From d00c2d932fdac311c1c258d84217f93a3a6b104e Mon Sep 17 00:00:00 2001 From: deeplow <47065258+deeplow@users.noreply.github.com> Date: Mon, 5 Jul 2021 11:47:54 -0400 Subject: [PATCH 1/3] Minor improvements to the testbech instructions --- developer/debugging/test-bench.md | 82 ++++++++++++++++--------------- 1 file changed, 42 insertions(+), 40 deletions(-) diff --git a/developer/debugging/test-bench.md b/developer/debugging/test-bench.md index a5cfb8d7..01a38c7c 100644 --- a/developer/debugging/test-bench.md +++ b/developer/debugging/test-bench.md @@ -20,7 +20,7 @@ We will set up a spare machine (bare metal, not a virtual) that will be hosting ## Setting up the Machine ### Install ISO -First, do a clean install from the `.iso` [you built](/doc/qubes-iso-building/) or grabbed elsewhere (for example [here](https://forum.qubes-os.org/t/qubesos-4-1-alpha-signed-weekly-builds/3601)) +First, do a clean install from the `.iso` [you built](/doc/qubes-iso-building/) or grabbed elsewhere (for example [here](https://forum.qubes-os.org/t/qubesos-4-1-alpha-signed-weekly-builds/3601)). ### Enabling Network Access in Dom0 @@ -30,53 +30,55 @@ Internet access is intentionally disabled by default in dom0. But to ease the de 1. Remove the network card (PCI device) from `sys-net` 2. Restart your computer (for the removal to take effect) -3. The following script should enable your network card in dom0. *Be sure to adjust the script's variables to suit your needs.* You'll need to run this at every startup (TODO: describe how to run this at every startup). +3. Install `dhcp-client` and `openssh-server` on your testbench's dom0. +4. The following script should enable your network card in dom0. *Be sure to adjust the script's variables to suit your needs.* You'll need to run this at every startup with sudo (TODO: describe how to run this at every startup). - ```bash - #!/bin/sh + ```bash + #!/bin/sh - # adjust this for your NIC (run lspci) - BDF=0000:02:00.0 + # adjust this for your NIC (run lspci) + BDF=0000:02:00.0 - # adjust this for your network driver - DRIVER=e1000e + # adjust this for your network driver + DRIVER=e1000e - prog=$(basename $0) + prog=$(basename $0) + + pciunbind() { + local path + path=/sys/bus/pci/devices/${1}/driver/unbind + if ! [ -w ${path} ]; then + echo "${prog}: Device ${1} not bound" + return 1 + fi + echo -n ${1} >${path} + } + + pcibind() { + local path + path=/sys/bus/pci/drivers/${2}/bind + if ! [ -w ${path} ]; then + echo "${prog}: Driver ${2} not found" + return 1 + fi + echo ${1} >${path} + } + + pciunbind ${BDF} + pcibind ${BDF} ${DRIVER} - pciunbind() { - local path - path=/sys/bus/pci/devices/${1}/driver/unbind - if ! [ -w ${path} ]; then - echo "${prog}: Device ${1} not bound" - return 1 - fi - echo -n ${1} >${path} - } + sleep 1 + dhclient + ``` - pcibind() { - local path - path=/sys/bus/pci/drivers/${2}/bind - if ! [ -w ${path} ]; then - echo "${prog}: Driver ${2} not found" - return 1 - fi - echo ${1} >${path} - } +5. Configure your DHCP server so your testbench gets static IP and connect your machine to your local network. You should ensure that your testbench can reach the Internet. - pciunbind ${BDF} - pcibind ${BDF} ${DRIVER} - - sleep 1 - dhclient - ``` +6. Enable and start the SSH Server: -4. Configure your DHCP server so your testbench gets static IP and connect your machine to your local network. You should ensure that your testbench can reach the Internet. - -5. Install `openssh-server` on your testbench. - - ~~~ - sudo dnf --setopt=reposdir=/etc/yum.repos.d install openssh-server - ~~~ + ```bash + sudo systemctl enable sshd + sudo systemctl start sshd + ``` > **Note:** If you want to install additional software in dom0 and your only network card was assigned to dom0, then _instead_ of the usual `sudo qubes-dom0-update ` now you run `sudo dnf --setopt=reposdir=/etc/yum.repos.d install `. From 9849fea7429c5ec742c70b9c4b2e5e853ed64848 Mon Sep 17 00:00:00 2001 From: deeplow <47065258+deeplow@users.noreply.github.com> Date: Tue, 6 Jul 2021 08:08:08 -0400 Subject: [PATCH 2/3] add steps to run script on every boot --- developer/debugging/test-bench.md | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/developer/debugging/test-bench.md b/developer/debugging/test-bench.md index 01a38c7c..cd864fa3 100644 --- a/developer/debugging/test-bench.md +++ b/developer/debugging/test-bench.md @@ -31,7 +31,7 @@ Internet access is intentionally disabled by default in dom0. But to ease the de 1. Remove the network card (PCI device) from `sys-net` 2. Restart your computer (for the removal to take effect) 3. Install `dhcp-client` and `openssh-server` on your testbench's dom0. -4. The following script should enable your network card in dom0. *Be sure to adjust the script's variables to suit your needs.* You'll need to run this at every startup with sudo (TODO: describe how to run this at every startup). +4. Save the following script in `/home/user/bin/dom0_network.sh` and make it executable. It should enable your network card in dom0. *Be sure to adjust the script's variables to suit your needs.* ```bash #!/bin/sh @@ -73,11 +73,27 @@ Internet access is intentionally disabled by default in dom0. But to ease the de 5. Configure your DHCP server so your testbench gets static IP and connect your machine to your local network. You should ensure that your testbench can reach the Internet. -6. Enable and start the SSH Server: +6. You'll need to run the above script on every startup. To automate this save the following systemd service `/etc/systemd/system/dom0-network-direct.service` + + ``` + [Unit] + Description=Connect network to dom0 + + [Service] + Type=oneshot + ExecStart=/home/user/bin/dom0_network.sh + + [Install] + WantedBy=multi-user.target + ``` + +6. Enable and start the SSH Server and the script on boot: ```bash sudo systemctl enable sshd sudo systemctl start sshd + + sudo systemctl enable dom0-network-direct ``` > **Note:** If you want to install additional software in dom0 and your only network card was assigned to dom0, then _instead_ of the usual `sudo qubes-dom0-update ` now you run `sudo dnf --setopt=reposdir=/etc/yum.repos.d install `. From 5972274c9de448a11632d61ed2162268052b0fd3 Mon Sep 17 00:00:00 2001 From: deeplow <47065258+deeplow@users.noreply.github.com> Date: Tue, 6 Jul 2021 08:09:53 -0400 Subject: [PATCH 3/3] start also script --- developer/debugging/test-bench.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/developer/debugging/test-bench.md b/developer/debugging/test-bench.md index cd864fa3..9fea836a 100644 --- a/developer/debugging/test-bench.md +++ b/developer/debugging/test-bench.md @@ -87,13 +87,14 @@ Internet access is intentionally disabled by default in dom0. But to ease the de WantedBy=multi-user.target ``` -6. Enable and start the SSH Server and the script on boot: +7. Then, enable and start the SSH Server and the script on boot: ```bash sudo systemctl enable sshd sudo systemctl start sshd sudo systemctl enable dom0-network-direct + sudo systemctl start dom0-network-direct ``` > **Note:** If you want to install additional software in dom0 and your only network card was assigned to dom0, then _instead_ of the usual `sudo qubes-dom0-update ` now you run `sudo dnf --setopt=reposdir=/etc/yum.repos.d install `.