to distinguish from a qube name. It prints as such:

ERROR: Cannot remove default-dvm as it is used by disp-test:template, sys-firewall:template, sys-usb:template, "GLOBAL":default_dispvm