I am scripting the creation of a new standalone VM based on a template.
I want to automate the creation of a Qube that I normally do in the Qubes
Manager GUI:
select Qubes -> Create New Qube
TYPE: Standalone Qube based on template.
TEMPLATE: bionic
I have made this script and it works fine when adding a Qube as an AppVM
instead of a StandaloneVM
#------------------------------------
# SCRIPT:
#------------------------------------
#!/bin/bash
clear
echo ""
SHUTDOWN_TIMEOUT=30
VM_NAME="Ubuntu18"
if [ $(/usr/bin/qvm-ls|grep ^${VM_NAME}|wc -l) -ne 0 ]; then
#echo " The VM called ${VM_NAME} exist - do you want to delete it and
re-create it?"
# ask here.. to do scripting
#echo ""
# exit 1
echo " Deleting VM: ${VM_NAME}"
echo " ---------------------------"
echo " - Shutting down (timeout ${SHUTDOWN_TIMEOUT})"
/usr/bin/qvm-shutdown --wait --timeout ${SHUTDOWN_TIMEOUT} ${VM_NAME}
echo " - Deleting VM named ${VM_NAME}"
/usr/bin/qvm-remove --force ${VM_NAME}
fi
# CREATE NEW VM
echo ""
echo " Creating VM: ${VM_NAME}"
echo " ---------------------------"
echo " Class AppVM"
echo " VirtMode hvm"
echo " Template bionic"
echo " Label orange"
echo " NetVM sys-net"
echo " Kernel ''"
echo " VCPU(s) 8"
echo " Memory 4096"
/usr/bin/qvm-create --class StandaloneVM --template bionic --label orange
--property vcpus=8 --property memory=4096 --property maxmem=4096 --property
netvm=sys-net --property virt_mode=hvm --property kernel='' ${VM_NAME}
exit
echo ""
echo " - Disabling Memory info writer service"
/usr/bin/qvm-service ${VM_NAME} meminfo-writer off
/usr/bin/qvm-features --unset ${VM_NAME} service.meminfo-writer
etc etc ...
# -----------------------------------------------
# Here is the isolated command that fails:
[user@dom0 bin]$ /usr/bin/qvm-create --class StandaloneVM --template bionic
--label orange --property vcpus=8 --property memory=4096 --property maxmem=4096
--property netvm=sys-net --property virt_mode=hvm --property kernel='' Ubuntu18
# And here the output from journalctl -xe
[user@dom0 bin]$ journalctl -xe
-- Unit user-0.slice has finished shutting down.
Oct 29 10:27:38 dom0 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
ses=4294967295 msg='unit=user@0 comm="systemd" exe="/usr/lib/systemd/systemd"
hostname=? addr=? terminal=? res=success'
Oct 29 10:27:38 dom0 kernel: audit: type=1131 audit(1540805258.364:226): pid=1
uid=0 auid=4294967295 ses=4294967295 msg='unit=user@0 comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]:
balance_when_enough_memory(xen_free_memory=70634428,
total_mem_pref=3319025152.0, total_available_memory=28691692055.0)
Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]: left_memory=7070424208
acceptors_count=2
Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]: left_memory=2881216460
acceptors_count=1
Oct 29 10:27:42 dom0 sudo[7047]: pam_unix(sudo:session): session closed for
user root
Oct 29 10:27:42 dom0 audit[7047]: USER_END pid=7047 uid=0 auid=1000 ses=2
msg='op=PAM:session_close
grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix
acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/de
Oct 29 10:27:42 dom0 audit[7047]: CRED_DISP pid=7047 uid=0 auid=1000 ses=2
msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo"
hostname=? addr=? terminal=/dev/pts/5 res=success'
Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]:
balance_when_enough_memory(xen_free_memory=70634428,
total_mem_pref=3254653644.8, total_available_memory=28756063562.199997)
Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]: left_memory=7293221351
acceptors_count=2
Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]: left_memory=3062594825
acceptors_count=1
Oct 29 10:27:46 dom0 qubesd[2612]: unhandled exception while calling
src=b'dom0' meth=b'admin.vm.Create.StandaloneVM' dest=b'dom0' arg=b'bionic'
len(untrusted_payload)=26 <-- NOTICE THE UNTRUSTED MARKING HERE IS THAT THE
PROBLEM ?
Oct 29 10:27:46 dom0 qubesd[2612]: Traceback (most recent call last):
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib/python3.5/site-packages/qubes/api/__init__.py", line 262, in respond
Oct 29 10:27:46 dom0 qubesd[2612]: untrusted_payload=untrusted_payload)
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib64/python3.5/asyncio/futures.py", line 381, in __iter__
Oct 29 10:27:46 dom0 qubesd[2612]: yield self # This tells Task to wait
for completion.
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib64/python3.5/asyncio/tasks.py", line 310, in _wakeup
Oct 29 10:27:46 dom0 qubesd[2612]: future.result()
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib64/python3.5/asyncio/futures.py", line 294, in result
Oct 29 10:27:46 dom0 qubesd[2612]: raise self._exception
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib64/python3.5/asyncio/tasks.py", line 240, in _step
Oct 29 10:27:46 dom0 qubesd[2612]: result = coro.send(None)
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib64/python3.5/asyncio/coroutines.py", line 213, in coro
Oct 29 10:27:46 dom0 qubesd[2612]: res = yield from res
Oct 29 10:27:46 dom0 qubesd[2612]: File
"/usr/lib/python3.5/site-packages/qubes/api/admin.py", line 998, in _vm_create
Oct 29 10:27:46 dom0 qubesd[2612]: assert not self.arg
Oct 29 10:27:46 dom0 qubesd[2612]: AssertionError
Can anybody help me with what the problem could be ?
Best regards
Keld Norman
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/343ed704-afc4-405a-b864-356b33c64851%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
