From 853a147b5a95f6ef0c57a6a0e8641fac9770abef Mon Sep 17 00:00:00 2001 From: Aminda Suomalainen Date: Sat, 7 Jun 2025 09:13:44 +0300 Subject: [PATCH] n/essentialsoftware.md: note rpm-ostree-automatic --- n/essentialsoftware.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/n/essentialsoftware.md b/n/essentialsoftware.md index 4b57cd5..f2f57b9 100644 --- a/n/essentialsoftware.md +++ b/n/essentialsoftware.md @@ -91,12 +91,16 @@ _{{ page.excerpt }}_ had it connect to upstream dns\[crypt\]proxy - alternatively configure `systemd-resolved`. Simultaneously `systemd-networkd` may be a good idea. -- `unattended-upgrades` or `dnf-automatic` so security updates are at least - downloaded if not even directly installed (see configuration and systemd - units!) +- `unattended-upgrades`, `dnf-automatic` or `rpm-ostreed-automatic` so security + updates are at least downloaded if not even directly installed (see + configuration and systemd units!) - if `dnf-automatic`, consider `sudo systemctl enable dnf-automatic-install.{timer,service}` or at least `sudo systemctl enable dnf-automatic-download.{timer,service}` + - for `rpm-ostree`, `systemctl enable rpm-ostreed-automatic.timer --now` + - Remember to check `/etc/rpm-ostreed.conf`, it should say + `AutomaticUpdatePolicy=stage` and likely `LockLayering=true` under + `[Daemon]` ## Usability @@ -179,6 +183,8 @@ sudo rpm-ostree install aircrack-ng android-tools btop clang cronie cronie-anacr # Remove packages I don't need from the base image. (Challenge to remove # nothing failed by using rpmfusion codecs anyway) sudo rpm-ostree override remove firefox firefox-langpacks +# Enable automatic updates (check /etc/rpm-ostreed.conf for AutomaticUpdatePolicy=stage and LockLayering=true) +sudo systemctl enable rpm-ostreed-automatic.timer --now # Disable bootsplash and kernel message hiding, adjust rootfs fstab, # REMEMBER TO REMOVE SSD FOR NON-SSD setups! Legacy interface names (eth0, # wlan0) are also nice. Ensure CPU vulnerability mitigation while at kargs too.