/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IPv6 routing between AppVMs #718

Closed
marmarek opened this Issue Mar 8, 2015 · 20 comments

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 4.0
2 participants
@marmarek @qubesos-bot
@marmarek
Member

marmarek commented Mar 8, 2015

Reported by joanna on 24 Feb 2013 15:33 UTC
None

Migrated-From: https://wiki.qubes-os.org/ticket/718
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by joanna on 1 Aug 2013 11:52 UTC
Member

marmarek commented Mar 8, 2015

Modified by joanna on 1 Aug 2013 11:52 UTC

@marmarek marmarek added this to the Release 2 Beta 3 milestone Mar 8, 2015

@marmarek marmarek added enhancement C: core P: major labels Mar 8, 2015

@marmarek marmarek modified the milestones: Release 3, Release 2 Beta 3 Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by marmarek on 9 Oct 2014 02:07 UTC
It looks like starting with 3.13 Linux kernel supports NAT for IPv6, so (theoretically) we can use the same scheme as for IPv4.
Member

marmarek commented Mar 8, 2015

Comment by marmarek on 9 Oct 2014 02:07 UTC
It looks like starting with 3.13 Linux kernel supports NAT for IPv6, so (theoretically) we can use the same scheme as for IPv4.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by joanna on 9 Oct 2014 21:32 UTC
I might not be up to date with all this networking stuff, but I thought the point of ipv6 was to actually not use NATing...?
Member

marmarek commented Mar 8, 2015

Comment by joanna on 9 Oct 2014 21:32 UTC
I might not be up to date with all this networking stuff, but I thought the point of ipv6 was to actually not use NATing...?
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by marmarek on 9 Oct 2014 21:53 UTC
Generally yes (and I'm surprised that NAT support comes to ip6tables), but for our network scheme it is beneficial to use NAT, instead of routing. For example inter-VM connections can be configured independent of external IP address.
Member

marmarek commented Mar 8, 2015

Comment by marmarek on 9 Oct 2014 21:53 UTC
Generally yes (and I'm surprised that NAT support comes to ip6tables), but for our network scheme it is beneficial to use NAT, instead of routing. For example inter-VM connections can be configured independent of external IP address.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by marmarek on 20 Jan 2015 03:43 UTC
I've done some testing and it looks straightforward to support IPv6 in our VMs (using NAT). All required changes are in core-agent-linux repo, in scripts which are almost the same in R2 and R3. Additionally it is easy to make it opt-in feature (using qvm-service framework). So I propose to move this task to R2.

The only potentially problematic thing is qubes-firewall (per-VM firewall rules). Currently user can set rules based on IP(v4) or name. In case of an IPv4 rule, obviously it is not applicable to IPv6 firewall. In case of a name, it can be - if that name resolves to IPv6 address. But if not - ip6tables will fail loading such rule.
The simplest solution would be to modify qubes-firewall script (which loads that rules in firewallvm) to filter-out rules not applicable to IPv6. In most common use of non-empty firewall (default policy DROP) this shouldn't harm - at worst some traffic will be filtered (so application would fall back to IPv4).

In the future we might introduce more advanced firewall configuration, with option to set IPv4 and IPv6 rules explicitly.
Member

marmarek commented Mar 8, 2015

Comment by marmarek on 20 Jan 2015 03:43 UTC
I've done some testing and it looks straightforward to support IPv6 in our VMs (using NAT). All required changes are in core-agent-linux repo, in scripts which are almost the same in R2 and R3. Additionally it is easy to make it opt-in feature (using qvm-service framework). So I propose to move this task to R2.

The only potentially problematic thing is qubes-firewall (per-VM firewall rules). Currently user can set rules based on IP(v4) or name. In case of an IPv4 rule, obviously it is not applicable to IPv6 firewall. In case of a name, it can be - if that name resolves to IPv6 address. But if not - ip6tables will fail loading such rule.
The simplest solution would be to modify qubes-firewall script (which loads that rules in firewallvm) to filter-out rules not applicable to IPv6. In most common use of non-empty firewall (default policy DROP) this shouldn't harm - at worst some traffic will be filtered (so application would fall back to IPv4).

In the future we might introduce more advanced firewall configuration, with option to set IPv4 and IPv6 rules explicitly.

@marmarek marmarek modified the milestones: Release 3.1, Release 3.0 May 13, 2015

@marmarek marmarek modified the milestones: Release 3.2, Release 3.1 Feb 8, 2016

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Feb 8, 2016

Member

@woju I think we forgot about this one when implementing "NetVM" in Qubes 4.0...
Member

marmarek commented Feb 8, 2016

@woju I think we forgot about this one when implementing "NetVM" in Qubes 4.0...

@marmarek marmarek modified the milestones: Release 4.0, Release 3.2 Feb 8, 2016

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Aug 12, 2016

I'm a little bit disappointed now. I was looking forward to setup and use Qubes OS. Finally with a new machine I did this today using Qubes OS 3.2 rc 2.

I struggled a bit with networking (so my hope is I'm doing something wrong) but finally I got it working. But I did not get an IPv6 assigned (This works properly in my network).

So to be clear: This really means as of today there is no IPv6 in Quebes and for the future you are looking to NAT it ?

I would be happy to "turn" off all firewall features of Qubes OS since I got this covered by an rather extensive network setup. Is this an option ?

ghost commented Aug 12, 2016

I'm a little bit disappointed now. I was looking forward to setup and use Qubes OS. Finally with a new machine I did this today using Qubes OS 3.2 rc 2.

I struggled a bit with networking (so my hope is I'm doing something wrong) but finally I got it working. But I did not get an IPv6 assigned (This works properly in my network).

So to be clear: This really means as of today there is no IPv6 in Quebes and for the future you are looking to NAT it ?

I would be happy to "turn" off all firewall features of Qubes OS since I got this covered by an rather extensive network setup. Is this an option ?
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Aug 13, 2016

Member

On Fri, Aug 12, 2016 at 03:30:41PM -0700, iggs0 wrote:

So to be clear: This really means as of today there is no IPv6 in Quebes and for the future you are looking to NAT it ?

Yes.

I would be happy to "turn" off all firewall features of Qubes OS since I got this covered by an rather extensive network setup. Is this an option ?

It depends what you call "all firewall features". You don't need to use
outbound traffic limiting ("Firewall" tab in VM settings). You can even
disable "qubes-firewall" service in Proxy VMs (which will really do
nothing anyway if you don't fill "Firewall" tab in VM settings).

But you can't disable NAT. This is rather unavoidable(*) with tree-like
structure of network connections between VMs (sys-net -> sys-firewall ->
AppVMs, possibly sys-whonix in between).

(*) without modifying every routing table in your LAN.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
Member

marmarek commented Aug 13, 2016

On Fri, Aug 12, 2016 at 03:30:41PM -0700, iggs0 wrote:

So to be clear: This really means as of today there is no IPv6 in Quebes and for the future you are looking to NAT it ?

Yes.

I would be happy to "turn" off all firewall features of Qubes OS since I got this covered by an rather extensive network setup. Is this an option ?

It depends what you call "all firewall features". You don't need to use
outbound traffic limiting ("Firewall" tab in VM settings). You can even
disable "qubes-firewall" service in Proxy VMs (which will really do
nothing anyway if you don't fill "Firewall" tab in VM settings).

But you can't disable NAT. This is rather unavoidable(*) with tree-like
structure of network connections between VMs (sys-net -> sys-firewall ->
AppVMs, possibly sys-whonix in between).

(*) without modifying every routing table in your LAN.

Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

marmarek added a commit to marmarek/old-qubes-core-agent-linux that referenced this issue Sep 12, 2016

@marmarek
network: rewrite qubes-firewall daemon 
This rewrite is mainly to adopt new interface for Qubes 4.x.
Main changes:
 - change language from bash to python, introduce qubesagent python package
 - support both nftables (preferred) and iptables
 - new interface (https://qubes-os.org/doc/vm-interface/)
 - IPv6 support
 - unit tests included
 - nftables version support running along with other firewall loaded

Fixes QubesOS/qubes-issues#1815
QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
ee0a292
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jan 12, 2017

Member

Script mentioned above: marmarek/qubes-core-agent-linux@789eb51
Member

marmarek commented Jan 12, 2017

Script mentioned above: marmarek/qubes-core-agent-linux@789eb51

@marmarek marmarek referenced this issue Jan 12, 2017

Closed

IPv6 routing between appvm and an IPv6-capable proxyvm #2570

@mfc mfc referenced this issue Jan 31, 2017

Closed

create GSOC 2017 Ideas List #2607

2 of 2 tasks complete

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Jun 9, 2017

Closed

core-agent-linux v4.0.0 (r4.0) #68

@marmarek marmarek referenced this issue Oct 20, 2017

Closed

IPv6 support in Qubes #3199

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 1, 2017

@marmarek
Add IPv6 related VM properties 
Add property for IPv6 address ('ip6'). Build default value similarly to
IPv4 - common prefix + QID or Disp ID (for DispVMs).
This all is disabled unless 'ipv6' feature is enabled. It is inherited
from netvm (not template).
Even when enabled, VM may decide to not use it - or simply not support
it.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
c67bef4

