What is a sane way to manage applications one doesn't trust (e.g. Skype )? As far as I understand the qubes concept so far, I would either have to install the app in my general template (which I do not want ) or create a dedicated template just for the app vm that is supposed to run that app ... is that correct?

Joh

There are two other options as well - install it on a standaloneVM, or
install in to some location in /rw in a normal template based qube.

In the case of Skype, it's simple to install under your home directory,
although you will have to load the template with some extra libraries.
And if you don't want to do that you can work off a standard template,
store debs in /rw and install them when you start up the qube. That way
you get a customised standard template based qube.
This is perfectly workable if you will keep the qube running for a
while, and with Skype that's likely.
(The advantage of keeping the libs locally, of course, is that you wont
need to download them every time you boot the qube. An alternative
approach would be to use a caching proxy - I use apt-cacher-ng but
other proxies are available, as they say.)

unman

You are right with the local installation in /rw, except that you might miss automated updates (including security updates) then.

Yet another option: If the app is easy to install, you can store the
package in /home or /rw and do the install each time you use it.

--

Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

I came to the same conclusion myself and created a template specific to applications. That howeve consumes quite a bit of drive space.

One idea that came to mind is to create a shell script saved on the AppVM to install Skype with the -y option.

If I can manage to get that the script automatically run on startup with sudo privileges it would take care of the issue (concerning smaller sized installations.)

On space usage: That's true, but that's also exactly what minimal templates are good for. I have cloned Debian minimal template in order to install Spotify. Some time, I had just 1GiB root filesystem, now it is slightly larger.

On installing every boot: That's also some option, but it has some drawbacks:

* You miss updates. Well, theoretically, one could solve it by some bash script and incron, so once you update the package, you remember to install a newer version.
* If you add another repo (important for getting updates) and install its software, you will AFAIU get false update notifications for the base template.
* It will cause some IO load when the template is booting. (Flatpak/snapd can probably avoid it.)
* Boot can complete before /rw/config/rc.local finishes. This is good for fast start, but the software installation might be finished after the boot completes, so the software would be missing for some time. It also would mean that qvm-run -a vm the-additional-software would be a kind of race condition.

Regards,
Vít Šesták 'v6ak'

Issue related to Flatpak and Snapd: https://github.com/QubesOS/qubes-issues/issues/2766

It seems that Flatpak is better for this purpose, as it allows per-user installation.