Before everyone screams "UNACCEPTABLE!", (Don't pretend you weren't going to). I know it doesn't fit the security model of the OS. But my threat model - quite reasonably doesn't require it. I would like to be able to still have some of the benefits of the OS's secure design with the chosen compromise of networking in Dom0. So can we just leave it at; I need network access on Dom0 for "reasons", OK?
I tried running the old 'qubes-dom0-network-via-netvm' that was removed in this patch: https://github.com/QubesOS/qubes-core-admin/commit/bb9d8bbf7881ce13023ac905f98511beaeaaeae7
Running 'qubes-dom0-network-via-netvm up' it gets as far as doing 'modprobe xen-netfront' successfully and fails on line 70 when calling 'qvm_collection[0].attach_network(...)' and reports:
'Dom0 does not have libvirt object'.
Is there a work around?
I believe that Marek even commented at some point that, should the user want to break the security model, they should have the option.
For instance I have a secondary Ethernet port on a Qubes machine, I want to connect to it over a isolated LAN from another computer (running Qubes) for the purpose of controlling it remotely.
But my threat model - quite reasonably doesn't require it.