Just adding my 2 cents to this conversation...
The file "/rw/config/rc.local" does not consistently execute on Debian-8 and I find that the VM has to be restarted (sometimes multiple times) for it to take effect. The file is executable and all I am trying to do is allow traffic from some other VM(s) as per the instructions in https://www.qubes-os.org/doc/firewall/.
The contents of the file is below:
#!/bin/sh
# This script will be executed at every VM startup, you can place your own
# custom commands here. This include overriding some configuration in /etc,
# starting services etc.
#
# You need to make this script executable to have it enabled.
# Example for overriding the whole CUPS configuration:
# rm -rf /etc/cups
# ln -s /rw/config/cups /etc/cups
# systemctl --no-block restart cups
iptables -I INPUT -s 10.137.2.22 -j ACCEPT
iptables -I INPUT -s 10.137.2.24 -j ACCEPT
/rw/config/rc.local (END)
How can I ensure that the script executes reliably?
Vincent
Debian machines sometimes have a problem with loading rc.local a little too quickly. Putting "sleep 1" or "sleep 5" before loading your firewall rules
should make it reliable. (see further http://askubuntu.com/a/556563)
Daniel
--
You received this message because you are subscribed to a topic in the Google Groups "qubes-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/qubes-users/9OEKKNtelXA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43c9b01d-9eb8-4804-aa9a-c486397a6891%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.