Use new built-in TCP support in qrexec for qubes.UpdatesProxy

Enable exit-on-stdout-eof feature, since that is what socat did.

QubesOS/qubes-issues#9037

Makefile

@@ -229,8 +229,6 @@ install-netvm: install-systemd-networking-dropins install-networkmanager
 	install -m 0400 -D network/qubes-antispoof.nft $(DESTDIR)/etc/qubes/qubes-antispoof.nft
 	install -m 0400 -D network/qubes-ipv6-disabled.nft $(DESTDIR)/etc/qubes/qubes-ipv6-disabled.nft
 
-	install -m 0755 -D qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc/qubes.UpdatesProxy
-
 # networkmanager install target allow integration of NetworkManager for Qubes VM:
 # * make connections config persistent
 # * adjust DNS redirections when needed

debian/qubes-core-agent-networking.install

@@ -1,5 +1,6 @@
 etc/dhclient.d/qubes-setup-dnat-to-ns.sh
 etc/qubes-rpc/qubes.UpdatesProxy
+etc/qubes/rpc-config/qubes.UpdatesProxy
 etc/qubes/qubes-ipv6-disabled.nft
 etc/qubes/qubes-ipv6.nft
 etc/qubes/qubes-ipv4.nft

qubes-rpc/Makefile

@@ -80,6 +80,7 @@ install:
 		qubes.TemplateDownload
 	$(LN) qubes.VMExec $(DESTDIR)$(QUBESRPCCMDDIR)/qubes.VMExecGUI
 	$(LN) /dev/tcp/127.0.0.1 $(DESTDIR)$(QUBESRPCCMDDIR)/qubes.ConnectTCP
+	$(LN) /dev/tcp/127.0.0.1/8082 $(DESTDIR)$(QUBESRPCCMDDIR)/qubes.UpdatesProxy
 	for config in *.config; do \
 		install -D -m 0644 "$$config" "$(DESTDIR)$(QUBESRPCCONFDIR)/$${config%.config}"; \
 	done

qubes-rpc/qubes.UpdatesProxy.config

@@ -0,0 +1,2 @@
+skip-service-descriptor=true
+exit-on-stdout-eof=true

rpm_spec/core-agent.spec.in

@@ -1100,6 +1100,7 @@ rm -f %{name}-%{version}
 %config(noreplace) /etc/qubes/qubes-ipv4.nft
 %config(noreplace) /etc/qubes/qubes-ipv6.nft
 %config(noreplace) /etc/qubes/qubes-ipv6-disabled.nft
+%config(noreplace) /etc/qubes/rpc-config/qubes.UpdatesProxy
 %config(noreplace) /etc/tinyproxy/tinyproxy-updates.conf
 %config(noreplace) /etc/tinyproxy/updates-blacklist
 %config(noreplace) /etc/udev/rules.d/99-qubes-network.rules