Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-10-12 18:40:57 -04:00
Code Issues Projects Releases Packages Wiki Activity

merge upstream and add rst version of the how to edit Markdown and Markdown and website style guide docs

Browse source
This commit is contained in:
qubedmaiska 2025-09-08 02:03:08 -04:00
commit bb4a0b720f
No known key found for this signature in database
GPG key ID: 204BCE0FD52C0501
148 changed files with 1967 additions and 2562 deletions
Download patch file Download diff file Expand all files Collapse all files

34
developer/building/development-workflow.rst
View file

@ -40,7 +40,7 @@ In ``qubes-builder/artifacts/sources/linux-kernel``:
.. code:: console
make prep
$ make prep
@ -48,7 +48,7 @@ The resulting tree will be in kernel-<VERSION>/linux-<VERSION>:
.. code:: console
ls -ltrd kernel*/linux*
$ ls -ltrd kernel*/linux*
drwxr-xr-x 23 user user 4096 Nov 5 09:50 kernel-3.4.18/linux-3.4.18
drwxr-xr-x 6 user user 4096 Nov 21 20:48 kernel-3.4.18/linux-obj
@ -62,7 +62,7 @@ In ``qubes-builder/artifacts/sources/linux-kernel``:
.. code:: console
cd kernel-3.4.18/linux-3.4.18
$ cd kernel-3.4.18/linux-3.4.18
@ -74,8 +74,8 @@ In ``kernel-3.4.18/linux-3.4.18``:
.. code:: console
cp ../../config .config
make oldconfig
$ cp ../../config .config
$ make oldconfig
@ -83,7 +83,7 @@ Now change the configuration. For example, in ``kernel-3.4.18/linux-3.4.18``:
.. code:: console
make menuconfig
$ make menuconfig
@ -91,7 +91,7 @@ Copy the modified config back into the kernel tree:
.. code:: console
cp .config ../../../config
$ cp .config ../../../config
@ -103,20 +103,20 @@ TODO: describe the workflow for patching the code, below are some random notes,
.. code:: console
ln -s ../../patches.xen
export QUILT_PATCHES=patches.xen
export QUILT_REFRESH_ARGS="-p ab --no-timestamps --no-index"
export QUILT_SERIES=../../series-pvops.conf
$ ln -s ../../patches.xen
$ export QUILT_PATCHES=patches.xen
$ export QUILT_REFRESH_ARGS="-p ab --no-timestamps --no-index"
$ export QUILT_SERIES=../../series-pvops.conf
quilt new patches.xen/pvops-3.4-0101-usb-xen-pvusb-driver-bugfix.patch
quilt add drivers/usb/host/Kconfig drivers/usb/host/Makefile \
$ quilt new patches.xen/pvops-3.4-0101-usb-xen-pvusb-driver-bugfix.patch
$ quilt add drivers/usb/host/Kconfig drivers/usb/host/Makefile \
drivers/usb/host/xen-usbback/* drivers/usb/host/xen-usbfront.c \
include/xen/interface/io/usbif.h
*edit something*
quilt refresh
cd ../..
$ quilt refresh
$ cd ../..
vi series.conf
@ -133,7 +133,7 @@ To actually build RPMs, in qubes-builder:
.. code:: console
./qb -c linux-kernel package fetch prep build
$ ./qb -c linux-kernel package fetch prep build
@ -398,7 +398,7 @@ Then use ``make update-repo-unstable`` to upload the packages. You can also spec
.. code:: console
make COMPONENTS="core-agent-linux gui-agent-linux linux-utils" qubes update-repo-unstable
$ make COMPONENTS="core-agent-linux gui-agent-linux linux-utils" qubes update-repo-unstable

39
developer/building/qubes-builder-v2.rst
View file

@ -2,7 +2,6 @@
Qubes builder v2
================
This is a brief introduction to using Qubes Builder v2 to work with Qubes OS sources. It will walk you through installing and configuring Builder v2, and using it to fetch and build Qubes OS packages.
For details and customization, use `Qubes OS v2 builder documentation <https://github.com/QubesOS/qubes-builderv2/>`__.
@ -10,40 +9,29 @@ For details and customization, use `Qubes OS v2 builder documentation <https://g
Overview
--------
In the second generation of Qubes OS builder, container or disposable qube isolation is used to perform every stage of the build and release process. From fetching sources to building, everything is executed inside an isolated *cage* (either a disposable or a container) using an *executor*. For every command that needs to perform an action on sources, like cloning and verifying Git repos, rendering a SPEC file, generating SRPM or Debian source packages, a new cage is used. Only the signing, publishing, and uploading stages are executed locally outside a cage.
Setup
-----
This is a simple setup using a docker executor. This is a good default choice; if you dont know which executor to use, use docker.
1. First, decide what qube you are going to use when working with Qubes Builder v2. It can be an AppVM or a Standalone qube, with some steps different between the two.
2. Installing dependencies
- If you want to use an app qube for developing, install dependencies in the template. If you are using a standalone, install them in the qube itself. Dependencies are specified in ``dependencies-*. txt`` files in the main builder directory, and you can install them easily in the following ways:
If you want to use an app qube for developing, install dependencies in the template. If you are using a standalone, install them in the qube itself. Dependencies are specified in ``dependencies-*. txt`` files in the main builder directory, and you can install them easily in the following ways:
- for Fedora, use:
1. for Fedora, use:
.. code:: console
.. code:: console
$ sudo dnf install $(cat dependencies-fedora.txt)
$ test -f /usr/share/qubes/marker-vm && sudo dnf install qubes-gpg-split
- for Debian (note: some Debian packages require Debian version 13 or later), use:
2. for Debian (note: some Debian packages require Debian version 13 or later), use:
.. code:: console
.. code:: console
$ sudo apt install $(cat dependencies-debian.txt)
$ test -f /usr/share/qubes/marker-vm && sudo apt install qubes-gpg-split
@ -54,9 +42,8 @@ This is a simple setup using a docker executor. This is a good default choice; i
.. code:: console
git clone https://github.com/QubesOS/qubes-builderv2
cd qubes-builderv2/
$ git clone https://github.com/QubesOS/qubes-builderv2
$ cd qubes-builderv2/
4. If you havent previously used docker in the current qube, you need to set up some permissions. In particular, the user has to be added to the ``docker`` group:
@ -78,14 +65,9 @@ This is a simple setup using a docker executor. This is a good default choice; i
binds+=( '/var/lib/docker' )
Configuration
-------------
To use Qubes OS Builder v2, you need to have a ``builder.yml`` configuration file. You can use one of the sample files from the ``example-configs/`` directory; for a more readable ``builder.yml``, you can also include one of the files from that directory in your ``builder.yml``. An example ``builder.yml`` is:
.. code:: yaml
@ -116,19 +98,15 @@ To use Qubes OS Builder v2, you need to have a ``builder.yml`` configuration fil
options:
image: "qubes-builder-fedora:latest"
Using Builder v2
----------------
To fetch sources - in this example, for the ``core-admin-client`` package, you can use the following command:
.. code:: console
$ ./qb -c core-admin-client package fetch
This will fetch the sources for the listed package and place them in ``artifacts/sources`` directory.
To build a package (from sources in the ``artifacts/sources`` directory), use:
@ -137,19 +115,16 @@ To build a package (from sources in the ``artifacts/sources`` directory), use:
$ ./qb -c core-admin-client package fetch prep build
or, if you want to build for a specific target (``host-fc37`` is a ``dom0`` using Fedora 37, ``vm-fc40`` would be a qube using Fedora 40 etc.), use:
.. code:: console
$ ./qb -c core-admin-client -d host-fc37 package fetch prep build
If you want to fetch the entire Qubes OS source use the following:
.. code:: console
$ ./qb package fetch
**caution**: some repositories might have additional requirements. You can disable repositories that are not needed in the ``example-configs/*.yml`` file you are using by commenting them out. In particular, ``python-fido2``, ``lvm`` and ``windows``-related repositories have special requirements.

