mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2025-01-15 09:17:11 -05:00
commit
e09fe5320c
@ -43,7 +43,7 @@ stored on or accessed by this computer, such as health records, confidential
|
||||
communications, or thoughts written in a private journal. Malware can also
|
||||
interfere with the activities you perform with your computer. For example,
|
||||
if you use your computer to conduct financial transactions, the malware
|
||||
might allow its creator to make fradulent transactions in your name.
|
||||
might allow its creator to make fraudulent transactions in your name.
|
||||
|
||||
|
||||
Aren't antivirus programs and firewalls enough?
|
||||
@ -67,7 +67,7 @@ these bugs from being exploited.
|
||||
How does Qubes provide security?
|
||||
--------------------------------
|
||||
|
||||
Qubes takes an appraoch called **security by compartmentalization**, which
|
||||
Qubes takes an approach called **security by compartmentalization**, which
|
||||
allows you to compartmentalize the various parts of your digital life into
|
||||
securely isolated virtual machines (VMs). A VM is basically a simulated
|
||||
computer with its own OS which runs as software on your physical computer. You
|
||||
@ -185,4 +185,3 @@ technical details have been omitted here for the sake of presentation.
|
||||
[devel-faq]: /doc/devel-faq/
|
||||
[downloads]: /downloads/
|
||||
[getting started]: /doc/getting-started/
|
||||
|
||||
|
@ -188,7 +188,7 @@ Run `systemctl enable NetworkManager-dispatcher.service` in the TemplateVM upon
|
||||
|
||||
### My keyboard layout settings are not behaving correctly. What should I do?
|
||||
|
||||
Please read [this disccusion](https://groups.google.com/d/topic/qubes-devel/d8ZQ_62asKI/discussion).
|
||||
Please read [this discussion](https://groups.google.com/d/topic/qubes-devel/d8ZQ_62asKI/discussion).
|
||||
|
||||
### My dom0 and/or TemplateVM update stalls when attempting to update via the GUI tool. What should I do?
|
||||
|
||||
@ -200,7 +200,7 @@ In your TemplateVMs, open a terminal and run `sudo yum upgrade`.
|
||||
|
||||
### How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?
|
||||
|
||||
Enable "debug mode" in the AppVM's settings, either by checking the box labelled "Run in debug mode" in the Qubes VM Manager AppVM settings menu or by running the [qvm-prefs command](/doc/dom0-tools/qvm-prefs/).)
|
||||
Enable "debug mode" in the AppVM's settings, either by checking the box labeled "Run in debug mode" in the Qubes VM Manager AppVM settings menu or by running the [qvm-prefs command](/doc/dom0-tools/qvm-prefs/).)
|
||||
|
||||
|
||||
### I created a usbVM and assigned usb controllers to it. Now the usbVM wont boot.
|
||||
|
@ -27,7 +27,7 @@ As of Qubes R2B3, these functions are integrated into the Qubes VM Manager GUI.
|
||||
Creating a Backup
|
||||
-----------------
|
||||
|
||||
1. In **Qubes VM Manager**, click **System** on the menu bar, then click **Backup VMs** in the dropdown list. This brings up the **Qubes Backup VMs** window.
|
||||
1. In **Qubes VM Manager**, click **System** on the menu bar, then click **Backup VMs** in the drop-down list. This brings up the **Qubes Backup VMs** window.
|
||||
|
||||
2. Move the AppVMs which you desire to back up to the right-hand **Selected** column. AppVMs in the left-hand **Available** column will not be backed up.
|
||||
|
||||
@ -37,8 +37,8 @@ Creating a Backup
|
||||
|
||||
3. Select the destination for the backup:
|
||||
|
||||
- If you wish to send your backup to a [USB mass storage device](/doc/stick-mounting/), select the device in the dropdown box next to **Device** (feature removed in R3, select appropriate **Target AppVM** and mount the stick with one click in file selection dialog).
|
||||
- If you wish to send your backup to a (currently running) AppVM, select the AppVM in the dropdown box next to **Target AppVM**.
|
||||
- If you wish to send your backup to a [USB mass storage device](/doc/stick-mounting/), select the device in the drop-down box next to **Device** (feature removed in R3, select appropriate **Target AppVM** and mount the stick with one click in file selection dialog).
|
||||
- If you wish to send your backup to a (currently running) AppVM, select the AppVM in the drop-down box next to **Target AppVM**.
|
||||
|
||||
You must also specify a directory on the device or in the AppVM, or a command to be executed in the AppVM as a destination for your backup. For example, if you wish to send your backup to the `~/backups` folder in the target AppVM, you would simply type `backups` in this field. This destination directory must already exist. If it does not exist, you must create it manually prior to backing up.
|
||||
|
||||
@ -56,14 +56,14 @@ Creating a Backup
|
||||
Restoring from a Backup
|
||||
-----------------------
|
||||
|
||||
1. In **Qubes VM Manager**, click **System** on the menu bar, then click **Restore VMs from backup** in the dropdown list. This brings up the **Qubes Restore VMs** window.
|
||||
1. In **Qubes VM Manager**, click **System** on the menu bar, then click **Restore VMs from backup** in the drop-down list. This brings up the **Qubes Restore VMs** window.
|
||||
|
||||
2. Select the source location of the backup to be restored:
|
||||
|
||||
- If your backup is located on a [USB mass storage device](/doc/stick-mounting/), select the device in the dropdown box next to **Device**.
|
||||
- If your backup is located in a (currently running) AppVM, select the AppVM in the dropdown box next to **AppVM**.
|
||||
- If your backup is located on a [USB mass storage device](/doc/stick-mounting/), select the device in the drop-down box next to **Device**.
|
||||
- If your backup is located in a (currently running) AppVM, select the AppVM in the drop-down box next to **AppVM**.
|
||||
|
||||
You must also specify the directory in which the backup resides (or a command to be executed in an AppVM). If you followed the instructions in the previous section, "Creating a Backup," then your backup is most likely in the location you chose as the destination in step 3. For example, if you had chosen the `~/backups` directory of an AppVM as your destination in step 3, you would now select the same AppVM and again type `backups` into the **Backup directory** field.
|
||||
You must also specify the directory in which the backup resides (or a command to be executed in an AppVM). If you followed the instructions in the previous section, "Creating a Backup", then your backup is most likely in the location you chose as the destination in step 3. For example, if you had chosen the `~/backups` directory of an AppVM as your destination in step 3, you would now select the same AppVM and again type `backups` into the **Backup directory** field.
|
||||
|
||||
**Note:** After you have typed the directory location of the backup in the **Backup directory** field, click the ellipsis button `...` to the right of the field.
