-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Thu, Sep 26, 2024 at 12:30:07PM -0400, Demi Marie Obenour wrote: > On Thu, Sep 26, 2024 at 05:42:42PM +0200, Marek Marczykowski-Górecki wrote: > > On Thu, Sep 26, 2024 at 03:22:41PM +0000, deeplow wrote: > > > On Thursday, September 26th, 2024 at 3:55 PM, Marek Marczykowski-Górecki > > > <marmarek at invisiblethingslab.com> wrote: > > > > I like this! > > > > > > Nice! > > > > > > > We could put that into vm-config, or even have a new place > > > > (bind-dirs prefix?). > > > > > > A dedicated prefix sounds even better! Perhaps even a chance to get > > > a less implementation-specific name like "persistent-app-dirs". > > > But either way is even better than (ab)using vm-config. > > > > One thing to consider is length limitation of qubesdb keys - 63 chars. > > Values can be much longer (3k). So, the longer the prefix, the shorter > > actual key. But it isn't necessarily a problem, the actual path can be > > put as a value, and key could be something short like > > "123-my-first-path" (in most cases ordering doesn't matter, but in the > > few cases where it does, better to have this numbered prefix). > > > > > > If present, configuration in /rw/config would be ignored and > > > > maybe also /home not bind-mounted anymore (unless > > > > listed in bind-dirs explicitly?). > > > > > > I think /home could be added by default to this bind-dirs prefix > > > when creating a new qubes otherwise getting started on Qubes would > > > even be more difficult. Installed programs in app qubes "mysteriously > > > disappearing" is a commonly reported issue in the forum. > > > > > > So my suggestion would be to keep the default experience, but allowing > > > advanced users to remove /home persistence if desired. This way we'd > > > keep regular users happy (because nothing broke) and advanced users with > > > yet another tool in their toolbox. > > > > Yes, this is kinda what propose: on the backend level, have implicit > > default include /home, but if you start configuring it manually, you'd > > need to include /home (if desirable) yourself too. Ofc, the (G)UI could > > propose this option for you to make it easier. > > > > > One aspect to also think about is how to do this "default home persist" > > > in a multi-OS way. Perhaps the default bind-dirs could be obtained > > > template's preferences. Maybe stored in "os-home-dirs"? > > > > I don't think any path in bind-dirs setting could be made OS-agnostic... > > For Windows vs Linux I agree, but at least /home is the same under > almost every *nix I know of.
Yet, there is no qubes-core-agent (nor qubesdb) in any of them, so it's irrelevant. In any case, there is "os" feature that can be used to distinguish OSes (that have qubes tools installed), and also we have proper mechanism for feature discovery - "supported-feature" namespace - for a template to announce support for this configurable bind-dirs. That's important, because it isn't enough to say "Qubes 4.3 supports this" - you may have template imported from 4.2 for example, or some custom build or whatever. We can use a similar mechanism to give some hits for the GUI about configuring this thing if needed (which I doubt will happen anytime soon - I don't see a _practical_ chance for non-Linux support of this feature happening). - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmb1j+oACgkQ24/THMrX 1yzKKgf9Em2yJ19Z74fB4OPAI+FG5+ZbsiKAK07dDa0FtHM9oPjWnG/Am/YP/KG1 7n/Z9nihN8/qpO+InOVvO+1uiff060rrTy0rdHmjzPMh5eXvXqaJQIfgGd/FOxX+ PLAA+a/LB9zNqS82LdIovIfDe8yZ515zdHje1mDuytCqNR3Zq9YWFRqgDUOOL3+o OUm74qAJ7sjPOLXdXjbYNSfcuh7wurTNqK4NVSkq1Tvl/ghlbZt3/KTikdmrwen5 j6hRFrhgYer40oAIMkd6pTcPwBlsmooNVs9uopkMv4Py7seE9JQlBM96EQoaZoJx k6daZDqDNh5P4DJQ49+MpcoWv1fCCw== =E0pT -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZvWP6t0_RYTUxTdW%40mail-itl.
