e91680b6a9
Formatted the document in a more structured table listing the known use cases. - Separated the network utilities from the standard util packages - Removed the ProxyVM section completely, as it didn't add much information - Moved the logging information to an ending section, where more topics can be listed.
4.0 KiB
| layout | title | permalink | redirect_from | ||||
|---|---|---|---|---|---|---|---|
| doc | Fedora Minimal Template | /doc/templates/fedora-minimal/ |
|
Fedora - minimal
The template only weighs about 300 MB and has only the most vital packages installed, including a minimal X and xterm installation. It is not thought to be usable in its original form. The minimal template, however, can be easily extended to fit your requirements. The sections below contain the instructions on duplicating the template and provide some examples for commonly desired use cases.
Installation
The Fedora minimal template can be installed with the following command:
[user@dom0 ~]$ sudo qubes-dom0-update qubes-template-fedora-23-minimal
The download and installation process may take some time.
Duplication and first steps
It is higly recommended to clone the original template, and make any changes in the clone instead of the original template. The following command clones the template. Replace "your-new-clone" with your desired name.
[user@dom0 ~]$ qvm-clone fedora-23-minimal your-new-clone
You must start the template in order to customize it.
A recommended first step is to install the sudo package, which is not installed by default in the minimal template:
[user@your-new-clone ~]$ su -
[user@your-new-clone ~]$ dnf install sudo
Customization
Customizing the template for specific use cases normally only requires installing additional packages. The following table provides an overview of which packages are needed for which purpose.
As expected, the required packages are to be installed in the running template with the following command. Replace "packages" with the list of packages to be installed, separated by space.
[user@your-new-clone ~]$ sudo dnf install packages
| Use case | Description | Required steps |
|---|---|---|
| Standard utilities | If you need the commonly used utilities | Install the following packages: pciutils vim-minimal less psmisc gnome-keyring |
| Firewall VM | You can use the minimal template as a firewall VM, such as the basis template for sys-firewall |
No extra packages are needed for the template to work as a firewall. |
| Network VM | You can use this template as the basis for a NetVM such as sys-net |
Install the following packages: NetworkManager NetworkManager-wifi network-manager-applet wireless-tools dbus-x11 dejavu-sans-fonts tinyproxy. |
| Network VM (extra firmware) | If your network devices need extra packages for the template to work as a network VM | Use the lspci command to identify the devices, then run dnf search firmware (replace "firmware" with the appropriate device identifier) to find the needed packages and then install them. |
| Network utilities | If you need utilities for debugging and analyzing network connections | Install the following packages: tcpdump telnet nmap nmap-ncat |
| USB VM | If you want USB input forwarding to use this template as the basis for a USBVM such as sys-usb |
Install qubes-input-proxy-sender |
| VPN VM | You can use this template as basis for a VPN machine | Use the dnf search "NetworkManager VPN plugin" command to look up the VPN packages you need, based on the VPN technology you'll be using, and install them. Some GNOME related packages may be needed as well. After creation of a machine based on this template, follow the VPN howto to configure it. |
| TOR | If you want to provide torified networking to other clients | As described in the TorVM page, the recommendation is to use the standard Whonix image for this use case. |
Common questions
Logging
The rsyslog logging service is not installed by default, as all logging is instead being handled by the systemd journal. Users requiring the rsyslog service should install it manually.
To access the journald log, use the journalctl command.