|
||||
|
||||
@ -101,4 +101,3 @@ Notes
|
||||
* The Qubes backup system relies on `openssl enc`, which is known to use a very weak key derivation scheme. The Qubes backup system also uses the same passphrase for authentication and for encryption, which is problematic from a security perspective. Users are advised to use a very high entropy passphrase for Qubes backups. For a full discussion, see [this thread](https://groups.google.com/d/msg/qubes-devel/CZ7WRwLXcnk/u_rZPoVxL5IJ).
|
||||
* For the technical details of the backup system, please refer to [this thread](https://groups.google.com/d/topic/qubes-devel/TQr_QcXIVww/discussion).
|
||||
* If working with symlinks, note the issues described in [this thread](https://groups.google.com/d/topic/qubes-users/EITd1kBHD30/discussion).
|
||||
|
||||
|
@ -13,7 +13,7 @@ Copy and Paste between domains
|
||||
|
||||
Qubes fully supports secure copy and paste operation between domains. In order to copy a clipboard from domain A to domain B, follow those steps:
|
||||
|
||||
1. Click on the application window in the domain A where you have selected text for copying. Then use the *app-specific* hot-key (or menu option) to copy this into domain's local clipboard (in other words: do the copy operation as usual, in most cases by pressing Ctrl-C).
|
||||
1. Click on the application window in domain A where you have selected text for copying. Then use the *app-specific* hot-key (or menu option) to copy this into domain's local clipboard (in other words: do the copy operation as usual, in most cases by pressing Ctrl-C).
|
||||
2. Then (when the app in domain A is still in focus) press Ctrl-Shift-C magic hot-key. This will tell Qubes that we want to select this domain's clipboard for *global copy* between domains.
|
||||
3. Now select the destination app, running in domain B, and press Ctrl-Shift-V, another magic hot-key that will tell Qubes to make the clipboard marked in the previous step available to apps running in domain B. This step is necessary because it ensures that only domain B will get access to the clipboard copied from domain A, and not any other domain that might be running in the system.
|
||||
4. Now, in the destination app use the app-specific key combination (usually Ctrl-V) for pasting the clipboard.
|
||||
@ -27,7 +27,7 @@ Note that only simple plain text copy/paste is supported between AppVMs. This is
|
||||
On Copy/Paste Security
|
||||
----------------------
|
||||
|
||||
The scheme is *secure* because it doesn't allow other VMs to steal the content of the clipboard. However, one should keep in mind that performing a copy and paste operation from *less trusted* to *more trusted* domain can always be potentially insecure, because the data that we insert might potentially try to exploit some hypothetical bug in the destination VM (e.g. the seemingly innocent link that we copy from untrusted domain, might turn out to be, in fact, a large buffer of junk that, when pasted into the destination VM's word processor could exploit a hypothetical bug in the undo buffer). This is a general problem and applies to any data transfer between *less trusted to more trusted* domain. It even applies to copying files between physically separate machines (air-gapped) systems. So, you should always copy clipboard and data only from *more trusted* to *less trusted* domains.
|
||||
The scheme is *secure* because it doesn't allow other VMs to steal the content of the clipboard. However, one should keep in mind that performing a copy and paste operation from *less trusted* to *more trusted* domain can always be potentially insecure, because the data that we insert might potentially try to exploit some hypothetical bug in the destination VM (e.g. the seemingly innocent link that we copy from untrusted domain, might turn out to be, in fact, a large buffer of junk that, when pasted into the destination VM's word processor could exploit a hypothetical bug in the undo buffer). This is a general problem and applies to any data transfer between *less trusted to more trusted* domains. It even applies to copying files between physically separate machines (air-gapped) systems. So, you should always copy clipboard and data only from *more trusted* to *less trusted* domains.
|
||||
|
||||
See also [this article](http://theinvisiblethings.blogspot.com/2011/03/partitioning-my-digital-life-into.html) for more information on this topic, and some ideas of how we might solve this problem in some future version of Qubes.
|
||||
|
||||
|
@ -11,7 +11,7 @@ redirect_from:
|
||||
Copying files between domains
|
||||
=============================
|
||||
|
||||
Qubes also supports secure file coping between domains. In order to copy file(s) from domain A to domain B, follow those steps:
|
||||
Qubes also supports secure file coping between domains. In order to copy file(s) from domain A to domain B, follow these steps:
|
||||
|
||||
GUI
|
||||
---
|
||||
@ -36,7 +36,7 @@ On inter-domain file copy security
|
||||
|
||||
The scheme is *secure* because it doesn't allow other domains to steal the files that are being copying, and also doesn't allow the source domain to overwrite arbitrary file on the destination domain. Also, Qubes file copy scheme doesn't use any sort of virtual block devices for file copy -- instead we use Xen shared memory, which eliminates lots of processing of untrusted data. For example, the receiving domain is *not* forced to parse untrusted partitions or file systems. In this respect our files copy mechanism provides even more security than file copy between two physically separated (air-gapped) machines!
|
||||
|
||||
However, one should keep in mind that performing a data transfer from *less trusted* to *more trusted* domain can always be potentially insecure, because the data that we insert might potentially try to exploit some hypothetical bug in the destination VM (e.g. a seemingly innocent JPEG that we copy from untrusted domain, might turned out to be specially craft exploit for some hypothetical bug in JPEG parsing application in the destination domain). This is a general problem and applies to any data transfer between *less trusted to more trusted* domain. It even applies to the scenario of copying files between air-gapped machines. So, you should always copy data only from *more trusted* to *less trusted* domains.
|
||||
However, one should keep in mind that performing a data transfer from *less trusted* to *more trusted* domain can always be potentially insecure, because the data that we insert might potentially try to exploit some hypothetical bug in the destination VM (e.g. a seemingly innocent JPEG that we copy from untrusted domain, might turned out to be specially craft exploit for some hypothetical bug in JPEG parsing application in the destination domain). This is a general problem and applies to any data transfer between *less trusted to more trusted* domains. It even applies to the scenario of copying files between air-gapped machines. So, you should always copy data only from *more trusted* to *less trusted* domains.
|
||||
|
||||
See also [this article](http://theinvisiblethings.blogspot.com/2011/03/partitioning-my-digital-life-into.html) for more information on this topic, and some ideas of how we might solve this problem in some future version of Qubes.
|
||||
|
||||
|
@ -60,7 +60,7 @@ Because we chose to use Fedora as a vendor for the Qubes OS foundation (e.g. for
|
||||
|
||||
- So, are the template VMs as trusted as Dom0?
|
||||
|
||||
Not quite. Dom0 compromise is absolutely fatal, and it leads to Game Over (TM). However, a compromise of a template affects only a subset of all your AppVMs (in case you use more than one template, or also some standalone VMs). Also, if your AppVMs are network disconnected, even though their filesystems might got compromised due to the corresponding template compromise, it still would be difficult for the attacker to actually leak out the data stolen in an AppVM. Not impossible (due to existence of cover channels between VMs on x86 architecture), but difficult and slow.
