fix merge conflicts

This commit is contained in:
Anastasia Cotorobai 2019-10-29 11:41:52 +01:00
commit 7549c447ae
No known key found for this signature in database
GPG Key ID: 371E4002CCE13221
7 changed files with 44 additions and 110 deletions

View File

View File

@ -8,15 +8,16 @@ permalink: /doc/templates/centos/
If you would like to use a stable, predictable, manageable and reproducible distribution in your AppVMs, you can install the CentOS template, provided by Qubes in ready to use binary package. If you would like to use a stable, predictable, manageable and reproducible distribution in your AppVMs, you can install the CentOS template, provided by Qubes in ready to use binary package.
For the minimal version, please see [CentOS minimal](/doc/templates/centos-minimal/). For the minimal version, please see [Minimal TemplateVMs](/doc/templates/minimal/)
## Installation ## Installation
Currently available from the testing repository, CentOS-7 can be installed with the following command: CentOS-7 can be installed with the following command:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community-testing qubes-template-centos-7 [user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-centos-7
To switch, reinstall and uninstall a CentOS TemplateVM that is already installed in your system, see [How to switch, reinstall and uninstall](/doc/templates/#how-to-install-uninstall-reinstall-and-switch). To switch, reinstall and uninstall a CentOS TemplateVM that is already installed in your system, see *How to [switch], [reinstall] and [uninstall]*.
#### After Installing #### After Installing
@ -27,3 +28,9 @@ After a fresh install, we recommend to [Update the TemplateVM](/doc/software-upd
* [How can I contribute to the Qubes Project?](/doc/contributing/) * [How can I contribute to the Qubes Project?](/doc/contributing/)
* [Guidelines for Documentation Contributors](/doc/doc-guidelines/) * [Guidelines for Documentation Contributors](/doc/doc-guidelines/)
[switch]: /doc/templates/#switching
[reinstall]: /doc/reinstall-template/
[uninstall]: /doc/templates/#uninstalling

View File

@ -1,98 +0,0 @@
---
layout: doc
title: CentOS Template
permalink: /doc/templates/centos-minimal/
---
# CentOS Minimal Template
The minimal CentOS images use the standard CentOS installer with all of its regular features minus the selection of packages, thus keeping only the most essential ones, including the xterm terminal emulator. Yum is completed and can be used to add or remove packages, right after the Template installation.
The CentOS Minimal template is intended only for advanced users and requires some familiarity with the command line and basics of Qubes.
## Installation
The CentOS-7 Minimal Template can be installed with the following command:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community-testing qubes-template-centos-7-minimal
To switch, reinstall and uninstall a CentOS TemplateVM that is already installed in your system, see [How to switch, reinstall and uninstall](/doc/templates/#how-to-install-uninstall-reinstall-and-switch).
Customization
---------------------------
### Clone
It is highly recommended not to make any changes in the original template, but use a **clone** instead. The following command clones the template. (Replace your-new-clone with your desired name.)
~~~
[user@dom0 ~]$ qvm-clone centos-7-minimal your-new-clone
~~~
You must start the template in order to customize it.
**Customizing** the template for specific use cases normally requires installing additional packages. In the running template, use yum to install the required packages as follows(replace packages with a space-delimited list of packages to be installed):
~~~
[user@your-new-clone ~]$ sudo yum install packages
~~~
### Passwordless root
Before starting to install packages in your template, it is worthy of mention that in Qubes R4.0, the minimal template is not configured for passwordless root.
To update or install packages to it, from a dom0 terminal window run:
~~~
[user@dom0 ~]$ qvm-run -u root centos-7-minimal xterm
~~~
to open a root terminal in the template, from which you can use yum without sudo. You will have to do this every time if you choose not to enable passwordless root.
If you want the usual CentoOS qubes `sudo yum ...` commands, open the root terminal just this once using the above command, and in the root xterm window enter
~~~
bash-4.4# yum install qubes-core-agent-passwordless-root polkit
~~~
Optionally check this worked: from the gui open the minimal template's xterm and give the command
~~~
[user@cent-min-clone ~]$ sudo -l
~~~
which should give you output that includes the NOPASSWD keyword.
From this point, your template is ready to be customized.
### Packages
The following table provides an overview of which packages are needed for which purpose.
Use case | Description | Required steps
--- | --- | ---
**Standard utilities** | If you need the commonly used utilities | Install the following packages: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`
**Networking** | If you want networking | Install qubes-core-agent-networking
**Audio** | If you want sound from your VM... | Install `pulseaudio-qubes`
**FirewallVM** | You can use the minimal template as a template for a [FirewallVM](/doc/firewall/), like `sys-firewall` | Install `qubes-core-agent-networking`, and `nftables`. Also install `qubes-core-agent-dom0-updates`(script required to handle `dom0` updates), if you want to use a qube based on the template as an updateVM (normally sys-firewall).
**NetVM** | You can use this template as the basis for a NetVM such as `sys-net` | Install the following packages: `qubes-core-agent-networking`, `qubes-core-agent-network-manager`, and `nftables`.
**NetVM (extra firmware)** | If your network devices need extra packages for a network VM | Use the `lspci` command to identify the devices, then find the package that provides necessary firnware and install it.
**Network utilities** | If you need utilities for debugging and analyzing network connections | Install the following packages: `tcpdump` `telnet` `nmap` `nmap-ncat`
**USB** | If you want to use this template as the basis for a [USB](/doc/usb/) qube such as `sys-usb` | Install `qubes-usb-proxy`. To use USB mouse or keyboard install `qubes-input-proxy-sender`.
**VPN** | You can use this template as basis for a [VPN](/doc/vpn/) qube | You may need to install network-manager VPN packages, depending on the VPN technology you'll be using. After creating a machine based on this template, follow the [VPN howto](/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager) to configure it.
**Desktop environment** | To improve desktop experience using additional packages from the `qubes-core-agent` | `qubes-menus `which defines menu layout, `qubes-desktop-linux-common` which contains icons and scripts to improve desktop experience. `qubes-core-agent-nautilus`/`qubes-core-agent-thunar`: packages providing integration with the Nautilus/Thunar file manager (without it, items like "copy to VM/open in disposable VM" will not be shown in Nautilus/Thunar).
Also, there are packages to provide additional services:
- `qubes-gpg-split`: For implementing split GPG.
- `qubes-u2f`: For implementing secure forwarding of U2F messages.
- `qubes-pdf-converter`: For implementing safe conversion of PDFs.
- `qubes-img-converter`: For implementing safe conversion of images.
- `qubes-snapd-helper`: If you want to use snaps in qubes.
- `qubes-thunderbird`: Additional tools for use in thunderbird.
- `qubes-app-shutdown-idle`: If you want qubes to automatically shutdown when idle.
- `qubes-mgmt-\*`: If you want to use salt management on the template and qubes.
## Want to contribute?
* [How can I contribute to the Qubes Project?](/doc/contributing/)
* [Guidelines for Documentation Contributors](/doc/doc-guidelines/)

