Qubes Linux Tools
433 views
Skip to first unread message
Zrubi
Feb 4, 2016, 10:10:34 AM2/4/16
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
I have a project where I try to convert some native desktop images to
Qubes.
As a first step I've successfully installed the exact same image to a
HVM under Qubes. Hovewer I found it a bit rough to use (compared to a
standard Qubes PV Guest and seamless GUI)
It is clear that I need the qubes services to be installed to get the
missing features like:
- - copy-paste
- - qvm-copy-to-vm
- - Seamles GUI
- - network autoconf
As far as I know the only way to compile those components is the Qubes
template builder - correct me if I'm wrong.
However it is an overkill to build a whole template - or even the
building environment for compiling those few qubes specific components.
- - Is there any plan to release a standalone "Qubes Linux Tools" package?
- - What components are needed for the features mentioned above?
(If those are already documented I'm happy with the links of course :)
Thanks.
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWs2nbAAoJEC3TtYFBiXSvmfQP/3grlleXsokykXL9Qj+Adqv+
ZobtcuBzSMqFVksDqGtoql1BbpJcCxLQGV6EoUgwMYUOSBc3+QYttMVH0e0bQlJ+
lMuxAlKUgX0inEFAjogzAo1JTAKgIHN50VIf+yR85OCAx0DAiPBA8y1De/5oFe/+
YDnApY6g4abVX2mPVoCpK/bQHT+guxXIPqPfo/5ZX1h6t7pvXzIokQzEIjBCsfuH
3NrxeXhPdgKR07OtfLuDKCeardszKkmE6cbl30+ZWQu6A0B29vcAkmRubF1kw9xG
hsfbWcbJI3GUYwbeKqHTFbtoEctVp/4IGGi5/rGL37osPXD7G68nFDwcdcUE+7pM
TEwTFRok94sJGJyVmv3J6edIAW38kY0lSI5bNDK+QBkcoNVPyI+KxOsVvEOgzP/Q
WZ9JXTuieSi+A/hoz3973A0L5384Z24r+hCHMd6eux8uN88/RnopZkKrYM3HeH39
cwZCAdnu4V2E/9vEeJee0TnmFOMdO+pnPM9mYjrxFj7Fh1pbY7Y87r24wLlKB/vb
PuGrmYV/Y6Ci7WWygfVnQPIe7sO+suWtgEjB8IJZaDZ98DZv6UYULzJr4LsEGncd
G134Lt6ngqHVSGrTbiNjj3k+Tad1LP/9sFI0x1EatT9Q+4RHtjGMBZA8vt5ZubSN
yQbYkAkNf8pTRQATk/q/
=KMuY
-----END PGP SIGNATURE-----
Hash: SHA256
Hi,
I have a project where I try to convert some native desktop images to
Qubes.
As a first step I've successfully installed the exact same image to a
HVM under Qubes. Hovewer I found it a bit rough to use (compared to a
standard Qubes PV Guest and seamless GUI)
It is clear that I need the qubes services to be installed to get the
missing features like:
- - copy-paste
- - qvm-copy-to-vm
- - Seamles GUI
- - network autoconf
As far as I know the only way to compile those components is the Qubes
template builder - correct me if I'm wrong.
However it is an overkill to build a whole template - or even the
building environment for compiling those few qubes specific components.
- - Is there any plan to release a standalone "Qubes Linux Tools" package?
- - What components are needed for the features mentioned above?
(If those are already documented I'm happy with the links of course :)
Thanks.