|
||||
Not quite. Dom0 compromise is absolutely fatal, and it leads to Game Over<sup>TM</sup>. However, a compromise of a template affects only a subset of all your AppVMs (in case you use more than one template, or also some standalone VMs). Also, if your AppVMs are network disconnected, even though their filesystems might got compromised due to the corresponding template compromise, it still would be difficult for the attacker to actually leak out the data stolen in an AppVM. Not impossible (due to existence of cover channels between VMs on x86 architecture), but difficult and slow.
|
||||
|
||||
Standalone VMs
|
||||
--------------
|
||||
|
@ -62,7 +62,7 @@ The command-line tool you may use to mount whole USB sticks or their partitions
|
||||
|
||||
1. You may now remove the device.
|
||||
|
||||
**Warning: Do not remove the device before detatching it from the VM!** Otherwise you
|
||||
**Warning: Do not remove the device before detaching it from the VM!** Otherwise you
|
||||
will not be able to attach it anywhere later. See [this
|
||||
ticket](https://github.com/QubesOS/qubes-issues/issues/1082) for details.
|
||||
|
||||
|
@ -11,9 +11,9 @@ redirect_from:
|
||||
Network Bridge Support (EXPERIMENTAL and UNSUPPORTED)
|
||||
=====================================================
|
||||
|
||||
The Qubes developpement team does not support bridging the network interfaces found in NetVM and don't plan to support it at all. Several reasons for that:
|
||||
The Qubes development team does not support bridging the network interfaces found in NetVM and don't plan to support it at all. Several reasons for that:
|
||||
|
||||
- Using a bridged VM is almost only necessary for developpers testing or working on OSI layer 2 or layer 3 tools (MAC or routing protocols). If not for testing, such tools are almost only used directly on routers ...).
|
||||
- Using a bridged VM is almost only necessary for developers testing or working on OSI layer 2 or layer 3 tools (MAC or routing protocols). If not for testing, such tools are almost only used directly on routers ...).
|
||||
- Most of these tools can be anyway used directly inside the NetVM, which has direct access to the network card.
|
||||
- It is also possible to use a secondary network card plugged into a specific development VM.
|
||||
- Such a setup could break security features of Qubes such as AppVM firewalling.
|
||||
@ -23,7 +23,7 @@ Now if you really want to work with OSI layer2 / layer 3 tools, that you don't h
|
||||
Qubes manager patch (Qubes R2B2)
|
||||
--------------------------------
|
||||
|
||||
The following patches can be applied to the Qubes Manager GUI in order to add an option to easily bridge a VM. Use it at your own risk. If the patch breaks the Qubes Manager, you can try to restore the qubes packages:
|
||||
The following patches can be applied to the Qubes Manager GUI in order to add an option to easily bridge a VM. Use it at your own risk. If the patch breaks the Qubes Manager, you can try to restore the Qubes packages:
|
||||
|
||||
~~~
|
||||
# qubes-dom-update qubes-core-dom0 qubes-manager
|
||||
@ -75,7 +75,7 @@ Modify manually the Template you use for your NetVM (not the NetVM itself). This
|
||||
-A FORWARD -j DROP
|
||||
~~~
|
||||
|
||||
Ensure that the IP addresses used by default in qubes are in the form 10.137.1.\* or 10.137.2.\* by running ifconfig. Of course, this setup won't work with IPv6.
|
||||
Ensure that the IP addresses used by default in Qubes are in the form 10.137.1.\* or 10.137.2.\* by running ifconfig. Of course, this setup won't work with IPv6.
|
||||
|
||||
Now you need to restart the NetVM and FirewallVM or only iptables in both VMs if you prefer:
|
||||
|
||||
|
@ -18,7 +18,7 @@ Installation
|
||||
|
||||
`yum install postfix procmail make`
|
||||
|
||||
Procmail is not strictly neccessary, but is useful to sort your incoming mail, for example to put each mailing list in its own directory. Make is also not neccessary, but is used to keep Postfix lookup tables. You should also check `alternatives` command, to see if it is the default `mta`. It probably is not. You may need to `yum remove ssmtp` or something.
|
||||
Procmail is not strictly necessary, but is useful to sort your incoming mail, for example to put each mailing list in its own directory. Make is also not necessary, but is used to keep Postfix lookup tables. You should also check `alternatives` command, to see if it is the default `mta`. It probably is not. You may need to `yum remove ssmtp` or something.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
@ -104,7 +104,7 @@ your.mail@exmaple.com [mail.example.com]:submission
|
||||
your.other@mail.com [smtp.mail.com]:smtp
|
||||
~~~
|
||||
|
||||
`/usr/local/etc/postfix/saslpass`. Here you put passwords to abovementioned servers. It depends on provider if you need to put whole email as username or just the part before `@`.
|
||||
`/usr/local/etc/postfix/saslpass`. Here you put passwords to above mentioned servers. It depends on provider if you need to put whole email as username or just the part before `@`.
|
||||
|
||||
~~~
|
||||
[mail.example.com]:submission your.mail:y0urP4ssw0rd
|
||||
@ -118,7 +118,7 @@ spamdomain1.com DISCARD
|
||||
spamdomain2.com DISCARD
|
||||
~~~
|
||||
|
||||
Now run `make` in `/usr/local/etc/postfix`. It will hopefully compile four abovementioned lookup tables (`generic.db`, `sender_relay.db`, `saslpass.db` and `sender_access`).
|
||||
Now run `make` in `/usr/local/etc/postfix`. It will hopefully compile four above mentioned lookup tables (`generic.db`, `sender_relay.db`, `saslpass.db` and `sender_access`).
|
||||
|
||||
### procmail
|
||||
|
||||
|
@ -11,8 +11,7 @@ redirect_from:
|
||||
Resize Disk Image
|
||||
-----------------
|
||||
|
||||
There are several disk images which can be easily extended.
|
||||
But pay attention to the overall consumed space of your sparse disk images.
|
||||
There are several disk images which can be easily extended. But pay attention to the overall consumed space of your sparse disk images.
|
||||
|
||||
### Private disk image
|
||||
|
||||
|
@ -21,7 +21,7 @@ Installation
|
||||
Xresources
|
||||
----------
|
||||
|
||||
In TemplateVM create file `/etc/X11/Xresources.urxvt` and paste config below. `!`-lines are comments and may be left out. `#`-lines are directives to CPP (C preprocessor) and are neccessary. This shouldn't go to `/etc/X11/Xresources`, because that file is not preprocessed by default.
|
||||
In TemplateVM create file `/etc/X11/Xresources.urxvt` and paste config below. `!`-lines are comments and may be left out. `#`-lines are directives to CPP (C preprocessor) and are necessary. This shouldn't go to `/etc/X11/Xresources`, because that file is not preprocessed by default.
