how to get the update proxy working again
81 views
Skip to first unread message
Tom Zander
Jan 7, 2018, 4:10:28 PM1/7/18
to qubes-users
I needed space on my dom0 (Q4) drive, so I ended up using qvm-clone to copy
my fedora25 template, my sys-net & sys-firewall to a different pool.
I naturally also copied the setup from the config dialog.
Everything seemed to work for a while, so I removed the sys-net /firewall
originals.
Now I have a problem, updates in templates no longer work. The magic proxy
fails me and I can't figure out how that thing actually was designed in order
to make it work again.
My first thinking was to assign the original IP addresses to the cloned VMs,
but qvm-prefs refuses to overwrite the qid property. :-(
The docs on the website talk about a service "qubes-yum-proxy" can't find
that one, though. I guess its a 3.2 property.
Anyone here able to explain how this proxy works? Would make a nice doc on
the website too!
I'd love some suggestions on how to fix this...
Thanks!
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel
my fedora25 template, my sys-net & sys-firewall to a different pool.
I naturally also copied the setup from the config dialog.
Everything seemed to work for a while, so I removed the sys-net /firewall
originals.
Now I have a problem, updates in templates no longer work. The magic proxy
fails me and I can't figure out how that thing actually was designed in order
to make it work again.
My first thinking was to assign the original IP addresses to the cloned VMs,
but qvm-prefs refuses to overwrite the qid property. :-(
The docs on the website talk about a service "qubes-yum-proxy" can't find
that one, though. I guess its a 3.2 property.
Anyone here able to explain how this proxy works? Would make a nice doc on
the website too!
I'd love some suggestions on how to fix this...
Thanks!
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel
Message has been deleted
khmar...@gmail.com
Jan 8, 2018, 1:53:46 AM1/8/18
to qubes-users
Is your new net vm different than "sys-net"? This caused me problems too. One solution is to rename the new net vm to "sys-net" or you can edit this file in dom0:
/etc/qubes-rpc/policy/qubes.UpdatesProxy
In that file there is a line that says target=sys-net.
I changed it to the same name as my net vm.
This is because the new update proxy works using qrexec as I understand.
From the qubes R4.0 release notes:
- Template VMs do not have network interface by default, qrexec-based updates proxy is used instead
There are probably plans to make this update automatically by the qubes.xml file or something else. Hope this helped!
Tom Zander
Jan 8, 2018, 4:18:34 AM1/8/18
to qubes...@googlegroups.com
On Monday, 8 January 2018 06:53:46 GMT khmar...@gmail.com wrote:
> Is your new net vm different than "sys-net"? This caused me problems too.
> One solution is to rename the new net vm to "sys-net" or you can edit
> this file in dom0:
>
> /etc/qubes-rpc/policy/qubes.UpdatesProxy
>
> In that file there is a line that says target=sys-net.
> I changed it to the same name as my net vm.
That did the trick!
> Is your new net vm different than "sys-net"? This caused me problems too.
> One solution is to rename the new net vm to "sys-net" or you can edit
> this file in dom0:
>
> /etc/qubes-rpc/policy/qubes.UpdatesProxy
>
> In that file there is a line that says target=sys-net.
> I changed it to the same name as my net vm.
Thanks, I would never have found that...
Reply all
Reply to author
Forward
0 new messages