-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set menu items for sd-devices and sd-whonix #1112
Conversation
For some reason the menu is only showing me "Files" for |
I noticed that there was no entry for Disks in |
From what I can tell, the problem is that the dom0 salt state that runs qvm-sync-appmenus happens before the securedrop-export package is installed, so gnome-disk-utility isn't installed yet. |
I was initially surprised to learn that the customizations belong on sd-devices and not sd-devices-dvm, but it makes sense (and maybe that explains the difference in behaviour between that and sd-whonix, which is not disposable?). Re sd-app: Since we're hiding it from showing up on the menu, I don't have strong feelings about the sync-appmenus step. (I do think though that it is friendly to leave a terminal application at minimum in all of our VMs, even the ones that are internal, but not a huge deal). The only caveat to that would be if syncing appmenus also had other effects (eg updating other/linked files that are used elsewhere in the system, such as global settings menus etc). I took a quick peek through |
I discussed this with @rocodes who explained that we'd need to add another salt run in
I restored the sync for the small template just to avoid us needing to think/reason about whether removing it will have other effects. I don't think there's any real downside to keeping it. |
Thanks for summarizing - yeah so what I was saying that calling The 3 options I saw are:
|
qvm-start --skip-if-running sd-large-bookworm-template && qvm-sync-appmenus sd-large-bookworm-template | ||
qvm-start --skip-if-running whonix-gateway-17 && qvm-sync-appmenus whonix-gateway-17 | ||
# These are the two ones we show in prod VMs, so sync explicitly | ||
qvm-sync-appmenus --regenerate-only sd-devices |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-
On systems with 16-24GB of RAM, this could be a lot of running VMs at once (because some of
$all_sdw_vms_target
are running too); I wonder if we'll run into memory errors. Might be worth it to shut down the templates after, and/or if we have to do this in batches now that we have more dvm templates and named dispvms. Haven't tested, just a thought -
do we need to check if sd-devices and sd-whonix are running before qvm-sync-appmenus --regenerate-only on them? I know there's no error but I haven't checked if that's a mistake with the script or if it's fine if they're powered off.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might be worth it to shut down the templates after
I can add shutdown after each one just in case.
do we need to check if sd-devices and sd-whonix are running before qvm-sync-appmenus --regenerate-only on them? I know there's no error but I haven't checked if that's a mistake with the script or if it's fine if they're powered off.
Because we do --regenerate-only
, we don't need to start the VM. My mental model is that this step is just copying the desktop entries from the template VMs list in dom0 (which we just synced) and applying it to the specific AppVM. I'm not sure this is exactly right, but I will add it to the agenda for Tuesday's Qubes sync.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can add shutdown after each one just in case.
I didn't add --wait
to qvm-shutdown for speed purposes, if you disagree, I'm totally fine adding it in.
These are the only two VMs that will be visible on production systems and have specific tools we want users to be able to directly start. * sd-devices: Files (Nautilus) and Disks * sd-whonix: Anon Connection Wizard and Tor Control Panel Ideally we would do all of this in salt, but since we need to run stuff via dom0 after we do things in the VMs, it would require adjusting the order of some salt states, which is a bit too intrusive for a fix during the RC/QA period. A TODO indicates that this is not an ideal situation, and <freedomofpress/securedrop-client#2078> tracks one potential fix. Fixes #520. Fixes #1109.
I'm just looking closer at the vm features. It looks like you can inspect a whitelist of permitted vms via
2 notes:
🙃 |
Discussion in today's Qubes meeting was that the post-install hook in the VMs should be running automatically, and if not, it's a bug. I'm going to create an isolated STR and file that upstream. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - provisioning completes successfully, sd-whonix has Connection Wizard and Control Panel, sd-devices has Disks and Files.
During provisioning I noticed two appmenu related errors in the console log:
Failed to get icon for open-in-dvm: No icon received
for sd-small-bookworm-template (it's true. there's no icon for that) and
Warning: not creating/updating '/home/$USER/.local/share/qubes-appmenus/sd-large-bullseye-template/apps.templates/send-to-usb.desktop' because of missing 'Name' key
.
I will look into this separately in the interests of time.
Status
Ready for review
Description of Changes
These are the only two VMs that will be visible on production systems and have specific tools we want users to be able to directly start.
Ideally we would do all of this in salt, but since we need to run stuff via dom0 after we do things in the VMs, it would require adjusting the order of some salt states, which is a bit too intrusive for a fix during the RC/QA period.
A TODO indicates that this is not an ideal situation, and freedomofpress/securedrop-client#2078 tracks one potential fix
Fixes #520.
Fixes #1109.
Testing
set(Files, Disks)
set(Anon Connection Wizard, Tor Control Panel)
Deployment
n/a, only supporting new installs for 1.0.0
Checklist
make test
) pass indom0