IMG sharing

[Drew White]

Is it possible for every guest to share one virtual drive for cacheing and auto mounting to same location for file transfers?

i.e. One file always mounted to each guest and one reads while one writes. etc. no need to mount and unmount? And it can be multiple images on different locations at once?

[Drew White]

Is it possible in Q4?

[Ivan Mitev]

On 04/24/2018 08:14 AM, Drew White wrote:
> Is it possible for every guest to share one virtual drive for cacheing and auto mounting to same location for file transfers?

It isn't possible unless you set up a clustered file system, which
implies having in-band or out-of-band communication channels between
guests. This breaks compartmentalization, which is Qubes' raison d'etre,
so if you really need this you're better off ditching Qubes and go with
plain kvm (or xen) VMs.

[Drew White]

On Tuesday, 24 April 2018 15:28:40 UTC+10, Ivan Mitev wrote:
> On 04/24/2018 08:14 AM, Drew White wrote:
> > Is it possible for every guest to share one virtual drive for cacheing and auto mounting to same location for file transfers?
>
> It isn't possible unless you set up a clustered file system, which
> implies having in-band or out-of-band communication channels between
> guests. This breaks compartmentalization, which is Qubes' raison d'etre,
> so if you really need this you're better off ditching Qubes and go with
> plain kvm (or xen) VMs.
>

I'm not talking about for all guests. and the channel would be one image file, read only. Writable only by one guest that does the downloading securely and checks and writes the files.

One guest has cache and write permissions, nothing else does. Thus, secure. More secure than downloading the same thing 50 times.

[Ivan Mitev]

On 04/24/2018 09:01 AM, Drew White wrote:
> On Tuesday, 24 April 2018 15:28:40 UTC+10, Ivan Mitev wrote:
>> On 04/24/2018 08:14 AM, Drew White wrote:
>>> Is it possible for every guest to share one virtual drive for cacheing and auto mounting to same location for file transfers?
>>
>> It isn't possible unless you set up a clustered file system, which
>> implies having in-band or out-of-band communication channels between
>> guests. This breaks compartmentalization, which is Qubes' raison d'etre,
>> so if you really need this you're better off ditching Qubes and go with
>> plain kvm (or xen) VMs.
>>
>
> I'm not talking about for all guests. and the channel would be one image file, read only. Writable only by one guest that does the downloading securely and checks and writes the files.

AFAIK it's not possible. You need a clustered FS to see changes in real
time; If you share an image/device you'll have to
- make sure the guest with write rights has fsync'ed the changes to the
FS and/or that no cache is involved.
- unmount/remount the shared volume in R/O guests each time you need to
read new files.

I have no idea if Qubes allows sharing a volume between guests; I'd
imagine that qvm-* commands won't allow that so that users don't shoot
themselves in the foot, but you may be able to achieve this with lower
level commands or by tweaking the qvm-* commands' source.

But since you're sending content from a VM to other guests, the security
level of your R/O guests is basically dependent on the one you download
files to, so you could open some firewall ports and setup a networked
clustered FS like glusterfs.

[799]

Hello Drew,

Drew White <drew....@gmail.com> schrieb am Di., 24. Apr. 2018, 07:14:

Is it possible for every guest to share one virtual drive for cacheing and auto mounting to same location for file transfers?

i.e. One file always mounted to each guest and one reads while one writes. etc. no need to mount and unmount? And it can be multiple images on different locations at once?

I haven't understand yet what you are trying to accomplish.

You want a file location ("drive") that is shared between VMs, and you want that most VMs have read permissions to this location and one can write to it?

As mentioned by others this kind of breaks the security model of Qubes but I had a similar use case to work with data stored in a cloud service.

I wanted to separate data editing, local data storage and synchronization to the cloud service.

The idea was that data is always encrypted in the "storage AppVM". Other "AppVMs" can access this Storage AppVM using SSHfs.

I am using certificates and tight firewall configuration:

- the AppVM can request connection to the storage VM via ssh, login is done via certificates.

- after authentication the remote location is mounted via SSHfs

- the data is encrypted with encfs and the decryption keys are only stored on the AppVM which is accessing the data (not the storage VM)

This setup works quiet well for my usecase as it is less complex than setting up a Fileserver with NFS to share data between AppVMs.

I know that this may not the best thing for a die hard Qubes user, but it allows me to setup inter-AppVM data flows if needed for specific use cases.

I have also scripted everything so that the firewall ports will only be opened when needed.

If you are interested I can upload my scripts/how-to to my GitHub account.

[799]

[Teqleez Motley]

On Tue, Apr 24, 2018, at 20:54, 799 wrote:
> I have also scripted everything so that the firewall ports will only be
> opened when needed.
>
> If you are interested I can upload my scripts/how-to to my GitHub account.
>

Please do that, very interesting! Thanks.

Regards,
Teqleez

[Ivan Mitev]

Hey,

Sounds like a good candidate for the Qubes-Community project :)

>
> [799]
>