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 5, 2017

@marmarek
Add IPv6 related VM properties 
Add property for IPv6 address ('ip6'). Build default value similarly to
IPv4 - common prefix + QID or Disp ID (for DispVMs).
This all is disabled unless 'ipv6' feature is enabled. It is inherited
from netvm (not template).
Even when enabled, VM may decide to not use it - or simply not support
it.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
b88ca68

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 5, 2017

@marmarek
tests: add IPv6-related unit tests 
Check produced libvirt XML, and QubesDB entries

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
d2e01c5

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 5, 2017

@marmarek
tests: add integration tests for IPv6 
Run also all IPv4 tests with IPv6 enabled to check for regressions
(broken IPv4 because of enabled IPv6).

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
7e143da

@marmarek marmarek referenced this issue in QubesOS/qubes-core-admin Dec 5, 2017

Merged

Dom0 part of IPv6 support, network related changes #172

marmarek added a commit to marmarek/qubes-core-agent-linux that referenced this issue Dec 5, 2017

@marmarek
network: configure IPv6 when enabled 
If dom0 expose IPv6 address settings, configure it on the interface.
Both backend and frontend side. If no IPv6 configuration is provided,
block IPv6 as it was before.

Fixes QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
c2a4300

marmarek added a commit to marmarek/qubes-core-agent-linux that referenced this issue Dec 5, 2017

@marmarek
network: IPv6-enabled firewall 
If IPv6 is configured in the VM, and it is providing network to others,
apply IPv6 firewall similar to the IPv4 one (including NAT for outgoing
traffix), instead of blocking everything. Also, enable IP forwarding for
IPv6 in such a case.

Fixes QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
d9572a1

marmarek added a commit to marmarek/qubes-core-agent-linux that referenced this issue Dec 5, 2017

@marmarek
network: drop unsolicited IPv6 neighbor advertisements by default 
It could be used to poison neighbor table...

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
5808853

marmarek added a commit to marmarek/qubes-core-agent-linux that referenced this issue Dec 5, 2017

@marmarek
Fix IPv6 support in qubes-firewall 
Chain name in IPv6 cannot be longer than 29 chars, so strip IPv6 prefix
from it.
ICMP on IPv6 is a different protocol than on IPv4 - handle iptables rule
accordingly.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
6780860

marmarek added a commit to marmarek/qubes-core-agent-linux that referenced this issue Dec 5, 2017

@marmarek
Fix IPv6 support in qubes-firewall 
Chain name in IPv6 cannot be longer than 29 chars, so strip IPv6 prefix
from it.
ICMP on IPv6 is a different protocol than on IPv4 - handle iptables rule
accordingly.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
2027835

@marmarek marmarek referenced this issue in QubesOS/qubes-core-agent-linux Dec 5, 2017

Merged

VM side of IPv6 support #75

marmarek added a commit to marmarek/qubes-core-libvirt that referenced this issue Dec 5, 2017

@marmarek
Add support for multiple IP addresses 
QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
91ca0eb

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 6, 2017

@marmarek
Add IPv6 related VM properties 
Add property for IPv6 address ('ip6'). Build default value similarly to
IPv4 - common prefix + QID or Disp ID (for DispVMs).
This all is disabled unless 'ipv6' feature is enabled. It is inherited
from netvm (not template).
Even when enabled, VM may decide to not use it - or simply not support
it.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
643ca7b

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 6, 2017

@marmarek
tests: add IPv6-related unit tests 
Check produced libvirt XML, and QubesDB entries

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
e8cdca4

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 7, 2017

@marmarek
tests: add IPv6-related unit tests 
Check produced libvirt XML, and QubesDB entries

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
0786edf

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 7, 2017

@marmarek
tests: add integration tests for IPv6 
Run also all IPv4 tests with IPv6 enabled to check for regressions
(broken IPv4 because of enabled IPv6).

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
f3cf58e

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 7, 2017

@marmarek
vm/mix/net: use ipaddress module for ip and ip6 properties 
It has built-in validation, which is much more elegant than custom regex
or socket call.