87
developer/building/qubes-builder.rst
View file

@ -1,3 +1,5 @@
:orphan:
=============
Qubes builder
=============
@ -55,17 +57,23 @@ Usually you can install those packages by just issuing:
.. code:: console
sudo dnf install gnupg git createrepo rpm-build make wget rpmdevtools python3-sh dialog rpm-sign dpkg-dev debootstrap python3-pyyaml devscripts perl-Digest-MD5 perl-Digest-SHA
$ sudo dnf install gnupg git createrepo rpm-build make wget rpmdevtools python3-sh dialog rpm-sign dpkg-dev debootstrap python3-pyyaml devscripts perl-Digest-MD5 perl-Digest-SHA
The build system creates build environments in chroots and so no other packages are needed on the host. All files created by the build system are contained within the qubes-builder directory. The full build requires some 25GB of free space, so keep that in mind when deciding where to place this directory.
The build system is configured via builder.conf file. You can use the setup.sh script to create and modify this file. Alternatively, you can copy the provided default builder.conf, and modify it as needed, e.g.:
.. code:: console
cp example-configs/qubes-os-master.conf builder.conf
# edit the builder.conf file and set the following variables:
$ cp example-configs/qubes-os-master.conf builder.conf
Edit the builder.conf file and set the following variables:
.. code:: bash
NO_SIGN=1
@ -84,39 +92,64 @@ It is also recommended that you use an empty passphrase for the private key used
So, to build Qubes you would do:
Import the Qubes master key:
.. code:: console
# Import the Qubes master key
gpg --recv-keys 0xDDFA1A3E36879494
$ gpg --recv-keys 0xDDFA1A3E36879494
# Verify its fingerprint, set as 'trusted'.
# This is described here:
# https://www.qubes-os.org/doc/VerifyingSignatures
wget https://keys.qubes-os.org/keys/qubes-developers-keys.asc
gpg --import qubes-developers-keys.asc
Verify its fingerprint, set as 'trusted'. This is described :doc:`here </project-security/verifying-signatures>`.
git clone https://github.com/QubesOS/qubes-builder.git qubes-builder
cd qubes-builder
.. code:: console
# Verify its integrity:
git tag -v `git describe`
$ wget https://keys.qubes-os.org/keys/qubes-developers-keys.asc
$ gpg --import qubes-developers-keys.asc
$ git clone https://github.com/QubesOS/qubes-builder.git qubes-builder
$ cd qubes-builder
Verify its integrity:
.. code:: console
$ git tag -v `git describe`
Copy the example ``builder.conf``:
.. code:: console
$ cp example-configs/qubes-os-master.conf builder.conf
Edit the builder.conf file and set the following variables:
.. code:: bash
cp example-configs/qubes-os-master.conf builder.conf
# edit the builder.conf file and set the following variables:
# NO_SIGN="1"
# Download all components:
make get-sources
Download all components:
# And now to build all Qubes RPMs (this will take a few hours):
.. code:: console
make qubes
$ make get-sources
# ... and then to build the ISO
make iso
And now to build all Qubes RPMs (this will take a few hours):
.. code:: console
$ make qubes
... and then to build the ISO
.. code:: console
$ make iso
And this should produce a shiny new ISO.
@ -125,7 +158,7 @@ You can also build selected component separately. Eg. to compile only gui virtua
.. code:: console
make gui-daemon
$ make gui-daemon
You can get a full list from make help.
@ -146,7 +179,7 @@ You can also modify sources somehow if you wish. Here are some basic steps:
- You can also set GIT_PREFIX=“marmarek/qubes-” to use marmareks repo instead of “mainstream” - it contains newer (but less tested) versions
- You can also set GIT_PREFIX=“marmarek/qubes-” to use marmareks repo instead of “mainstream” - it contains newer (but less tested) versions
@ -154,7 +187,7 @@ You can also modify sources somehow if you wish. Here are some basic steps:
.. code:: console
make get-sources
$ make get-sources
4. **Make your modifications here**
@ -165,14 +198,14 @@ You can also modify sources somehow if you wish. Here are some basic steps:
.. code:: console
make vmm-xen core-admin linux-kernel gui-daemon template desktop-linux-kde installer-qubes-os manager linux-dom0-updates
$ make vmm-xen core-admin linux-kernel gui-daemon template desktop-linux-kde installer-qubes-os manager linux-dom0-updates
7. build iso installation image
.. code:: console
make iso
$ make iso

60
developer/building/qubes-iso-building.rst
View file

@ -17,14 +17,14 @@ Fedora 36 (and 37) has been successfully used to build Qubes R4.1 with the below
.. code:: console
sudo setenforce 0
$ sudo setenforce 0
In ``dom0``, install the Fedora 36 (or 37) template if you dont already have it.
.. code:: console
sudo qubes-dom0-update qubes-template-fedora-36
$ sudo qubes-dom0-update qubes-template-fedora-36
@ -66,9 +66,9 @@ Now lets bootstrap the builder. Unfortunately, the builder cannot verify itse
.. code:: console
git clone https://github.com/QubesOS/qubes-builder.git
cd qubes-builder
git tag -v `git describe`
$ git clone https://github.com/QubesOS/qubes-builder.git
$ cd qubes-builder
$ git tag -v `git describe`
@ -120,8 +120,8 @@ Continue the build process with:
.. code:: console
make install-deps
make get-sources
$ make install-deps
$ make get-sources
@ -133,8 +133,8 @@ Finally, if you are making a test build, use:
.. code:: console
make qubes
make iso
$ make qubes
$ make iso
@ -142,9 +142,9 @@ Or for a fully signed build (this requires setting ``SIGN_KEY`` in ``builder.con
.. code:: console
make qubes
make sign-all
make iso
$ make qubes
$ make sign-all
$ make iso
@ -160,9 +160,9 @@ If you will be building Whonix templates:
.. code:: console
cd ~
gpg --keyserver pgp.mit.edu --recv-keys 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
gpg --fingerprint 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
$ cd ~
$ gpg --keyserver pgp.mit.edu --recv-keys 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
$ gpg --fingerprint 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
@ -185,11 +185,11 @@ Next, prepare the Git keyring directory and copy them in:
.. code:: console
export GNUPGHOME=~/qubes-builder/keyrings/git
mkdir --parents "$GNUPGHOME"
cp ~/.gnupg/pubring.gpg "$GNUPGHOME"
cp ~/.gnupg/trustdb.gpg "$GNUPGHOME"
chmod --recursive 700 "$GNUPGHOME"
$ export GNUPGHOME=~/qubes-builder/keyrings/git
$ mkdir --parents "$GNUPGHOME"
$ cp ~/.gnupg/pubring.gpg "$GNUPGHOME"
$ cp ~/.gnupg/trustdb.gpg "$GNUPGHOME"
$ chmod --recursive 700 "$GNUPGHOME"
@ -197,8 +197,8 @@ Copy one of the example configurations:
.. code:: console
cd ~/qubes-builder
cp example-configs/qubes-os-master.conf builder.conf
$ cd ~/qubes-builder
$ cp example-configs/qubes-os-master.conf builder.conf
@ -208,9 +208,9 @@ Continue the build process with:
.. code:: console
make install-deps
make get-sources
unset GNUPGHOME
$ make install-deps
$ make get-sources
$ unset GNUPGHOME
@ -220,8 +220,8 @@ Finally, if you are making a test build, use:
.. code:: console
make qubes
make iso
$ make qubes
$ make iso
@ -229,9 +229,9 @@ Or for a fully signed build (this requires setting ``SIGN_KEY`` in ``builder.con
.. code:: console
make qubes
make sign-all
make iso
$ make qubes
$ make sign-all
$ make iso

17
developer/code/code-signing.rst
View file

@ -91,7 +91,7 @@ If youre submitting a patch via GitHub (or a similar Git server), please sign
.. code:: console
git config --global user.signingkey <KEYID>
$ git config --global user.signingkey <KEYID>
@ -99,23 +99,24 @@ If youre submitting a patch via GitHub (or a similar Git server), please sign
.. code:: console
git config --global commit.gpgsign true
$ git config --global commit.gpgsign true
Alternatively, manually specify when a commit is to be signed:
.. code:: console
git commit -S
$ git commit -S
3. (Optional) Create signed tags. Signed commits are totally sufficient to contribute to Qubes OS. However, if you have commits which are not signed and you do not want to change them, you can create a signed tag for the commit and push it before the check.
This is useful for example, if you have a commit back in the git history which you like to sign now without rewriting the history.
.. code:: console
git tag -s <tag_name> -m "<tag_message>"
$ git tag -s <tag_name> -m "<tag_message>"
You can also create an alias to make this easier. Edit your ``~/.gitconfig`` file. In the ``[alias]`` section, add ``stag`` to create signed tags and ``spush`` to create signed tags and push them.
@ -171,14 +172,14 @@ In this case, you have several options to sign the commit:
.. code:: console
git commit --amend -S
$ git commit --amend -S
This also rewrites the commit so you need to push it forcefully:
.. code:: console
git push -f
$ git push -f
@ -186,8 +187,8 @@ In this case, you have several options to sign the commit:
.. code:: console
git checkout <commit>
git spush
$ git checkout <commit>
$ git spush
Now, the signature checker needs to re-check the signature. Please comment on the pull request that you would like to have the signatures checked again.

2
developer/code/coding-style.rst
View file

@ -49,7 +49,7 @@ General typographic conventions
- **Maintain a decent amount of horizontal spacing**, e.g. add a space after ``if`` or before ``{`` in C, and similar in other languages. Whether and where to also use spaces within expressions, such as (x*2+5) vs. (x * 2 + 5) is left to the developers judgment. Do not put spaces immediately after or before the brackets in expressions, so avoid constructs like this: ``if ( condition )`` and use ones like this: ``if (condition)`` instead.
- **Use single new lines** (\n aka LF) in any non-Windows source code. On Windows, exceptionally, use the CRLF line endings (). This will allow the source code to be easily viewable in various Windows-based programs.
- **Use single new lines** (\\n aka LF) in any non-Windows source code. On Windows, exceptionally, use the CRLF line endings (). This will allow the source code to be easily viewable in various Windows-based programs.
- **Use descriptive names for variables and functions**! Really, at a time when most editors have auto-completion features, there is no excuse for using short variable names.