|
||||
|
||||
~~~
|
||||
! CGA colour palette
|
||||
|
@ -50,7 +50,7 @@ A *module* is a Python extension to salt that is responsible for actually
|
||||
enforcing the state in a particular area. It exposes some *imperative* functions
|
||||
for administrator. For example there is `system` module that has `system.halt`
|
||||
function that, when issued, will immediately halt the computer. There is another
|
||||
function called `state.highstate` which will synchronise the state of the system
|
||||
function called `state.highstate` which will synchronize the state of the system
|
||||
with the administrator's will.
|
||||
|
||||
|
||||
|
@ -15,7 +15,7 @@ Template installation
|
||||
|
||||
> [dom0]#qubes-dom0-update qubes-template-fedora-21-minimal
|
||||
|
||||
*Note*: the template may not start in qubes R3 when using kernel 3.19 (unstable). In this case, switch the AppVM or TemplateVM to the kernel 3.18.
|
||||
*Note*: the template may not start in Qubes R3 when using kernel 3.19 (unstable). In this case, switch the AppVM or TemplateVM to the kernel 3.18.
|
||||
|
||||
*Note*: If you have doubts about a set of tool or package you want to install, start installing and testing it in an AppVM. You can then reproduce it later in your TemplateVM if you are satisfied. That the (QubesOS?) template philosophy.
|
||||
|
||||
@ -27,7 +27,7 @@ Administration (documented)
|
||||
|
||||
sudo pciutils vim-minimal less tcpdump telnet psmisc nmap nmap-ncat usbutils
|
||||
|
||||
*Notes*: nmap can be used to discover a network (nmap -sP [network]), especially if you are inside a Microsoft network, because your AppVM will be protected/NATted behind Qubes firewall (microsoft / home network are heavily using autodiscovery technologies which require to beint in the same local network (no firewall/no NAT), eg: your printer.
|
||||
*Notes*: nmap can be used to discover a network (nmap -sP [network]), especially if you are inside a Microsoft network, because your AppVM will be protected/NATted behind Qubes firewall (microsoft / home network are heavily using autodiscovery technologies which require to be in the same local network (no firewall/no NAT), eg: your printer.
|
||||
|
||||
Some recommendation here: check your current network using the Network manager applet (eg: 192.168.1.65). Then run nmap in your current AppVM/TemplateVM to search for the selected printer/equipement: nmap -sP 192.168.1.-. Don't forget to allow temporarily the Qubes Firewall if you are inside a TemplateVM.
|
||||
|
||||
@ -86,9 +86,9 @@ Printer Setup
|
||||
|
||||
system-config-printer system-config-printer-applet cups
|
||||
|
||||
Dependency Note: depends on python3 + python3 additionnal libraries which takes more than 40 M once installed.
|
||||
Dependency Note: depends on python3 + python3 additional libraries which takes more than 40 M once installed.
|
||||
|
||||
Dependency Note: cups depends on ghostscript and require installing additionnal printing fonts (not documented here), so it can takes several dozen of MB
|
||||
Dependency Note: cups depends on ghostscript and require installing additional printing fonts (not documented here), so it can takes several dozen of MB
|
||||
|
||||
Manual operations
|
||||
---------------------------
|
||||
@ -97,7 +97,7 @@ Manual operations
|
||||
|
||||
- First you need to search for your printer. If you don't know its name or IP, search for it using nmap: check your current network using the Network manager applet (eg: 192.168.1.65). Then run nmap in your current AppVM/TemplateVM to search for the selected printer/equipement: nmap -sP 192.168.1.-. Don't forget to allow temporarily the Qubes Firewall if you are inside a TemplateVM.
|
||||
|
||||
- Once you identifed your printer, run system-config-printer GUI to install your printer
|
||||
- Once you identified your printer, run system-config-printer GUI to install your printer
|
||||
|
||||
- You man need to cancel the operation to install more adapted printer drivers (eg: if the driver cannot be found automatically). Use yum search printername to find potential drivers (eg yum search photosmart)
|
||||
|
||||
@ -246,7 +246,7 @@ Finally, regenerate the dconf database
|
||||
|
||||
### Uniform look for QT & GTK
|
||||
|
||||
Getting an uniform look for QT & GTK is not acheaved yet. A good source is on the following link [UNIFORMTHEME]
|
||||
Getting an uniform look for QT & GTK is not achieved yet. A good source is on the following link [UNIFORMTHEME]
|
||||
|
||||
Two case:
|
||||
|
||||
@ -254,7 +254,7 @@ Two case:
|
||||
(eg: Adwaita which is the default theme. I did not found another cross framework theme on fedora default packages).
|
||||
|
||||
2. You want to use the GTK theme you selected for Qt but there is no qt package.
|
||||
In this case QGtkStyle will take precedence and convert the style automaticall.
|
||||
In this case QGtkStyle will take precedence and convert the style automatically.
|
||||
You can verify if it is enabled by searching for "style=GTK+" in /etc/xdg/Trolltech.conf.
|
||||
If style is changed to another name, it will be used instead of your GTK theme.
|
||||
|
||||
|
@ -5,7 +5,7 @@ permalink: /doc/windows-template-customization/
|
||||
redirect_from: /en/doc/windows-template-customization/
|
||||
---
|
||||
|
||||
Disable/Uninstall unecessary features/services
|
||||
Disable/Uninstall unnecessary features/services
|
||||
=============================
|
||||
|
||||
Windows features
|
||||
@ -13,9 +13,9 @@ Windows features
|
||||
|
||||
Uninstall windows features from Control Panel > Turn windows features On/Off.
|
||||
|
||||
Generally, it will be required to reboot after features desinstallation.
|
||||
Generally, it will be required to reboot after features are uninstalled.
|
||||
|
||||
If you do not manage to uninstall some features, it is sometimes necessarry to uninstall them one by one or two by two.
|
||||
If you do not manage to uninstall some features, it is sometimes necessary to uninstall them one by one or two by two.
|
||||
|
||||
Only keep:
|
||||
|
||||
@ -37,7 +37,7 @@ Disable the following services that are not required or have no sense in a VM co
|
||||
* DHCP Client
|
||||
* Function Discovery Provider Host
|
||||
|
||||
this will not work anyway because SSDP discovery uses multicast - need to be on the same network which is not the case because of qubes firewall
|
||||
this will not work anyway because SSDP discovery uses multicast - need to be on the same network which is not the case because of Qubes firewall
|
||||
* Peer Name Resolution Protocol
|
||||
* Peer Netwoking Grouping
|
||||
* Peer Networking Identity Manager
|
||||
@ -67,7 +67,7 @@ System properties
|
||||
Right click on computer and go to Properties > Advanced > Performances:
|
||||
|
||||
* If your don't care about visual effect, in Visual Effect select "Adjust for best performance"
|
||||
* I personnally tweak the page file size to win some place on my root.
|
||||
* I personally tweak the page file size to win some place on my root.
