It'd be useful if those qubesctl update commands were in the docs, especially with the concurrency option.
Em domingo, 11 de outubro de 2020 às 13:16:43 UTC-3, marm...@invisiblethingslab.com escreveu: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Sat, Oct 10, 2020 at 09:50:00PM -0500, Andrew David Wong wrote: > > I still upgrade dom0 and templates the old-fashioned way, because I'm > > used to it, I understand it, and I already have custom scripts for daily > > maintenance that include these commands. > > > > Specifically, I mean these kinds of commands: > > > > `sudo qubes-dom0-update -y` in a dom0 terminal > > > > `dnf -y --refresh upgrade` in Fedora TemplateVM terminals > > > > `apt-get clean && apt-get -y update && apt-get -y dist-upgrade && > apt-get -y > > autoremove && apt-get clean` in Debian-based TemplateVM terminals > > > > However, when I occasionally use the Qubes Update tool, I see that it > > creates a `disp-mgmt-*` DisposableVM for each VM it updates. This > prompts me > > to wonder: Is updating with the Qubes Update tool more secure than my > > old-fashioned methods? > > Short answer: in some cases yes. > > > Are certain operations performed within that > > DisposableVM in order to protect the TemplateVM? > > DisposableVM is used not to protect the TemplateVM, but to protect dom0 > from potentially compromised TemplateVM. Salt stack is a complex piece > of software and we do not trust it won't get compromised when > interacting with compromised template. The benefit of using salt stack > is not there (the usage of DisposableVM actually makes it more resource > intensive and slower...). The good part is that in addition to perform > standard update commands, we can apply other changes before/after the > update. For example this is how we delivered APT fix for Debian > templates in context of QSB#46. This is also how we updated onion > version of repositories addresses when we switched them. > Another benefit is to have a single command to update any template. > > > If so, then how should I invoke this new update method with a command > like > > the ones above? Are there drop-in replacements that I can use in my > scripts? > > The salt version of dom0 update is: > > sudo qubesctl state.sls update.qubes-dom0 > > And then for TemplateVM and StandaloneVM (all at once): > > sudo qubesctl --skip-dom0 --templates --standalones state.sls > update.qubes-vm > > Useful options: > > --max-concurrency - limit how many templates are updated at the same > time - adjust to available RAM (default 4, GUI updater sets it > to 1) > --targets=vm1,vm2,... - limit to specific VMs, instead of all the > templates (use instead of --templates --standalones) > --show-output - show update summary instead of just OK/FAIL > > For other options see qubesctl --help > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > -----BEGIN PGP SIGNATURE----- > > iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl+DL+IACgkQ24/THMrX > 1yz3RggAmUQApMbqF5Ky2byELjFAUnXKLc+oqTcSmnLPbPkmWnIes6m7xj/JjHd2 > H5pwReIDmWU52Li0FtDDnF25pX424ncWDdP/v/xRXtUU+/ZDGtt3GYPPSus3SRdS > WsGQP+YKPkQDBsWizmu4irV5hp4mnHf8oFvwue9VfVDWyAkHumtaC8ey+aFtLhlh > FpGcHNn2n9y+1MW5+mTIZd3U89ByNUj7BZJwxyQt68fjN6rTH7RyknS05BY5GOQi > 4MygHqYqdoWMMKu78RvtIW0sbAVOUTq2gpecVzTeB2mt3gfKG307lByt2fClqKuB > JwjL0TWIYdj8lAXTBBni6fSMirJJqA== > =pAog > -----END PGP SIGNATURE----- > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/41daf59b-adf6-4be6-bc1c-7c6661d23910n%40googlegroups.com.
