Hello, <[email protected]> schrieb am So., 12. Juli 2020, 18:36:
> On Friday, July 10, 2020 at 4:18:30 AM UTC-4, Alex Lu wrote: >> >> Is having like 5 templateVMs 4 of which have no root is better than >> having 1 templateVM >> which have root and in charge of every appVM? >> > > There is one potential disadvantage to this setup: Will you actually > bother to keep all those templates updated? Especially if some of them have > no root, some have sudo prompts, and some have sudo access without prompts, > it starts to become a real pain. You have to keep in mind the human cost to > managing this kind of complexity, even with nice new tools like Qubes > Update. > The problem having to update several templates can easily be solved by invoking a script in dom0. It will update the template even if sudo is not installed because of the option --user=root within the command line. Try it out: https://github.com/one7two99/my-qubes/blob/master/dom0-scripts/update-all.sh ---- 8< ----- snip ------ ------ #!/bin/bash # update-all.sh - Update all Template-VMs # Update dom0 sudo qubes-dom0-update # Update all Fedora templates echo "[ Updating Fedora Templates ]" for i in `qvm-ls | grep Template | grep t-fedora | gawk '{ print $1 }'`; do echo echo "Updating $i ..." qvm-run --auto --user root --pass-io $i 'dnf -y update'; qvm-shutdown $i; echo "... done." done # Update all Debian Templates echo "[ Updating Debian Templates ]" for i in `qvm-ls | grep Template | grep t-debian | gawk '{ print $1 }'`; do echo echo "Updatung $i ..." qvm-run --auto --user root --pass-io $i 'apt-get update && apt-get -y upgrade'; qvm-shutdown $i; echo "... done." done # Update Whonix Templates echo "[ Updating Whonix Templates ]" for i in `qvm-ls | grep Template | grep whonix | gawk '{ print $1 }'`; do echo echo "Updatung $i ..." qvm-run --auto --user root --pass-io $i 'apt-get update && apt-get -y upgrade'; qvm-shutdown $i; echo "... done." done ---- 8< ----- snip ------ ------ Regards 799 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2vXyNSYqa53VfSUZ6d7pTyGh4ETbK2ijDgsHW-5bSAqHA%40mail.gmail.com.
