-
-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create qubes-upgrade-vm
package for Debian templates
#1639
Comments
I haven't seen packages automatically removed from Debian ever. As soon as no other package depends on that package anymore and if the package is not marked as manually installed, it will be removed during the next manual run of The closest thing coming to my mind is Ubuntu has do-release-upgrade, but Debian has to my knowledge no such tool. (What is Debian's equivalent of do-release-upgrade?)
|
Ok, it may be also a tool like
What do you think? |
Yes. A tool. Good idea. I am just worried such a tool would easily
I wouldn't make this a separate package. And not automated installing Not sure about the name. qubes-template-upgrade is not bad. But we are /cc @bnvk |
Why is it necessary to remove the package once it's been installed? A simple method could be: Then qubes-core-agent-3.2 has Conflicts: qubes-upgrade-vm<3.2, or perhaps Pre-Depends:qubes-upgrade-vm=3.2. Instead of a new tool, this would fit more naturally with Debian procedures. On the other hand, there's undoubtedly a good reason why there isn't such a package already: it's pretty difficult to get it right. |
To not have duplicated repository definitions. |
I wasn't clear. My proposal is to move the qubes repo stuff out of qubes-core-agent in to a separate package, installing keys and repo definitions. There's no question of duplicated definitions because each package ships it's own, and the usual Debian versioning controls will apply, and can enforce relevant progression. If you think that pushing out a new version on an update might be problematic, just make varieties available from the upgrade web-page. User downloads relevant deb, installs and update/upgrade. |
Ah, I see.
This can be risky. Qubes update consists of both dom0 and VMs update, at the same time. So, if VM update is proposed automatically (even with a separate confirmation), surely someone will do it, without updating dom0, which will most likely lead some some problems - in extreme case unbootable system.
Not a problem, as qubes-core-agent-3.2 will not be available without 3.2 repository definition (it isn't present in 3.1 repo). Can you clarify how exactly user would trigger template upgrade? |
The ability of users to confound expectations should not be underestimated. It would, of course, be possible to download directly from the repositories.
If not available via a repository, to avoid the issue you identify, the qubes-upgrade-vm packages are perhaps linked on a web page identifying flavours.
|
On Tue, Jun 07, 2016 at 04:26:57PM -0700, unman wrote:
This means user would need to manually verify package signature (which Best Regards, |
Marek Marczykowski-Górecki:
If the package is added to the repository the user is currently using, I [ Just saying. I however have no opinion on your recent discussion above. ] |
@marmarek The only problem with this is that because of the conflict, the flow has to be:
I doubt anyone is going to do this in error. |
@marmarek Do you want to see that approach implemented, or do you prefer update tool? |
Using |
Seemingly related. Would be possibly resolved by #8605. |
Qubes version upgrade requires upgrading all the templates, which require switching package repository (for example R3.0->R3.1). For Fedora we have a package
qubes-upgrade-vm
, which ships new repository definitions including signing key (package in R2 ships R3.0 repositories, package in R3.0 - R3.1 repositories). This way template upgrade require installing this package, then perform standard template update. At the end of this process,qubes-upgrade-vm
will be automatically removed.In Fedora that automatic package removal at the end of upgrade is done using
Obsoletes:
rpm dependency, from core-agent package. For examplequbes-upgrade-vm
(with contains repositories of R3.1) has version3.0
qubes-core-vm
(qubes-core-agent
in Debian) containsObsoletes: qubes-upgrade-vm < 3.1
This way,
qubes-upgrade-vm-3.0
will be automatically removed, but later, when upgrading R3.1 to the next major release it would be possible to installqubes-upgrade-vm-3.1
(which is uploaded to the repository at the time of first release candidate).It would be nice to have the same for Debian template, to ease and unify its upgrade.
Does Debian packages allows something equivalent to this
Obsoletes:
mechanism, to automatically remove the package, but allow later installing newer its version? @adrelanosThe text was updated successfully, but these errors were encountered: