Is SELinux also supported in Fedora minimal templates?
Would SELinux make Fedora significantly more secure than Debian?
Unable to use WiFi with R4.2.0-rc1 (as with previous R4.2 weekly release).
[sys-net] Connection Failure
Failed to add/activate connection
failure adding connection: error writing to file ‘/etc/NetworkManager/system-connections/{wireless name}.nmconnection’: failed to create file /etc/NetworkManager/system-connections/{wireless name}.nmconnection.46E551: Permission denied
Don’t have access to a LAN connection, so unable to test anything else.
You can open an issue on github so devs will know about this problem and try to fix it:
Is SELinux also supported in Fedora minimal templates?
I think not, I’ve just download fedora-38-minimal and it doesn’t have packages like sestatus
or setenforce
. But fedora-38-xfce support
SELinux.(Although the disk usage between xfce and og is only about 6MB)
Would SELinux make Fedora significantly more secure than Debian?
I don’t know is Debian template enable Apparmor by default but whether or not SELinux is better than Apparmor in security, but you also may lose some ease of use.
But to be honest I don’t know will it be significantly more secure or not.
For me, I’m more curious on the security between Fedora and Kicksecure. Looking for answer.
Thank you.
Thank you for your reply. I still have a question, one that may not be easy to answer. Is fedora-38 with SELinux more secure than debian minimal or fedora minimal - both of which have smaller attack surface?
On a related topic, does the SecureDrop Workstation use Fedora or Debian templates?
Is it likely that a new installation of the final Qubes 4.2.0
is not necessary, if -rc1
keeps being updated?
It looks as if we are on the master branch, if I understand correctly, therefore it should be OK to go with -rc1
.
Likely, but not definitely.
There could be changes to the installer or organisation that cannot be
resolved by simply updating an installed system.
The same could apply to people updating from an existing 4.1 installation.
i assume it was only for partition layout? any example?
in your free time, please do things for 4.2 so i can test and other gain benefit
good job; works flawless for me
for 4.2: i noticed that whonix 17 template > is waiting for debian bookworm template > is waiting for salt being available in bookworm
“use more bandwith!” - Said the Qubes User uprading to 4.2 and installing debian12 & whonix17 templates afterwards
Bonus Edit:
[FEATURE REQUEST] Add Salt support for Debian 12 · Issue #64223 · saltstack/salt · GitHub Salt themselfs dont offer debian 12 support yet
I use a ProxyVM as a VPN gateway using iptables and CLI scripts.
In Qubes OS 4.2, DomU firewalls have switched to nftables. I have not installed 4.2 yet.
Do the ProxyVM scripts need an update?
Any easy fixes for this error?
KDE installed → Application launcher key →
file:///usr/share/plasma/plasmoids/org.kde.plasma.kickoff/contents/ui/Kickoff.qml:157:34: Type FullRepresentation unavailable file:///usr/share/plasma/plasmoids/org.kde.plasma.kickoff/contents/ui/FullRepresentation.qml:43:5: KickoffButton is not a type
Oops @throwaway11, it looks like I made a mistake! I thought I was reading your post in a different context. I assume you’re testing R4.2 RC1, and your question seems perfectly on-topic. Please disregard my previous post and accept my apologies!
When using KDE Wayland, apps don’t show when launched. KDE X11 works as expected.
Qubes OS display protocol uses X and isn’t compatible with wayland.
I have been using 4.2.0-rc1 for a few hours. Looks great. The UI improvements appear to be more user friendly, such as the new dialogs when creating a new qube. The Qubes menu is nice but the qube name could be larger (the small font is not immediately readable). I think device handling is better as I have tried using conferencing software with an external USB webcam, which was quickly connected, I felt it was faster than 4.1 version.
The installer went with usb enabled on dom0 then I run the salt to enable sys-usb but it failed at the grub usb hiding step. nevertheless after reboot the sys-usb was there and rejecting usb input devices and after adding policy it was working fine.
My existing templates worked fine before upgrading their repository to qubes 4.2, so I used them and upgraded them in place. So far no problems.