Help :: Disposable VMs start without a NetVM (can't use DVMs currently )

[P R]

Hello,

I have spend several hours to built new Template VMs from scratch (more
precise: the fedora-24-minimal templates).

Now I have the problem, that my new disposable VMs all start without an
attaches Net-VM.

sys-usb, sys-firewall, sys-net are now all based on the
fedora-24-minimal template, with some additional packages, as suggested
in the documentation.

I have also built a new dvm which is based on the fedora-24 template:

My default fedora-24 template is named "my-fedora-24-apps" and is a
Template VM without a NetVM attached.

I created a new dvm in dom0:

[user@dom0 ~] qvm-create-default-dvm my-fedora-24-apps

In preferences of the new dvm template which is named
"my-fedora-24-apps-dvm" I have attached the firewall Proxy VM as NetVM.

But when I launch a program in the disposable VM there is no Net-VM
attached.
I have also set the "NetVM for DispVM" unter "Other" in the "Advanced"
Settings Tab of Qubes Manager for the dvm template to sys-firewall.

Still all my disposable AppVM start with an empty NetVM.
If I edit a disposable App VM and add the sys-firewall as NetVM,
everything works fine.


QUESTION:
Where and how am I supposed to set the correct information which NetVM
should be used for my DVMs?

- P R

[Unman]

The "netVM for dispVM" entry sets the netVM for disposableVMs started
from that qube.

You haven't said HOW you are "launching a program".
If you start it from the Qubes Menu then it will (should) honour the
setting for the dvmTemplate, and so in your case start a disposableVM
attached to the firewall.
If you are starting a disposableVM from a qube (by e.g "open in
disposable VM") then THAT disposableVM will be connected to whatever the
entry for "NetVM for dispVM" says for that qube.

I find it easier to check from dom0 terminal, using qvm-prefs <qube>,
and to set the relevant values using 'qvm-prefs <qube> -s dispvm_netvm <proxy>'

unman

[P R]

Hello Unman,

On 07/02/17 03:19, Unman wrote:

> The "netVM for dispVM" entry sets the netVM for disposableVMs started
> from that qube.

> If you start it from the Qubes Menu then it will (should) honour the
> setting for the dvmTemplate, and so in your case start a disposableVM
> attached to the firewall. If you are starting a disposableVM from a
> qube (by e.g "open in disposable VM") then THAT disposableVM will be
> connected to whatever the entry for "NetVM for dispVM" says for that
> qube.

Thank you for the clarification, that wasn't clear to me, maybe this
should be highlighted in the documentation?

* Solution *
I have removed the DVM-template and made sure that the template VM will
work if I attach my sys-firewall as Net-VM to it.

I then did the following steps in dom0, where "my-fedora-24-apps" is my
own fedora template for app-vms.

# Create a new template for my disposable VMs based on my template
"my-fedora-24-apps"
qvm-create-default-dvm my-fedora-24-apps

# attach sys-firewall to this template
qvm-prefs -s my-fedora-24-apps-dvm netvm sys-firewall

# Reboot Qubes
shutdown -r now

After the reboot I started DispVM: Firefox web Browser from the Qubes
menu with a working network connection.

Thank your for the hint.

- Ph.

[Qubed One]

'P R' via qubes-users:

> Hello,
>
> I have spend several hours to built new Template VMs from scratch (more
> precise: the fedora-24-minimal templates).
>
> Now I have the problem, that my new disposable VMs all start without an
> attaches Net-VM.
>
> sys-usb, sys-firewall, sys-net are now all based on the
> fedora-24-minimal template, with some additional packages, as suggested
> in the documentation.
>
> I have also built a new dvm which is based on the fedora-24 template:
>
> My default fedora-24 template is named "my-fedora-24-apps" and is a
> Template VM without a NetVM attached.
>
> I created a new dvm in dom0:
>
> [user@dom0 ~] qvm-create-default-dvm my-fedora-24-apps
>
> In preferences of the new dvm template which is named
> "my-fedora-24-apps-dvm" I have attached the firewall Proxy VM as NetVM.

After this step, you needed to run qvm-create-default-dvm again as
above. Not doing this step after changing anything about the
my-fedora-24-apps-dvm template is why the change did not take effect in
the dispvms created after that (assuming vanilla dispvm from the
application menu of course).

[Qubed One]

Qubed One:

> 'P R' via qubes-users:
>> Hello,
>>
>> I have spend several hours to built new Template VMs from scratch (more
>> precise: the fedora-24-minimal templates).
>>
>> Now I have the problem, that my new disposable VMs all start without an
>> attaches Net-VM.
>>
>> sys-usb, sys-firewall, sys-net are now all based on the
>> fedora-24-minimal template, with some additional packages, as suggested
>> in the documentation.
>>
>> I have also built a new dvm which is based on the fedora-24 template:
>>
>> My default fedora-24 template is named "my-fedora-24-apps" and is a
>> Template VM without a NetVM attached.
>>
>> I created a new dvm in dom0:
>>
>> [user@dom0 ~] qvm-create-default-dvm my-fedora-24-apps
>>
>> In preferences of the new dvm template which is named
>> "my-fedora-24-apps-dvm" I have attached the firewall Proxy VM as NetVM.
>
>
> After this step, you needed to run qvm-create-default-dvm again as
> above. Not doing this step after changing anything about the
> my-fedora-24-apps-dvm template is why the change did not take effect in
> the dispvms created after that (assuming vanilla dispvm from the
> application menu of course).

Woops, I just realized that this step isn't necessary for me now,
although I thought this was for me at some point. Only if you change
something *inside* the -dvm template do you need to regenerate.

Sorry list, I'll check first next time before I post...