merge form upstream

developer/releases/todo.md

@@ -37,6 +37,7 @@ On final release
 * finish release notes
 * update InstallationInstructions
 * build ISO and push to mirrors
+* push `qubes-release` package to `current`
 * notify @Rudd-O about the new ISO for new torrent hosting
-* write blog post
+* write news post
-* announce on Twitter
+* announce

developer/services/qrexec.md

@@ -109,11 +109,6 @@ whether to allow the request, what VM to redirect the execution to, and what use
 Note that if the request is redirected (`target=` parameter), policy action remains the same -- even if there is another rule which would otherwise deny such request.
 If no policy rule is matched, the action is denied.
 
-In the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself -- in which case it must have executable permission set (`chmod +x`):
-
-  - `/etc/qubes-rpc/RPC_ACTION_NAME` when you make it in the template qube;
-  - `/usr/local/etc/qubes-rpc/RPC_ACTION_NAME` for making it only in an app qube.
-
 Files in `/run/qubes/policy.d/` are deleted when the system is rebooted.
 This is useful for temporary policy that contains the name or UUID of a disposable VM, which will not be meaningful after the system has rebooted.
 Such policy files can be created manually, but they are usually created automatically by a Qrexec call to dom0.
@@ -141,6 +136,17 @@ It is also possible to call service without specific client program -- in which
 $ qrexec-client-vm target_vm_name RPC_ACTION_NAME
 ```
 
+### Answering an RPC call
+
+In other for a RPC call to be answered in the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself -- in which case it must have executable permission set (`chmod +x`):
+  - `/etc/qubes-rpc/RPC_ACTION_NAME` when you make it in the template qube;
+  - `/usr/local/etc/qubes-rpc/RPC_ACTION_NAME` for making it only in an app qube.
+
+The source VM name can then be accessed in the server process via
+`QREXEC_REMOTE_DOMAIN` environment variable. (Note the source VM has *no*
+control over the name provided in this variable--the name of the VM is
+provided by dom0, and so is trusted.)
+
 ### Specifying VMs: tags, types, targets, etc.
 
 There are severals methods for specifying source/target VMs in RPC policies.

user/advanced-topics/how-to-install-software-in-dom0.md

@@ -65,44 +65,15 @@ commands to `dnf` using `--action=...`.
 **WARNING:** Downgrading a package can expose your system to security
 vulnerabilities.
 
-1. Download an older version of the package:
+To downgrade a specific package in dom0:
 
-    ~~~
+    sudo qubes-dom0-update --action=downgrade package-version
-    sudo qubes-dom0-update package-version
-    ~~~
-
-    Dnf will say that there is no update, but the package will nonetheless be
-    downloaded to dom0.
-
-2. Downgrade the package:
-
-    ~~~
-    sudo dnf downgrade package-version
-    ~~~
 
 ## How to re-install a package
 
-You can re-install in a similar fashion to downgrading.
+To re-install a package in dom0:
 
-1. Download the package:
+    sudo qubes-dom0-update --action=reinstall package
-
-    ~~~
-    sudo qubes-dom0-update package
-    ~~~
-
-    Dnf will say that there is no update, but the package will nonetheless be
-    downloaded to dom0.
-
-2. Re-install the package:
-
-    ~~~
-    sudo dnf reinstall package
-    ~~~
-
-    Note that `dnf` will only re-install if the installed and downloaded
-    versions match. You can ensure they match by either updating the package to
-    the latest version, or specifying the package version in the first step
-    using the form `package-version`.
 
 ## How to uninstall a package
 

user/downloading-installing-upgrading/installation-guide.md

@@ -74,7 +74,7 @@ Change `Qubes-RX-x86_64.iso` to the filename of the version you're installing, a
 
 #### Windows ISO to USB
 
-On Windows, you can use the [Rufus](https://rufus.akeo.ie/) tool to write the ISO to a USB key. Be sure to select "Write in DD Image mode" *after* selecting the Qubes ISO and pressing "START" on the Rufus main window.
+On Windows, you can use the [Rufus](https://rufus.ie/) tool to write the ISO to a USB key. Be sure to select "Write in DD Image mode" *after* selecting the Qubes ISO and pressing "START" on the Rufus main window.
 
 <div class="alert alert-info" role="alert">
   <i class="fa fa-info-circle"></i>

user/hardware/certified-hardware.md

@@ -25,6 +25,12 @@ Qubes-certified computers are certified for a [major release](/doc/version-schem
 
 The current Qubes-certified models are listed below in reverse chronological order of certification.
 
+### NovaCustom V54 Series 14.0 inch coreboot laptop
+
+[![Photo of the NovaCustom V54 Series 14.0 inch coreboot laptop](/attachment/site/novacustom-v54-series.png)](https://novacustom.com/product/v54-series/)
+
+The [NovaCustom V54 Series 14.0 inch coreboot laptop](https://novacustom.com/product/v54-series/) is certified for Qubes OS Release 4.
+
 ### NitroPad V56
 
 [![Photo of the NitroPad V56](/attachment/site/nitropad-v56.png)](https://shop.nitrokey.com/shop/nitropad-v56-684)