On Mon, 2018-02-12 at 17:04 +0100, Johannes Graumann wrote:
> On Wed, 2018-02-07 at 15:27 +0100, Johannes Graumann wrote:
> > Gentlepeople,
> > For a while I have been managing a qubes setup using a dedicated
> > management VM and ansible via https://github.com/Rudd-O/ansible-qub
> > es
> > .
> > As auditing that code is beyond me and as salt is integral to
> > qubes,
> > I
> > was wondering whether that layout is currently possible using the
> > salt
> > management stack, in other words: can the management stack
> > (currently)
> > be used with a vm as the master to the entire system including
> > dom0?
> > Sincerely, Joh
> I understand this may be IT-people-level stuff ..., but can anyone
> at whether this is already possible and or where to look?
Here https://www.qubes-os.org/news/2015/12/14/mgmt-stack/, Marek
Marczykowski-Górecki sais (referring to the core rewrite back then
ongoing for 4.)):
+ Then, based on this functionality, we will be able to create a
+ Management VM, which will allow secure, centralized management of
+ Qubes OS installations in an organization or company. But to do it
+ securely, we need to first finish some major rework of Qubes core
+ management code (“core3”), which is planned for Qubes 4.0. Then it
+ will be possible to implement Management VM in a way so that it will
+ have no access to user data, only ability to manage configuration of
+ (selected) VMs.
This is exactly what I want - plus limited tor/net connectivity to
track/backup my salt infrastructure in a gpg-encrypted git repo ...
Are we there yet?
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.