Verifying VM updates and packages
35 views
Skip to first unread message
E. Foster
Jul 6, 2020, 2:22:10 PM7/6/20
to qubes-users
Hi,
I've seen several pop-ups for VM updates, since the initial installation. And I was wondering what would cause such an action.
Do the VMs push a notification to update the VM when you make a change in the settings on the devices' next boot?
Or do some updates occur because a template VM has been changed in a repository, and the update package is then pushed to the respective VMs using the template?
b/c
Bizarrely, I have a VM and Template VM that keeps requesting to be updated and fails.
I'm assuming it's an installer application, I installed...but why would it not update?
Must I remove the application from the menu, delete it/and reinstall it?
And lastly, how many times can a device be rebooted before you should be concerned about Xen issues.
Thanks so much for the insight,
awokd
Jul 14, 2020, 4:19:40 PM7/14/20
to qubes...@googlegroups.com
E. Foster:
> Or do some updates occur because a template VM has been changed in a
> repository, and the update package is then pushed to the respective VMs
> using the template?
This. Qubes Updater (Qubes menu/System Tools) runs periodically and
checks for updates in repos.
> Bizarrely, I have a VM and Template VM that keeps requesting to be updated
> and fails.
Try updating the template from a terminal session on it.
> And lastly, how many times can a device be rebooted before you should be
> concerned about Xen issues.
Until the hardware fails, I guess. Unless you're talking about hard
power offs, in which case I'd be most concerned about file system
corruption over any Xen issues.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
> Or do some updates occur because a template VM has been changed in a
> repository, and the update package is then pushed to the respective VMs
> using the template?
checks for updates in repos.
> Bizarrely, I have a VM and Template VM that keeps requesting to be updated
> and fails.
> And lastly, how many times can a device be rebooted before you should be
> concerned about Xen issues.
power offs, in which case I'd be most concerned about file system
corruption over any Xen issues.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
E
Jul 16, 2020, 3:05:04 PM7/16/20
to qubes...@googlegroups.com
Logic would dictate that an update is pushed to the all affected VM.
But, what I am now concerned with is the update packages that might be
altered in transit from ISP.
**Side note, I came to Qubes because I was not satisfied with the
security protocols offered by MS OS.**
I will try updating from the terminal session. can you correct me on
the command:
user@VM $ sudo update ??????? (are update commands package specific)
Bizarrely, I've seen some VM are now labeled localhost?
I am concerned about the file system corruption. How can I change the
system, or should I attempt a new install?
Thanks,
But, what I am now concerned with is the update packages that might be
altered in transit from ISP.
**Side note, I came to Qubes because I was not satisfied with the
security protocols offered by MS OS.**
I will try updating from the terminal session. can you correct me on
the command:
user@VM $ sudo update ??????? (are update commands package specific)
Bizarrely, I've seen some VM are now labeled localhost?
I am concerned about the file system corruption. How can I change the
system, or should I attempt a new install?
Thanks,
awokd
Jul 16, 2020, 4:04:43 PM7/16/20
to qubes...@googlegroups.com
E:
Preventing packages from being altered in transit relies on the various
distributions' security measures, not anything specific to Qubes. I feel
you can reduce the likelihood of an attack by utilizing onion
repositories where possible. Documentation on how to switch exists.
Update commands are specific to the distribution running in the
template. Debian is apt update then apt upgrade (as sudo). Fedora uses
dnf. These are not specific to Qubes either.
If you have frequently hard powered off Qubes instead of a proper
shutdown and are now concerned about file system corruption, be aware
that fsck runs on every boot. It can often correct minor corruption, but
if you want to be sure, a fresh reinstall choosing to delete and
recreate the disk partitions should resolve it.
distributions' security measures, not anything specific to Qubes. I feel
you can reduce the likelihood of an attack by utilizing onion
repositories where possible. Documentation on how to switch exists.
Update commands are specific to the distribution running in the
template. Debian is apt update then apt upgrade (as sudo). Fedora uses
dnf. These are not specific to Qubes either.
If you have frequently hard powered off Qubes instead of a proper
shutdown and are now concerned about file system corruption, be aware
that fsck runs on every boot. It can often correct minor corruption, but
if you want to be sure, a fresh reinstall choosing to delete and
recreate the disk partitions should resolve it.
Reply all
Reply to author
Forward
0 new messages