Code reviews: Qubes update and verification story
Erik Moeller edited this page Jun 7, 2021
·
1 revision
- How are dom0 RPM updates managed in Qubes?
- How are keys for verifying RPM signatures managed/used?
- How does our provisioning logic manage the signing key?
Updating software in dom0 involves complicated machinery, in order to move data safely from package repos, via a network-connected VM, into dom0, which has no network connection.
High-level Qubes docs on this workflow can be found here:
- https://www.qubes-os.org/doc/software-update-dom0/
- https://www.qubes-os.org/doc/dom0-secure-updates/
For a deeper understanding, review code in the following files (in order):
- https://github.com/QubesOS/qubes-core-admin-linux/blob/release2/dom0-updates/qubes-dom0-update (L126, hop to next)
- https://github.com/QubesOS/qubes-core-agent-linux/blob/master/package-managers/qubes-download-dom0-updates.sh
- https://github.com/QubesOS/qubes-core-admin-linux/blob/release2/dom0-updates/qubes-receive-updates