Basically, I want to check if a Keepassxc file in my vault is different than a Keepassxc file in my appvm.
Thanks for any ideas.
John
unman, I don't have qvm-run (perhaps that's for 3.2?), and running hash command example you gave (modified to point to a file that exists in the appvm) produced no output. Specifically:
$ qvm-run vault 'md5sum file.kdbx'
Running 'md5sum file.kdbx' on vault
But no output. Any ideas?
Thanks.
John
unman, thank you for this. I understand the difference now, and using qvm-run -p in dom0 works fine. I cannot get qvm-run-vm to work, because I'm presented with "Request refused". I don't understand the significance of /etc/qubes-rpc/policy/qubes.VMShell, but I don't actually have a directory called policy, so that file path is /etc/qubes-rpc/qubes.VMShell.
I can make this work using dom0, but I suspect (but don't know for sure) that that is unwise.
John
unman, thank you for being so generous with your time. I appreciate the education. Yes, I was looking in appvms. I'm starting to understand better what needs to be done. I'll see how far I get.
John
Would it not be simpler, and safer, to create the hash in your vault VM and then copy it to the global clipboard. Then switch to your appVM, open gedit (or editor of your choice) and paste the hash there.
Finally create the hash in your appVM and compare the two.
That is the basic method I have been using to compare things across VMs. In particular, generate whatever you need in the more secure VM and pass the result to the less secure VM for the comparison step.
I avoid doing anything except VM management in dom0. I think that is the way one is supposed to use Qubes.
Good advice, John. Thanks.