-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, Oct 13, 2017 at 02:48:59PM +0200, David Hobach wrote:
> On 10/13/2017 02:24 PM, David Hobach wrote:
> > Hi all,
> >
> > did anyone test disposable VMs for sys-net, sys-firewall and sys-usb in
> > 4.0rc1 yet?
> >
> > Especially since the installed defaults appear to be non-disposable if I
> > recall correctly.
> >
> > According to [1] this is meant to be working though for at least sys-net
> > & sys-usb. It doesn't say anything about sys-firewall, i.e. I'm not so
> > sure whether that will break some Qubes core mechanics...
This should work, but of course all changes in made directly there will
be lost after restart. So, for example setting wifi password using
network manager. This is one of the reasons why default setup still use
non-disposable VMs there.
> Plus what happens with your network card when you start the second instance
> of a sys-net dvm?
The second instance will not start. The point is in Qubes 4.0 you can
create DisposableVM, which have no persistent data (like private.img or
root.img), but is persistent in terms of metadata (name, devices etc).
> > I'm also curious whether starting a VM with a dependency to a stopped
> > dvm-template will start a dvm or the template itself? What about VM
> > autostart during boot?
This all should work like with any other VM. The only difference is that
VM restart revert VM data to the original state.
I haven't tried exactly this configuration, but it should be something
like this:
# allow to create DispVMs based on sys-net; you can also use other VM
# here, like fedora-25-dvm
qvm-prefs sys-net template_for_dispvms true
# create disposable netvm; all properties will be inherited from
# sys-net (including 'autostart', 'provides_network' etc)
qvm-create --class DispVM --template sys-net -l red disp-sys-net
# detach network devices from sys-net and attach to disp-sys-net
qvm-pci del sys-net dom0:02_00.0
qvm-pci add disp-sys-net dom0:02_00.0
# and set disp-sys-net as netvm, wherever you want
qvm-prefs sys-firewall netvm disp-sys-net
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJZ3y3iAAoJENuP0xzK19csjlYIAIAZ42rTS8pQucjPCGRKdqx0
zq0TeDpFnbprfVhWKhjqpunwcycTYh+iNe/RaDUBF6gp07J2E6PKu1OYWGBLPuXx
pdh8LDXu9rldNkRAlc+oeFacnH6cK5lo46qwr90uD59SfXaJ36eTMJavwnHqDbE+
gvxJ3YzbtEM3NMl+IT4zm7jLMD78KG9LyttlWusibElEGPj0EL/+AKg74QzzI+qw
DPa5+uaBpEfjPKg6C9XVXgGri7CuqKrSQsZ0XmHL6F36ardMjLKztP1fJhyL426w
8Nfs3wvfyac+zOXezMEV4bP6TwdF9EeTUnjTJ1VI5kyPZLaRJsQDQEnN65l4Jb0=
=Am1Y
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20171013132717.GC10749%40mail-itl.
For more options, visit https://groups.google.com/d/optout.
