-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
I'm testing upgrade process for QSB37 patches for R3.2[1]. And it
isn't straightforward, mostly because of major Xen upgrade (4.6->4.8).
What I have currently:
1. Execute `sudo qubes-dom0-update`, but when prompted for confirmation, abort (answer `n`).
2. Shutdown all the VMs
3. Run `sudo dnf update` in dom0. Note, after this step (until you restart the system), most qvm-* tools will stop working.
4. Restart the system
As you can see, after updating Xen but before restarting the system,
things are broken. This include inability to cleanly restart the system
if any VM remain running.
Having manual procedure may be an option for "security-testing"
repository, but IMO it would be bad for "current" repository, especially
for "stable" and "long term support" release. I think we shouldn't
assume that _every_ Qubes user read qubes-announce (or other announcement
channel) frequent enough. Such system breakage would be unpleasant
surprise for anyone just applying stable (non-testing) updates.
Currently, I'm trying to abort the upgrade if any VM is running. And
display this:
***** USER ACTION REQUIRED *****
Major Xen upgrade detected (4.6 -> 4.8) and some VMs are running.
Please shutdown all of them, then resume the process by executing 'sudo dnf update' from dom0 console
But still not sure if that's the right thing to do. Maybe we shouldn't
put such upgrades to the stable r3.2 repository at all, and require
users to manually initiate such upgrade? There was a suggestion to name
an updated version as r3.3 (which means separate repository). But this
technically would also break our promise to keep "R3.2" supported at
least 1 year after final 4.0 release. And I can see how people may be
afraid of "major" upgrade of a production system.
Related:
https://github.com/QubesOS/qubes-issues/issues/3430 "Mechanism to notify
users when critical action is required"
[1]
https://github.com/QubesOS/qubes-issues/issues/3460
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlpb0M8ACgkQ24/THMrX
1yzHUgf/Qw9FNu2xHk+oYM3YLRjBFAk6nE2+rxf1/1ZdwywamgtfSmq7ssdbPz8c
qfMUsMhy7lFoMzRdqAsPfxFVAIfLwEZNx8JXlsrKvcOtUljNRXOEwKqDdC3i4Fwq
jlzzLRX002EVF/gCSepPc+1x7WfQKGlA7nyRfncrIsj48F4NgOxc1oMxsOWN16V5
TMTa9tYa3I33rmAwTL4Mj7yHdUsEjyl6925d5on2EzmaXW3EU7Dgf4P3S5QbQK+q
SuJ9zG6OvIkyk574apexLnkm/SPCBqgVMER5lay6Q7wtJ9LJ+4IbrnTg7NMG6KRq
qQ59SQljkCc+5/YXZhC46zua0jvfsQ==
=0W2e
-----END PGP SIGNATURE-----