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWs2nbAAoJEC3TtYFBiXSvmfQP/3grlleXsokykXL9Qj+Adqv+
ZobtcuBzSMqFVksDqGtoql1BbpJcCxLQGV6EoUgwMYUOSBc3+QYttMVH0e0bQlJ+
lMuxAlKUgX0inEFAjogzAo1JTAKgIHN50VIf+yR85OCAx0DAiPBA8y1De/5oFe/+
YDnApY6g4abVX2mPVoCpK/bQHT+guxXIPqPfo/5ZX1h6t7pvXzIokQzEIjBCsfuH
3NrxeXhPdgKR07OtfLuDKCeardszKkmE6cbl30+ZWQu6A0B29vcAkmRubF1kw9xG
hsfbWcbJI3GUYwbeKqHTFbtoEctVp/4IGGi5/rGL37osPXD7G68nFDwcdcUE+7pM
TEwTFRok94sJGJyVmv3J6edIAW38kY0lSI5bNDK+QBkcoNVPyI+KxOsVvEOgzP/Q
WZ9JXTuieSi+A/hoz3973A0L5384Z24r+hCHMd6eux8uN88/RnopZkKrYM3HeH39
cwZCAdnu4V2E/9vEeJee0TnmFOMdO+pnPM9mYjrxFj7Fh1pbY7Y87r24wLlKB/vb
PuGrmYV/Y6Ci7WWygfVnQPIe7sO+suWtgEjB8IJZaDZ98DZv6UYULzJr4LsEGncd
G134Lt6ngqHVSGrTbiNjj3k+Tad1LP/9sFI0x1EatT9Q+4RHtjGMBZA8vt5ZubSN
yQbYkAkNf8pTRQATk/q/
=KMuY
-----END PGP SIGNATURE-----
Marek Marczykowski-Górecki
Feb 4, 2016, 10:16:31 AM2/4/16
to Zrubi, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Thu, Feb 04, 2016 at 04:10:25PM +0100, Zrubi wrote:
> Hi,
>
> I have a project where I try to convert some native desktop images to
> Qubes.
>
> As a first step I've successfully installed the exact same image to a
> HVM under Qubes. Hovewer I found it a bit rough to use (compared to a
> standard Qubes PV Guest and seamless GUI)
>
> It is clear that I need the qubes services to be installed to get the
> missing features like:
> - copy-paste
> Hi,
>
> I have a project where I try to convert some native desktop images to
> Qubes.
>
> As a first step I've successfully installed the exact same image to a
> HVM under Qubes. Hovewer I found it a bit rough to use (compared to a
> standard Qubes PV Guest and seamless GUI)
>
> It is clear that I need the qubes services to be installed to get the
> missing features like:
> - qvm-copy-to-vm
> - Seamles GUI
> - network autoconf
>
> As far as I know the only way to compile those components is the Qubes
> template builder - correct me if I'm wrong.
>
> However it is an overkill to build a whole template - or even the
> building environment for compiling those few qubes specific components.
>
>
> - Is there any plan to release a standalone "Qubes Linux Tools" package?
> - What components are needed for the features mentioned above?
>
>
> (If those are already documented I'm happy with the links of course :)
Rpm/deb packages are available in repositories, for example:
>
> As far as I know the only way to compile those components is the Qubes
> template builder - correct me if I'm wrong.
>
> However it is an overkill to build a whole template - or even the
> building environment for compiling those few qubes specific components.
>
>
> - Is there any plan to release a standalone "Qubes Linux Tools" package?
> - What components are needed for the features mentioned above?
>
>
> (If those are already documented I'm happy with the links of course :)
- http://yum.qubes-os.org/r3.1/current/vm/fc23
- http://deb.qubes-os.org/r3.1/vm jessie main
Theoretically you can simply add such repository matching your
distribution and install qubes-core-agent and qubes-gui-agent packages
(in Fedora, those are named qubes-core-vm, qubes-gui-vm). Haven't tried
that, especially how that would work in HVM, but this is basically what
template-builder does.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWs2tFAAoJENuP0xzK19csG6EH/jIc7bXThf62cXMO5ga47imT
Version: GnuPG v2
om9POc5bEpd9Dx1ngV9WThAZS8R8ZCHuYFkz3h7v3WtfIwFfj6Ty/nrUeJIYsQzE
+ITC5H1eHQALfshqglmkI8K/RIebYEhy4AxhnmsZIM+5/rZCJdh+sok+eu6pXqc9
3mKTx3Mz0xSLdz22C3RbjXXJxxvkCViwM8EYnZldKVQ0R4M6pATmUdxWBYWLcy2c
tkSNBO1pqYCh06tt/hJwyLvbV+3OMU+eLG5OIYs7cQe7cojOle1EZ4LfEZUXxVTg
r/75KaTNhR5PB+iEZutCVAI46sCHXhvKZgBalnKs9VOAcgdriYMJ84sPreXQ4Cs=
=Ze/h
-----END PGP SIGNATURE-----
Zrubi
Feb 5, 2016, 5:03:44 AM2/5/16
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On 02/04/2016 04:16 PM, Marek Marczykowski-Górecki wrote:
> Rpm/deb packages are available in repositories, for example: -
> http://yum.qubes-os.org/r3.1/current/vm/fc23 -
> http://deb.qubes-os.org/r3.1/vm jessie main
>
> Theoretically you can simply add such repository matching your
> distribution and install qubes-core-agent and qubes-gui-agent
> packages (in Fedora, those are named qubes-core-vm, qubes-gui-vm).