|
||||
|
||||
In Advanced>Performances>Advanced tab, change Virtual memory:
|
||||
|
||||
@ -81,7 +81,7 @@ Right click on computer and go to Properties > Advanced > Performances:
|
||||
|
||||
* System Protection
|
||||
|
||||
Here you can disable Shadow Folder because it has little sense in case of qubes because
|
||||
Here you can disable Shadow Folder because it has little sense in case of Qubes because
|
||||
|
||||
* we do backup regularly of AppVMs/TemplateVMs;
|
||||
* we can revert at least one template change if we break something.
|
||||
@ -90,7 +90,7 @@ Right click on computer and go to Properties > Advanced > Performances:
|
||||
|
||||
* Remote
|
||||
|
||||
Unselect Allow Remote Assistance connetions to this computer.
|
||||
Unselect Allow Remote Assistance connections to this computer.
|
||||
|
||||
Task scheduler
|
||||
-----------------------
|
||||
@ -155,13 +155,12 @@ Manual tasks that can/should be started in the template
|
||||
|
||||
> mv root.img.clean root.img
|
||||
|
||||
* If don't managed to fill the free space with zeroes, you can follow the following *unsafe* undocumented procedure
|
||||
* If don't managed to fill the free space with zeros, you can follow the following *unsafe* undocumented procedure
|
||||
|
||||
1. from dom0, go to /var/lib/templates-vm/yourtemplate
|
||||
2. check the partitionning to identify the filesystem offset of root.img
|
||||
2. check the partitioning to identify the filesystem offset of root.img
|
||||
3. mount the filesystem
|
||||
4. create a file with zeros inside the filesystem until the mounted filesystem is full
|
||||
5. remove the file
|
||||
6. unmount the partition
|
||||
7. make a copy of root.img in sparse mode.
|
||||
|
||||
|
@ -9,7 +9,7 @@ redirect_from:
|
||||
- "/wiki/UserDoc/XFCE/"
|
||||
---
|
||||
|
||||
XFCE installtion in dom0
|
||||
XFCE installation in dom0
|
||||
========================
|
||||
|
||||
**Disclaimer: XFCE isn't fully integrated with Qubes environment, it still require notable amount of manual configuration after install**
|
||||
|
@ -55,7 +55,7 @@ COMPONENTS:=$(filter-out desktop-linux-kde desktop-linux-xfce,$(COMPONENTS))
|
||||
|
||||
Just don't forget that you need to comment this line again if you want to build the whole Qubes-OS install CD.
|
||||
|
||||
Make all required qubes components
|
||||
Make all required Qubes components
|
||||
----------------------------------
|
||||
|
||||
The first use of the builder can take several hours depending on your bandwidth as it will install an archlinux chroot:
|
||||
|
@ -65,9 +65,9 @@ The goal of this file is to prepare a development environment of your target OS
|
||||
|
||||
- the \$1 variable will contain the installation directory (INSTALLDIR should contain the same value than \$1 when you run 00\_prepare or 01\_install\_core)
|
||||
- after your base system is installed, you should install development tools and libraries (gcc, make, ...)
|
||||
- create a user called 'user' inside your chroot, and give him enought right to run the command sudo without any password
|
||||
- create a user called 'user' inside your chroot, and give him enough rights to run the command sudo without any password
|
||||
- register all the repository that could be necessary and synchronize the package database
|
||||
- register a custom repository that will be used to store qubes packages
|
||||
- register a custom repository that will be used to store Qubes packages
|
||||
|
||||
### Makefile.yourOSname
|
||||
|
||||
@ -84,7 +84,7 @@ These additional target need to exist once you created your first packages:
|
||||
|
||||
### Testing the development chroot
|
||||
|
||||
You will be able to test these script when making the first qubes packages. Don't forget that the first things that run when running 'make somcomponent-vm' will be these two scripts, and that you will need to debug it at this point.
|
||||
You will be able to test these script when making the first Qubes packages. Don't forget that the first things that run when running 'make somcomponent-vm' will be these two scripts, and that you will need to debug it at this point.
|
||||
|
||||
Qubes packages
|
||||
--------------
|
||||
@ -118,7 +118,7 @@ The goal of this script is to install all the package that you want to use in yo
|
||||
|
||||
### 04\_install\_qubes.sh
|
||||
|
||||
The goal of this script is to install in your template all the packages you built previously. Also you need to edit the fstab file of your template to mount qubes virtual hard drives.
|
||||
The goal of this script is to install in your template all the packages you built previously. Also you need to edit the fstab file of your template to mount Qubes virtual hard drives.
|
||||
|
||||
### 09\_cleanup.sh
|
||||
|
||||
@ -137,13 +137,13 @@ As soon as you manage to make qrexec and qubes-gui-agent working, it should be s
|
||||
|
||||
### Xen libraries
|
||||
|
||||
Several XEN libraries are required for Qubes to work correctly. In fact, you need to make xenstore commands working before anything else. For this, Qubes git can be used as several patches have been selected by Qubes developpers that could impact the activity inside a VM. Start be retrieving a recent git and identify how you can build a package from it: `git clone git://git.qubes-os.org/marmarek/xen`
|
||||
Several XEN libraries are required for Qubes to work correctly. In fact, you need to make xenstore commands working before anything else. For this, Qubes git can be used as several patches have been selected by Qubes developers that could impact the activity inside a VM. Start be retrieving a recent git and identify how you can build a package from it: `git clone git://git.qubes-os.org/marmarek/xen`
|
||||
|
||||
Find the .spec file in the git repository (this is the file being used to build rpm packages), and try to adapt it to your OS in order to build a package similar to the target 'xen-vm'. For example, a PKGBUILD has been created for [ArchLinux](/doc/templates/archlinux/) and can be found on [http://aur.archlinux.org/packages/qu/qubes-vm-xen/PKGBUILD](http://aur.archlinux.org/packages/qu/qubes-vm-xen/PKGBUILD).
|
||||
|
||||
Don't be afraid with the complexity of the PKGBUILD, most of the code is almost a copy/paste of required sources and patches found in the .spec file provided in the git repository.
|
||||
|
||||
Note once the package has been successfully compiled and installed, you need to setup XEN filesystem. Add the folowing line to your fstab (you can create this line in your package install script): `xen /proc/xen xenfs defaults 0 0`
|
||||
Note once the package has been successfully compiled and installed, you need to setup XEN filesystem. Add the following line to your fstab (you can create this line in your package install script): `xen /proc/xen xenfs defaults 0 0`
|
||||
|
||||
Now install the package you built and mount /proc/xen. Verify that xenstore-read works by running: `xenstore-read qubes_vm_type` That should give you the current VM type such as HVM or AppVM.
|
||||
|
||||
|
@ -149,7 +149,7 @@ RPMS will appear in qubes-src/linux-kernel/pkgs/fc20/x86\_64:
|
||||
|
||||
### Useful [QubesBuilder](/doc/qubes-builder/) commands
|
||||
|
||||
1. `make check` - will check if all the code was commited into repository and
|
||||
1. `make check` - will check if all the code was committed into repository and
|
||||
if all repository are tagged with signed tag.
|
||||
2. `make show-vtags` - show version of each component (based on git tags) -
|
||||
mostly useful just before building ISO. **Note:** this will not show version
|
||||
|
@ -39,7 +39,7 @@ General typographic conventions
|
||||
|
||||
- Class, functions, variables, and arguments naming convention for **Windows OS** -- exceptionally to preserve Windows conventions please use the following:
|
||||
- `ClassName`, `FunctionName`
|
||||
- `pszArgumentOne`, `hPipe` -- use hungerian notation for argument and variables
|
||||
- `pszArgumentOne`, `hPipe` -- use Hungarian notation for argument and variables
|
||||
|
||||
- Horizontal spacing -- maintain at least decent amount of horizontal spacing, such as e.g. add obligatory space after `if` or before `{` in C, and similar in other languages. Whether to also use spaces within expressions, such as (x\*2+5) vs. (x \* 2 + 5) is left to the developer's judgment. Do not put spaces immediately after and before the brackets in expressions, so avoid constructs like this: `if ( condition )` and use `if (condition)` instead.
|
||||
|
||||
@ -169,4 +169,3 @@ Bash-specific guidelines
|
||||
------------------------
|
||||
|
||||
- Avoid writing scripts in bash whenever possible. Use python instead. Bash-scripts are Unix-specific and will not work under Windows VMs, or in Windows admin domain, or Windows gui domain.
|
||||
|
||||
|
@ -70,7 +70,7 @@ cd ~/profiling
|
||||
./Upload.sh
|
||||
~~~
|
||||
|
||||
### Analyse
|
||||
### Analyze
|
||||
|
||||
~~~
|
||||
make
|
||||
|
@ -139,7 +139,7 @@ This step is optional, but very helpful. Put these scripts somewhere in your `${
|
||||
|
||||
### Hooking git
|
||||
|
||||
I (woju) have those two git hooks. They ensure tests are passing (or are marked as expected failure) when commiting and pushing. For committing it is only possible to run tests that may be executed from git repo (even if the rest were available, I probably wouldn't want to do that). For pushing, I also install RPM and run tests on testbench.
|
||||
I (woju) have those two git hooks. They ensure tests are passing (or are marked as expected failure) when committing and pushing. For committing it is only possible to run tests that may be executed from git repo (even if the rest were available, I probably wouldn't want to do that). For pushing, I also install RPM and run tests on testbench.
|
||||
|
||||
`core-admin/.git/hooks/pre-commit`: (you may retain also the default hook, here omitted for readability)
|
||||
|
||||
|
@ -34,7 +34,7 @@ Main responsibilities of *qubes_guid* are:
|
||||
- whenever AppVM signals damage event, tell local Xorg server to repaint a given window fragment
|
||||
- receive information about window size/position change, apply them to the local window
|
||||
|
||||
Note that keyboard and mouse events are passed to AppVM only if a window belonging to this AppVM has focus. AppVM has no way to get information on keystrokes fed to other AppVMs (e.g. XTEST extension will report the status of local AppVM keyboard only), nor synthetize and pass events to other AppVMs.
|
||||
Note that keyboard and mouse events are passed to AppVM only if a window belonging to this AppVM has focus. AppVM has no way to get information on keystrokes fed to other AppVMs (e.g. XTEST extension will report the status of local AppVM keyboard only), nor synthesize and pass events to other AppVMs.
|
||||
|
||||
Window content updates implementation
|
||||
-------------------------------------
|
||||
@ -257,4 +257,3 @@ The header is followed by message-specific data.
|
||||
` uint32_t flags_unset;`
|
||||
` }; `|Window state change confirmation|
|
||||
~~~
|
||||
|
||||
|
@ -23,7 +23,7 @@ This has the following disadvantages:
|
||||
- performance - dom0 has to prepare and attach/detach block devices, which is slow because of hotplug scripts involvement.
|
||||
- security - VM kernel parses partition table and filesystem metadata from the block device; they are controlled by (potentially untrusted) sender VM.
|
||||
|
||||
In Qubes Beta1, we have reimplemented interVM file copy using qrexec, which addresses the abovementioned disadvantages. In Qubes Beta2, even more generic solution (qubes rpc) is used. See the developer docs on qrexec and qubes rpc. In a nutshell, the file sender and the file receiver just read/write from stdin/stdout, and the qubes rpc layer passes data properly - so, no block devices are used.
|
||||
In Qubes Beta1, we have reimplemented interVM file copy using qrexec, which addresses the above mentioned disadvantages. In Qubes Beta2, even more generic solution (qubes rpc) is used. See the developer docs on qrexec and qubes rpc. In a nutshell, the file sender and the file receiver just read/write from stdin/stdout, and the qubes rpc layer passes data properly - so, no block devices are used.
|
||||
|
||||
The rpc action for regular file copy is *qubes.Filecopy*, the rpc client is named *qfile-agent*, the rpc server is named *qfile-unpacker*. For DispVM copy, the rpc action is *qubes.OpenInVM*, the rpc client is named *qopen-in-vm*, rpc server is named *vm-file-editor*. Note that the qubes.OpenInVM action can be done on a normal AppVM, too.
|
||||
|
||||
|
@ -52,7 +52,7 @@ There can be almost arbitrary number of `qrexec-client` processes for a domain
|
||||
(i.e., `qrexec-client` processes connected to the same `qrexec-daemon`);
|
||||
their data is multiplexed independently.
|
||||
|
||||
There is a similar command line utility avilable inside Linux AppVMs (note
|
||||
There is a similar command line utility available inside Linux AppVMs (note
|
||||
the `-vm` suffix): `qrexec-client-vm` that will be described in subsequent
|
||||
sections.
|
||||
|
||||
@ -265,7 +265,7 @@ Players:
|
||||
users. `qrexec-client-vm` is designed to be wrapped up by Qubes apps.
|
||||
|
||||
|
||||
## Windows VMs implemention ##
|
||||
## Windows VMs implementation ##
|
||||
|
||||
`%QUBES_DIR%` is the installation path (`c:\Program Files\Invisible Things
|
||||
Lab\Qubes OS Windows Tools` by default).
|
||||
@ -327,4 +327,3 @@ steps are taken:
|
||||
process to exit, and then destroys the DispVM.
|
||||
|
||||
*TODO: Protocol description ("wire-level" spec)*
|
||||
|
||||
|
@ -17,18 +17,18 @@ From now on, it will be as follows.
