On 05/09/2017 10:09 AM, atlahua wrote:
Hi there!
I need to be able to start DVM's from different templates
simultaneously. This feature is not available as far as I know.
For this reason I am trying the next best thing which is to make /home
and /usr/local to make sure that nothing is left when I power down a
standard Template based VM.
How can I achieve that?
Thnx in advance for your contributions,
A.
I've created a detection and control service for VM private volumes that
makes /rw/usrlocal, /rw/config and /rw/bind-dirs non-persistent to help
VMs fend off malware infestation. It acts at boot time before /rw (and
thus /home) is brought online.
Its script could easily be adapted to work with /rw/home as well by
adding that path to "$rootdirs" and a command like "mkdir -p
$rw/home/user" just before the make_immutable part.
https://github.com/tasket/Qubes-VM-hardening/tree/systemd
--
Chris Laprise, [email protected]
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/036c649a-c23f-c3c6-c2c7-da94515a9448%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