View File

@ -6,7 +6,7 @@ permalink: /doc/templates/fedora/
# The Fedora TemplateVM # The Fedora TemplateVM
The Fedora [TemplateVM] is the default TemplateVM in Qubes OS. This page is about the standard (or "full") Fedora TemplateVM. For the minimal and Xfce version, please see the [Minimal TemplateVMs] and [Fedora Xfce] page. The Fedora [TemplateVM] is the default TemplateVM in Qubes OS. This page is about the standard (or "full") Fedora TemplateVM. For the minimal and Xfce versions, please see the [Minimal TemplateVMs] and [Fedora Xfce] pages.
## Installing ## Installing
@ -59,4 +59,3 @@ This section contains notes about specific Fedora releases.
[Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms [Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms
[Upgrading Fedora TemplateVMs]: /doc/template/fedora/upgrade/ [Upgrading Fedora TemplateVMs]: /doc/template/fedora/upgrade/
[install]: /doc/templates/#installing [install]: /doc/templates/#installing

View File

@ -16,7 +16,7 @@ redirect_from:
The Minimal [TemplateVMs] are lightweight versions of their standard TemplateVM counterparts. The Minimal [TemplateVMs] are lightweight versions of their standard TemplateVM counterparts.
They have only the most vital packages installed, including a minimal X and xterm installation. They have only the most vital packages installed, including a minimal X and xterm installation.
The sections below contain instructions for using the template and provide some examples for common use cases. The sections below contain instructions for using the template and provide some examples for common use cases.
There are currently two Minimal TemplateVMs corresponding to the standard [Fedora] and [Debian] TemplateVMs. There are currently three Minimal TemplateVMs corresponding to the standard [Fedora], [Debian] and [CentOS] TemplateVMs.
## Important ## Important
@ -42,6 +42,10 @@ You may wish to try again with the testing repository enabled:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-X-minimal [user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-X-minimal
If you would like to install a community distribution, try the install command by enabling the community repository:
[user@dom0 ~]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-X-minimal
The download may take a while depending on your connection speed. The download may take a while depending on your connection speed.
@ -121,7 +125,7 @@ To access the `journald` log, use the `journalctl` command.
### Debian ### Debian
As you would expect, the required packages can be installed in the running template with any apt-based command. As you would expect, the required packages can be installed in the running template with any apt-based command.
For example : (Replace "packages` with a space-delimited list of packages to be installed.) For example : (Replace `packages` with a space-delimited list of packages to be installed.)
[user@your-new-clone ~]$ sudo apt install packages [user@your-new-clone ~]$ sudo apt install packages
@ -162,9 +166,31 @@ Documentation on all of these can be found in the [docs](/doc)
You could, of course, use qubes-vm-recommended to automatically install many of these, but in that case you are well on the way to a standard Debian template. You could, of course, use qubes-vm-recommended to automatically install many of these, but in that case you are well on the way to a standard Debian template.
### CentOS
As is the case with above-mentioned Minimal Templates, the required packages are to be installed in the running template with the following command (replace `packages` with a space-delimited list of packages to be installed):
[user@your-new-clone ~]$ sudo yum install packages
Use case | Description | Required steps
--- | --- | ---
**Standard utilities** | If you need the commonly used utilities | Install the following packages: `pciutils` `vim-minimal` `less` `psmisc` `gnome-keyring`
**Networking** | If you want networking | Install `qubes-core-agent-networking` `qubes-core-agent-network-manager` `NetworkManager-wifi` `network-manager-applet` `wireless-tools` `dejavu-sans-fonts` `notification-daemon` `gnome-keyring`
**Audio** | If you want sound from your VM... | Install `pulseaudio-qubes`
**FirewallVM** | You can use the minimal template as a template for a [FirewallVM](/doc/firewall/), like `sys-firewall` | Install `qubes-core-agent-networking`, and `nftables`. Also install `qubes-core-agent-dom0-updates`(script required to handle `dom0` updates), if you want to use a qube based on the template as an updateVM (normally sys-firewall).
**NetVM** | You can use this template as the basis for a NetVM such as `sys-net` | Install the following packages: `qubes-core-agent-networking`, `qubes-core-agent-network-manager` and `nftables`.
**NetVM (extra firmware)** | If your network devices need extra packages for a network VM | Use the `lspci` command to identify the devices, then find the package that provides necessary firnware and install it.
**Network utilities** | If you need utilities for debugging and analyzing network connections | Install the following packages: `tcpdump` `telnet` `nmap` `nmap-ncat`
**USB** | If you want to use this template as the basis for a [USB](/doc/usb/) qube such as `sys-usb` | Install `qubes-usb-proxy`. To use USB mouse or keyboard install `qubes-input-proxy-sender`.
**VPN** | You can use this template as basis for a [VPN](/doc/vpn/) qube | You may need to install network-manager VPN packages, depending on the VPN technology you'll be using. After creating a machine based on this template, follow the [VPN howto](/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager) to configure it.
**Desktop environment** | To improve desktop experience using additional packages from the `qubes-core-agent` | `qubes-menus` which defines menu layout, `qubes-desktop-linux-common` which contains icons and scripts to improve desktop experience. `qubes-core-agent-nautilus`/`qubes-core-agent-thunar`: packages providing integration with the Nautilus/Thunar file manager (without it, items like "copy to VM/open in disposable VM" will not be shown in Nautilus/Thunar).
**Additional services** | If you need additional Qubes services | Install `qubes-gpg-split` `qubes-pdf-converter` `qubes-img-converter`("Qubes apps" implementing split GPG, trusted PDF and image converter), `qubes-snapd-helper`(if you want to use snaps), `qubes-mgmt-\*`(if you want to use salt management on the template and qubes).
[TemplateVMs]: /doc/templates/ [TemplateVMs]: /doc/templates/
[Fedora]: /doc/templates/fedora/ [Fedora]: /doc/templates/fedora/
[Debian]: /doc/templates/debian/ [Debian]: /doc/templates/debian/
[CentOS]: /doc/templates/centos/
[qubes-users]: /support/#qubes-users [qubes-users]: /support/#qubes-users
[doc-guidelines]: /doc/doc-guidelines/ [doc-guidelines]: /doc/doc-guidelines/
[pref-default]: /faq/#could-you-please-make-my-preference-the-default [pref-default]: /faq/#could-you-please-make-my-preference-the-default

View File

@ -60,7 +60,8 @@ In addition, these templates may be somewhat less stable, since the Qubes develo
* [Whonix] * [Whonix]
* [Ubuntu] * [Ubuntu]
* [Arch Linux] * [Arch Linux]
* [CentOS](/doc/templates/centos/) * [CentOS]
* CentOS [Minimal]
## Installing ## Installing
@ -261,4 +262,3 @@ Note the word "clean" means in this context: the same as their template filesyst
[uninstall the old TemplateVM]: #uninstalling [uninstall the old TemplateVM]: #uninstalling
[Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms [Updating software in TemplateVMs]: /doc/software-update-domu/#updating-software-in-templatevms
[How to Reinstall a TemplateVM]: /doc/reinstall-template/ [How to Reinstall a TemplateVM]: /doc/reinstall-template/