On Mon, 2018-02-12 at 17:04 +0100, Johannes Graumann wrote:
> On Wed, 2018-02-07 at 15:27 +0100, Johannes Graumann wrote:
> > Gentlepeople,
> > 
> > For a while I have been managing a qubes setup using a dedicated
> > management VM and ansible via https://github.com/Rudd-O/ansible-qub
> > es
> > .
> > As auditing that code is beyond me and as salt is integral to
> > qubes,
> > I
> > was wondering whether that layout is currently possible using the
> > salt
> > management stack, in other words: can the management stack
> > (currently)
> > be used with a vm as the master to the entire system including
> > dom0?
> > 
> > Sincerely, Joh
> > 
> I understand this may be IT-people-level stuff ..., but can anyone
> hint
> at whether this is already possible and or where to look?
> Joh

Here https://www.qubes-os.org/news/2015/12/14/mgmt-stack/, Marek
Marczykowski-Górecki sais (referring to the core rewrite back then
ongoing for 4.)):
+ Then, based on this functionality, we will be able to create a 
+ Management VM, which will allow secure, centralized management of 
+ Qubes OS installations in an organization or company. But to do it 
+ securely, we need to first finish some major rework of Qubes core 
+ management code (“core3”), which is planned for Qubes 4.0. Then it 
+ will be possible to implement Management VM in a way so that it will 
+ have no access to user data, only ability to manage configuration of 
+ (selected) VMs.
This is exactly what I want - plus limited tor/net connectivity to
track/backup my salt infrastructure in a gpg-encrypted git repo ...
Are we there yet?


You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to