mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-26 15:59:24 -05:00
Merge branch 'trim-r4'
This commit is contained in:
commit
f9fab270e8
@ -53,10 +53,3 @@ This applies also to any TemplateBasedVM relative to its parent TemplateVM, but
|
|||||||
|
|
||||||
Credit: [Joanna Rutkovska](https://twitter.com/rootkovska/status/832571372085850112)
|
Credit: [Joanna Rutkovska](https://twitter.com/rootkovska/status/832571372085850112)
|
||||||
|
|
||||||
|
|
||||||
Trim for standalone AppVMs
|
|
||||||
---------------------
|
|
||||||
The `qvm-trim-template` command is not available for a standalone AppVM.
|
|
||||||
|
|
||||||
It is still possible to trim the AppVM disks by using the `fstrim --all` command from the appvm.
|
|
||||||
You can also add the `discard` option to the mount line in `/etc/fstab` inside the standalone AppVM if you want trimming to be performed automatically, but there may be a performance impact on writes and deletes.
|
|
||||||
|
11
external/os-guides/pentesting/kali.md
vendored
11
external/os-guides/pentesting/kali.md
vendored
@ -148,16 +148,10 @@ There are multiple ways to create a Kali Linux VM:
|
|||||||
[user@kali ~]$ sudo apt-get dist-upgrade
|
[user@kali ~]$ sudo apt-get dist-upgrade
|
||||||
[user@kali ~]$ sudo apt-get autoremove
|
[user@kali ~]$ sudo apt-get autoremove
|
||||||
|
|
||||||
8. Shutdown and trim `kali` template
|
8. Shut down `kali` template
|
||||||
|
|
||||||
- Shutdown `kali` template
|
|
||||||
|
|
||||||
[user@kali ~]$ sudo shutdown -h now
|
[user@kali ~]$ sudo shutdown -h now
|
||||||
|
|
||||||
- In `dom0` console:
|
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-trim-template kali
|
|
||||||
|
|
||||||
9. Start image
|
9. Start image
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-start kali
|
[user@dom0 ~]$ qvm-start kali
|
||||||
@ -285,10 +279,9 @@ These instructions will show you how to upgrade a Debian TemplateVM to Kali Linu
|
|||||||
[user@kali-rolling ~]$ sudo apt-get dist-upgrade
|
[user@kali-rolling ~]$ sudo apt-get dist-upgrade
|
||||||
[user@kali-rolling ~]$ sudo apt-get autoremove
|
[user@kali-rolling ~]$ sudo apt-get autoremove
|
||||||
|
|
||||||
9. Shut down and trim the new template.
|
9. Shut down the new template.
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-shutdown kali-rolling
|
[user@dom0 ~]$ qvm-shutdown kali-rolling
|
||||||
[user@dom0 ~]$ qvm-trim-template kali-rolling
|
|
||||||
|
|
||||||
10. Ensure a terminal can be opened in the new template.
|
10. Ensure a terminal can be opened in the new template.
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ redirect_from:
|
|||||||
Upgrading the Debian 8 Template
|
Upgrading the Debian 8 Template
|
||||||
===============================
|
===============================
|
||||||
|
|
||||||
Please note that if you installed packages from one of the testing repositories you must make sure that the repository is enabled in `/etc/apt/sources.list.d/qubes-r3.list` before attempting the upgrade.
|
Please note that if you installed packages from one of the testing repositories you must make sure that the repository is enabled in `/etc/apt/sources.list.d/qubes-r4.list` before attempting the upgrade.
|
||||||
Otherwise, your upgrade will [break](https://github.com/QubesOS/qubes-issues/issues/2418).
|
Otherwise, your upgrade will [break](https://github.com/QubesOS/qubes-issues/issues/2418).
|
||||||
|
|
||||||
Summary: Upgrading a Debian 8 Template to Debian 9
|
Summary: Upgrading a Debian 8 Template to Debian 9
|
||||||
@ -21,16 +21,10 @@ Summary: Upgrading a Debian 8 Template to Debian 9
|
|||||||
[user@dom0 ~]$ qvm-clone debian-8 debian-9
|
[user@dom0 ~]$ qvm-clone debian-8 debian-9
|
||||||
[user@dom0 ~]$ qvm-run -a debian-9 gnome-terminal
|
[user@dom0 ~]$ qvm-run -a debian-9 gnome-terminal
|
||||||
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
|
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
|
||||||
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list
|
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r4.list
|
||||||
[user@debian-9 ~]$ sudo apt-get update && sudo apt-get dist-upgrade -y
|
[user@debian-9 ~]$ sudo apt-get update && sudo apt-get dist-upgrade -y
|
||||||
[user@debian-9 ~]$ sudo apt-get autoremove
|
[user@debian-9 ~]$ sudo apt-get autoremove
|
||||||
|
|
||||||
(Shut down TemplateVM by any normal means.)
|
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-trim-template debian-9
|
|
||||||
|
|
||||||
(Done.)
|
|
||||||
|
|
||||||
Detailed: Upgrading the Standard Debian 8 Template to Debian 9
|
Detailed: Upgrading the Standard Debian 8 Template to Debian 9
|
||||||
--------------------------------------------------------------
|
--------------------------------------------------------------
|
||||||
|
|
||||||
@ -52,11 +46,11 @@ any template based on the standard Debian 8 template.
|
|||||||
automatically update the files.)
|
automatically update the files.)
|
||||||
|
|
||||||
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
|
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
|
||||||
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list
|
[user@debian-9 ~]$ sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r4.list
|
||||||
|
|
||||||
4. Update the package lists and upgrade to Debian 9. During the process,
|
4. Update the package lists and upgrade to Debian 9. During the process,
|
||||||
it will likely prompt to overwrite two files, qubes-r3.list and
|
it will likely prompt to overwrite two files, qubes-r4.list and
|
||||||
pulse/client.conf. qubes-r3.list can be overwritten, while pulse/client.conf
|
pulse/client.conf. qubes-r4.list can be overwritten, while pulse/client.conf
|
||||||
need to left as the currently installed version.
|
need to left as the currently installed version.
|
||||||
|
|
||||||
[user@debian-9 ~]$ sudo apt-get update && sudo apt-get dist-upgrade -y
|
[user@debian-9 ~]$ sudo apt-get update && sudo apt-get dist-upgrade -y
|
||||||
@ -69,58 +63,20 @@ any template based on the standard Debian 8 template.
|
|||||||
|
|
||||||
[user@dom0 ~]$ qvm-shutdown debian-9
|
[user@dom0 ~]$ qvm-shutdown debian-9
|
||||||
|
|
||||||
7. Trim the new template (see **Compacting the Upgraded Template** for details
|
7. (Recommended) [Switch everything that was set to the old template to the new
|
||||||
and other options).
|
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-trim-template debian-9
|
|
||||||
|
|
||||||
8. (Recommended) [Switch everything that was set to the old template to the new
|
|
||||||
template.](/doc/templates/#how-to-switch-templates)
|
template.](/doc/templates/#how-to-switch-templates)
|
||||||
|
|
||||||
9. (Optional) Remove the old default template.
|
8. (Optional) Remove the old default template.
|
||||||
|
|
||||||
[user@dom0 ~]$ sudo yum remove qubes-template-debian-8
|
[user@dom0 ~]$ sudo yum remove qubes-template-debian-8
|
||||||
|
|
||||||
|
|
||||||
Compacting the Upgraded Template
|
|
||||||
--------------------------------
|
|
||||||
|
|
||||||
Neither `fstrim` nor the `discard` mount option works on the TemplateVM's root
|
|
||||||
filesystem, so when a file is removed in the template, space is not freed in
|
|
||||||
dom0. This means that the template will use about twice as much space as is
|
|
||||||
really necessary after upgrading.
|
|
||||||
|
|
||||||
If you have at least `qubes-core-dom0-2.1.68` installed or are on Qubes R3.0,
|
|
||||||
you can use the `qvm-trim-template` tool:
|
|
||||||
|
|
||||||
[user@dom0 ~]$ qvm-trim-template debian-9
|
|
||||||
|
|
||||||
If you do not have `qubes-core-dom0-2.1.68` or are on older Qubes version, you can
|
|
||||||
compact the `root.img` manually. To do this, you will need about 15GB (the
|
|
||||||
TemplateVM's max size + the actually used space there) free space in dom0.
|
|
||||||
|
|
||||||
1. Start the template and fill all the free space with zeros, for example
|
|
||||||
with:
|
|
||||||
|
|
||||||
[user@debian-9 ~]$ dd if=/dev/zero of=/var/tmp/zero
|
|
||||||
|
|
||||||
2. Wait for the "No space left on device" error. Then:
|
|
||||||
|
|
||||||
[user@debian-9 ~]$ rm -f /var/tmp/zero
|
|
||||||
|
|
||||||
3. Shut down the template and all VMs based on it. Then:
|
|
||||||
|
|
||||||
[user@dom0 ~]$ cd /var/lib/qubes/vm-templates/debian-9
|
|
||||||
[user@dom0 ~]$ cp --sparse=always root.img root.img.new
|
|
||||||
[user@dom0 ~]$ mv root.img.new root.img
|
|
||||||
|
|
||||||
Additional Information
|
Additional Information
|
||||||
----------------------
|
----------------------
|
||||||
|
|
||||||
Debian Stretch packages were first made available in the Qubes R3.1 repositories.
|
Debian Stretch packages were first made available in the Qubes R3.1 repositories.
|
||||||
|
|
||||||
If sound is not working, you may need to enable the Qubes testing repository to get the testing version of qubes-gui-agent.
|
If sound is not working, you may need to enable the Qubes testing repository to get the testing version of qubes-gui-agent.
|
||||||
This can be done by editing the /etc/apt/sources.list.d/qubes-r3.list file and uncommenting the Qubes Updates Candidates repo.
|
This can be done by editing the /etc/apt/sources.list.d/qubes-r4.list file and uncommenting the Qubes Updates Candidates repo.
|
||||||
|
|
||||||
User-initiated updates/upgrades may not run when a templateVM first starts.
|
User-initiated updates/upgrades may not run when a templateVM first starts.
|
||||||
This is due to a new Debian config setting that attempts to update automatically; it should be disabled with:
|
This is due to a new Debian config setting that attempts to update automatically; it should be disabled with:
|
||||||
|
@ -130,6 +130,7 @@ Rather, it must be updated individually from inside the StandaloneVM.
|
|||||||
|
|
||||||
## Important Notes
|
## Important Notes
|
||||||
|
|
||||||
* `qvm-trim-template` is not necessary. All VMs are created in a thin pool
|
* `qvm-trim-template` is no longer necessary or available in Qubes 4.0 and higher.
|
||||||
and trimming is handled automatically. No user action is required.
|
All VMs are created in a thin pool and trimming is handled automatically.
|
||||||
|
No user action is required.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user