11
developer/code/source-code.rst
View file

@ -21,7 +21,7 @@ To clone a repository:
.. code:: console
git clone https://github.com/QubesOS/qubes-<repo_name>.git <repo_name>
$ git clone https://github.com/QubesOS/qubes-<repo_name>.git <repo_name>
@ -29,7 +29,7 @@ e.g.:
.. code:: console
git clone https://github.com/QubesOS/qubes-core-admin.git core-admin
$ git clone https://github.com/QubesOS/qubes-core-admin.git core-admin
@ -39,8 +39,8 @@ If you really do want to clone **all** of the repositories, you can use these co
.. code:: console
curl "https://api.github.com/orgs/QubesOS/repos?page=1&per_page=100" | grep -e 'clone_url*' | cut -d \" -f 4 | xargs -L1 git clone
curl "https://api.github.com/orgs/QubesOS/repos?page=2&per_page=100" | grep -e 'clone_url*' | cut -d \" -f 4 | xargs -L1 git clone
$ curl "https://api.github.com/orgs/QubesOS/repos?page=1&per_page=100" | grep -e 'clone_url*' | cut -d \" -f 4 | xargs -L1 git clone
$ curl "https://api.github.com/orgs/QubesOS/repos?page=2&per_page=100" | grep -e 'clone_url*' | cut -d \" -f 4 | xargs -L1 git clone
@ -48,7 +48,7 @@ To update (git fetch) **all** of these repositories :
.. code:: console
find . -mindepth 1 -maxdepth 1 -type d -exec git -C {} fetch --tags --recurse-submodules=on-demand --all \;
$ find . -mindepth 1 -maxdepth 1 -type d -exec git -C {} fetch --tags --recurse-submodules=on-demand --all \;
@ -61,6 +61,7 @@ How to Send Patches
If you want to :ref:`contribute code <introduction/contributing:contributing code>` to the project, there are two ways. Whichever method you choose, you must :doc:`sign your code </developer/code/code-signing>` before it can be accepted.
- **Preferred**: Use GitHubs `fork & pull requests <https://guides.github.com/activities/forking/>`__.
Opening a pull request on GitHub greatly eases the code review and tracking process. In addition, especially for bigger changes, its a good idea to send a message to the :ref:`qubes-devel mailing list <introduction/support:qubes-devel>` in order to notify people who do not receive GitHub notifications.
- Send a patch to the :ref:`qubes-devel mailing list <introduction/support:qubes-devel>` (``git format-patch``).

20
developer/debugging/automated-tests.rst
View file

@ -119,7 +119,7 @@ Tests are also compatible with nose2 test runner, so you can use this instead:
.. code:: console
sudo systemctl stop qubesd; sudo -E nose2 -v --plugin nose2.plugins.loader.loadtests qubes.tests; sudo systemctl start qubesd
$ sudo systemctl stop qubesd; sudo -E nose2 -v --plugin nose2.plugins.loader.loadtests qubes.tests; sudo systemctl start qubesd
This may be especially useful together with various nose2 plugins to store tests results (for example ``nose2.plugins.junitxml``), to ease presenting results. This is what we use on `OpenQA <https://open.qa/>`__.
@ -140,15 +140,15 @@ Assuming you cloned the ``qubes-builder`` repository to your home directory insi
.. code:: console
cd ~
sudo dnf install python3-pip lvm2 python35 python3-virtualenv
virtualenv -p /usr/bin/python35 python35
source python35/bin/activate
python3 -V
cd ~/qubes-builder/qubes-src/core-admin
pip3 install -r ci/requirements.txt
export PYTHONPATH=../core-qrexec:test-packages
./run-tests
$ cd ~
$ sudo dnf install python3-pip lvm2 python35 python3-virtualenv
$ virtualenv -p /usr/bin/python35 python35
$ source python35/bin/activate
$ python3 -V
$ cd ~/qubes-builder/qubes-src/core-admin
$ pip3 install -r ci/requirements.txt
$ export PYTHONPATH=../core-qrexec:test-packages
$ ./run-tests
To run only the tests related to e.g. ``lvm``, you may use:

2
developer/debugging/safe-remote-ttys.rst
View file

@ -70,7 +70,7 @@ If your machine has a serial console, you may with to use that, but note that a
.. code:: console
script -f /dev/ttyS0
$ script -f /dev/ttyS0

36
developer/debugging/test-bench.rst
View file

@ -96,11 +96,11 @@ Internet access is intentionally disabled by default in dom0. But to ease the de
.. code:: console
sudo systemctl enable sshd
sudo systemctl start sshd
$ sudo systemctl enable sshd
$ sudo systemctl start sshd
sudo systemctl enable dom0-network-direct
sudo systemctl start dom0-network-direct
$ sudo systemctl enable dom0-network-direct
$ sudo systemctl start dom0-network-direct
@ -123,26 +123,26 @@ The following commands should work for you, but do keep in mind that the provisi
# https://github.com/marmarek/openqa-tests-qubesos/blob/master/tests/update.pm
# Install git
sudo qubes-dom0-update git || sudo dnf --setopt=reposdir=/etc/yum.repos.d install git
$ sudo qubes-dom0-update git || sudo dnf --setopt=reposdir=/etc/yum.repos.d install git
# Download the openQA automated testing environment Salt configuration
git clone https://github.com/marmarek/openqa-tests-qubesos/
cd openqa-tests-qubesos/extra-files
sudo cp -a system-tests/ /srv/salt/
sudo qubesctl top.enable system-tests
$ git clone https://github.com/marmarek/openqa-tests-qubesos/
$ cd openqa-tests-qubesos/extra-files
$ sudo cp -a system-tests/ /srv/salt/
$ sudo qubesctl top.enable system-tests
# Install the same configuration as the one in openQA
QUBES_VERSION=4.1
PILLAR_DIR=/srv/pillar/base/update
sudo mkdir -p $PILLAR_DIR
printf 'update:\n qubes_ver: '$QUBES_VERSION'\n' | sudo tee $PILLAR_DIR/init.sls
printf "base:\n '*':\n - update\n" | sudo tee $PILLAR_DIR/init.top
sudo qubesctl top.enable update pillar=True
$ QUBES_VERSION=4.1
$ PILLAR_DIR=/srv/pillar/base/update
$ sudo mkdir -p $PILLAR_DIR
$ printf 'update:\n qubes_ver: '$QUBES_VERSION'\n' | sudo tee $PILLAR_DIR/init.sls
$ printf "base:\n '*':\n - update\n" | sudo tee $PILLAR_DIR/init.top
$ sudo qubesctl top.enable update pillar=True
# Apply states to dom0 and VMs
# NOTE: These commands can take several minutes (if not more) without showing output
sudo qubesctl --show-output state.highstate
sudo qubesctl --max-concurrency=2 --skip-dom0 --templates --show-output state.highstate
$ sudo qubesctl --show-output state.highstate
$ sudo qubesctl --max-concurrency=2 --skip-dom0 --templates --show-output state.highstate
Development VM
@ -157,7 +157,7 @@ Arrange firewall so you can reach the testbench from your ``qubes-dev`` VM. Gene
.. code:: console
ssh-keygen -t ecdsa -b 521
$ ssh-keygen -t ecdsa -b 521

6
developer/debugging/vm-interface.rst
View file

@ -199,11 +199,11 @@ Services called by dom0 to provide some VM configuration:
- ``xdgicon:NAME`` - search for NAME in standard icons theme
- ``xdgicon:NAME`` - search for NAME in standard icons theme
- ``-`` - get icon data from stdin (the caller), can be prefixed with format name, for example ``png:-``
- ``-`` - get icon data from stdin (the caller), can be prefixed with format name, for example ``png:-``
- file name
- file name

18
developer/general/gsod.rst
View file

@ -113,22 +113,17 @@ Instructional video series
^^^^^^^^^^^^^^^^^^^^^^^^^^
.. _the-projects-problem-1:
The project's problem
^^^^^^^^^^^^^^^^^^^^^
Instructional video series: The project's problem
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There is user demand for high-quality, up-to-date video guides that take users from zero Linux knowledge to using Qubes as a daily driver and performing specific tasks inside of Qubes, but almost no such videos exist. Although most of the required knowledge is documented, many users report that they would prefer to watch videos rather than read text or that they would find videos easier to understand and follow along with.
.. _the-projects-scope-1:
The project's scope
^^^^^^^^^^^^^^^^^^^
Instructional video series: The project's scope
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@ -219,11 +214,10 @@ Below is an example of the content (which is already :doc:`documented </index>`)
The project is estimated to need around six months to complete (see the timeline below). Qubes team members, including Michael Carbone, Andrew Wong, and Marek Marczykowski-Górecki, will supervise and support the creator.
.. _measuring-the-projects-success-1:
Measuring the project's success
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Instructional video series: Measuring the project's success
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

6
developer/general/markdown-style-guide.rst
View file

@ -1,6 +1,6 @@
=========================
Documentation style guide
=========================
====================
Markdown style guide
====================
*Also see* :doc:`how to edit the documentation </developer/general/how-to-edit-the-documentation>` *.*

70
developer/general/usability-ux.rst
View file

@ -2,19 +2,15 @@
Usability & UX
==============
Software that is too complicated to use, is often unused. Because we want as many people as possible to benefit from its unique security properties, the usability and user experience of Qubes OS is an utmost priority!
We ask anyone developing for Qubes OS to please read through this guide to better understand the user experience we strive to achieve. We also ask them to review `our visual style guide <https://www.qubes-os.org/doc/visual-style-guide/>`__ for other design related information.
----
Easy To Use
-----------
An ideal user experience is friendly, and it beckons a new user to explore the interface. In this process, they can naturally discover how to use the software. Below are some guidelines that will help you design a user interface that accomplishes this goal.
|redx| **Interfaces Should Not**
@ -27,8 +23,6 @@ An ideal user experience is friendly, and it beckons a new user to explore the i
- Overwhelm the user with too much information and cognitive load
Perhaps the most common cause of mistakes is complexity. If there is a configuration setting that will significantly affect the users experience, choose a safe and smart default then tuck this setting in an ``Advanced Settings`` panel.
|checkmark| **Interfaces Should**
@ -41,18 +35,13 @@ Perhaps the most common cause of mistakes is complexity. If there is a configura
- Choose intelligent defaults for settings
In making software easy to use, it is crucial to be mindful of `cognitive load <https://en.wikipedia.org/wiki/Cognitive_load>`__ which dictates that *“humans are generally able to hold only seven +/- two units of information in short-term memory.”* Making sure your interfaces dont pass this short-term memory limit is perhaps the most important factor in helping a user feel comfortable instead of overwhelmed.
----
Easy to Understand
------------------
There will always be the need to communicate things to users. In these cases, an interface should aim to make this information easy to understand. The following are simple guides to help achieve this - none of these are absolute maxims!
|redx| **Avoid Acronyms**
@ -67,8 +56,6 @@ Acronyms are compact and make good names for command line tools. They do not mak
- ``NetVM`` - Networking Virtual Machine
Despite this rule, some acronyms like ``USB`` are widely used and understood due to being in common use for over a decade. It is good to use these acronyms when the full words like ``Universal Serial Bus`` are more likely to confuse users.
|checkmark| **Use Simple Words**
@ -83,12 +70,8 @@ Use the minimum amount of words needed to be descriptive, but also informative.
- Use ``Networking`` or ``Networking Qube`` instead of ``NetVM`` given context
----
|redx| **Avoid Technical Words**
Technical words are usually more accurate, but they often *only* make sense to technical users and are confusing and unhelpful to non-technical users. Examples of technical words that might show up in Qubes OS are:
@ -99,8 +82,6 @@ Technical words are usually more accurate, but they often *only* make sense to t
- ``qrexec-daemon``
These are all terms that have at some point showed up in users notification messages. Each term is very specific, but requires the user to understand virtualization to interpret.
|checkmark| **Use Common Concepts**
@ -113,14 +94,10 @@ Large amounts of the global population have been using computers for one or two
- Use ``Qubes`` instead of ``qrexec-daemon`` as it gives better context on what is happening
These words are more abstract and user relevant- they help a user understand what is happening based on already known concepts (disk space) or start to form a mental model of something new (Qubes).
----
|redx| **Avoid Inconsistencies**
It is easy to start abbreviating (or making acronyms) of long terms like ``Disposable Virtual Machine`` depending on where the term shows up in an interface.
@ -131,8 +108,6 @@ It is easy to start abbreviating (or making acronyms) of long terms like ``Dispo
- ``DisposableVM``
This variation in terms can cause new users to question or second guess what the three different variations mean, which can lead to inaction or mistakes.
|checkmark| **Make Things Consistent**
@ -141,14 +116,10 @@ Always strive to keep things consistent in the interfaces as well as documentati
- Use ``Disposable Qube`` at all times as it meets other criteria as well.
By using the same term throughout an interface, a user can create a mental model and relationship with that term allowing them to feel empowered.
----
|redx| **Avoid Duplicate Words**
It is easy to add words like ``Domain`` before items in a list or menu in an attempt to be descriptive, such as:
@ -160,8 +131,6 @@ It is easy to add words like ``Domain`` before items in a list or menu in an att
- Domain: banking
- Domain: personal
The repeated use of the word ``Domain`` requires a user to read it for each item in the list, which makes extra work for the eye in parsing out the relevant word like ``work, banking, or personal``. This also affects horizontal space on fixed width lines.
|checkmark| **Create Groups & Categories**
@ -175,16 +144,11 @@ It is more efficient to group things under headings instead as this allows the e
- Banking
- Personal
----
Easy To Complete
----------------
Lastly, expected (and unexpected) situations often require user actions or input. Make resolving these occurences as easy as possible to complete the action.
|redx| **Dont Leave Users Stranded**
@ -195,8 +159,6 @@ Consider the following notifications:
- ``There was an error saving Qube "Personal"``
Instead of displaying solvable errors like these and neglecting to provide a fix:
|checkmark| **Offer Actionable Solutions**
@ -207,14 +169,10 @@ Error messages and limits such as those in the previous example can be greatly i
- Add a link to a documentation page called ``Troubleshoot saving data``
In adhering to these principles, youll make undesirable situations more manageable for users instead of feeling stranded.
----
|checkmark| **Minimize Repetitive Steps**
There are many cases where a user wants to perform an action on more than one file or folder. However in order to do the action, the user must repeat certain steps such as:
@ -223,26 +181,18 @@ There are many cases where a user wants to perform an action on more than one fi
2. Navigate through file system
- Click Folder One
- Click Folder Two
- Click Folder One
- Click Folder Two
- Click Folder Three
- Click Folder Four
- Click Folder Three
- Click Folder Four
3. Select proper file
4. Complete task on file
That subtle act of clicking through a file system can prove to be significant if a user needs to open more than a couple files in the same directory. We can alleviate some of the work by changing the process:
1. Click on ``Open File`` from a menu or button
@ -253,18 +203,13 @@ That subtle act of clicking through a file system can prove to be significant if
4. Complete task
Clearly, cutting out something as simple as navigating through the file system can save a user quite a bit of time. Alternatively, adding a button or menu item like ``Open Multiple Files`` might be even better, because remembering and using relevant hotkeys is often something only power users know how to do!
----
GNOME, KDE, and Xfce
--------------------
The desktop GUIs that QubesOS versions 1 - 4.1 offer are `KDE <https://kde.org>`__ and `Xfce <https://xfce.org>`__. We are currently migrating towards using `GNOME <https://www.gnome.org>`__. We know some people prefer KDE, but we believe Gnome is easier to use for average non-technical users. Xfce will always be supported, and technical users will always have the choice to use KDE or other desktop environments.
This change means you should use `GTK <https://gtk.org/>`__ rather than Qt for new GUIs.
@ -277,16 +222,11 @@ All three of these mentioned desktop environments have their own `human interfac
- `Xfce UI Guidlines <https://wiki.xfce.org/dev/hig/general>`__
----
Further Learning & Inspiration
------------------------------
Learning to make well designing intuitive interfaces and software is specialized skillset that can take years to cultivate, but if you are interested in furthering your understanding, we suggest the following resources:
- `Learn Design Principles <https://web.archive.org/web/20180101172357/http://learndesignprinciples.com/>`__ by Melissa Mandelbaum
@ -301,7 +241,5 @@ Learning to make well designing intuitive interfaces and software is specialized
- `Hack Design <https://hackdesign.org/>`__ - online learning program
.. |checkmark| image:: /attachment/doc/checkmark.png
.. |redx| image:: /attachment/doc/red_x.png

73
developer/general/website-style-guide.rst Normal file
View file

@ -0,0 +1,73 @@
===================
Website style guide
===================
This page explains the standards we follow for building and maintaining the website. Please follow these guidelines and conventions when modifying the website. For the standards governing the documentation in particular, please see the :doc:`documentation style guide </developer/general/documentation-style-guide>`.
Coding conventions
------------------
The following conventions apply to the website as a whole, including everything written in HTML, CSS, YAML, and Liquid. These conventions are intended to keep the codebase consistent when multiple collaborators are working on it. They should be understood as a practical set of rules for maintaining order in this specific codebase rather than as a statement of what is objectively right or good.
General practices
^^^^^^^^^^^^^^^^^
- Use comments to indicate the purposes of different blocks of code. This makes the file easier to understand and navigate.
- Use descriptive variable names. Never use one or two letter variable names. Avoid obscure abbreviations and made-up words.
- In general, make it easy for others to read your code. Your future self will thank you, and so will your collaborators!
- `Dont Repeat Yourself (DRY)! <https://en.wikipedia.org/wiki/Don%27t_repeat_yourself>`__ Instead of repeating the same block of code multiple times, abstract it out into a separate file and ``include`` that file where you need it.
Whitespace
^^^^^^^^^^
- Always use spaces. Never use tabs.
- Each indentation step should be exactly two (2) spaces.
- Whenever you add an opening tag, indent the following line. (Exception: If you open and close the tag on the same line, do not indent the following line.)
- Indent Liquid the same way as HTML.
- In general, the starting columns of every adjacent pair of lines should be no more than two spaces apart (example below).
- No blank or empty lines. (Hint: When you feel you need one, add a comment on that line instead.)
Indentation example
^^^^^^^^^^^^^^^^^^^
Heres an example that follows the indentation rules:
.. code:: html
<table>
<tr>
<th title="Anchor Link"><span class="fa fa-link"></span></th>
{% for item in secs.htmlsections[0].columns %}
<th>{{ item.title }}</th>
{% endfor %}
</tr>
{% for canary in site.data.sec-canary reversed %}
<tr id="{{ canary.canary }}">
<td><a href="#{{ canary.canary }}" class="fa fa-link black-icon" title="Anchor link to Qubes Canary row: Qubes Canary #{{ canary.canary }}"></a></td>
<td>{{ canary.date }}</td>
<td><a href="https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-{{ canary.canary }}-{{ canary.date | date: '%Y' }}.txt">Qubes Canary #{{ canary.canary }}</a></td>
</tr>
{% endfor %}
</table>

6
developer/releases/1_0/release-notes.rst
View file

@ -19,8 +19,8 @@ Known issues
.. code:: console
qvm-prefs -s fedora-17-x64-dvm maxmem 3072
qvm-create-default-dvm --default-template --default-script
$ qvm-prefs -s fedora-17-x64-dvm maxmem 3072
$ qvm-create-default-dvm --default-template --default-script
@ -58,6 +58,6 @@ If you have Qubes Beta 3 currently installed on your system, you must reinstall
.. code:: console
qvm-backup-restore <backup_dir> --replace-template=fedora-15-x64:fedora-17-x64
$ qvm-backup-restore <backup_dir> --replace-template=fedora-15-x64:fedora-17-x64

5
developer/releases/3_0/release-notes.rst
View file

@ -3,11 +3,6 @@ Qubes R3.0 release notes
========================
Qubes R3.0 Release Notes
------------------------
This Qubes OS release is dedicated to the memory of Caspar Bowden.

3
developer/releases/4_0/release-notes.rst
View file

@ -56,6 +56,7 @@ Security Notes
- PV VMs migrated from 3.2 to 4.0-rc4 or later are automatically set to PVH mode in order to protect against Meltdown (see `QSB #37 <https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-037-2018.txt>`__). However, PV VMs migrated from any earlier 4.0 release candidate (RC1, RC2, or RC3) are not automatically set to PVH mode. These must be set manually.
- The following steps may need to be applied in dom0 and Fedora 26 TemplateVMs in order to receive updates (see `#3737 <https://github.com/QubesOS/qubes-issues/issues/3737>`__).
Steps for dom0 updates:
1. Open the Qubes Menu by clicking on the “Q” icon in the top-left corner of the screen.
@ -66,7 +67,7 @@ Security Notes
.. code:: console
sudo nano /etc/yum.repos.d/qubes-dom0.repo
$ sudo nano /etc/yum.repos.d/qubes-dom0.repo

