Make files in AppVM persistent

23 views
Skip to first unread message

roger...@protonmail.com

unread,
Apr 20, 2019, 4:07:48 PM4/20/19
to qubes-users
Hi there

I am trying to make my vpn config and password file in /etc/openvpn persistent, so I can run openvpn as a service and it will connect on boot up.

I tried as described here (Qubes 4): https://www.qubes-os.org/doc/bind-dirs/

..unfortunately the files disappear after the reboot.

Any ideas? How else could I solve my task?

Thanks for every help
Roger

roger...@protonmail.com

unread,
Apr 20, 2019, 4:08:55 PM4/20/19
to qubes-users
I am using the Debian template.

799

unread,
Apr 20, 2019, 4:32:14 PM4/20/19
to roger...@protonmail.com, qubes-users
Hello,

rogertobler via qubes-users <qubes...@googlegroups.com> schrieb am Sa., 20. Apr. 2019, 22:07:
I am trying to make my vpn config and password file in /etc/openvpn persistent (...)


I tried as described here (Qubes 4): https://www.qubes-os.org/doc/bind-dirs/

..unfortunately the files disappear after the reboot.

You have applied the change in the template VM?
then shutdown the template?
And then restarted the AppVM?

The last step is important as only then changes to the template VM are picked up from the AppVM.

O/799

roger...@protonmail.com

unread,
Apr 20, 2019, 5:52:27 PM4/20/19
to qubes-users

I understood that TemplateBasedVM was the AppVM. However, I started the template VM, made the changes to bind-dirs, rebooted the template VM. Then started the app VM, copied the config files and rebooted the app VM, unfortunately the files where gone after the reboot.

unman

unread,
Apr 20, 2019, 8:29:10 PM4/20/19
to qubes-users
I think 799 is leading you astray.
Don't make the changes in the template.
bind-dirs is intended to work in the AppVM, (as I think you originally
tried).
You need to configure bind-dirs and restart the qube, *then* make any
changes that you want to make in /etc/openvpn.
You can check that the changes are there in /rw/bind-dirs/etc/openvpn.

unman

799

unread,
Apr 21, 2019, 3:13:14 AM4/21/19
to unman, qubes-users
Hello,

unman <un...@thirdeyesecurity.org> schrieb am So., 21. Apr. 2019, 02:29:
(...)

Don't make the changes in the template.
bind-dirs is intended to work in the AppVM, (as I think you originally
tried).
You need to configure bind-dirs and restart the qube, *then* make any
changes that you want to make in /etc/openvpn.
You can check that the changes are there in /rw/bind-dirs/etc/openvpn.

Sorry, my mistake ... With your hint, the documentations says it already:

(...) Inside your TemplateBasedVM (...)

Maybe it would be good to change this into:

(...) Inside your AppVM which is based on a Template (...) 

Additionally it seems that you need to run 6 steps, the numeration seems to be fixed, now it has two times 3 steps - I'll try to fix this in the GitHub repo.

O/799.
Reply all
Reply to author
Forward
0 new messages