> Haven't tried that, especially how that would work in HVM, but this
> is basically what template-builder does.
OK, Will try that first with a F23 HVM to see how it is works...
> Rpm/deb packages are available in repositories, for example: -
> http://yum.qubes-os.org/r3.1/current/vm/fc23 -
> http://deb.qubes-os.org/r3.1/vm jessie main
>
> Theoretically you can simply add such repository matching your
> distribution and install qubes-core-agent and qubes-gui-agent
> packages (in Fedora, those are named qubes-core-vm, qubes-gui-vm).
> Haven't tried that, especially how that would work in HVM, but this
> is basically what template-builder does.
Next step would be the usage of private.img - the template based HVM
Is there any helper script to migrate/populate/mount the private.img
to a template based HVM? - Just as the windows tools helps?
If not (what I guess) - any hints where to start?
As I see the default PV solution is to mount the real image to /rw,
and link the related directories from there...
What script/service are responsible for creating the needed links?
Does it depends on the partition schema of its templateVM?
Thanks
- --
Zrubi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWtHNnAAoJEC3TtYFBiXSvJGsP/A+WLHZ0kHQhj47zhYI2Q4Cj
Version: GnuPG v2
llRCK72WP+V8GVMmiyRL42QKJI2fJZ0d/trf1Sh5t5dJ3w+hrUadkZ9pJCtQdZ0d
eTVdxbL/ZAUFeJzKLXapttffAv4PXZ7SHGq6yfO9jw0TiVG0fd59xPhM6QZlAPkz
4ONGDvvro7GsdgZOVuadZhIMWc95dYlS6PMm7y62dBbsD4l/efLP9xKWYRfUj+tI
oGOppD5EaH76yggZIcPrD7AsoOUqRAxIPeCgfOn7VOq1RhdycyKTw2opBDhKJBYY
1JMQQc2B9l+x7bv09h6OZqTsFQAQbYDnl0bdGlu+dmqhK2GOhp/KQ85nfNlx1uVK
mmvPklby5gkG4WlXqxZJElgjOJOTSh71Dw6hm53P+m45+ZPk2wvYjFrZcw9S9emE
zNyKHipjc54Uy55soxZS3kyL1Z3pWf3250EDJbIoD9uwBqLJgbpcETXxt4w34tUk
HrPte+xZ8TZBlDY+XYIPxcp3JiR97m58RgQpjH+uf4gPrP34Fif9onx1N/nz22b+
n08sXdmunxwQiV7IQPhHC1sn82nU3ewvKlX1b/zHDVJMz2d0Rf3MZZQtzt00rkSI
yGwCQ++eUdxFu5D4pWa4FgzGyYWOAC7hyFTbET9uXSaW+4Nu5ZnpE0u3dOnzGd1A
MfOvK8CBf0idpj0kpPcA
=eSAF
-----END PGP SIGNATURE-----
Marek Marczykowski-Górecki
Feb 5, 2016, 8:22:55 AM2/5/16
to Zrubi, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Fri, Feb 05, 2016 at 11:03:30AM +0100, Zrubi wrote:
> On 02/04/2016 04:16 PM, Marek Marczykowski-Górecki wrote:
>
> > Rpm/deb packages are available in repositories, for example: -
> > http://yum.qubes-os.org/r3.1/current/vm/fc23 -
> > http://deb.qubes-os.org/r3.1/vm jessie main
> >
> > Theoretically you can simply add such repository matching your
> > distribution and install qubes-core-agent and qubes-gui-agent
> > packages (in Fedora, those are named qubes-core-vm, qubes-gui-vm).
> > Haven't tried that, especially how that would work in HVM, but this
> > is basically what template-builder does.
>
> OK, Will try that first with a F23 HVM to see how it is works...
>
>
>
> Next step would be the usage of private.img - the template based HVM
>
> Is there any helper script to migrate/populate/mount the private.img
> to a template based HVM? - Just as the windows tools helps?
This is already handled by that package - it will populate private.img
> On 02/04/2016 04:16 PM, Marek Marczykowski-Górecki wrote:
>
> > Rpm/deb packages are available in repositories, for example: -
> > http://yum.qubes-os.org/r3.1/current/vm/fc23 -
> > http://deb.qubes-os.org/r3.1/vm jessie main
> >
> > Theoretically you can simply add such repository matching your
> > distribution and install qubes-core-agent and qubes-gui-agent
> > packages (in Fedora, those are named qubes-core-vm, qubes-gui-vm).
> > Haven't tried that, especially how that would work in HVM, but this
> > is basically what template-builder does.
>
> OK, Will try that first with a F23 HVM to see how it is works...
>
>
>
> Next step would be the usage of private.img - the template based HVM
>
> Is there any helper script to migrate/populate/mount the private.img
> to a template based HVM? - Just as the windows tools helps?
on first startup. The only problem is that it expects /home.orig/user as a
source directory (which is created by template-builder as a copy of
/home/user).
So, you'll need to copy it manually.
> If not (what I guess) - any hints where to start?
>
> As I see the default PV solution is to mount the real image to /rw,
> and link the related directories from there...
> What script/service are responsible for creating the needed links?
> Does it depends on the partition schema of its templateVM?
Package qubes-core-agent also ships its own /etc/fstab.
One more thing - startup scripts (this time in initramfs) expect root
filesystem to be directly on /dev/xvda device, not first partition
(/dev/xvda1). You can probably tweak those scripts by using "pvgrub2"
boot method:
https://www.qubes-os.org/doc/managing-vm-kernel/
And adjust scripts in initramfs created this way (source files are in
/usr/lib/dracut/modules.d/90qubes-vm).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWtKIoAAoJENuP0xzK19cs/UUH/iVCxxgDMHa82QaYQFzYkUDa
Version: GnuPG v2
L4MrEY9/98jtis9WA8klZgXlr1RUrS6qbD1YARKdKYQE4H5aWki56KLA88qq1YyA
ZKN1Q1A7fbgA6ZpM4MzKxHd970XBQEPpm/79ZfSz4qbActtU7Kk6D/zmkT9ZL+rm
XdflGrX+NpOOb6+iQHu7fxA9w8NbzgEm0gGpfenXma1XeHQDJ4LHdq3OxCTBmr/L
/isSfkWVUrt/jcaKhJiep/pagEHuztte5u6z+/z3Pe+1+po4eCJbCJExV/o7aVQB
uIocP1r11XsR/Or/uwLVuC59v8qEeVkW2NJrklVF3TliCe6gaEjQgehVmZiGPf0=
=Sm0/
-----END PGP SIGNATURE-----
ente...@gmail.com
Feb 11, 2016, 6:11:39 PM2/11/16
to qubes-devel
Yes its a shame that more Linux HVM support gets no love from qubes dev team, I dont even know if Linux HVM can support seamless gui anymore :s
Manuel Amador (Rudd-O)
Feb 11, 2016, 6:43:55 PM2/11/16
to qubes...@googlegroups.com
On 02/05/2016 01:22 PM, Marek Marczykowski-Górecki wrote:
> This is already handled by that package - it will populate private.img
> on first startup. The only problem is that it expects /home.orig/user as a
> source directory (which is created by template-builder as a copy of
> /home/user).
> So, you'll need to copy it manually.
Seems to me that the right solution involves pam_mkhomedir so that the
> This is already handled by that package - it will populate private.img
> on first startup. The only problem is that it expects /home.orig/user as a
> source directory (which is created by template-builder as a copy of
> /home/user).
> So, you'll need to copy it manually.
home directory does not need to be created during the build process.
It's in the small details.
--
Rudd-O
http://rudd-o.com/
Reply all
Reply to author
Forward
0 new messages