Qubes OS 4.0-rc4 has been released!
Andrew David Wong
Hash: SHA512
Dear Qubes Community,
We're pleased to announce the fourth release candidate for Qubes 4.0!
This release contains important safeguards against the [Spectre and
Meltdown attacks][qsb-37], as well as bug fixes for many of the issues
discovered in the [previous release candidate][4.0-rc3]. A full list of
the Qubes 4.0 issues closed so far is available [here][closed-issues].
Further details about this release, including full installation
instructions, are available in the [Qubes 4.0 release
notes][release-notes]. The new installation image is available on the
[Downloads] page.
As always, we're immensely grateful to our community of testers for
taking the time to [discover and report bugs]. Thanks to your efforts,
we're able to fix these bugs *before* the final release of Qubes 4.0. We
encourage you to continue diligently testing this fourth release
candidate so that we can work together to improve Qubes 4.0 before the
stable release.
Major changes in Qubes 4.0-rc4
- ------------------------------
The Qubes VM Manager is back by popular demand! The returning Qubes
Manager will be slightly different from the 3.2 version. Specifically,
it will not duplicate functionality that is already provided by the new
4.0 widgets. Specific examples include attaching and detaching block
devices, attaching and detaching the microphone, and VM CPU usage.
In addition, the default TemplateVMs have been upgraded to Fedora 26 and
Debian 9.
The Qubes 4.0 stable release
- ----------------------------
If the testing of 4.0-rc4 does not reveal any major problems, we hope to
declare it the stable 4.0 release without any further significant
changes. In this scenario, any bugs discovered during the testing
process would be fixed in subsequent updates.
If, on the other hand, a major issue is discovered, we will continue
with the standard [release schedule], and Qubes 4.0 stable will be a
separate, later release.
Current Qubes 4.0 Users
- -----------------------
Current users of Qubes 4.0-rc3 can upgrade in-place by downloading the
latest updates from the testing repositories in both
[dom0][dom0-testing] and [TemplateVMs][domU-testing]. As explained in
[QSB #37][qsb-37], Qubes 4.0-rc4 uses PVH instead of HVM for almost all
VMs without PCI devices by default as a security measure against
Meltdown, and this change will also be released as a patch for existing
Qubes 4.0 installations in the coming days. Therefore, current Qubes 4.0
users will benefit from this change whether they upgrade in-place from a
previous release candidate or perform a clean installation of 4.0-rc4.
If you wish to upgrade in-place and have manually changed your VM
settings, please note the following:
1. By default, Qubes 4.0-rc3 used kernel 4.9.x. However, PVH mode will
require kernel >= 4.11. This is fine, because we will include kernel
4.14 in the PVH update. However, if you have manually changed the
kernel setting for any of your VMs, the update will not automatically
override that setting. Those VMs will still be using an old kernel,
so they will not work in PVH mode. Therefore, you must must either
change their settings to use the new kernel or change the VM mode
back to HVM.
2. If you have created a Windows VM, and you rely on it running in HVM
mode, you must explicitly set its mode to HVM (since the default mode
after applying the PVH update will be PVH rather than HVM). You can
do this either through the VM Settings GUI or by using the
`qvm-prefs` command-line tool to change the `virt_mode` property.
[qsb-37]: https://www.qubes-os.org/news/2018/01/11/qsb-37/
[4.0-rc3]: https://www.qubes-os.org/news/2017/11/27/qubes-40-rc3/
[closed-issues]: https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+milestone%3A%22Release+4.0%22+is%3Aclosed
[release-notes]: https://www.qubes-os.org/doc/releases/4.0/release-notes/
[discover and report bugs]: https://www.qubes-os.org/doc/reporting-bugs/
[release schedule]: https://www.qubes-os.org/doc/version-scheme/#release-schedule
[4.0-bugs]: https://github.com/QubesOS/qubes-issues/issues?utf8=%E2%9C%93&q=is%3Aopen+is%3Aissue+milestone%3A%22Release+4.0%22+label%3Abug
[dom0-testing]: https://www.qubes-os.org/doc/software-update-dom0/#testing-repositories
[domU-testing]: https://www.qubes-os.org/doc/software-update-vm/#testing-repositories
[Downloads]: https://www.qubes-os.org/downloads/
This announcement is also available on the Qubes website:
https://www.qubes-os.org/news/2018/01/31/qubes-40-rc4/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpyfsUACgkQ203TvDlQ
