On 04/10/2017 05:54 PM, Unman wrote:
On Mon, Apr 10, 2017 at 03:39:26PM -0400, Chris Laprise wrote:
On 04/10/2017 03:17 PM, Chris Laprise wrote:
On 04/10/2017 02:55 PM, Reg Tiangha wrote:
I think I'll try an /etc/rc.local script that deletes /rw/usrlocal and
re-creates just the top dir. Also /rw/config and /rw/bind-dirs. Pretty
much the only persistent thing left would be contents of /rw/home, which
is sort of a middle of the road between fully persistent /rw and using
dispVMs for everything.
And it's set in the template - so if you don't want it open the template,
remove the symlink and move /usr/local.orig to /usr/local.
Then qubes based on that template wont have persistent /usr/local.
NB this will break torVMs and maybe other features of your Qubes.
An alternative approach would be to run tripwire against persistent
directories and monitor changes.
unman
I think an exception can be carved out for Whonix/tor VMs without too
much trouble. Currently, the script can make exceptions based on
dir/files stored under /etc/default/vms/vm-name. But a more general
exception for this type of VM would be preferable in this case.
--
Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/32e12404-7a57-541d-cdef-e3a239b29bfa%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