Suggested by @woju
QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
e12a66f

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Dec 7, 2017

@marmarek
vm/qubesvm: write QubesDB /qubes-netvm-gateway6 entry when set 
This is needed for network-providing VM to actually provide IPv6
connection too.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
faef890

@marmarek marmarek closed this in QubesOS/qubes-core-admin#172 Dec 10, 2017

marmarek added a commit to marmarek/qubes-vmm-xen-stubdom-linux that referenced this issue Dec 14, 2017

@marmarek
Get only the first IP for DHCP configuration 
There may be multiple IP addresses - specifically: one IPv4 and one
IPv6. For now just ignore IPv6 if any.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
f0d4ad7
@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package qubes-core-agent_4.0.14-1+deb8u1 has been pushed to the r4.0 testing repository for the Debian jessie template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing jessie-testing, then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package qubes-core-agent_4.0.14-1+deb8u1 has been pushed to the r4.0 testing repository for the Debian jessie template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing jessie-testing, then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-jessie-cur-test label Dec 15, 2017

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Dec 15, 2017

Closed

core-agent-linux v4.0.14 (r4.0) #326

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package qubes-core-agent_4.0.14-1+deb9u1 has been pushed to the r4.0 testing repository for the Debian stretch template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing stretch-testing, then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package qubes-core-agent_4.0.14-1+deb9u1 has been pushed to the r4.0 testing repository for the Debian stretch template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing stretch-testing, then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-stretch-cur-test label Dec 15, 2017

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.0 testing repository for the CentOS centos7 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.0 testing repository for the CentOS centos7 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-centos7-cur-test label Dec 15, 2017

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc24 has been pushed to the r4.0 testing repository for the Fedora fc24 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc24 has been pushed to the r4.0 testing repository for the Fedora fc24 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-fc24-cur-test label Dec 15, 2017

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc25 has been pushed to the r4.0 testing repository for the Fedora fc25 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc25 has been pushed to the r4.0 testing repository for the Fedora fc25 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-fc25-cur-test label Dec 15, 2017

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc26 has been pushed to the r4.0 testing repository for the Fedora fc26 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

qubesos-bot commented Dec 15, 2017

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.14-1.fc26 has been pushed to the r4.0 testing repository for the Fedora fc26 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-fc26-cur-test label Dec 15, 2017

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Dec 22, 2017

Closed

core-admin v4.0.15 (r4.0) #327

marmarek added a commit to marmarek/qubes-core-libvirt that referenced this issue Dec 23, 2017

@marmarek
Update multiple IP address patch to the upstream accepted version 
This include fix for memory leak.

QubesOS/qubes-issues#718
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
b5d2173

This was referenced Dec 23, 2017

Closed
Closed
@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 4, 2018

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.0 stable repository for the Fedora centos7 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

qubesos-bot commented Jan 4, 2018

Automated announcement from builder-github

The package core-agent-linux has been pushed to the r4.0 stable repository for the Fedora centos7 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

@qubesos-bot qubesos-bot added r4.0-centos7-stable and removed r4.0-centos7-cur-test labels Jan 4, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 4, 2018

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.15-1.fc24 has been pushed to the r4.0 stable repository for the Fedora fc24 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

qubesos-bot commented Jan 4, 2018

Automated announcement from builder-github

The package python2-dnf-plugins-qubes-hooks-4.0.15-1.fc24 has been pushed to the r4.0 stable repository for the Fedora fc24 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

@qubesos-bot qubesos-bot added r4.0-fc24-stable and removed r4.0-fc24-cur-test labels Jan 4, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 5, 2018

Automated announcement from builder-github

The package qubes-core-agent_4.0.15-1+deb8u1 has been pushed to the r4.0 stable repository for the Debian jessie template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

qubesos-bot commented Jan 5, 2018

Automated announcement from builder-github

The package qubes-core-agent_4.0.15-1+deb8u1 has been pushed to the r4.0 stable repository for the Debian jessie template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot qubesos-bot added r4.0-jessie-stable and removed r4.0-jessie-cur-test labels Jan 5, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jan 5, 2018

Automated announcement from builder-github

The package qubes-core-agent_4.0.15-1+deb9u1 has been pushed to the r4.0 stable repository for the Debian stretch template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

qubesos-bot commented Jan 5, 2018

Automated announcement from builder-github

The package qubes-core-agent_4.0.15-1+deb9u1 has been pushed to the r4.0 stable repository for the Debian stretch template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot qubesos-bot added r4.0-stretch-stable and removed r4.0-stretch-cur-test labels Jan 5, 2018

@qubesos-bot qubesos-bot added r4.0-fc25-stable and removed r4.0-fc25-cur-test labels Feb 6, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Feb 6, 2018

Automated announcement from builder-github

The component core-agent-linux (including package python2-dnf-plugins-qubes-hooks-4.0.20-1.fc26) has been pushed to the r4.0 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

qubesos-bot commented Feb 6, 2018

Automated announcement from builder-github

The component core-agent-linux (including package python2-dnf-plugins-qubes-hooks-4.0.20-1.fc26) has been pushed to the r4.0 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

@qubesos-bot qubesos-bot added r4.0-fc26-stable and removed r4.0-fc26-cur-test labels Feb 6, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment