Hi all,
As a Christmas present, I uploaded Qubes R4.0-alpha1 ISO. It features
brand-new core-admin branch called core3-devel ("3" because it was meant
for 3.0, but I didn't finish it on time). The "qubes" Python package was
rewritten from scratch, as the basic qvm-* and qubes-* tools will be.
More info (and blog post) are coming after the holidays, but if you are
on CCC and like to know more, please come to our assembly! [1]
The image is not usable, at present you cannot do anything resonable
with it. It is just a technology preview. At most you can start
terminal.
And please, do not let it destroy the Christmas. Try it after, and spend
Christmas with your family. So no "happy hacking" today. ;)
[1]
https://events.ccc.de/congress/2015/wiki/Assembly:Qubes
Outstanding issues
------------------
At present those commands are in working order:
qubes-create
qubes-prefs
qvm-create
qvm-kill
qvm-ls
qvm-prefs
qvm-start
The rest *does not work*. (Yet).
Other features which do not work:
qubes-manager
salt
HVM
DispVM
TemplateVM cannot be started (but AppVMs which use it, can be)
Debian template is not included in the ISO and currently untested, but
it is likely working.
HOWTO
-----
1. Download and verify ISO. It is signed by my personal key.
Burn it onto USB stick and install normally.
2. In firstboot, when asked about creating VM, select last "advanced"
option (which disables preconfiguration, as it is broken).
3. Log in, launch terminal in dom0. Issue commands:
sudo mv /usr/lib{64,}/python2.7/site-packages/qubes/qdb.so
qubes-create
qvm-create --no-root --class TemplateVM --label black fedora-23
qvm-create --template fedora-23 --label red untrusted
# qvm-run does not work yet!
qvm-start fedora-23
/usr/lib/qubes/qrexec/client -n untrusted user:gnome-terminal
There is a bug in handling libvirt UUIDs. If you see a traceback which
ends with:
libvirt.libvirtError: operation failed: domain 'untrusted' already exists with uuid 01234567-1234-1234-1234-0123456789ab
you have to manually update /var/lib/qubes/qubes.xml. Open it with an
editor and add the following node under <properties> in the respective
domain (copy actual value from the error message):
<property name="uuid">01234567-1234-1234-1234-0123456789ab</property>
Then issue the failed command again. If you end up with domain partially
started, just qvm-kill it and start over.
Download links
--------------
http://ftp.qubes-os.org/~woju/iso/Qubes-R4.0-alpha1-x86_64-DVD.iso (2.9G)
http://ftp.qubes-os.org/~woju/iso/Qubes-R4.0-alpha1-x86_64-DVD.iso.asc
ETA 24.12.2015 09:00 UTC
Build it yourself
-----------------
git clone
https://github.com/woju/qubes-builder builder-core3
cd builder-core3
git tag -v $(git tag --points-at HEAD | head -n 1)
cp example-configs/qubes-os-core3.conf builder.conf
make I_PROMISE_TO_SUPPLY_BUGS_WITH_PATCHES=1 qubes iso
--
Merry Christmas :) _.-._
Wojtek Porczyk .-^' '^-.
Invisible Things Lab |'-.-^-.-'|
| | | |
I do not fear computers, | '-.-' |
I fear lack of them. '-._ : ,-'
-- Isaac Asimov `^-^-_>