-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 07/11/2017 10:08 PM, [email protected] wrote: > Right now, I have a lot of stuff all just "consolidated" on one hard drive. > /var/storage/{Anime,public_html,Documents,Pictures,.config/{pale\ > moon,deluge}} and so on. > > But, obviously, I want to try with Qubes to have some isolation from my > webserver, perhaps have my Torrent client not be able to read my browser > profile, etc. > > I'm thinking of setting up perhaps something like a "Storage Qube", which > will have the storage drive permanently attached, and be in charge of > managing permissions and serving the folders to authorized VMs via…NFS? SSHFS? > > The catch is, I want to try to have it at least be reasonably performant > (i.e., my browser profile is there currently), and preferably not make it > "too" hacky/inelegant, in case the Qubes devs roll their own > guided/integrated system for this. > > DOES Qubes have a facility to do this currently? >
Hi, I'm new to qubes, so excuse me if I may sound stupid, but wouldn't it be easier to include your storage space in your overall qubes setup (maybe as an LVM), so that you would just use your qubes and extend their personal disk space? This way you could take advantage of the isolation provided by qubes without the hassle of setting up a dedicated storage VM which would also need to check permissions. On the other hand you could probably set up a storage VM and serve the files via NFS on a IP basis. Since every qube has a unique IP address you could make sure that no other qube except the one you permit has access to a specific storage folder. Greetings, Florian -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQI0BAEBCAAeBQJZZTp6FxxmbG9yaWFuLmJyYW5kZXNAZ214LmRlAAoJEKf3MHt6 BMRJ8REP/1Q1/3DYemY7X1zHtyhZ2BGTh82HXqfwSEKxJDOm4kLa60pl+JAeJuUm INegwPw6zLLnCNnT2+aRjIB/keRJmLGs+/cJeLd3Qt0gu8BXBIitAOl4kXPxksNi tdi5p7xmyy2opiXQakGkHGY/knWV1CowPSNAny6LL5RI+Sn0rYXZW1EvMeAoPSZs oZrBJB3tafVA5CB7ywe25TkdszeDSFR+ZnEQn3ZbsTHbNm/LnH+BsZ+G0LUZIGLf R6GG9d5+mQvzUOjCK/ANVdxxSGCflfvkhC2ERLu9LXNRgjh6mnrQMlJFvtiBwun4 CJ/FHIbiG692dDfEpiJ8UuXXNXKIzhsKzhXkuwEjq5+ygvimP2cAGgMLMiTGSFJ/ MUa61mY6/n2SZja5fG/Lxitw7zRKGiblRYFrjYcm1KEt4j4HC6G07icJkN9znqiN 2MKtLCt+5xlUFHvvD7Jz5KZSWqy8EfFj17WAruGBSs+qANPLw3jehTMFGUN39PDe EYLYhDSLmJPnY0qFZR/KOG7aD3LVMTBuCLMeuxDBXd4c9NHH9hgoBfiB/l6FQObO jlEuLcENHyHBNsGA6wtirwhPLeoCwzXZl1KUJEjp8YNz/FnKcVS1tUyGnj1reRrG C5zJCljHaEMEw81yKRU+gNY5kZaBHwAJUsPSisfm+6KjHD7ablUB =RDvn -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a6068c15-7553-4604-c6de-ad3035c16483%40gmx.de. For more options, visit https://groups.google.com/d/optout.
