Marek Marczykowski-Górecki:
> On 12.01.2014 15:40, Vincent Penquerc'h wrote:
>> Can a template VM be based on another template VM ?
>>
>> By this, I mean that one could start from a Fedora VM, then branch
>> another template VM from it, designed to have browsing capability, so
>> one would install things like Noscript, RequestPolicy, etc. Actual
>> AppVMs would be created from that template. The point being to avoid
>> having to do all that setup for each new VM, and not have to do it on
>> the template itself, since installing Firefox plugins may run random
>> stuff on the (original) template. Branching that second template from a
>> first one avoids having two different templates (helps both time spend
>> on maintenance and disk usage). I guess it might come down to CoW fs
>> being able to stack, which I don't know if they do.
>
> No, chained template VMs are not supported and will not be. Our template
> mechanism is based on block layer, not filesystem layer, so it isn't possible
> to (safely) merge changed made on different levels. This means that if you've
> updated "lower" template, you'll need to redo all the changes in "upper"
> template anyway.
>
> But you can create some "browser-template" normal AppVM, in which you'll
> prepare your browser settings and simply copy browser profile to whatever VM
> you want.
>
I think this is a good solution. As I mentioned in another thread, it
can be useful in general to have dedicated AppVMs which are used as
"sub-templates." Treat the sub-template AppVM as if it were a
TemplateVM, but in which you make some changes which you wouldn't want
to make in an actual TemplateVM. Then, when you want to create a new
AppVM containing these changes, just create a clone of the sub-template
AppVM instead of creating a new AppVM based on the original template.
(Or, as Marek said, just qvm-copy over the desired files.) The example
from the other thread was a Tor Browser sub-template: For various
reasons, you may not want to download and verify TBB in a TemplateVM
(changing firewall settings, importing keys, not all AppVMs based on
that Template will be AnonVMs, etc.). The only thing is that this
solution requires a little bit of discipline, because you have to make
sure to treat your sub-template AppVM as if it were a kind of TemplateVM
(i.e., don't use it for the actual activity it's designed for; instead,
use copies of it for that activity). In a true TemplateVM, the default
firewall rules help you with this, since you can't accidentally browse
to
www.randomsite.com without first changing those rules. By contrast,
in your sub-template AppVM, the firewall rules will probably be more
open (so that you could download TBB or your Firefox plugins or
whatever), so it will actually be possible for you to accidentally
browse to
www.randomsite.com in the sub-template. But it shouldn't be
very difficult for a (somewhat) experienced Qubes user to keep this all
straight, IMO.