Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install grub2-xen-pvh through RPM dependencies #986

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Install grub2-xen-pvh through RPM dependencies #986

wants to merge 1 commit into from

Conversation

legoktm
Copy link
Member

@legoktm legoktm commented Apr 15, 2024
edited

Status

Not ready for review

Description of Changes

In a normal production install, we install the
securedrop-workstation-dom0-config RPM through qubes-dom0-update, which will fetch any dependencies since it has network access.

However in a dev setup, we install the RPM we just built using plain dnf, which has no network access, and is therefore unable to download missing dependencies. We can workaround this by passing the dependency list to qubes-dom0-update prior to RPM installation. I was unable to figure out how to pass a local RPM file qubes-dom0-update in the same way you can to dnf.

Testing

  • CI passes

Deployment

Any special considerations for deployment? No, prod install behavior should already work

Checklist

  • All tests (make test) pass in dom0

@legoktm legoktm marked this pull request as draft April 15, 2024 19:19
@zenmonkeykstop
Copy link
Contributor

zenmonkeykstop commented Apr 15, 2024
edited

Do we use qubes-dom0-update for prod installs? By current docs the initial install is also via dnf.

@legoktm
Copy link
Member Author

legoktm commented Apr 15, 2024

Do we use qubes-dom0-update for prod installs? By current docs the initial install is also via dnf.

Nope, I just figured that out myself (and marked as draft accordingly). I am not sure why we do it that way, I'll spend a bit of time poking but probably will postpone this until we spend time on the install process.

@legoktm
Install grub2-xen-pvh through RPM dependencies
2c0a05e 
In a normal production install, we install the
securedrop-workstation-dom0-config RPM through `qubes-dom0-update`,
which will fetch any dependencies since it has network access.

However in a dev setup, we install the RPM we just built using plain
`dnf`, which has no network access, and is therefore unable to download
missing dependencies. We can workaround this by passing the dependency
list to `qubes-dom0-update` prior to RPM installation. I was unable to
figure out how to pass a local RPM file qubes-dom0-update in the same
way you can to dnf.
@zenmonkeykstop
Copy link
Contributor

If we had a key+repo-config-only rpm (ideall,y that was available via a regular qubes dom0 repo) then you could probably install that via dnf and then you'd be home free on the prod side

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
blocked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@legoktm @zenmonkeykstop @rocodes