347
developer/releases/4_3/release-notes.rst Normal file
View file

@ -0,0 +1,347 @@
==========================
Qubes OS 4.3 release notes
==========================
Major features and improvements since Qubes 4.2
===============================================
- Dom0 upgraded to Fedora 41
(`#9402 <https://github.com/QubesOS/qubes-issues/issues/9402>`__).
- Xen upgraded to version 4.19
(`#9420 <https://github.com/QubesOS/qubes-issues/issues/9420>`__).
- Default Fedora template upgraded to Fedora 42 (Fedora TemplateVMs and
StandaloneVMs with version lower than 41 are not supported).
- Default Debian template upgraded to Debian 13 (Debian TemplateVMs and
StandaloneVMs with version lower than 12 are not supported).
- Default Whonix templates upgraded to Whonix 17.4.3 (Whonix TemplateVMs
and StandaloneVMs with version lower than 17 are not supported).
- Preloaded disposables
(`#1512 <https://github.com/QubesOS/qubes-issues/issues/1512>`__,
`#9907 <https://github.com/QubesOS/qubes-issues/issues/9907>`__,
`#9917 <https://github.com/QubesOS/qubes-issues/issues/9917>`__,
`#9918 <https://github.com/QubesOS/qubes-issues/issues/9918>`__ &
`#10026 <https://github.com/QubesOS/qubes-issues/issues/10026>`__).
- Device “self-identity oriented” assignment (a.k.a New Devices API)
(`#9325 <https://github.com/QubesOS/qubes-issues/issues/9325>`__).
- QWT (Qubes Windows Tools) reintroduction with improved features
(`#1861 <https://github.com/QubesOS/qubes-issues/issues/1861>`__).
|Screenshot of QWT, Welcome page|
|Screenshot of QWT, Windows 11|
UI/UX
-----
- New Device UX workflow to allow users easy utilization of new Devices API.
A dedicated ``Device Assignments`` page is added to Global Config.
Qubes Devices widget is completely redesigned.
(`#8537 <https://github.com/QubesOS/qubes-issues/issues/8537>`__).
|Screenshot of Device UX assignments|
|Screenshot of Device UX deny attachment|
|Screenshot of Device UX edit assignment|
|Screenshot of Device UX required devices|
|Screenshot of Device UX Qubes Devices widget|
- New and improved flat icons for GUI tools
(`#5657 <https://github.com/QubesOS/qubes-issues/issues/5657>`__).
|Screenshot of Qube Manager|
- The far left icons from the Qube Manager are removed
(`#9776 <https://github.com/QubesOS/qubes-issues/issues/9776>`__).
- Application icons are available in VM Settings
(`#9829 <https://github.com/QubesOS/qubes-issues/issues/9829>`__).
|Screenshot of Qube Settings Applications|
- Option to add Qubes video Companion to AppMenu
(`#9761 <https://github.com/QubesOS/qubes-issues/issues/9761>`__).
- Improved AppMenu navigation with keyboard
(`#9006 <https://github.com/QubesOS/qubes-issues/issues/9006>`__).
- Better wording to clarify updater settings and actions
(`#8096 <https://github.com/QubesOS/qubes-issues/issues/8096>`__).
- Centralized Tray Notifications
(`#889 <https://github.com/QubesOS/qubes-issues/issues/889>`__).
- Option to launch root terminal or console terminal from Qubes Domains widget
(`#9788 <https://github.com/QubesOS/qubes-issues/issues/9788>`__)
- Option to open Global Config at a selected section for user
convenience
(`#9530 <https://github.com/QubesOS/qubes-issues/issues/9530>`__).
- A ``Saving changes...`` dialog is added to Global Config
(`#9926 <https://github.com/QubesOS/qubes-issues/issues/9926>`__).
GUI Daemon/Agent improvements
-----------------------------
- Allowing the GUI Daemon background color to be configurable, mostly
useful for people with dark themes
(`#9304 <https://github.com/QubesOS/qubes-issues/issues/9304>`__).
- Audio daemon does not connect to recording stream unless recording is
explicitly enabled
(`#9999 <https://github.com/QubesOS/qubes-issues/issues/9999>`__).
- Legacy X11 App icons (e.g. Xterm) are properly displayed
(`#9973 <https://github.com/QubesOS/qubes-issues/issues/9973>`__).
- Labeling virtual pointing device as absolute and not relative
(`#228 <https://github.com/QubesOS/qubes-issues/issues/228>`__).
- Improved global clipboard notifications & configurable global clipboard size
(`#9296 <https://github.com/QubesOS/qubes-issues/issues/9296>`__ &
`#9978 <https://github.com/QubesOS/qubes-issues/issues/9978>`__).
- Supporting Windows qubes in systems with ``sys-gui*``
(`#7565 <https://github.com/QubesOS/qubes-issues/issues/7565>`__).
Hardware support improvements
-----------------------------
- Support for `Advanced Format
(AF) <https://en.wikipedia.org/wiki/Advanced_Format>`__ drives better known
as 4K sector
(`#4974 <https://github.com/QubesOS/qubes-issues/issues/4974>`__).
- Replacing bus/slot/function with full PCI paths for device assignments
(`#8681 <https://github.com/QubesOS/qubes-issues/issues/8681>`__
& `#8127 <https://github.com/QubesOS/qubes-issues/issues/8127>`__).
- Ability to filter input devices with udev rules.
(`#3604 <https://github.com/QubesOS/qubes-issues/issues/3604>`__).
- Fix for graceful rebooting on some (U)EFI systems with buggy firmware
(`#6258 <https://github.com/QubesOS/qubes-issues/issues/6258>`__).
- Better support for Bluetooth and external hot-pluggable audio devices
with dynamic AudioVM switching
(`#7750 <https://github.com/QubesOS/qubes-issues/issues/7750>`__).
Security features
-----------------
- Templates could request custom kernel command line parameters;
currently used for Kicksecure and Whonix templates ``user-sysmaint-split``
(`#9750 <https://github.com/QubesOS/qubes-issues/issues/9750>`__).
- Allow VMs to specify boot modes as being only intended for AppVMs or
templates
(`#9920 <https://github.com/QubesOS/qubes-issues/issues/9920>`__).
- Shipping GRUB2 from Fedora with all security patches and Bootloader
Specification support
(`#9471 <https://github.com/QubesOS/qubes-issues/issues/9471>`__).
- SSL client certificate and GPG key support for private template repositories
(`#9850 <https://github.com/QubesOS/qubes-issues/issues/9850>`__).
- Preventing unsafe practice of 3rd party template installation with rpm/dnf
(`#9943 <https://github.com/QubesOS/qubes-issues/issues/9943>`__).
- Ability to prohibit start of specific qubes
(`#9622 <https://github.com/QubesOS/qubes-issues/issues/9622>`__).
- UUID support for qubes and support for addressing them by UUID in policies
(`#8862 <https://github.com/QubesOS/qubes-issues/issues/8862>`__ &
`#8510 <https://github.com/QubesOS/qubes-issues/issues/8510>`__).
- Custom persist feature to avoid unwanted data to persist as much as possible
(`#1006 <https://github.com/QubesOS/qubes-issues/issues/1006>`__).
Anonymity improvements
----------------------
- Disallowing files, URLs, or any application from Whonix-Workstation
qubes to be opened in non-Whonix disposable
(`#10051 <https://github.com/QubesOS/qubes-issues/issues/10051>`__).
- Preventing users from changing their Whonix Workstation qubes netvm
to ``sys-firewall`` (or other clearnet netvms) to avoid IP leaks
(`#8551 <https://github.com/QubesOS/qubes-issues/issues/8551>`__).
- kloak: Keystroke-level online anonymization kernel
(`#1850 <https://github.com/QubesOS/qubes-issues/issues/1850>`__).
Performance optimizations
-------------------------
- Option to use volumes directly without snapshots
(`#8767 <https://github.com/QubesOS/qubes-issues/issues/8767>`__).
- Retiring ``qubes-rpc-multiplexer`` and directly executing the command from c
(`#9062 <https://github.com/QubesOS/qubes-issues/issues/9062>`__).
- Caching "system info" structure for qrexec policy evaluation
(`#9362 <https://github.com/QubesOS/qubes-issues/issues/9362>`__).
- Minimal state qubes to make NetVM and USBVM to consume as little RAM as
possible.
Updating & upgrading
--------------------
- Ability to always hide specific TemplateVMs and StandaloneVMs from
update tools
(`#9029 <https://github.com/QubesOS/qubes-issues/issues/9029>`__).
- pacman hook to notify dom0 about successful manual Archlinux upgrades
(`#9233 <https://github.com/QubesOS/qubes-issues/issues/8307>`__),
- Improved R4.2 -> R4.3 upgrade tool
(`#9317 <https://github.com/QubesOS/qubes-issues/issues/9317>`__),
- Using `lvmdevices` feature instead of device filter
(`#9421 <https://github.com/QubesOS/qubes-issues/issues/9421>`__).
New/Improved experimental features
----------------------------------
- Support for Ansible
(`#10004 <https://github.com/QubesOS/qubes-issues/issues/10004>`__).
- Support for `Qubes
Air <https://www.qubes-os.org/news/2018/01/22/qubes-air/>`__
(`#9015 <https://github.com/QubesOS/qubes-issues/issues/9015>`__).
- qrexec protocol extension to support sending source information to
destination
(`#9475 <https://github.com/QubesOS/qubes-issues/issues/9475>`__).
- Better support for GUIVM.
- GUI/Admin domain splitting
(`#833 <https://github.com/QubesOS/qubes-issues/issues/833>`__).
- Automatically removing nomodeset boot option when GPU is attached
(`#9792 <https://github.com/QubesOS/qubes-issues/issues/9792>`__).
- Initial basic steps to support Wayland session only in GUIVM (but not GUI
daemon/agent intra-communication)
(`#8515 <https://github.com/QubesOS/qubes-issues/issues/8515>`__ &
`#8410 <https://github.com/QubesOS/qubes-issues/issues/8410>`__).
Other
-----
- Allowing user to add free-form text to qubes (for descriptions, notes,
comments, remarks, reminders, etc.)
(`#899 <https://github.com/QubesOS/qubes-issues/issues/899>`__).
|Screenshot of Qube Settings Notes|
- Automatically clean up `QubesIncoming` directory if empty
(`#8307 <https://github.com/QubesOS/qubes-issues/issues/8307>`__).
- ``vm-config.*`` features to pass external configuration to inside the qube
(`#9837 <https://github.com/QubesOS/qubes-issues/issues/9837>`__).
- Admin API for reading/writing denied device-interface list
(`#9674 <https://github.com/QubesOS/qubes-issues/issues/9674>`__).
- New Devices API for salt
(`#9753 <https://github.com/QubesOS/qubes-issues/issues/9753>`__).
- IPv6 DNS support for full IPv4-less environments
(`#10038 <https://github.com/QubesOS/qubes-issues/issues/10038>`__).
Dropped or replaced features
----------------------------
- Default screen locker is changed from ``XScreenSaver`` to
``xfce4-screensaver``
- ``Create Qubes VM`` is retired in favor of the improved ``Create New Qube``
(`#6561 <https://github.com/QubesOS/qubes-issues/issues/6561>`__).
- Windows 7 support is dropped from QWT.
For a full list, including more detailed descriptions, please see
`here <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue%20label%3Atargets-4.3>`__.
Known issues
============
- Templates restored in 4.3 from a pre-4.3 backup continue to target
their original Qubes OS release repos. If you are using fresh
templates on a clean 4.3 installation, or if you performed an
:ref:`in-place upgrade from 4.2 to 4.3 <user/downloading-installing-upgrading/upgrade/4_3:in-place upgrade>`,
then this does not affect you. (For more information, see issue
`#8701 <https://github.com/QubesOS/qubes-issues/issues/8701>`__.)
Also see the `full list of open bug reports affecting Qubes
4.3 <https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+label%3Aaffects-4.3+label%3A%22T%3A+bug%22+is%3Aopen>`__.
We strongly recommend :doc:`updating Qubes OS </user/how-to-guides/how-to-update>`
immediately after installation in order to apply all available bug fixes.
Notes
=====
- Additional notes for future release candidates will be added here
Download
========
All Qubes ISOs and associated :doc:`verification files </project-security/verifying-signatures>`
are available on the `downloads <https://www.qubes-os.org/downloads/>`__ page.
Installation instructions
=========================
See the :doc:`installation guide </user/downloading-installing-upgrading/installation-guide>`.
Upgrading
=========
Please see :doc:`how to upgrade to Qubes 4.3 </user/downloading-installing-upgrading/upgrade/4_3>`.
.. |Screenshot of QWT, Welcome page| image:: /attachment/doc/4-3_qwt-hi.png
:alt: Windows 11 welcome page after installation in an HVM
.. |Screenshot of QWT, Windows 11| image:: /attachment/doc/4-3_qwt-win11.png
:alt: Windows 11 within an HVM qube showing file explorer
.. |Screenshot of Device UX assignments| image:: /attachment/doc/4-3_device-ux-assignments.png
:alt: Device Assignments page in Global Config
.. |Screenshot of Device UX deny attachment| image:: /attachment/doc/4-3_device-ux-deny-attachment.png
:alt: Deny device attachment config in Global Config
.. |Screenshot of Device UX edit assignment| image:: /attachment/doc/4-3_device-ux-edit-assignment.png
:alt: Editing device assignment for a network interface in Global Config
.. |Screenshot of Device UX required devices| image:: /attachment/doc/4-3_device-ux-required-device.png
:alt: Editing a required device in Global Config
.. |Screenshot of Device UX Qubes Devices widget| image:: /attachment/doc/4-3_qui-devices.png
:alt: Redesigned Qubes Devices widget
.. |Screenshot of Qube Manager| image:: /attachment/doc/4-3_manager.png
:alt: Qube Manager with improved flat icons
.. |Screenshot of Qube Settings Applications| image:: /attachment/doc/4-3_vmsettings-applications.png
:alt: Qube settings showing icons of Apps
.. |Screenshot of Qube Settings Notes| image:: /attachment/doc/4-3_notes.png
:alt: Qube settings showing qube notes

