On 04/20/2018 10:04 AM, cicero wrote:
On 04/20/18 03:12, Chris Laprise wrote:
On 04/20/2018 02:03 AM, cicero wrote:
On 04/19/18 14:04, Chris Laprise wrote:
On 04/19/2018 07:26 PM, john wrote:
I installed this in a App/proxy 4.0 VM, as I am familiar with the
3.2 CLI VPN creation.
I don't really understand how installing it in a Template or The
Template(not cloning it 1st) would allow me to swich between
geolocations ...
So, I used the AppVM, then I simply cloned the 1st one created
with the script and went into the PIA config file area ....and did
rm -f ln -s to the network manager thing.
and then recreated the ln -s to a new config file, which works ,
and Even wakes up from suspend (where in 3.2 it never did) ;
However,
If the AppVM using one of the VPN-foo as a netvm, and it is
started, and I want to switch to another VPN-foo1 it doesn't work
on the fly, I have to go and qvm-shutdown the AppVM and open it
again, which is a big pain. I am often running out of RAM, and
so try to just use one App-proxy-vpnVM , however ,
is this the expected behavior no switching vpn appvms on the fly ?
IIRC this is a bug in the versions of Linux kernel that Qubes 4.0
uses. There is an issue but I can't locate it at the moment.
So, I guess I'll learn to live with it , and try not to change VPNs
buy buying some more expensive RAM :)
But, I'm curious , If I install the new script in the Template/s ,
how would I switch VPN locations?
Or would every AppVM based on that Template be locked into whatever
geolocation's config file was symlinked to ?
Templates don't affect your ability to set a custom location script.
This is because the link that points from qtunnel.conf to any
particular config is stored in each proxyVM under /rw/config/qtunnel.
You can of course do one proxyVM setup, then clone it and change the
link in each clone.
BTW, thanks for trying it out!
Chris, what I'm trying to say is, if it is recommended to install it in
the Template or a cloned Template ; how then do I change the geolocation
to two different locations, one for each of , say, two AppVMs ?
Since there's no connection information in the template -- only the VPN
scripts & the OS are there -- templates don't affect configuration
issues like different locations. In any case, you have a proxyVM which
contains configurations for the connections to various sites, but each
proxyVM connects to only one VPN remote site at a time. So to have two
AppVMs routed through two different VPN sites, you need two proxyVMs
(one for each AppVM).
This is not an absolute rule BTW. Its just how our current tools are
most logically and safely configured. Conceivably you could rig a single
proxyVM to safely handle more than one VPN connection.
I could create symlinks in /rw/config/qtunnel? in the AppVMs ? or
I understand that if this is integrated later, then I probably need to
learn to use it in the Template now, to avoid more issues down the road,
I don't really like cloning the Template too much, as Qubes, is already
a challenge in its complexity
To clarify...
Cloning the template is recommended because the VPN software is still
being tested. Its just a way to backup in case something in the modified
template gets damaged.
Cloning a proxyVM is a quick way to make additional VPN VMs that can
connect to different VPN sites.
eg: my current dracut emergency shell situation PS: seems I had an old
Q3.2 in an enclosure, I was going to reformat but hadn't yet, and during
a reboot it was in the USB drive, and this seems to have caused Q4.0 in
efi installation to dump it's init to boot ; so do I go make a
fedora live usb drive and try to mount and save it ? and lose all the
configuration and restoring of 3.2 VMs or just reinstall Q4.0?
Boot issues aren't my strong suit, but this sounds serious enough to
start a separate thread for it.
I have read some folks on here , whom when trying to go back to Q3.2 are
having big issues, I don't really understand how efi works, my UEFI
still says Qubes 3.1 for some reason (I think there are some
gymnastics to try to get the EFI to update it's names but fear I'll lose
the windows 10 install on the 2nd HD, etc etc .....
Strangely windows 10 "just works", but I digress .....
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/d77cce73-dcd9-d9fc-8c11-b21589a5a6d9%40posteo.net.
For more options, visit https://groups.google.com/d/optout.
