Skip to content

Extend dependency checking facilities#473

Open
RandyTheOtter wants to merge 4 commits into
QubesOS:mainfrom
RandyTheOtter:dependencies
Open

Extend dependency checking facilities#473
RandyTheOtter wants to merge 4 commits into
QubesOS:mainfrom
RandyTheOtter:dependencies

Conversation

@RandyTheOtter

Copy link
Copy Markdown
Contributor

Regarding QubesOS/qubes-issues#10860

As far as I can tell #469 fixes it on shutdown by retrying as many times as there are used vms, and it should be faster than vm_dependencies. I'm not sure how good that approach is from the design perspective considering that it handles all these errors and logs a lot.

My idea here is instead set up a facility for checking domain sets and use force on independent sets. I also plan to make vm_dependencies more efficient by creating necessary api for accessing e.g. qubes.vm.mix.net.NetVMMixin.connected_vms, but before any of that or proceeding with integration of this change I would like to show and receive feedback.

Comment thread qubesadmin/utils/__init__.py Outdated
@RandyTheOtter

Copy link
Copy Markdown
Contributor Author

Although code review is appreciated, could you please assess sanity of the idea? For now this is my main concern.

@RandyTheOtter RandyTheOtter requested a review from ben-grande June 25, 2026 18:55
@ben-grande

Copy link
Copy Markdown
Contributor

We cannot guarantee that the client is 100% certain of the state, the dependencies check on the client is more like a promise. If someone adds a new extension on the server that handles domain-pre-shutdown, the check on the client will not be able to know. One alternative is adapating the client's vm_depenencies, another alternative is asking the server for dependencies as you mentioned on the first post.

I don't think I have enough knowledge to tell you which way is right. I am not sure. QubesOS/qubes-issues#10860 (comment).

@RandyTheOtter

RandyTheOtter commented Jun 30, 2026

Copy link
Copy Markdown
Contributor Author

Good point. I also realize that even if the server does the checking there is no mechanism to prevent race conditions between the original client acting on the result and another client changing a dependency.

Am I overthinking this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants