Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document qubes.PostInstall service, /etc/qubes/post-install.d, qvm-features-request #2829

Closed
marmarek opened this issue May 26, 2017 · 4 comments · Fixed by QubesOS/qubes-core-admin#238
Closed

Document qubes.PostInstall service, /etc/qubes/post-install.d, qvm-features-request #2829

marmarek opened this issue May 26, 2017 · 4 comments · Fixed by QubesOS/qubes-core-admin#238
Labels
C: doc P: major Priority: major. Between "default" and "critical" in severity. r4.0-dom0-stable T: task Type: task. An action item that is neither a bug nor an enhancement.
Milestone
Release 4.0 updates

Comments

@marmarek
Copy link
Member

marmarek commented May 26, 2017
edited
Loading

Document mechanism used by VMs (especially templates) to announce what "features" it support. This apply to things like:

  • gui agent / seamless mode
  • being updates proxy
  • handling firewall rules set for VM by dom0 (qvm-firewall/qubes-firewall)
  • having own clock synchronization mechanism (request dom0 to not send dom0 time to it)

This is about #1637
@marmarek marmarek added C: doc P: major Priority: major. Between "default" and "critical" in severity. labels May 26, 2017
@marmarek marmarek added this to the Release 4.0 milestone May 26, 2017
@marmarek
Copy link
Member Author

@adrelanos can you list what dom0 changes you'd like for better privacy in Whonix VMs (both WS and GW)?

marmarek added a commit to marmarek/old-qubes-core-agent-linux that referenced this issue May 26, 2017
@marmarek
Implement qubes.PostInstall service
8694931 
This is meant to notify dom0 about features supported by just-installed
template. This service is called by dom0 just after template
installation.

Fixes QubesOS/qubes-issues#1637
Documentation pending: QubesOS/qubes-issues#2829
@adrelanos
Copy link
Member

@adrelanos can you list what dom0 changes you'd like for better privacy in Whonix VMs (both WS and GW)?

That's a pretty broad question.

Generally, not just dom0:

dom0 specific:

Block clflush and tsc instructions. Remove all timers. Avoid multi-threading VMs. Alternatively use non-interleaved NUMA with pinned vCPUs.

Pin vCPUs to separate pCPUs. Block tsc instructions. Remove all timers.

@qubesos-bot qubesos-bot mentioned this issue Jun 9, 2017
Closed
@marmarek marmarek mentioned this issue Oct 22, 2017
Closed
@marmarek marmarek mentioned this issue Dec 23, 2017
Open
@andrewdavidwong andrewdavidwong added the T: task Type: task. An action item that is neither a bug nor an enhancement. label Mar 31, 2018
@marmarek marmarek mentioned this issue Sep 28, 2018
Open
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Oct 21, 2018
@marmarek
doc: document features, qvm-features-request and services
b14a259 
Fixes QubesOS/qubes-issues#2829
@marmarek marmarek mentioned this issue Oct 22, 2018
Merged
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Oct 23, 2018
@marmarek
doc: document features, qvm-features-request and services
6be2408 
Fixes QubesOS/qubes-issues#2829
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Oct 23, 2018
@marmarek
doc: document features, qvm-features-request and services
62c822d 
Fixes QubesOS/qubes-issues#2829
@qubesos-bot
Copy link

Automated announcement from builder-github

The package qubes-core-dom0-4.0.33-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot mentioned this issue Oct 29, 2018
Closed
@qubesos-bot
Copy link

Automated announcement from builder-github

The package qubes-core-dom0-4.0.37-1.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: doc P: major Priority: major. Between "default" and "critical" in severity. r4.0-dom0-stable T: task Type: task. An action item that is neither a bug nor an enhancement.
Projects
None yet
Milestone
Release 4.0 updates
Development

Successfully merging a pull request may close this issue.

LVM performance, supported services listing, misc fixes and tests marmarek/qubes-core-admin
4 participants
@marmarek @adrelanos @andrewdavidwong @qubesos-bot