Have a TW with mozilla repo added to have latest Firefox, was on 66.x before updating 2 days ago (zypper dup). Today I started the browser and all tabs had “trouble finding this page”, DNS in my network otherwise doing fine (unbound in the router).
I had manually set in about:config the “trr.enable” to 5 (completely disabling DNS-over-HTTPS) some weeks ago.
Hmm. Had a look at the version of FF: I was suddenly on the opensuse standard ESR 60.x…
I removed the ESR completely in YaST and reinstalled the 66 from Mozilla repo and Firefox is doing fine, can load all pages.
So apparently zypper dup switched my Firefox from mozilla to opensuse repo and downgraded it to ESR. How to avoid that in the future?
Why has FF ESR with completely disabled TRR no DNS at all? (I have the same experience on a freshly installed Debian with the same FF-ESR and trr.enable set to 5: No page loading at all. setting trr.eanble to 0 loads all pages just fine…)
Hi
Firefox is updated to 66.0.3 on Tumbleweed? Setting network.trr.enable to 5 is working fine here using local dns servers.
When doing a zypper dup, use verbosity (I use -vvv) as it will show you more details on what is being updated and from where if using additional repositories.
trr = 5 works fine on FF 66.x, but not if zypper dup downgrades FF to 60.x ESR. Is there any way to avoid this downgrading? Can I tell TW only use Mozilla repo for Firefox?
Or can I do somethink like
zypper up Firefox --from Mozilla
after zypper dup to force TW to have the latest FF from Mozilla repo after zypper dup? This morning YaST simply refused to install 66.x from Mozilla and always this ESR trash was reinstalled, although I chose 66.x from “Versions” for Firefox in “Software Management”…
Is trr = 5 not known in ESR FF or why is DNS collapsing with this setting?
I’m not sure with anything regarding computers, I’m a pro-NOOB I nFF i did -> Help -> About and this morning (with non-functionla DNS) it showed FF ESR, now I’m back to FF 66.0.3 Quantum.
I tried zypper ref and zypper -vvv dup, but unfortunately it gives 383 updates, much to long to catch all from console. without -vvv I see no Firefox in the list…
Mozilla is the only extra repo configured and all have priority 99, but afaik the priority has no meaning at all, as I read in the opensuse wiki some time ago.
Priority does have meaning and relevance. But vendor-stickiness comes first, and often decides which repo you will use – assuming that the vendor information for the Mozilla repo is different from that for the oss repo.
[rbrownsuse](https://www.reddit.com/user/rbrownsuse) openSUSE Chairman4 points · [3 years ago](https://www.reddit.com/r/openSUSE/comments/3veq03/questions_about_repository_priority/cxnyuvy/)
dup will honour repo priorities, but this causes as many problems as it fixes
Consider the following fake example
- Official Repo set to 98
- Repo $foo set to 99
User installs a package from repo $foo that is not present in the Official Repos, but it requires dependencies that are in both the official repos and Repo $foo. No problems initially, because the user is lucky enough that both the official repo and $foo have compatible versions of those dependancies....
For example, I set the packman repo to 97, with 99 for the main repos.
That gives a preference to the packman version of a package. But zypper won’t switch an existing package to packman unless I use “–allow-vendor-change”. However, if I install a new package (new to my computer), it will prefer the packman version.
Seems there are some problems anyway…
Of course. It isn’t magic. You still need to be careful about what repos you enable and about how you set their priorities.
I’ve been running DNScrypt on my own machine for several years now, o complaints.
It will do encrypted DNS lookups for any query on your system for any app… not just Firefox which is the subject of this Forum thread.
It works by running a small, lightweight proxy on your local system which intercepts all DNS queries and redirects through the DNScrypt proxy which then connects to specific DNS servers which support the encrypted protocol.
Note that this is different than “Secure DNS” which for the most part is implemented only between DNS servers.
There are very few client/server solutions, and this is one, and possibly with the best reputation.
If there is any downside, it’s that this involves a tiny bit of extra complication if you need to troubleshoot, but this has been pretty reliable for me.
Hi
I see NO Firefox ESR present on my Tumbleweed systems (20190426), it’s Quantum version 66.0.3, I would suspect Firefox ESR is coming from the Mozilla repository, not the default Tumbleweed OSS repository…
Perhaps you branding package is telling you one thing and the installed packages is different, you can check via;
zypper se -si MozillaFirefox
Loading repository data...
Reading installed packages...
S | Name | Type | Version | Arch | Repository
--+----------------------------------+---------+------------+--------+----------------------
i | MozillaFirefox | package | 66.0.3-1.1 | x86_64 | Main Repository (OSS)
i | MozillaFirefox-branding-openSUSE | package | 60-1.1 | x86_64 | Main Repository (OSS)
Which repository are your packages coming from?
They should not switch once set up on a specific repository, unless there is some conflict, which zypper will inform you about on a zypper dup…