Harden DNF config in RPM post-install script #527

DemiMarie · 2024-10-31T02:11:34Z

Not tested yet but hopefully works.

marmarek · 2024-10-31T02:16:34Z

This doesn't work with DNF5:

[root@0a4ec0f8ff5f /]# dnf config-manager --setopt=gpgcheck=1 --setopt=zchunk=0 --setopt=deltarpm=0 --save
Unknown argument "--save" for command "config-manager". Add "--help" for more information about the arguments.
[root@0a4ec0f8ff5f /]# dnf config-manager --help
Usage:
  dnf5 [GLOBAL OPTIONS] config-manager <COMMAND> ...

Description:
  Manage main and repositories configuration, variables and add new repositories
                                
Commands:                       
  addrepo                       Add repositories from the specified configuratio
                                n file or define a new repository using user opt
                                ions
  setopt                        Set configuration and repositories options
  unsetopt                      Unset/remove configuration and repositories opti
                                ons
  setvar                        Set variables
  unsetvar                      Unset/remove variables

But, DNF5 supports /etc/dnf/libdnf5.conf.d.

marmarek · 2024-11-04T13:37:30Z

I'm not sure if you noticed, but this fails to build

DemiMarie · 2024-11-04T20:46:48Z

Oops, missing line continuation in Makefile.

codecov · 2024-11-04T21:26:26Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.14%. Comparing base (a324b82) to head (cf52c15).
Report is 22 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #527      +/-   ##
==========================================
- Coverage   70.57%   70.14%   -0.43%     
==========================================
  Files           3        3              
  Lines         469      469              
==========================================
- Hits          331      329       -2     
- Misses        138      140       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

package-managers/dnf-harden.conf

rpm_spec/core-agent.spec.in

This uses a postinstall script for DNF5 and a configuration file otherwise.

qubesos-bot · 2024-11-14T23:05:34Z

OpenQA test summary

Complete test suite and dependencies: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024111418-4.3&flavor=pull-requests

Test run included the following:

New failures, excluding unstable

Compared to: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024091704-4.3&flavor=update

system_tests_extra
- TC_00_QVCTest_whonix-workstation-17: test_010_screenshare (failure)
  ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^... AssertionError: 0 == 0
system_tests_kde_gui_interactive
- gui_keyboard_layout: Failed (test died)
  # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...

Failed tests

5 failures

system_tests_extra
- TC_00_QVCTest_whonix-workstation-17: test_010_screenshare (failure)
  ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^... AssertionError: 0 == 0
system_tests_network_updates
- [unstable] VmUpdates_debian-12-xfce: test_020_updates_available_notification (error)
  subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
system_tests_kde_gui_interactive
- gui_keyboard_layout: Failed (test died)
  # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...
system_tests_basic_vm_qrexec_gui_zfs
- switch_pool: Failed (test died)
  # Test died: command 'dnf install -y ./zfs-release.rpm' failed at /...
system_tests_audio@hw1
- [unstable] TC_20_AudioVM_PipeWire_debian-12-xfce: test_260_audio_mic_enabled_switch_audiovm (failure)
  AssertionError: too short audio, expected 10s, got 0.00013605442176...

Fixed failures

Compared to: https://openqa.qubes-os.org/tests/112766#dependencies

201 fixed

system_tests_pvgrub_salt_storage
- TC_41_HVMGrub_fedora-40-xfce: test_000_standalone_vm (error)
  qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- TC_41_HVMGrub_fedora-40-xfce: test_010_template_based_vm (error)
  qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- TC_00_Dom0: test_000_top_enable_disable (failure)
  ~~~~~~~~~~~~~^^^^^^^^^^^^^^^... AssertionError: 'base' not found in {}
- TC_00_Dom0: test_001_state_sls (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
- TC_00_Dom0: test_010_create_vm (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
- TC_00_Dom0: test_011_set_prefs (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
- TC_00_Dom0: test_012_tags (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
- TC_10_VMSalt_debian-12-xfce: test_001_multi_state_highstate (failure)
  AssertionError: False is not true : Full output: test-inst-target: ...
- TC_10_VMSalt_debian-12-xfce: test_004_user_sls (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
- TC_10_VMSalt_fedora-40-xfce: test_000_simple_sls (failure)
  AssertionError: Salt command '['qubesctl', '--skip-dom0', '--show-o...
- TC_10_VMSalt_fedora-40-xfce: test_001_multi_state_highstate (failure)
  AssertionError: False is not true : Full output: test-inst-target: ...
- TC_10_VMSalt_fedora-40-xfce: test_003_update (failure)
  AssertionError: Salt command '['qubesctl', '--skip-dom0', '--show-o...
- TC_10_VMSalt_fedora-40-xfce: test_004_user_sls (failure)
  AssertionError: Salt command '['qubesctl', '--dom0-only', 'state.sl...
system_tests_splitgpg
- TC_10_Thunderbird_fedora-40-xfce: test_000_send_receive_default (failure)
  dogtail.tree.SearchError: descendent of [application | Thunderbird]...
- TC_10_Thunderbird_fedora-40-xfce: test_010_send_receive_inline_signed_only (failure)
  dogtail.tree.SearchError: descendent of [application | Thunderbird]...
- TC_10_Thunderbird_fedora-40-xfce: test_020_send_receive_inline_with_attachment (failure)
  dogtail.tree.SearchError: descendent of [application | Thunderbird]...
system_tests_extra
- TC_00_QVCTest_debian-12-xfce: test_020_webcam (failure)
  AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
- TC_00_QVCTest_fedora-40-xfce: test_020_webcam (failure)
  AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
- TC_00_QVCTest_whonix-gateway-17: test_020_webcam (failure)
  AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
system_tests_gui_interactive
- simple_gui_apps: unnamed test (unknown)
- simple_gui_apps: Failed (test died)
  # Test died: no candidate needle with tag(s) 'vm-settings-app-xterm...
- simple_gui_apps: unnamed test (unknown)
system_tests_guivm_gui_interactive
- update_guivm: Failed (test died)
  # Test died: command '(set -o pipefail; qubesctl --all --show-outpu...
system_tests_qrexec
- TC_00_Qrexec_debian-12-xfce: test_081_qrexec_service_argument_allow_specific (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_00_Qrexec_debian-12-xfce: test_082_qrexec_service_argument_deny_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_083_qrexec_service_argument_specific_implementation (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_084_qrexec_service_argument_extra_env (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_090_qrexec_service_socket_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_091_qrexec_service_socket_dom0_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_092_qrexec_service_socket_dom0_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_093_qrexec_service_socket_dom0_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_095_qrexec_service_socket_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_096_qrexec_service_socket_vm_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_097_qrexec_service_socket_vm_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_098_qrexec_service_socket_vm_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_debian-12-xfce: test_100_qrexec_service_force_user (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_050_qrexec_simple_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_051_qrexec_simple_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_052_qrexec_vm_service_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_053_qrexec_vm_service_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_055_qrexec_dom0_service_abort (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_060_qrexec_exit_code_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_065_qrexec_exit_code_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_070_qrexec_vm_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_071_qrexec_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_072_qrexec_to_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_080_qrexec_service_argument_allow_default (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_081_qrexec_service_argument_allow_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_082_qrexec_service_argument_deny_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_083_qrexec_service_argument_specific_implementation (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_084_qrexec_service_argument_extra_env (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_090_qrexec_service_socket_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_091_qrexec_service_socket_dom0_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_092_qrexec_service_socket_dom0_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_093_qrexec_service_socket_dom0_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_095_qrexec_service_socket_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_096_qrexec_service_socket_vm_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_097_qrexec_service_socket_vm_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_098_qrexec_service_socket_vm_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_fedora-40-xfce: test_100_qrexec_service_force_user (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_050_qrexec_simple_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_051_qrexec_simple_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_052_qrexec_vm_service_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_053_qrexec_vm_service_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_055_qrexec_dom0_service_abort (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_060_qrexec_exit_code_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_065_qrexec_exit_code_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_070_qrexec_vm_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_071_qrexec_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_072_qrexec_to_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_080_qrexec_service_argument_allow_default (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_081_qrexec_service_argument_allow_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_082_qrexec_service_argument_deny_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_083_qrexec_service_argument_specific_implementation (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_084_qrexec_service_argument_extra_env (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_090_qrexec_service_socket_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_091_qrexec_service_socket_dom0_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_092_qrexec_service_socket_dom0_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_093_qrexec_service_socket_dom0_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_095_qrexec_service_socket_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_096_qrexec_service_socket_vm_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_097_qrexec_service_socket_vm_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_098_qrexec_service_socket_vm_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-gateway-17: test_100_qrexec_service_force_user (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_050_qrexec_simple_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_051_qrexec_simple_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_052_qrexec_vm_service_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_053_qrexec_vm_service_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_055_qrexec_dom0_service_abort (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_060_qrexec_exit_code_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_065_qrexec_exit_code_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_070_qrexec_vm_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_071_qrexec_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_072_qrexec_to_dom0_simultaneous_write (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_080_qrexec_service_argument_allow_default (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_081_qrexec_service_argument_allow_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_082_qrexec_service_argument_deny_specific (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_083_qrexec_service_argument_specific_implementation (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_084_qrexec_service_argument_extra_env (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_090_qrexec_service_socket_dom0 (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_091_qrexec_service_socket_dom0_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_092_qrexec_service_socket_dom0_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_093_qrexec_service_socket_dom0_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_095_qrexec_service_socket_vm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_096_qrexec_service_socket_vm_send (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_097_qrexec_service_socket_vm_eof_reverse (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_098_qrexec_service_socket_vm_eof (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_00_Qrexec_whonix-workstation-17: test_100_qrexec_service_force_user (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
system_tests_network_ipv6
- VmIPv6Networking_fedora-40-xfce: test_520_ipv6_simple_proxyvm_nm (failure)
  AssertionError: 1 != 0 : nm-applet window not found
system_tests_kde_gui_interactive
- kde_startup: unnamed test (unknown)
- kde_startup: Failed (test died)
  # Test died: no candidate needle with tag(s) 'login-prompt-session-...
system_tests_basic_vm_qrexec_gui_btrfs
- TC_20_NonAudio_fedora-40-xfce-pool: test_140_qrexec_filecopy_unsafe_name (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_fedora-40-xfce-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_200_timezone (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_210_time_sync (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_000_start_shutdown (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_010_run_xterm (error + cleanup)
  raise TimeoutError from exc_val... TimeoutError
- TC_20_NonAudio_whonix-gateway-17-pool: test_011_run_gnome_terminal (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_012_qubes_desktop_run (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_100_qrexec_filecopy (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_101_qrexec_filecopy_with_autostart (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_105_qrexec_filemove (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_110_qrexec_filecopy_deny (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_115_qrexec_filecopy_no_agent (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_130_qrexec_filemove_disk_full (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_200_timezone (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_210_time_sync (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_000_start_shutdown (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_010_run_xterm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_011_run_gnome_terminal (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_012_qubes_desktop_run (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_100_qrexec_filecopy (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_whonix-workstation-17-pool: test_101_qrexec_filecopy_with_autostart (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_105_qrexec_filemove (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_110_qrexec_filecopy_deny (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_115_qrexec_filecopy_no_agent (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_130_qrexec_filemove_disk_full (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_whonix-workstation-17-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_141_qrexec_filecopy_unsafe_symlink (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_whonix-workstation-17-pool: test_200_timezone (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_210_time_sync (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
system_tests_basic_vm_qrexec_gui_ext4
- TC_20_NonAudio_fedora-40-xfce-pool: test_110_qrexec_filecopy_deny (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_fedora-40-xfce-pool: test_115_qrexec_filecopy_no_agent (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_130_qrexec_filemove_disk_full (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_200_timezone (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_210_time_sync (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_fedora-40-xfce-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_fedora-40-xfce-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_000_start_shutdown (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_010_run_xterm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_011_run_gnome_terminal (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_012_qubes_desktop_run (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_100_qrexec_filecopy (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_101_qrexec_filecopy_with_autostart (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_105_qrexec_filemove (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_110_qrexec_filecopy_deny (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_115_qrexec_filecopy_no_agent (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_130_qrexec_filemove_disk_full (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_200_timezone (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_210_time_sync (skipped + cleanup)
- TC_20_NonAudio_whonix-gateway-17-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-gateway-17-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_000_start_shutdown (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_010_run_xterm (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_011_run_gnome_terminal (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_012_qubes_desktop_run (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_100_qrexec_filecopy (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_101_qrexec_filecopy_with_autostart (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_105_qrexec_filemove (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_110_qrexec_filecopy_deny (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_115_qrexec_filecopy_no_agent (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_130_qrexec_filemove_disk_full (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_200_timezone (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_210_time_sync (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
system_tests_basic_vm_qrexec_gui_xfs
- TC_20_NonAudio_whonix-workstation-17-pool: test_115_qrexec_filecopy_no_agent (error + cleanup)
  libvirt.libvirtError: internal error: libxenlight failed to create ...
- TC_20_NonAudio_whonix-workstation-17-pool: test_130_qrexec_filemove_disk_full (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_140_qrexec_filecopy_unsafe_name (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_141_qrexec_filecopy_unsafe_symlink (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_200_timezone (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_210_time_sync (skipped + cleanup)
- TC_20_NonAudio_whonix-workstation-17-pool: test_250_resize_private_img (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
- TC_20_NonAudio_whonix-workstation-17-pool: test_300_bug_1028_gui_memory_pinning (failure + cleanup)
  ^^^^^^^^^^^^^^^^^^^^^^... AssertionError
system_tests_gui_tools
- qubesmanager_backuprestore: unnamed test (unknown)
- qubesmanager_backuprestore: Failed (test died)
  # Test died: no candidate needle with tag(s) 'backup-cancelled' mat...
system_tests_guivm_vnc_gui_interactive
- update_guivm: Failed (test died)
  # Test died: command '(set -o pipefail; qubesctl --all --show-outpu...

Unstable tests

system_tests_suspend
suspend/ (1/5 times with errors)
- job 115081 None
suspend/Failed (1/5 times with errors)
- job 115081 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
suspend/wait_serial (1/5 times with errors)
- job 115081 # wait_serial expected: qr/2E8vz-\d+-/...
system_tests_basic_vm_qrexec_gui
TC_20_NonAudio_whonix-workstation-17/test_140_qrexec_filecopy_unsafe_name (1/5 times with errors)
- job 115635 libvirt.libvirtError: internal error: libxenlight failed to create ...
system_tests_pvgrub_salt_storage
TC_41_HVMGrub_debian-12-xfce/test_000_standalone_vm (1/5 times with errors)
- job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
TC_41_HVMGrub_fedora-40-xfce/test_000_standalone_vm (2/5 times with errors)
- job 114628 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
TC_41_HVMGrub_debian-12-xfce/test_010_template_based_vm (1/5 times with errors)
- job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
TC_41_HVMGrub_fedora-40-xfce/test_010_template_based_vm (3/5 times with errors)
- job 114628 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115078 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
system_tests_extra
TC_00_QVCTest_whonix-workstation-17/test_020_webcam (1/5 times with errors)
- job 115072 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
system_tests_usbproxy
TC_20_USBProxy_core3_fedora-40-xfce/test_070_attach_not_installed_front (1/5 times with errors)
- job 117582 NameError: name 'santizied_stderr' is not defined
system_tests_qrexec
TC_00_Qrexec_fedora-40-xfce/test_065_qrexec_exit_code_vm (1/5 times with errors)
- job 115649 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_00_Qrexec_fedora-40-xfce/test_080_qrexec_service_argument_allow_default (1/5 times with errors)
- job 115649 libvirt.libvirtError: internal error: libxenlight failed to create ...
system_tests_network_ipv6
VmIPv6Networking_fedora-40-xfce/test_520_ipv6_simple_proxyvm_nm (1/5 times with errors)
- job 115076 AssertionError: 1 != 0 : nm-applet window not found
system_tests_network_updates
VmUpdates_fedora-40-xfce/test_000_simple_update (1/5 times with errors)
- job 116867 AssertionError: 1 not found in [0, 100] : dnf clean all; dnf check-...
TC_10_QvmTemplate_whonix-gateway-17/test_000_template_list (1/5 times with errors)
- job 115077 qvm-template: error: No matching templates to list
VmUpdates_debian-12-xfce/test_020_updates_available_notification (1/5 times with errors)
- job 117610 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
VmUpdates_debian-12-xfce/test_120_updates_available_notification_qubes_vm_update (1/5 times with errors)
- job 115077 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
VmUpdates_debian-12-xfce/test_121_updates_available_notification_qubes_vm_update_cli (1/5 times with errors)
- job 116867 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
system_tests_audio
TC_20_AudioVM_Pulse_fedora-40-xfce/test_223_audio_play_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_debian-12-xfce/test_224_audio_rec_muted_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_224_audio_rec_muted_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_debian-12-xfce/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
- job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_228_audio_rec_unmuted_pipewire (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.41970521541950...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_250_audio_playback_audiovm_pipewire (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.06471655328798...
TC_20_AudioVM_PipeWire_debian-12-xfce/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.2878231292517,...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
- job 115623 AssertionError: too short audio, expected 10s, got 9.34507936507936...
TC_20_AudioVM_Pulse_debian-12-xfce/test_252_audio_playback_audiovm_switch_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_fedora-40-xfce/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
- job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_PipeWire_debian-12-xfce/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 0.00013605442176...
TC_20_AudioVM_PipeWire_fedora-40-xfce/test_260_audio_mic_enabled_switch_audiovm (2/5 times with errors)
- job 116847 AssertionError: too short audio, expected 10s, got 0.00013605442176...
- job 117586 AssertionError: too short audio, expected 10s, got 0.00013605442176...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
- job 115623 AssertionError: too short audio, expected 10s, got 9.05353741496598...
system_tests_audio@hw1
TC_20_AudioVM_Pulse_fedora-40-xfce/test_223_audio_play_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_debian-12-xfce/test_224_audio_rec_muted_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_224_audio_rec_muted_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_debian-12-xfce/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
- job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_228_audio_rec_unmuted_pipewire (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.41970521541950...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_250_audio_playback_audiovm_pipewire (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.06471655328798...
TC_20_AudioVM_PipeWire_debian-12-xfce/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 9.2878231292517,...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
- job 115623 AssertionError: too short audio, expected 10s, got 9.34507936507936...
TC_20_AudioVM_Pulse_debian-12-xfce/test_252_audio_playback_audiovm_switch_hvm (1/5 times with errors)
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_fedora-40-xfce/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
- job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_Pulse_whonix-workstation-17/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
- job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
- job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_AudioVM_PipeWire_debian-12-xfce/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
- job 115053 AssertionError: too short audio, expected 10s, got 0.00013605442176...
TC_20_AudioVM_PipeWire_fedora-40-xfce/test_260_audio_mic_enabled_switch_audiovm (2/5 times with errors)
- job 116847 AssertionError: too short audio, expected 10s, got 0.00013605442176...
- job 117586 AssertionError: too short audio, expected 10s, got 0.00013605442176...
TC_20_AudioVM_PipeWire_whonix-workstation-17/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
- job 115623 AssertionError: too short audio, expected 10s, got 9.05353741496598...
system_tests_basic_vm_qrexec_gui_btrfs
TC_30_Gui_daemon/test_002_clipboard_300k (1/5 times with errors)
- job 116856 : Clipboard copy operation failed - content...
system_tests_basic_vm_qrexec_gui_ext4
TC_20_NonAudio_debian-12-xfce-pool/test_105_qrexec_filemove (1/5 times with errors)
- job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_NonAudio_whonix-gateway-17-pool/test_105_qrexec_filemove (1/5 times with errors)
- job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_NonAudio_whonix-workstation-17-pool/test_130_qrexec_filemove_disk_full (1/5 times with errors)
- job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
TC_20_NonAudio_debian-12-xfce-pool/test_141_qrexec_filecopy_unsafe_symlink (1/5 times with errors)
- job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
system_tests_basic_vm_qrexec_gui@hw1
TC_20_NonAudio_whonix-workstation-17/test_140_qrexec_filecopy_unsafe_name (1/5 times with errors)
- job 115635 libvirt.libvirtError: internal error: libxenlight failed to create ...
system_tests_suspend@hw1
suspend/ (1/5 times with errors)
- job 115081 None
suspend/Failed (1/5 times with errors)
- job 115081 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
suspend/wait_serial (1/5 times with errors)
- job 115081 # wait_serial expected: qr/2E8vz-\d+-/...

DemiMarie force-pushed the harden-dnf branch from a31bdfe to fac3111 Compare October 31, 2024 02:28

DemiMarie force-pushed the harden-dnf branch from fac3111 to 19f62c4 Compare November 4, 2024 20:46

marmarek requested changes Nov 12, 2024

View reviewed changes

package-managers/dnf-harden.conf Outdated Show resolved Hide resolved

rpm_spec/core-agent.spec.in Outdated Show resolved Hide resolved

Harden DNF config

cf52c15

This uses a postinstall script for DNF5 and a configuration file otherwise.

DemiMarie force-pushed the harden-dnf branch from 19f62c4 to cf52c15 Compare November 13, 2024 02:05

DemiMarie requested a review from marmarek November 13, 2024 02:45

marmarek added the openqa-pending label Nov 14, 2024

marmarek approved these changes Nov 15, 2024

View reviewed changes

marmarek merged commit 1fa9308 into QubesOS:main Nov 15, 2024
3 of 4 checks passed

DemiMarie deleted the harden-dnf branch November 15, 2024 15:44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Harden DNF config in RPM post-install script #527

Harden DNF config in RPM post-install script #527

DemiMarie commented Oct 31, 2024

marmarek commented Oct 31, 2024

marmarek commented Nov 4, 2024

DemiMarie commented Nov 4, 2024

codecov bot commented Nov 4, 2024 •

edited

Loading

qubesos-bot commented Nov 14, 2024

Harden DNF config in RPM post-install script #527

Harden DNF config in RPM post-install script #527

Conversation

DemiMarie commented Oct 31, 2024

marmarek commented Oct 31, 2024

marmarek commented Nov 4, 2024

DemiMarie commented Nov 4, 2024

codecov bot commented Nov 4, 2024 • edited Loading

Codecov Report

qubesos-bot commented Nov 14, 2024

OpenQA test summary

New failures, excluding unstable

Failed tests

Fixed failures

Unstable tests

codecov bot commented Nov 4, 2024 •

edited

Loading