Making Your Own Sys-VMs

[Sam Hentschel]

Hey all!

I've been looking at changing all my VM templates to fedora minimal.

I've gotten all my AppVMs moved over to templates based on fedora
minimal.

However, I'm still having some trouble making fedora minimal templates
that will work for my NetVM, FirewallVM, and USBVM.

For the NetVM specifically, I installed the driver and software that was
stated on the Fedora Minimal page but it still doesn't register my
wireless card.

Anybody have what I need to get these templates ready for those system
VMs?

--
Respectfully,
Sam Hentschel
FD6A 2998 5301 B440 D26B
7040 69D1 CE58 6FA5 BB5A

[[799]]

Hello Sam,

>> I"ve been looking at changing all my VM templates to fedora minimal.

I've done exactly the same to reduce the footprint of running services and applications and to work with fedora-25 instead of the old fedora-23 templates.

>> However, I"m still having some trouble making fedora minimal templates

>> that will work for my NetVM, FirewallVM, and USBVM.

I've attached all scripts for you:

If you store those scripts in dom0 unter ~/bin you can run those scripts without changing to the directory, as  ~/bin is included in the PATH environment variable (in dom0: echo $PATH )

*** create-t-fedora-25-minimal.sh

this script will download and clone a fedora-25-minimal template.

it will install all needed packages in the template.

(the reason why I clone the template is that I like to have the original template untouched. The original fedora-25-minimal template will be hidden in Qubes Manager to get a better overview)

*** qvm-destroy

is just a helper script which will kill a VM and remove it.

I'm using qvm-destroy in my scripts so that I can run those scripts even when the AppVMs are in place already and I want to reinstall. With that I can rebuild all my sys-vms within a very short time.

*** create-my-sysvms.sh

this script will remove and then recreate the 3 sys-vms.

after this script you'll end up with running freshly installed sys-net, sys-firewall and sys-usb.

This scripts assumes that the first script has been run already (creation of fedora-minimal-template).

*** create-default-sys-vms.sh

this script will create the 3 sys-vms using the fedora-25 default image which is slightly bigger but might have all drivers etc. installed.

I've just used it to test out my other minimal-script :-)

So it can be used to migrate from the standard fedora-23 to fedora-25 sys-vms.

If you have any question regarding those scripts, do not hesitate

to contact me.

I am using all sys-vms based on my t-fedora-25-minimal template and they work fine.

If you start up the new sys-usb it might be that you get a 2nd nm-applet icon in the taskbar. I haven't been able to disable the start of nm-applet in sys-usb and as such I'm just killing the nm-applet through dom0:

I'm running this command in dom0 in a script which is executed when I login into qubes:

qvm-run sys-usb "killall nm-applet"

>> For the NetVM specifically, I installed the driver and software

>> that was stated on the Fedora Minimal page but it still doesn"t

>> register my wireless card.

You need to find out what your wifi card is and then install the proper driver. I think this was covered here in the mailinglist already.

You could look into your current sys-net (based on the original template) and then use lsmod to find which kernel modules are running and find the proper drivers - but this is something I am not that familiar with.

Someone more skilled might help you out

Just one more thing which might be usefull for your new sys-net VM if you're working with a WWAN/LTE-card.

I have a scripts which auto-attached my LTE card to the sys-net VM:

#!/bin/bash

# attach-wwan.sh -  connect the LTE-card to sys-net

# Description of LTE Card (it's ok to enter only a part of the description)

# to find out the description enter qvm-usb in dom0

LTECard=Lenovo_H5321_gw_

# Mount Card to sys-net

qvm-usb -a sys-net `qvm-usb | grep $LTECard | awk '{print $1}'`

[799]

[[799]]

Hello Sam,

> Thanks for those scripts! After reading through the create-my-sysvms.sh

> script, I am a little more confused as to why my templates aren"t

> working.

> [...]

> When I start up mine it shows the ethernet interface, but it can"t find

> the wireless interface.

I guess you are missing some neccesary drivers in your (new minimal) sys-net VM.

I suggest the following:

Just switch the template of your new sys-net VM, which is currently using the fedora-25-minimal template with the ("full size") fedora image:

#kill all VMs

qvm-kill sys-usb

qvm-kill sys-firewall

qvm-kill sys-net

#Show current template

qvm-prefs -l sys-net | grep template

# Switch template

qvm-prefs -s sys-net template fedora-25

Then start all VMs and check if you can see the wifi card.

If so this means that there is just some driver or module missing in your minimal sys-net VM.

An easy approach might to just keep the fedora-25 instead of the fedora-25-minimal template.

But solving thing is better than living with workarrounds :-)

Can you enter the lspci or comannd in dom0 and look which Wifi adapter you are using?

using lspci | grep Network might be easier to find your wifi card.

Please send the full line of what is shown there, in my case for example:

[USER@dom0 ~]$ lspci | grep Network

00:19.0 Ethernet controller: Intel Corporation 82579LM Gigabit Network Connection (rev 04)

02:00.0 Network controller: Intel Corporation Centrino Advanced-N 6205 [Taylor Peak] (rev 34)

We'll look from there what needs to be done to get wifi working in your sys-net VM when you choose the minimal template.

[799]