qubes-issues
qubes-issues copied to clipboard
QubesOS
DNF configuration hardening doesn’t appear to be persistent
Qubes OS release
Qubes OS 4.2
Brief summary
My understanding (from previous discussions) is that the GUI updater is expected to set deltarpm=0 and zchunk=0, but it either doesn’t set them or doesn’t set them persistently.
Steps to reproduce
- Install updates via the GUI.
- Check the contents of
/etc/dnf/dnf.conf.
Expected behavior
zchunk=0 and deltarpm=0 or equivalent are present.
Actual behavior
zchunk=0 and deltarpm=0 or equivalent are not present.
Additional information
No response
On distributions using DNF5 (which is all non-EOL Fedora versions) it's
in /etc/dnf/libdnf5.conf.d/10-qubes.conf.
On distributions using DNF5 (which is all non-EOL Fedora versions) it's in
/etc/dnf/libdnf5.conf.d/10-qubes.conf.
My Fedora 41 template (which has been upgraded using the GUI updater) has an empty /etc/dnf/libdnf5.conf.d.
Automated announcement from builder-github
The package core-agent-linux has been pushed to the r4.2 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing bookworm-testing (or appropriate equivalent for your template version), then use the standard update command:
sudo apt-get update && sudo apt-get dist-upgrade
Changes included in this update
Automated announcement from builder-github
The component core-agent-linux (including package core-agent-linux) has been pushed to the r4.2 testing repository for the Fedora template.
To test this update, please install it with the following command:
sudo dnf update --enablerepo=qubes-vm-r4.2-current-testing
Changes included in this update
Automated announcement from builder-github
The package core-agent-linux has been pushed to the r4.2 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing trixie-testing (or appropriate equivalent for your template version), then use the standard update command:
sudo apt-get update && sudo apt-get dist-upgrade
Changes included in this update
Automated announcement from builder-github
The component core-agent-linux (including package core-agent-linux) has been pushed to the r4.2 testing repository for the Fedora template.
To test this update, please install it with the following command:
sudo dnf update --enablerepo=qubes-vm-r4.2-current-testing
Changes included in this update
Automated announcement from builder-github
The package core-agent-linux has been pushed to the r4.2 stable repository for the Debian template.
To install this update, please use the standard update command:
sudo apt-get update && sudo apt-get dist-upgrade
Changes included in this update
Automated announcement from builder-github
The package core-agent-linux has been pushed to the r4.2 stable repository for the Debian template.
To install this update, please use the standard update command:
sudo apt-get update && sudo apt-get dist-upgrade
Changes included in this update
Automated announcement from builder-github
The component core-agent-linux (including package core-agent-linux) has been pushed to the r4.2 stable repository for the Fedora template.
To install this update, please use the standard update command:
sudo dnf update
Changes included in this update
Automated announcement from builder-github
The component core-agent-linux (including package core-agent-linux) has been pushed to the r4.2 stable repository for the Fedora template.
To install this update, please use the standard update command:
sudo dnf update
Changes included in this update