Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-07-29 09:39:09 -04:00
Code Issues Projects Releases Packages Wiki Activity

merge form upstream

Browse source
This commit is contained in:
qubedmaiska 2025-02-21 04:48:20 -05:00
commit 2093a276b8
No known key found for this signature in database
GPG key ID: 204BCE0FD52C0501
5 changed files with 25 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

5
developer/releases/todo.md
View file

@ -37,6 +37,7 @@ On final release
* finish release notes
* update InstallationInstructions
* build ISO and push to mirrors
* push `qubes-release` package to `current`
* notify @Rudd-O about the new ISO for new torrent hosting
* write blog post
* announce on Twitter
* write news post
* announce

16
developer/services/qrexec.md
View file

@ -109,11 +109,6 @@ whether to allow the request, what VM to redirect the execution to, and what use
Note that if the request is redirected (`target=` parameter), policy action remains the same -- even if there is another rule which would otherwise deny such request.
If no policy rule is matched, the action is denied.
In the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself -- in which case it must have executable permission set (`chmod +x`):
- `/etc/qubes-rpc/RPC_ACTION_NAME` when you make it in the template qube;
- `/usr/local/etc/qubes-rpc/RPC_ACTION_NAME` for making it only in an app qube.
Files in `/run/qubes/policy.d/` are deleted when the system is rebooted.
This is useful for temporary policy that contains the name or UUID of a disposable VM, which will not be meaningful after the system has rebooted.
Such policy files can be created manually, but they are usually created automatically by a Qrexec call to dom0.
@ -141,6 +136,17 @@ It is also possible to call service without specific client program -- in which
$ qrexec-client-vm target_vm_name RPC_ACTION_NAME
```
### Answering an RPC call
In other for a RPC call to be answered in the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself -- in which case it must have executable permission set (`chmod +x`):
- `/etc/qubes-rpc/RPC_ACTION_NAME` when you make it in the template qube;
- `/usr/local/etc/qubes-rpc/RPC_ACTION_NAME` for making it only in an app qube.
The source VM name can then be accessed in the server process via
`QREXEC_REMOTE_DOMAIN` environment variable. (Note the source VM has *no*
control over the name provided in this variable--the name of the VM is
provided by dom0, and so is trusted.)
### Specifying VMs: tags, types, targets, etc.
There are severals methods for specifying source/target VMs in RPC policies.

37
user/advanced-topics/how-to-install-software-in-dom0.md
View file

@ -65,44 +65,15 @@ commands to `dnf` using `--action=...`.
**WARNING:** Downgrading a package can expose your system to security
vulnerabilities.
1. Download an older version of the package:
To downgrade a specific package in dom0:
~~~
sudo qubes-dom0-update package-version
~~~
Dnf will say that there is no update, but the package will nonetheless be
downloaded to dom0.
2. Downgrade the package:
~~~
sudo dnf downgrade package-version
~~~
sudo qubes-dom0-update --action=downgrade package-version
## How to re-install a package
You can re-install in a similar fashion to downgrading.
To re-install a package in dom0:
1. Download the package:
~~~
sudo qubes-dom0-update package
~~~
Dnf will say that there is no update, but the package will nonetheless be
downloaded to dom0.
2. Re-install the package:
~~~
sudo dnf reinstall package
~~~
Note that `dnf` will only re-install if the installed and downloaded
versions match. You can ensure they match by either updating the package to
the latest version, or specifying the package version in the first step
using the form `package-version`.
sudo qubes-dom0-update --action=reinstall package
## How to uninstall a package

2
user/downloading-installing-upgrading/installation-guide.md
View file

@ -74,7 +74,7 @@ Change `Qubes-RX-x86_64.iso` to the filename of the version you're installing, a
#### Windows ISO to USB
On Windows, you can use the [Rufus](https://rufus.akeo.ie/) tool to write the ISO to a USB key. Be sure to select "Write in DD Image mode" *after* selecting the Qubes ISO and pressing "START" on the Rufus main window.
On Windows, you can use the [Rufus](https://rufus.ie/) tool to write the ISO to a USB key. Be sure to select "Write in DD Image mode" *after* selecting the Qubes ISO and pressing "START" on the Rufus main window.
<div class="alert alert-info" role="alert">
<i class="fa fa-info-circle"></i>

6
user/hardware/certified-hardware.md
View file

@ -25,6 +25,12 @@ Qubes-certified computers are certified for a [major release](/doc/version-schem
The current Qubes-certified models are listed below in reverse chronological order of certification.
### NovaCustom V54 Series 14.0 inch coreboot laptop
[![Photo of the NovaCustom V54 Series 14.0 inch coreboot laptop](/attachment/site/novacustom-v54-series.png)](https://novacustom.com/product/v54-series/)
The [NovaCustom V54 Series 14.0 inch coreboot laptop](https://novacustom.com/product/v54-series/) is certified for Qubes OS Release 4.
### NitroPad V56
[![Photo of the NitroPad V56](/attachment/site/nitropad-v56.png)](https://shop.nitrokey.com/shop/nitropad-v56-684)