|
||||
Qubes distributions and products
|
||||
--------------------------------
|
||||
|
||||
We intend to make it easy to make a remix of qubes, targetting another
|
||||
We intend to make it easy to make a remix of qubes, targeting another
|
||||
hypervisor or isolation provider. We may also create commercial products
|
||||
intended for specific circumstances. There is one distinguished distribution
|
||||
called **Qubes OS**. All source code for it is available for download under GPL
|
||||
licence and is openly developed on the mailing lists. The rest of this document
|
||||
license and is openly developed on the mailing lists. The rest of this document
|
||||
discusses Qubes OS. Another remix may have its own version series.
|
||||
|
||||
Release version
|
||||
---------------
|
||||
|
||||
Qubes OS as a whole is released from time to time. Version scheme for all
|
||||
releases is modelled after Linux kernel version numbers. When announcing new
|
||||
releases is modeled after Linux kernel version numbers. When announcing new
|
||||
release, we decide on the major.minor version (like `3.0`) and release
|
||||
`3.0-rc1`. When we feel that enough progress has been made, we put `3.0-rc2`
|
||||
and so on. All these versions are considered unstable and not ready for
|
||||
@ -79,7 +79,7 @@ in `current` repository and the cycle starts over. There should be no less than
|
||||
</table>
|
||||
|
||||
Starting with second cycle (that is, after `-rc1`) two weeks into the cycle
|
||||
(after primary bug-reporting period) the Supreme Committee decides wether there
|
||||
(after primary bug-reporting period) the Supreme Committee decides whether there
|
||||
should be another RC. If, based on remaining issues, the Committee decides to
|
||||
release final, then the Committee agrees upon the release date, which should be
|
||||
no later than a week after.
|
||||
|
@ -38,10 +38,10 @@ Pros:
|
||||
|
||||
Cons:
|
||||
|
||||
* Rewriteable. (If the drive is mounted to a compromised machine, the ISO could
|
||||
* Rewritable. (If the drive is mounted to a compromised machine, the ISO could
|
||||
be maliciously altered after it has been written to the drive.)
|
||||
* Untrustworthy firmware. (Firmware can be malicious even if the drive is new.
|
||||
Plugging a drive with rewriteable firmware into a compromised machine can
|
||||
Plugging a drive with rewritable firmware into a compromised machine can
|
||||
also [compromise the drive][BadUSB]. Installing from a compromised drive
|
||||
could compromise even a brand new Qubes installation.)
|
||||
|
||||
|
@ -59,7 +59,7 @@ Live USB variant:
|
||||
stored on the r/w partition (or on another stick).
|
||||
|
||||
A nice variant of this persistence option, especially for frequent
|
||||
travellers, would be to augment our backup tools so that it was
|
||||
travelers, would be to augment our backup tools so that it was
|
||||
possible to create a LiveUSB-hosted backups of select VMs. One could then
|
||||
pick a few of their VMs, necessary for a specific travel, back them to a
|
||||
LiveUSB stick, and take this stick when traveling to a hostile country (not
|
||||
|
@ -44,7 +44,7 @@ After this step you should have `qubes-release-2-5` in your Dom0. Important: if
|
||||
|
||||
1. Upgrade dom0 to R2:
|
||||
|
||||
Note: be sure that the VM used as a update-downloading-vm (by default its the firewallvm based on the default template) has been updated to the latest qubes packages, specifically `qubes-core-vm-2.1.33` or later. This doesn't imply that the VM must already be upgraded to fc20 -- for Dom0 upgrade we could still use an fc18-based VM (updatevm) it is only important to install the latest Qubes packages there.
|
||||
Note: be sure that the VM used as a update-downloading-vm (by default its the firewallvm based on the default template) has been updated to the latest Qubes packages, specifically `qubes-core-vm-2.1.33` or later. This doesn't imply that the VM must already be upgraded to fc20 -- for Dom0 upgrade we could still use an fc18-based VM (updatevm) it is only important to install the latest Qubes packages there.
|
||||
|
||||
~~~
|
||||
sudo qubes-dom0-update qubes-dom0-dist-upgrade
|
||||
|
@ -16,7 +16,7 @@ Existing users of Qubes R1 (but not R1 betas!) can upgrade their systems to the
|
||||
Upgrade all Template and Standalone VM(s)
|
||||
-----------------------------------------
|
||||
|
||||
**If you have already R2 Beta1 installed, follow standard template update procedure (e.g. "Update VM" buttom in Qubes Manager) and skip the rest of this section**
|
||||
**If you have already R2 Beta1 installed, follow standard template update procedure (e.g. "Update VM" button in Qubes Manager) and skip the rest of this section**
|
||||
|
||||
By default, in Qubes R1, there is only one Template VM, however users are free to create more Template VMs for special purposes, as well as Standalone VMs. More information on using multiple Template VMs, as well as Standalone VMs, can be found [SoftwareUpdateVM here]. The steps described in this section should be repeated in *all* user's Template and Standalone VMs.
|
||||
|
||||
@ -54,7 +54,7 @@ By default, in Qubes R1, there is only one Template VM, however users are free t
|
||||
Installing new template
|
||||
-----------------------
|
||||
|
||||
Qubes R2 Beta2 brings new fedora-18-x64 template (based on Fedora 18). You can install it from Qubes installation DVD. Insert installation DVD into your drive and issue following commmands:
|
||||
Qubes R2 Beta2 brings new fedora-18-x64 template (based on Fedora 18). You can install it from Qubes installation DVD. Insert installation DVD into your drive and issue following commands:
|
||||
|
||||
~~~
|
||||
$ sudo -s
|
||||
|
@ -21,7 +21,7 @@ Some kernel/Xorg combination use only 640x480 in HVM, which is quite small. To e
|
||||
|
||||
To achieve it (all commands run as root):
|
||||
|
||||
1. Generate XOrg configuratio (if you don't have it):
|
||||
1. Generate XOrg configuration (if you don't have it):
|
||||
|
||||
~~~
|
||||
X -configure :1 && mv ~/xorg.conf.new /etc/X11/xorg.conf
|
||||
|
@ -14,7 +14,7 @@ Installing Whonix in Qubes is simple and only requires a few simple steps.
|
||||
|
||||
Using privacy and anonymization tools like Whonix is not a magical solution that instantly makes you anonymous online. Please consider:
|
||||
|
||||
* Do you know what a metadata or a man-in-the-middle attack is?
|
||||
* Do you know what metadata or a man-in-the-middle attack is?
|
||||
* Do you think nobody can eavesdrop on your communications because you are using Tor?
|
||||
* Do you know how Whonix works?
|
||||
|
||||
|
@ -16,7 +16,7 @@ NAME
|
||||
|
||||
qvm-add-appvm - add an already installed appvm to the Qubes DB
|
||||
|
||||
WARNING: Noramlly you would not need this command, and you would use qvm-create instead!
|
||||
WARNING: Normally you would not need this command, and you would use qvm-create instead!
|
||||
|
||||
Date
|
||||
2012-04-10
|
||||
|
@ -115,7 +115,7 @@ Additional drive for the VM (available only for HVMs). This can be used to attac
|
||||
mac
|
||||
Accepted values: MAC address, `auto`
|
||||
|
||||
Can be used to force specific of virtual ethernet card in the VM. Setting to `auto` will use automatic-generated MAC - based on VM id. Especially useful when some licencing depending on static MAC address. For template-based HVM `auto` mode means to clone template MAC.
|
||||
Can be used to force specific of virtual ethernet card in the VM. Setting to `auto` will use automatic-generated MAC - based on VM id. Especially useful when some licenses depends on static MAC address. For template-based HVM `auto` mode means to clone template MAC.
|
||||
|
||||
default\_user
|
||||
Accepted values: username
|
||||
@ -135,7 +135,7 @@ This HVM have qrexec agent installed. When VM have qrexec agent installed, one c
|
||||
guiagent\_installed
|
||||
Accepted values: `True`, `False`
|
||||
|
||||
This HVM have gui agent installed. This option disables full screen GUI virtualization and enables per-window seemless GUI mode. This option will be automatically turned on during Qubes Windows Tools installation, but if you install qubes gui agent in some other OS, you need to turn this option on manually. You can turn this option off to troubleshoot some early HVM OS boot problems (enter safe mode etc), but the option will be automatically enabled at first VM normal startup (and will take effect from the next startup).
|
||||
This HVM have gui agent installed. This option disables full screen GUI virtualization and enables per-window seamless GUI mode. This option will be automatically turned on during Qubes Windows Tools installation, but if you install Qubes gui agent in some other OS, you need to turn this option on manually. You can turn this option off to troubleshoot some early HVM OS boot problems (enter safe mode etc), but the option will be automatically enabled at first VM normal startup (and will take effect from the next startup).
|
||||
|
||||
*Notice:* when Windows GUI agent is installed in the VM, SVGA device (used to full screen video) is disabled, so even if you disable this option, you will not get functional full desktop access (on normal VM startup). Use some other means for that (VNC, RDP or so).
|
||||
|
||||
|
@ -31,7 +31,7 @@ OPTIONS
|
||||
Show this help message and exit
|
||||
|
||||
--force
|
||||
Do not prompt for comfirmation
|
||||
Do not prompt for confirmation
|
||||
|
||||
AUTHORS
|
||||
-------
|
||||
|
@ -46,14 +46,14 @@ Reset service to its default state (remove from the list). Default state means "
|
||||
SUPPORTED SERVICES
|
||||
------------------
|
||||
|
||||
This list can be incomplete as VM can implement any additional service without knowlege of qubes-core code.
|
||||
This list can be incomplete as VM can implement any additional service without knowledge of qubes-core code.
|
||||
|
||||
meminfo-writer
|
||||
Default: enabled everywhere excluding NetVM
|
||||
|
||||
This service reports VM memory usage to dom0, which effectively enables dynamic memory management for the VM.
|
||||
|
||||
*Note:* this service is enforced to be set by dom0 code. If you try to remove it (reset to defult state), will be recreated with the rule: enabled if VM have no PCI devices assigned, otherwise disabled.
|
||||
*Note:* this service is enforced to be set by dom0 code. If you try to remove it (reset to default state), will be recreated with the rule: enabled if VM have no PCI devices assigned, otherwise disabled.
|
||||
|
||||
qubes-dvm
|
||||
Default: disabled
|
||||
|
@ -11,7 +11,7 @@ Using Multi-factor Authentication with Qubes
|
||||
============================================
|
||||
|
||||
(Note: This page concerns multi-factor authentication for logging into external
|
||||
severices, not for logging into Qubes itself. For the latter, see
|
||||
services, not for logging into Qubes itself. For the latter, see
|
||||
[here][YubiKey].)
|
||||
|
||||
[Multi-factor authentication (MFA)][MFA] today most commonly takes the form of a
|
||||
|
@ -81,7 +81,7 @@ In order to allow a service present in an VM to be exposed to the outside world
|
||||
- In the FirewallVM, allow packets to be routed from the NetVM to the VM and allow packets through the FirewallVM firewall
|
||||
- In the VM, allow packets into the VM firewall to reach the service
|
||||
|
||||
As an example we can take the use case of a web server listenning on port 443 that we want to expose on our physical interface eth0, but only to our local network 192.168.0.0/24.
|
||||
As an example we can take the use case of a web server listening on port 443 that we want to expose on our physical interface eth0, but only to our local network 192.168.0.0/24.
|
||||
|
||||
**1. Allow packets to be routed from the outside world for the exposed service to the FirewallVM**
|
||||
|
||||
|
@ -13,4 +13,4 @@ Qubes Security Goals
|
||||
|
||||
Qubes implements a Security by Isolation approach by providing the user with the ability to easily create many security domains. These domains are implemented as lightweight Virtual Machines (VMs) running under the Xen hypervisor. Qubes' main objective is to provide strong isolation between these domains, so that even if an attacker compromises one of the domains, the others are still safe. Qubes, however, does not attempt to provide any security isolation for applications running within the same domain. For example, a buggy web browser running in a Qubes domain could still be compromised just as easily as on a regular Linux distribution. The difference that Qubes makes is that now the attacker doesn't have access to all the software running in the other domains.
|
||||
|
||||
Qubes also provides a number of mechanisms that make it easy and convenient for the user to run multiple domains, such as seamless GUI integration onto one common desktop, secure clipboard copy and paste between domains, secure file transfer between domains, disposable VMs, and much more. Qubes also provides an advanced networking infrastructure that allows for the creation of multiple network VMs (which isolate all the world-facing networking stacks) and proxy VMs which can be used for advanced VPN and tunnelling over untrusted connections.
|
||||
Qubes also provides a number of mechanisms that make it easy and convenient for the user to run multiple domains, such as seamless GUI integration onto one common desktop, secure clipboard copy and paste between domains, secure file transfer between domains, disposable VMs, and much more. Qubes also provides an advanced networking infrastructure that allows for the creation of multiple network VMs (which isolate all the world-facing networking stacks) and proxy VMs which can be used for advanced VPN and tunneling over untrusted connections.
|
||||
|
@ -18,7 +18,7 @@ Background ([/etc/sudoers.d/qubes](https://github.com/QubesOS/qubes-core-agent-l
|
||||
# WTF?! Have you lost your mind?!
|
||||
#
|
||||
# In Qubes VMs there is no point in isolating the root account from
|
||||
# the user account. This is because all the user data are already
|
||||
# the user account. This is because all the user data is already
|
||||
# accessible from the user account, so there is no direct benefit for
|
||||
# the attacker if she could escalate to root (there is even no benefit
|
||||
# in trying to install some persistent rootkits, as the VM's root
|
||||
|
Loading…
Reference in New Issue
Block a user