-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 22/07/2019 11.05 AM, unman wrote: > On Sun, Jul 21, 2019 at 03:56:31PM -0500, Andrew David Wong wrote: >> On 16/07/2019 9.35 AM, unman wrote: >>> On Sun, Jul 14, 2019 at 09:13:16PM -0500, Andrew David Wong >>> wrote: >>>> On 14/07/2019 9.08 PM, Andrew David Wong wrote: >>>>> On 14/07/2019 8.19 AM, unman wrote: >>>>>> On Sat, Jul 13, 2019 at 06:40:00PM -0500, Andrew David >>>>>> Wong wrote: >>>>>>> >>>>>>> 1. When using the Qubes Update widget, a mgmt >>>>>>> DisposableVM is started. Why is that? Is it just for >>>>>>> executing Salt commands so that they're not executed in >>>>>>> dom0? >>>>> >>>>>> Yes, this is standard in Qubes. >>>>> >>>>>>> >>>>>>> 2. How can one update a TemplateVM the way the Qubes >>>>>>> Update widget does? For example, when I update a Fedora >>>>>>> TemplateVM myself, I just execute `dnf update` in the >>>>>>> template. I don't start any DisposableVMs, so clearly >>>>>>> my method of updating is different from what the Qubes >>>>>>> Update widget does. Is there some kind of scriptable >>>>>>> qubesctl command I can issue from dom0 that does the >>>>>>> same thing as the Qubes Update widget? >>>>>>> >>>>> >>>>>> The update widget calls qubesctl and runs the state file >>>>>> in /srv/formuals/base/update-formula/update/qubes-vm.sls >>>>> >>>>>> You can run this yourself by: qubesctl --skip-dom0 >>>>>> --targets=<targets> --show-output state.sls >>>>>> update.qubes-vm >>>>> >>>>>> Skip the "show-output" option if you want to script. >>>>> >>>>>> It's a wrapper to salts pkg.uptodate call, so you could >>>>>> put that in a state file yourself. >>>>> >>>>> >>>>> Thanks, unman. I'm not quite sure what the last sentence >>>>> means. Why would one want to put that in a state file >>>>> oneself? >>>>> >>>> >>>> Could you explain what these options mean? >>>> >>>> --skip-dom0 -- The documentation doesn't really explain >>>> this. --targets -- Is this the qube to be updated in this >>>> case? >>>> >>> --skip-dom0 -- Doesnt try to action state in dom0. >>> >>> --targets -- You can give list of qubes to use as targets, >>> (comma delimited) or use keywords. 'qubesctl --templates'. >>> >> >> Thanks, unman. This is helpful, but I'm still unclear on >> --skip-dom0. >> >> Looking at the command you provided: >> >> qubesctl --skip-dom0 --targets=<targets> --show-output state.sls >> update.qubes-vm >> >> What is the difference between including --skip-dom0 and >> excluding that option? >> >> It's counterintuitive to me that, if I *specify* a target to be >> acted upon using --targets, I *also* have to specify *not* to >> take action on a *different* target (namely dom0). >> > > Depending on how you structure your states, and interdependencies, > this is actually quite useful. For example, you can create a qube, > configured as you wish, and then manipulate the files on that qube. > Including dom0 allows you to do equivalent of qvm-create and > qvm-prefs. If you subsequently change the preferences, you don't > want to run the same state against dom0, because that would revert > the changes you have made, so you can specify --skip-dom0 but apply > the same state in the qube filesystem. For quick and dirty work > that's fine. >
Sorry, I'm not following your example. What does it mean to "do the equivalent of qvm-create and qvm-prefs"? I had no idea you could create the effects of those commands without those commands. This sounds like a rather arcane area of Qubes wizardry into which I have not ventured. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl02VvkACgkQ203TvDlQ MDDKFg//WmbUD+TwUf6z0MxAVwV1UbrJapCL0KD2TuD0jW2KAtwGAVe24+3BsTOt gK2Gufuct2cWZ19Ljg2HQu/ZVnEd7ndq60IcIFDyJ7dCwzSjFZeeiQ4hDNc0xWlY nR4HID+tdDg52Ao7HTHK8fmuBB4607/JjHxeg95N4LqvFLkaCgm9rSwv8hT+L9+y weGgV/xTdlJ+S1Nzgpp68ZRC+xQ7A/dYY0IJAqKhqoPF/zxSTSrgrmR/NjNnOry9 WnWrmF38rluHrlDRZZIyvTCPmuDKMJ7KkRx0CB0VvE5t7iibwyxU64RRKhyD5NTF QXexsL/OAay7I2V78HiZ/y+y9AL2nYAd6drq7DCZYbwnWw0LQzwpH/qRJJH/j9Ix 2ED9kUY+ojUBmg77hSUz7svf6XETG/RtM92AORgVB2eDgi4KAuZkOR2NbVTUW/q6 4DrpKdO22Hag0Z87MKokTGPF8N837TtPd6471Tqucgv0TDkPgar5fe1l2L6y5904 FvY83Cv2GuqXJVZXLYpNaF+5UjmWHYmRFzsq2NGR+iMpaJlea4nOHJytMbZgBRQf /cGeOjLN+vXzOMNZSHvkvx8QYEs7Iksn02rT1/4dmXBaVmDIZRzZ7zx6fqJjfKMD qAxSNSpHigK+GASbZ4R48rlfNxxzeD8JtTl7LChOa2dnwRgz+Uk= =lCnl -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a8f332fc-db94-ba16-6687-4beabea6a9cf%40qubes-os.org.