20
developer/releases/4_3/schedule.rst Normal file
View file

@ -0,0 +1,20 @@
===========================
Qubes R4.3 release schedule
===========================
**Please note:** *This page is still an unfinished draft in progress. It is being updated as Qubes 4.3 development and testing continues.*
The table below is based on our :ref:`release schedule policy <developer/releases/version-scheme:release schedule>`.
.. list-table::
:widths: 10 10
:align: center
:header-rows: 1
* - Date
- Stage
* - TBD
- 4.3.0-rc1 release

2
developer/releases/notes.rst
View file

@ -22,4 +22,6 @@ Release notes
Qubes R4.2 release notes </developer/releases/4_2/release-notes>
Qubes R4.3 release notes </developer/releases/4_3/release-notes>

2
developer/releases/schedules.rst
View file

@ -18,4 +18,6 @@ Release schedules
Qubes R4.2 release schedule </developer/releases/4_2/schedule>
Qubes R4.3 release schedule </developer/releases/4_3/schedule>

54
developer/services/admin-api.rst
View file

@ -91,9 +91,11 @@ it easy to set the policy using current mechanism.
* - ``admin.vm.CreateInPool.<class>``
- ``dom0``
- template
- ``name=<name> label=<label>``, ``pool=<pool> pool:<volume>=<pool>``
- | ``name=<name> label=<label>``
| ``pool=<pool> pool:<volume>=<pool>``
- `-`
- either use ``pool=`` to put all volumes there, or ``pool:<volume>=`` for individual volumes - both forms are not allowed at the same time
- | either use ``pool=`` to put all volumes there,
| or ``pool:<volume>=`` for individual volumes - both forms are not allowed at the same time
* - ``admin.vm.CreateDisposable``
- template
- `-`
@ -146,17 +148,18 @@ it easy to set the policy using current mechanism.
- ``dom0``
- property
- `-`
- ``default={True|False}`` ``type={str|int|bool|vm|label|list} <value>``
- | ``default={True|False}``
| ``type={str|int|bool|vm|label|list} <value>``
- Type ``list`` is added in R4.1. Values are of type ``str`` and each entry is suffixed with newline character.
* - ``admin.property.GetAll``
- ``dom0``
- `-`
- `-`
- ``<property-name> <full-value-as-in-property.Get>``
- ``<property-name> <full-value-as-in-property.Get>\n``
- Get all the properties in one call. Each property is returned on a separate line and use the same value encoding as property.Get method, with an exception that newlines are encoded as literal ``\n`` and literal ``\`` are encoded as ``\\``.
* - ``admin.property.GetDefault``
- ``dom0``
- propety
- property
- `-`
- ``type={str|int|bool|vm|label|list} <value>``
- Type ``list`` is added in R4.1. Values are of type ``str`` and each entry is suffixed with newline character.
@ -194,7 +197,8 @@ it easy to set the policy using current mechanism.
- vm
- property
- `-`
- ``default={True|False}`` ``type={str|int|bool|vm|label|list} <value>``
- | ``default={True|False}``
| ``type={str|int|bool|vm|label|list} <value>``
- Type ``list`` is added in R4.1. Each list entry is suffixed with a newline character.
* - ``admin.vm.property.GetAll``
- vm
@ -321,7 +325,7 @@ it easy to set the policy using current mechanism.
- `-`
- `-`
- ``<rule>\n``
- rules syntax as in :doc:`firewall interface </developer/debugging/vm-interface>` (Firewall Rules in 4x) with addition of ``expire=`` and ``comment=`` options; ``comment=`` (if present) must be the last option
- rules syntax as in :ref:`firewall interface <developer/debugging/vm-interface:firewall rules in 4.x>` with addition of ``expire=`` and ``comment=`` options; ``comment=`` (if present) must be the last option
* - ``admin.vm.firewall.Set``
- vm
- `-`
@ -339,13 +343,9 @@ it easy to set the policy using current mechanism.
- device
- assignment-serialization
- `-`
- ``device`` is in form ``<backend-name>+<device-ident>`` optional options given in ``key=value`` format, separated with spaces; options can include ``persistent=True`` to "persistently" attach the device (default is temporary)
* - ``admin.vm.device.<class>.Detach``
- vm
- device
- `-`
- `-`
- ``device`` is in form ``<backend-name>+<device-ident>``
- | ``device`` is in form ``<backend-name>+<device-ident>``
| optional options given in ``key=value`` format, separated with spaces;
| options can include ``persistent=True`` to "persistently" attach the device (default is temporary)
* - ``admin.vm.device.<class>.Detach``
- vm
- device
@ -355,9 +355,10 @@ it easy to set the policy using current mechanism.
* - ``admin.vm.device.<class>.Assign``
- vm
- device
- assignement-serialization
- assignment-serialization
- `-`
- ``device`` is in form ``<backend-name>+<device-ident>`` ``assignment-serialization`` is specified in the section Device Serialization.
- | ``device`` is in form ``<backend-name>+<device-ident>``
| ``assignment-serialization`` is specified in the section Device Serialization.
* - ``admin.vm.device.<class>.Unassign``
- vm
- device
@ -371,7 +372,7 @@ it easy to set the policy using current mechanism.
- `-`
- ``device`` is in form ``<backend-name>+<device-ident>``
* - ``admin.vm.deviceclass.List``
- `dom0`
- ``dom0``
- `-`
- `-`
- ``<deviceclass>\n``
@ -381,19 +382,22 @@ it easy to set the policy using current mechanism.
- device-ident
- `-`
- ``<device-ident> <device-serialization>\n``
- optional service argument may be used to get info about a single device, ``device-serialization`` is specified in the section Device Serialization.
- | optional service argument may be used to get info about a single device,
| ``device-serialization`` is specified in the section Device Serialization.
* - ``admin.vm.device.<class>.Assigned``
- vm
- device-ident
- `-`
- ``<device-ident> <assignment-serialization>\n``
- optional service argument may be used to get info about a single device, ``assignement-serialization`` is specified in the section Device Serialization.
- | optional service argument may be used to get info about a single device,
| ``assignment-serialization`` is specified in the section Device Serialization.
* - ``admin.vm.device.<class>.Attached``
- vm
- device-ident
- `-`
- ``<device-ident> <assignment-serialization>\n``
- optional service argument may be used to get info about a single device, ``assignment-serialization`` is specified in the section Device Serialization.
- | optional service argument may be used to get info about a single device,
| ``assignment-serialization`` is specified in the section Device Serialization.
* - ``admin.pool.List``
- ``dom0``
- `-`
@ -410,7 +414,7 @@ it easy to set the policy using current mechanism.
- ``dom0``
- pool
- `-`
- ``<property>=<value>``
- ``<property>=<value>\n``
-
* - ``admin.pool.Add``
- ``dom0``
@ -483,7 +487,8 @@ it easy to set the policy using current mechanism.
- pool
- vid
- token, to be used in ``admin.pool.volume.CloneTo``
- obtain a token to copy volume ``vid`` in ``pool``; the token is one time use only, it's invalidated by ``admin.pool.volume.CloneTo``, even if the operation fails
- | obtain a token to copy volume ``vid`` in ``pool``;
| the token is one time use only, it's invalidated by ``admin.pool.volume.CloneTo``, even if the operation fails
* - ``admin.pool.volume.CloneTo``
- ``dom0``
- pool
@ -555,7 +560,8 @@ it easy to set the policy using current mechanism.
- volume
- `-`
- token, to be used in ``admin.vm.volume.CloneTo``
- obtain a token to copy ``volume`` of ``vm``; the token is one time use only, it's invalidated by ``admin.vm.volume.CloneTo``, even if the operation fails
- | obtain a token to copy ``volume`` of ``vm``;
| the token is one time use only, it's invalidated by ``admin.vm.volume.CloneTo``, even if the operation fails
* - ``admin.vm.volume.CloneTo``
- vm
- volume
@ -566,7 +572,7 @@ it easy to set the policy using current mechanism.
- vm
- `-`
- `-`
- ``<state-property>=<value>``
- ``<state-property>=<value>\n``
- state properties: ``power_state``, ``mem``, ``mem_static_max``, ``cputime``
* - ``admin.vm.Start``
- vm

4
developer/services/qfileexchgd.rst
View file

@ -33,7 +33,7 @@ Copying files between AppVMs
----------------------------
1. AppVM1 user runs *qvm-copy-to-vm* script (accessible from Dolphin file manager by right click on a “file(s)->Actions->Send to VM” menu). It calls */usr/lib/qubes/qubes_penctl new*, and it writes “new” request to its ``device/qpen`` xenstore key. *qfilexchgd* creates a new 1G file, makes vfat fs on it, and does block-attach so that this file is attached as ``/dev/xvdg`` in AppVM1.
1. AppVM1 user runs *qvm-copy-to-vm* script (accessible from Dolphin file manager by right click on a file(s): :menuselection:`Actions->Send to VM`). It calls */usr/lib/qubes/qubes_penctl new*, and it writes “new” request to its ``device/qpen`` xenstore key. *qfilexchgd* creates a new 1G file, makes vfat fs on it, and does block-attach so that this file is attached as ``/dev/xvdg`` in AppVM1.
2. AppVM1 mounts ``/dev/xvdg`` on ``/mnt/outgoing`` and copies requested files there, then unmounts it.
@ -49,7 +49,7 @@ Copying a single file between AppVM and a DisposableVM
In order to minimize attack surface presented by necessity to process virtual pendrive metadata sent by (potentially compromised and malicious) DisposableVM, AppVM<->DisposableVM file exchange protocol does not use any filesystem.
1. User in AppVM1 runs *qvm-open-in-dvm* (accessible from Dolphin file manager by right click on a “file->Actions->Open in DisposableVM” menu). *qvm-open-in-dvm*
1. User in AppVM1 runs *qvm-open-in-dvm* (accessible from Dolphin file manager by right click on a file: :menuselection:`Actions->Open in DisposableVM` menu). *qvm-open-in-dvm*
1. gets a new ``/dev/xvdg`` (just as described in previous paragraph)

10
developer/services/qrexec-internals.rst
View file

@ -144,7 +144,7 @@ dom0: request execution of ``cmd`` in domX
.. code:: console
qrexec-client -d domX [-l local_program] user:cmd
$ qrexec-client -d domX [-l local_program] user:cmd
@ -191,7 +191,7 @@ domX: request execution of service ``admin.Service`` in dom0
.. code:: console
qrexec-client-vm dom0 admin.Service [local_program] [params]
$ qrexec-client-vm dom0 admin.Service [local_program] [params]
@ -217,7 +217,7 @@ domX: request execution of service ``admin.Service`` in dom0
.. code:: console
qrexec-client -d dom0 -c domX,X,SOCKET11 "QUBESRPC admin.Service domX name dom0"
$ qrexec-client -d dom0 -c domX,X,SOCKET11 "QUBESRPC admin.Service domX name dom0"
@ -260,7 +260,7 @@ domX: invoke execution of qubes service ``qubes.Service`` in domY
.. code:: console
qrexec-client-vm domY qubes.Service [local_program] [params]
$ qrexec-client-vm domY qubes.Service [local_program] [params]
@ -278,7 +278,7 @@ domX: invoke execution of qubes service ``qubes.Service`` in domY
.. code:: console
qrexec-client -d domY -c domX,X,SOCKET11 user:cmd "DEFAULT:QUBESRPC qubes.Service domX"
$ qrexec-client -d domY -c domX,X,SOCKET11 user:cmd "DEFAULT:QUBESRPC qubes.Service domX"

14
developer/services/qrexec-socket-services.rst
View file

@ -122,8 +122,8 @@ Start the socket using ``systemctl --user start``. Enable it using ``systemctl -
.. code:: console
systemctl --user start qubes-qrexec-policy-agent.socket
systemctl --user enable qubes-qrexec-policy-agent.socket
$ systemctl --user start qubes-qrexec-policy-agent.socket
$ systemctl --user enable qubes-qrexec-policy-agent.socket
@ -131,7 +131,7 @@ Alternatively, you can enable the service by creating a symlink:
.. code:: console
sudo ln -s /lib/systemd/user/qubes-qrexec-policy-agent.socket /lib/systemd/user/sockets.target.wants/
$ sudo ln -s /lib/systemd/user/qubes-qrexec-policy-agent.socket /lib/systemd/user/sockets.target.wants/
@ -143,7 +143,7 @@ Link in qubes-rpc
.. code:: console
sudo ln -s /var/run/qubes/policy-agent.sock /etc/qubes-rpc/policy.Ask
$ sudo ln -s /var/run/qubes/policy-agent.sock /etc/qubes-rpc/policy.Ask
@ -157,7 +157,7 @@ Install the Python systemd library:
.. code:: console
sudo dnf install python3-systemd
$ sudo dnf install python3-systemd
@ -240,7 +240,7 @@ The service is invoked in the same way as a standard Qubes RPC service:
.. code:: console
echo <input_data> | qrexec-client -d domX 'DEFAULT:QUBESRPC policy.Ask'
$ echo <input_data> | qrexec-client -d domX 'DEFAULT:QUBESRPC policy.Ask'
@ -248,7 +248,7 @@ You can also connect to it locally, but remember to include the service descript
.. code:: console
echo -e 'policy.Ask dom0\0<input data>' | nc -U /etc/qubes-rpc/policy.Ask
$ echo -e 'policy.Ask dom0\0<input data>' | nc -U /etc/qubes-rpc/policy.Ask

7
developer/services/qrexec.rst
View file

@ -111,7 +111,10 @@ Answering an RPC call
^^^^^^^^^^^^^^^^^^^^^
In other for a RPC call to be answered in the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself in which case it must have executable permission set (``chmod +x``): - ``/etc/qubes-rpc/RPC_ACTION_NAME`` when you make it in the template qube; - ``/usr/local/etc/qubes-rpc/RPC_ACTION_NAME`` for making it only in an app qube.
In other for a RPC call to be answered in the target VM, a file in either of the following locations must exist, containing the file name of the program that will be invoked, or being that program itself in which case it must have executable permission set (``chmod +x``):
- ``/etc/qubes-rpc/RPC_ACTION_NAME`` when you make it in the template qube;
- ``/usr/local/etc/qubes-rpc/RPC_ACTION_NAME`` for making it only in an app qube.
The source VM name can then be accessed in the server process via ``QREXEC_REMOTE_DOMAIN`` environment variable. (Note the source VM has *no* control over the name provided in this variablethe name of the VM is provided by dom0, and so is trusted.)
@ -245,7 +248,7 @@ Well need to create a service called ``test.Add`` with its own definition and
.. code:: console
ln -s /usr/bin/our_test_add_server /etc/qubes-rpc/test.Add
$ ln -s /usr/bin/our_test_add_server /etc/qubes-rpc/test.Add

6
developer/services/qrexec2.rst
View file

@ -90,7 +90,7 @@ In a src VM, one should invoke the qrexec client via the following command:
.. code:: console
/usr/lib/qubes/qrexec-client-vm <target vm name> <service name> <local program path> [local program arguments]
$ /usr/lib/qubes/qrexec-client-vm <target vm name> <service name> <local program path> [local program arguments]
@ -114,7 +114,7 @@ In order to remove such authorization, issue this command from a Dom0 terminal (
.. code:: console
sudo nano /etc/qubes-rpc/policy/qubes.Filecopy
$ sudo nano /etc/qubes-rpc/policy/qubes.Filecopy
and then remove any line(s) ending in “allow” (before the first ``##`` comment) which are the “Yes to All” results.
@ -164,7 +164,7 @@ We will show the necessary files to create a simple RPC call that adds two integ
.. code:: console
/usr/lib/qubes/qrexec-client-vm <target VM> test.Add /usr/bin/our_test_add_client 1 2
$ /usr/lib/qubes/qrexec-client-vm <target VM> test.Add /usr/bin/our_test_add_client 1 2

2
developer/system/architecture.rst
View file

@ -7,7 +7,7 @@ Qubes implements a security-by-compartmentalization approach. To do this, Qubes
|qubes-schema-v2.png|
Qubes lets the user define many secure compartments known as :ref:`qubes <user/reference/glossary:qube>`, which are implemented as lightweight :ref:`virtual machines (VMs) <user/reference/glossary:vm>`. For example, the user can have “personal,” “work,” “shopping,” “bank,” and “random” app qubes and can use the applications within those qubes just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between qubes, of course.
Qubes lets the user define many secure compartments known as :term:`qubes <qube>`, which are implemented as lightweight :term:`virtual machines (VMs) <vm>`. For example, the user can have “personal,” “work,” “shopping,” “bank,” and “random” app qubes and can use the applications within those qubes just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between qubes, of course.
Key architecture features
-------------------------

1607
developer/system/gui.rst
View file

File diff suppressed because it is too large Load diff

4
developer/system/networking.rst
View file

@ -121,7 +121,7 @@ Starting with Qubes 4.0, there is opt-in support for IPv6 forwarding. Similar to
.. code:: console
qvm-features sys-net ipv6 1
$ qvm-features sys-net ipv6 1
@ -129,7 +129,7 @@ It is also possible to explicitly disable IPv6 support for some qubes, even if i
.. code:: console
qvm-features ipv4-only-qube ipv6 ''
$ qvm-features ipv4-only-qube ipv6 ''

2
developer/system/vm-sudo.rst
View file

@ -1,3 +1,5 @@
:orphan:
=================================
Passwordless root access in qubes
=================================