Hi, I would be curious to know if Qubes OS users often reboot or shutdown there system or if it stays up for a long time. Suspend does not count as it’s basically just a pause.
Unfortunately I can’t make a poll on the forum, so you have to reply if you want to share about what you do, that’s the opportunity to give context if you want:)
This could be useful to know maybe. For instance, not rebooting a qube whose template was updated is not a big deal if the qube won’t live more than the day, but it can be concerning if they stay up for a week.
My system has a daily power cycle (or multiple in a day)
My system can run multiple days without being powered down
My system can run multiple weeks without being powered down
I have a simple workflow, I turn the laptop on in the morning and shut it down when I go to sleep, so rebooting qubes after an update creates too much friction for me and I accept the risk to run them unpatched for a few hours.
My laptop gets shut down every day…unless I don’t start it up that day. I will therefore (like you) rarely reboot it just because of an update. VMs running on it, it depends; I may just decide to restart or shut down ones I don’t particularly need running at the moment, after an update.
My desktop is a very different story, I can leave it on for many days. Knowing this if an update comes out that affects all domU (like just happened) I might restart all of them (including sys-usb). More commonly an update comes out that affects my “user” qubes than do ones that affect my “system” qubes. (I use minimal templates, and things like sys-net and sys-usb have a lot less stuff on them that needs updating, than say my libroffice qube.) I may wait a while to restart or shutdown web browser qubes because I usually don’t run split bookmarks and might not want to “lose” open tabs.
Sometimes it will take a while (a couple of days) when dom0 updates, before I restart my desktop. I’m trying to be better about this.
When I leave the house, all mounted crypto gets unmounted. So this answers what I do with my Qubes installations.
Never ever have an unguarded crypto device mounted.