-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This conversation is continuation of a discussion on the Ansible Proxy PR [0] with Simon and Marek, some ideas that used here were proposed by them also, any error in interpretation them is my own.
There are two major uses cases for management qubes: - - `qvm-console-dispvm`: created with random disposable name, doesn't inform which qube it is connected to [0]. - - Ansible and Salt: created with fixed name, prefixed with `disp-mgmt-` and suffix is the qube name chopped at 31 chars [1][2], the chopping may cause the management of two very long qube names that have the same 31 chars prefix, to be the same. May fail the state or lead to other unexpected occurrences. Because the name is fixed, it is not an unnamed disposables, and therefore, doesn't benefit from preloaded disposables. Their creation is not standardize and there are major concerns with both approaches, but it is not clear what a solution can be yet. It needs to solve the following, ordered by priority (same number equals same priority): 0. Inform which qube it is connected 0. Don't suffer from name chopping (can lead to name conflicts) 1. Uses unnamed disposables, can benefit from random names and preloaded disposables Proposal: - - GUI users can be benefited if the unspoofable part of the qube window controlled by GUI daemon mentioned the qube name the console is connected to: `[disp1234: mgmt of sys-net]`. In the case of Ansible, it is being created with the feature `gui=False`, meaning that no window will be opened. The `qui-domains` will need info in the tooltip maybe `Qube manager` will need a new field (maybe). - - CLI users, sometimes headless setups, won't be able to differentiate using the GUI daemon, another solution is necessary here. Maybe the management information could be logged to qubesd as in *disp$dispid-mgmt has admin console of sys-net*, `-mgmt` added to disposable of disposable templates that are `management_dispvm` on the global or per-qube level. If a feature feature/tag is added to the qube, it could be shown on `qvm-ls`. - - This would result in: inform slightly which qube it is connected to for GUI and CLI users, avoids name conflicts and name chopping and can benefit from preloaded disposables. - From past conversations, the major opposition to my proposal is that it only slightly informs which qube it is connected to for terminal users, the qube name is the primary identifier. Maybe it is a trilemma, maybe it is not and we haven't solved this puzzle (yet). My comment on the Ansible PR and Simon's reply: > > management_dispvm is a global and per-qube property. What if, by > > knowing that a disposable template is the management_dispvm on the > > global or per-qube level, > Detecting this case by testing if the disposable template matches is a > bad idea. This doesn't need to be exclusive. The creation of the qube would check that property on the disposable template, I think that part is straight forward to add the suffix `-mgmt`. The second part is informing which qube it is connected to, when calling the API method, `admin.vm.Console`, it would create the tag/feature and log to qubesd which qube it connected to, and then other tools could be informed about it also and updated with an event handler, GUID being the edge case here. Reference: [0]: https://github.com/QubesOS/qubes-ansible/pull/15#discussion_r2314333818 [1]: https://github.com/QubesOS/qubes-issues/issues/9810 [2]: https://github.com/QubesOS/qubes-mgmt-salt/blob/c5a8a5ade740eff1a507a65f8b89bfc7ea9dd573/qubessalt/__init__.py#L140 [3]: https://github.com/QubesOS/qubes-ansible/blob/32e46780f96829ff61893aad3923728ff09bc7a6/plugins/strategy/qubes_proxy.py#L50 - -- Benjamin Grande -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCaLlJtwAKCRAbcxS/DMyW h3+JAQCVMI26oEv5UHQPwWV8vL3U5bgo88lX2oLKJSx6M6EH6AEA2H/kKlfKLGT/ RxlrIlyqkDIdTdRqQzkbZTIfumWvWgw= =CxKv -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/qubes-devel/aLlJufGMRGoDJVNo%40jdc7vbJE.
