Installing linux tools in an HVM
Joanna Rutkowska
"Qubes Linux Tools" that one could download and readily install in such
Linux-based HVM. Rather we expect users to use our Qubes-optimized
Linux-based templates to be used as a basis for Linux-based VMs. We
currently only ship templates based on Fedora (currently on FC18, in the
Qubes R2RC1 it will be based on FC20), but it is possible to build a
template based on other distro:
http://wiki.qubes-os.org/trac/wiki/BuildingNonFedoraTemplate
So, just out of curiosity -- why would you want to do that (Install your
own Linux distro and create Qubes VMs based on it)? Remember that most
of the distro-cusomitzations (or feel) is lost on Qubes, because e.g.
Linux AppVMs do not run any Desktop Environment, etc. Essentially, the
only reason I see for using a different distro might be a different
package manager. Something else?
joanna.
Abel Luck
* various projects require specific distros to build on
* when admining/deploying a remote several its useful to configure it locally
in an HVM first
It would still be nice to get copy past support etc in these vms.
~abel
Joanna Rutkowska
paste, file copy between VMs, so qrexec without seamless GUI) for
generic Linux HVMs would be the problem of packaging. Everything else
should "just work", I think.
joanna.
Marek Marczykowski-Górecki
archive.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
Joanna Rutkowska
down-loadable (e.g. via our yum.qubes-os.org server, just like it is the
case with Windows Tools) if somebody could maintain versions for
specific distros. A potential solution to just distribute (expose to
HVM) these tools as .tgz and having the user then doing ./configure &&
make in the HVM is not a good way IMHO, because of (potentially many)
differences between distros, such as e.g. systemd vs. init.d scripts,
and probably some others. In other words such Linux Tools would need to
be always tested and packaged for specific distro/familiy of distro.
joanna.
Micah Lee
> For me, I need to use other distro HVMs for development purposes.
>
> * various projects require specific distros to build on
> * when admining/deploying a remote several its useful to configure it locally
> in an HVM first
>
> It would still be nice to get copy past support etc in these vms.
>
> ~abel
running Debian or Ubuntu to install the dependencies. I also just come
from .deb-land and am more familiar with it than with Fedora.
There's also a project that I'm working on that uses vagrant to deploy
an Ubuntu 12.04 LTS VM in VirtualBox and initializes it, so that all
developers will be be working on the same system. Since vagrant doesn't
seem possible to use in Qubes (until Xen supports something likes nested
VMs), I'm trying to emulate it to the best I can by using an Ubuntu
12.04 LTS HVM that I work in.
Since I'd like to have copy/paste and to be able to resize my terminal
window, I've created an ssh-bounce AppVM that has networking between my
non-Fedora HVMs so I can ssh into them. It mostly works, but I'm having
trouble getting my changes to stick in my firewallvm with the
qubes_firewall_user_script, but that's a different post.
--
Micah Lee
Marek Marczykowski-Górecki
Fedora AppVM, with chroot debian/ubuntu environment (prepared with
debootstrap). I've done this few times and it works pretty well.
If you have preinstalled system image, simply mount it in some directory and
chroot into it (mount /sys and /proc there first).
tim.t...@gmail.com
I just wrote it yesterday, but here is a python script that when run in Debian will build an ISO with the .deb files created by Davith...
You will also have to download Davith's gpg key from here: https://groups.google.com/forum/#!topic/qubes-devel/Jdqd_Cn1Gwg
Tim
tim.t...@gmail.com
#qubes-tools-build
import os,sys,subprocess
def printHelp():
print("""
#qubes-tools-build [OPTIONS]
This is a tool to build the .deb packages required by qubes-tools-install. In order to install the qubes vmside utilities in debian, you should first run qubes-tools-build in some throw-away debian HVM, you will now have an .iso file.
THIS FILE MUST BE COPIED TO AN APPVM!!!!!
Once you have copied the iso to an appvm you can use in dom0 as follows:
$ qvm-start appvm --cdrom=debian-qubes-tools-build-vm:/home/user/qubes-tools-debian/qubes-tools-debian.iso
Options
--help Print this message.
""")
if "--help" in sys.argv or "-h" in sys.argv or "help" in sys.argv:
printHelp()
sys.exit()
if not os.geteuid() == 0:
sys.exit("This script must be run as root.")
print("Ensuring that the build-depends are installed.")
subprocess.call(["apt-get","install","-qqy","git","git-buildpackage","quilt","libxen-dev","genisoimage"])
print("Importing Davith's GPG key.")
subprocess.call(["gpg","--import","davith-qubes-debian-key.asc"])
def cloneRepo(repoURL):
subprocess.call(["git","clone",repoURL])
repos = ["qubes-core-vchan-xen","qubes-linux-kernel","qubes-linux-utils","qubes-core-agent-linux","qubes-gui-common"]
for repo in repos:
cloneRepo("http://dsg.is/qubes/"+repo+".git")
cwd = os.getcwd()
for repo in repos:
os.chdir(os.path.join(cwd,repo))
subprocess.call(["git","checkout","-b","upstream","remotes/origin/upstream"])
subprocess.call(["git","checkout","master"])
subprocess.call(["git-buildpackage","--git-upstream-tag=v%(version)s","-us","-uc"])
# Create an ISO containing the newly built deb files.
os.chdir(cwd)
debfiles = []
for file in os.listdir(cwd):
if file.endswith(".deb"):
debfiles.append(file)
subprocess.call(["genisoimage","-o","qubes-tools-debian.iso"]+debfiles)
tim.t...@gmail.com
Tim
Micah Lee
> If you wait about 72 hours I should have this up in a git repository and working properly(to the extent that Davith's deb files work...
--
Micah Lee
tim.t...@gmail.com
My current work can be tried out here https://github.com/timthelion/qubes-tools-debian . It currently leads you through building and installing Davith's deb packages. However this isn't "done" and it's not fully working. Please watch the discussion here: https://groups.google.com/forum/#!topic/qubes-devel/Jdqd_Cn1Gwg
Timothy