MDDB3w/+M0JJTT1cWeQNe1fZgQXkKE9dY/lJD3E+/llFjxHrA1QpjYoo2txWHj6a
oM9pbH9qDCdhFxyU9z3wejMaMuseav5xOhg9BgtO2qeWyCCEwPap4EFgwEnn6wzF
HjNtDxkxtgenJtf9833OI5uRNiejp9zuW3NvlisAVaAYmCi+ZT3ksaJFidVpkna7
APzxTUb1lqUdzpcGWAhr+LaYzABwPFoV/XBMSOzYij5SCT/EtaL3CETHb7a6H2Hb
1K6ovNLK7jrE3Qb6F+g2teO4ACtsaO0Us5IPbczZAp4TEY22Vrc8IK5t6AmbWm06
HkhNo8YKMe747OtIIeMDftvCQd/34fwXVltc6mMcdAwYOuFyIvttRHMhzsXyusTz
kezqIM/zWHvZs9qdiO9nbGx1K+pJSLP52kklwqUXl2irzIv46DErXgeYW4x06LRH
EcMC9jf+gW1g4Fevrco0ikDMLBhbuQsUtE5spdn2rSZJ+sGW2xjwTfAEuU9wOW2/
xKHvFpTaNMAssCBeY73Hyk5Gu1VbCNsd2oeST7HpB5SLL8JxmWnRJKkfuysbl7Ix
liEgsvfqdJA4PsUOACTanwUd1T8iSk8D4IqG6L5HFROHiSlUtAoTNuVvB5OXQvVj
KJw6SlKysuiaMLE5pOWxlony3uia7zM0MpbVWg9bqLYvclNUeNg=
=9apA
-----END PGP SIGNATURE-----
pixel fairy
alexc...@gmail.com
Holger Levsen
> Are there plans for the final 4.0 release to have a direct upgrade path from 3.2? Or do we just backup all of our VMs, fresh install 4.0, then restore our VMs?
--
cheers,
Holger
Krišjānis Gross
Thank You for the effort to make this happen! Keep up the good work!
joev...@gmail.com
Can you please update https://www.qubes-os.org/doc/releases/4.0/schedule/
Thanks again
John
Yuraeitha
> I'm delighted the Qube Manager is back (typo? should it be Qubes Manager?). Thanks for listening. Minor point but it doesn't always refresh automatically. Keep up the good work!
When naming it Qube Manager, the emphasis is put on specifically qube's, but not Qubes OS as a whole system. From what I've understood, while the manager is back, it won't be controlling the whole system like it was intended to do in Qubes =< 3.2, but instead just the qube's, the VM's. You can still do more or less the same as before, somewhat, but new features will not be added to it, at least not for current release.
Odds are that it may quite possibly forever remain a secondary manager, at least probably until someone writes a completely new manager which goes completely in hand with the qubes-admin system and other complex changes done in Qubes 4. The current return of the Qube Manager, does not appear to have been such a major re-work, which from what I understand will take a lot of time and work to do with all the Qubes 4 improvements. In other words, it's a bit watered down version of the old manager.
Also you must not forget, if the Qubes developers ever make major changes again, then re-doing a Manager all over again, seems a bit much considering how busy they are now and the little resources that are available. It might not make sense to make a new manager, at least until Qubes has stopped rapid development. From what I can see, Qubes 4.0 is just the beginning, it looks like the Qubes team is only getting started. Qubes may change and improve even further in upciming releases. Who knows though, this is just me sensing where its going, I may be entirely wrong.
But tbh, while I too prefer GUI most of the time since it's generally faster, I did grow quite accustomed to not having the Qube Manager before RC-4 (starting to use Qubes 4 at RC-2). I realized I don't even open the Qube Manager now that I got it back, I simply don't need it anymore, with perhaps the exception to minitor the CPU/RAM, but I got other tools for that, like "xentop" for VM's and "top" for dom0, amongo ther tools. But I'm happy with the gesture of bringing it back, and also perhaps not everyone can get used to not having the manager, so it's still a nice change for that reason since eveyone are different and have different needs. I very much respect the Qubes developers for this gesture, even if I won't personally be using it.
John
David Hobach
> We're pleased to announce the fourth release candidate for Qubes 4.0!
So far it seems more stable than the previous RCs and PVH doesn't only
provide the mentioned security gain, but also provides much better
performance over HVM on older machines.
4.0rc1 felt twice as slow as 3.2 and now rc4 feels like the same level
of speed as 3.2.
pixelfairy
blender is much slower. i know blender is outside of qubes domain, but it shows the performance difference.
--
You received this message because you are subscribed to a topic in the Google Groups "qubes-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/qubes-users/57reYSQsB00/unsubscribe.
To unsubscribe from this group and all its topics, send an email to qubes-users...@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/47ae1411-c153-7f19-bebf-bcda284ee628%40hackingthe.net.
For more options, visit https://groups.google.com/d/optout.