Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-10-01 01:25:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Archlinux documentation update for Qubes-4.0

Browse Source 
Update Archlinux documentation as discussed in the following pull requests:
https://github.com/QubesOS/qubes-core-agent-linux/pull/67
https://github.com/QubesOS/qubes-core-agent-linux/pull/66
This commit is contained in:
ptitdoc 2017-11-19 09:31:57 +01:00 committed by GitHub
parent 3872d25784
commit 0d7b1875e8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
managing-os/templates/archlinux.md
View File

@ -32,22 +32,23 @@ A prebuilt template is available only for Qubes 3.2. Before Qubes 3.2, it should
## Binary packages activation ## Binary packages activation
The update repository is disabled when you install (signed) template package. You can however choose to trust it by registering it into pacman. The Qubes update repository is disabled by default in the Archlinux template. You can however choose to trust it by registering it into pacman.
Enable the repository by running the following command: Since November 2017, an activation package is present in the template. The update repository can thus be activated by running the following command inside the template:
# mv /etc/pacman.d/99-qubes-repository-3.2.disabled /etc/pacman.d/99-qubes-repository-3.2.conf # pacman -sU /etc/pacman.d/qubes-vm-keyring*.pkg.tar.xz
It should be noted to this command will create a trust for packages provided by [Olivier Médoc](mailto:o_medoc@yahoo.fr) and signed by the PGP key above.
Then you need to install and sign the public GPG key of the package maintainer (note that accessing to GPG servers requires to temporarily disable the firewall in your template): If the qubes-vm-keyring package is not present in `/etc/pacman.d/`, please refer to the section #Activating binary packages manually.
# pacman-key --recv-key 2043E7ACC1833B9C ## Optional Qubes packages
# pacman-key --finger 2043E7ACC1833B9C
If the fingerprint is correct, you can then sign the key:
# pacman-key --lsign-key 2043E7ACC1833B9C Several Qubes packages are not necessarilly installed by default in the Archlinux Template. These packages can be installed to add additional functionnalities to the template:
* `qubes-vm-networking`: Contains Qubes tools and dependencies required to use the template as a NetVM/ProxyVM
* `qubes-vm-pulseaudio`: Contains Pulseaudio agent enabling sound support in the template
## Default packages ## Default template packages
In order to keep the template as small and simple as possible, default installed package have been arbitrarily selected based on multiple subjective criterias that however essentially include libraries dependencies. This packages are: In order to keep the template as small and simple as possible, default installed package have been arbitrarily selected based on multiple subjective criterias that however essentially include libraries dependencies. This packages are:
* Some font packages to keep good user experience * Some font packages to keep good user experience
@ -60,6 +61,28 @@ In order to keep the template as small and simple as possible, default installed
Note that Archlinux does not install GUI packages by default as this decision is left to users. This packages have only been selected to have a usable template. Note that Archlinux does not install GUI packages by default as this decision is left to users. This packages have only been selected to have a usable template.
## Activating binary packages manually
Enable the repository by running the following command:
# rm /etc/pacman.d/99-qubes-repository-3.2.conf
# ln -s /etc/pacman.d/99-qubes-repository-3.2.disabled /etc/pacman.d/99-qubes-repository-3.2.conf
Then you need to install and sign the public GPG key of the package maintainer (note that accessing to GPG servers requires to temporarily disable the firewall in your template):
# pacman-key --recv-key 2043E7ACC1833B9C
# pacman-key --finger 2043E7ACC1833B9C
If the fingerprint is correct, you can then sign the key:
# pacman-key --lsign-key 2043E7ACC1833B9C
## Updating a Qubes-3.2 Archlinux Template
Because of changes in the Qubes-4.0 partition layout, and usage of XEN HVMs instead of pv-guests. It is not straightforward to update a Qubes-3.2 template to Qubes-4.0.
For this reason, it is recommended to start from a new template in Qubes-4.0.
## Updating a Qubes-3.1 Archlinux Template ## Updating a Qubes-3.1 Archlinux Template
If you decide to use binary packages but that you where using a Qubes-3.1 Template, your can follow these instructions to enable Qubes 3.2 agents. If you decide to use binary packages but that you where using a Qubes-3.1 Template, your can follow these instructions to enable Qubes 3.2 agents.
@ -111,7 +134,6 @@ Finally, errors related to the GUI agent can be found inside the VM in `/home/us
## Packages manager wrapper ## Packages manager wrapper
Powerpill is a full Pacman wrapper that not only give easy proxy configuration but further offers numerous other advantages. Powerpill is a full Pacman wrapper that not only give easy proxy configuration but further offers numerous other advantages.
Please check out: Please check out: