ben-grande
commented
2 months ago Orders of policies seem wrong.
Unfortunately true and there is not a fix that fits all.
The file 50-config-updates.policy is managed by the GUI Global Config and was possibly set during your installation. Lets see its contents with default values:
# THIS IS AN AUTOMATICALLY GENERATED POLICY FILE.
# Any changes made manually may be overwritten by Qubes Configuration Tools.
qubes.UpdatesProxy * @tag:whonix-updatevm @default allow target=sys-whonix
qubes.UpdatesProxy * @type:TemplateVM @default allow target=sys-netYes, Whonix doesn't work with apt-cacher-ng and the formula skips altering Whonix qubes. If you enable template updates over Tor for non-whonix qubes or if you edit the update proxy in the GUI Global Config, that file is going to interfere with sys-cacher policy.
It is recommended that packagers only edit policies from 60 to 80, but unfortunately in this case I will have to create a policy from 31 to 49 to override the one set by 50-config-updates.
Commitment
I confirm that I have read the following resources:
Software version
Master
Brief summary
Sys-cacher still doesn't work for me on fresh install
But just saw https://github.com/unman/shaker/commit/1cda4ca0d7d79ed60191dc6ee80b0721d9082bad
(which @unman clearly states not using whonix per choice and prefers sys-tor which he hasn't yet published)
Steps to reproduce
Deploy q4.2 with sys-whonix as proxy for updates and then qusal
Expected behavior
sys-cacher working out of the box on possible QOS installable options
Actual behavior
Updates still attempted on tinyproxy by error observed. Orders of policies seem wrong.