debian templates for sys vms?

[pixel fairy]

given debians longer release cycle and the trouble with getting a current / supported version of fedora working for appvms, any reason not to use debian for the sys- vms?

[Unman]

On Mon, Oct 10, 2016 at 02:02:35AM -0700, pixel fairy wrote:
> given debians longer release cycle and the trouble with getting a current / supported version of fedora working for appvms, any reason not to use debian for the sys- vms?
>

None, although you may find some issues with very recent hardware.
Otherwise, everything works as you would expect.

[raah...@gmail.com]

On Monday, October 10, 2016 at 5:02:35 AM UTC-4, pixel fairy wrote:
> given debians longer release cycle and the trouble with getting a current / supported version of fedora working for appvms, any reason not to use debian for the sys- vms?

you might want to harden it a little more, although sys-net is considered untrusted anyways. another user freaked out recently when seeing listening processes not present using fedora. I noticed the same thing a while back but its easy to disable what you want yourself. Its also why I use fedora as my sys-net and firewall still, cause I feel the qubes team prolly hardened it better. But I could be wrong...

I would love to see a openbsd template just for the sys-net or firewall.

[raah...@gmail.com]

On Monday, October 10, 2016 at 5:02:35 AM UTC-4, pixel fairy wrote:

> given debians longer release cycle and the trouble with getting a current / supported version of fedora working for appvms, any reason not to use debian for the sys- vms?

oh btw you can run debian with apparmor and there is profile for things like dhcpd. I actually consider sys-net untrusted and I use a fedora clone on that one. default fedora on the sys-firewall.