Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 9, 2019 2:52 PM, Chris Laprise <tas...@posteo.net> wrote:
> On 6/9/19 2:43 PM, Chris Laprise wrote: > > > On 6/9/19 2:01 PM, 'kht-lists' via qubes-users wrote: > > > > > After watching Matthew Wilson's excellent video and reviewing various > > > FAQs and documents on the qubes-os web site I find myself with a basic > > > philosophical question. Currently I run CentOS 7 on a workstation and > > > have installed the VMWare Workstation/Player environment. I have a > > > number of Virtual Machines created (CentOS, Ubuntu, Linux Mint etc.) > > > which I run for various purposes. They are SOMEWHAT isolated from > > > each other but not as well isolated as they would be in qubes-os. The > > > video and the screenshots on the qubes-os web site seem to show only > > > single applications running in separate security domains. If it is > > > desired to run two applications in the same security domain it is > > > necessary to launch them separately from the dom0 menu. I think this > > > invokes two copies of the VM OS template, one for each application > > > > That's wrong. Qubes uses the same VM instance for multiple applications > > (when they are invoked for that VM). OK thanks. I was not clear from the video. That makes sense > > > > > - although I might be wrong. My question is... > > > > > > Can qubes-os invoke a complete OS with Desktop, menu etc. within a > > > security domain? This would be similar to what I do in VMWare. I tend > > > to run a given VM on one workspace and the second on a different > > > workspace so that I can change between them and make good use of the > > > monitor Real Estate. Does qubes-os have the concept of workspaces? > > > > If you run KDE in dom0, you can use its window rules to bind particular > > VMs to particular desktops (what you call workspaces). This is easy > > since each window title begins with its VM name. > > You can also resort to using HVMs instead of the usual template-based > > PVH VMs. This is like installing a VM in VMWare, and you lose some of > > the benefits of Qubes integration (IIRC its also theoretically less > > secure). But it will give you a full, separate desktop for each HVM. > > Note that Qubes currently does not have advanced BIOS support for HVMs, > > so you may have trouble installing certain operating systems (although > > there are many that work fine, such as Windows and Ubuntu). > > There may be a third option in the form of using a regular > > template-based appVM with full-screen mode enabled, in addition to > > running its full desktop environment. The full-screen part is simple, > > but I have no experience attempting the desktop environment and I don't > > recall other users configuring their appVMs in this way. Perhaps someone > > else can chime in about this possibility. > > On this third option, here is a recommendation I found from the Qubes > project leader – it involves using vnc: > > https://groups.google.com/forum/#!topic/qubes-users/Z8XXbz5wofE I like the sounds of this option. My "production" workstation has two monitors with a VM running on the right monitor in portrait mode (always on visible workspace) which I use for general purpose web browsing on one workspace, my ISP orivided email on a second workspace with 2 workspaces to spare. The left monitor, landscape mode, points to the host OS and has 6 workspaces. One is dedicated to another VM which I use to access my Protonmail and Lavabit accounts (one per Firefox or Thunderbird instance in separate workspaces). The other 5 workspaces are used as needed for whatever I might be doing. This might include a remote desktop viewer to various other servers etc., other VMs and so on. I have not computed the number of possible permutations between the two monitors but it is probably larger than I want to know :-) I would be a challenge to replicate this functionality in qubes-os and I need to procure some new hardware as this workstation is the only machine I have with the necessary features to support qubes-os. Thank you for your insightful reply. I guess I need to upgrade my main workstation (it is an i7-6700) to something more powerful and then devote it to qubes-os. Ken > > > ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Chris Laprise,tas...@posteo.net > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/pw6LphsGn-wIcygzm8TWYdhb0fJohJ_6ItuYHPCIB64dKhVjTR1RX235cyfbn1B8dhC2jWiavGUbq-s9DNmhRuU8u7FbHa1Qt1GxxMEyU4Q%3D%40protonmail.ch. For more options, visit https://groups.google.com/d/optout.
