‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, October 29, 2018 9:55 AM, Keld Norman <[email protected]> wrote:
> I am scripting the creation of a new standalone VM based on a template.
>
> I want to automate the creation of a Qube that I normally do in the Qubes
> Manager GUI:
> select Qubes -> Create New Qube
> TYPE: Standalone Qube based on template.
> TEMPLATE: bionic
>
> I have made this script and it works fine when adding a Qube as an AppVM
> instead of a StandaloneVM
>
> #------------------------------------
>
> SCRIPT:
>
> ========
>
> #------------------------------------
>
> #!/bin/bash
> clear
> echo ""
> SHUTDOWN_TIMEOUT=30
> VM_NAME="Ubuntu18"
>
> if [ $(/usr/bin/qvm-ls|grep ^${VM_NAME}|wc -l) -ne 0 ]; then
> #echo " The VM called ${VM_NAME} exist - do you want to delete it and
> re-create it?"
>
> ask here.. to do scripting
>
> ===========================
>
> #echo ""
>
> exit 1
>
> =======
>
> echo " Deleting VM: ${VM_NAME}"
> echo " ---------------------------"
> echo " - Shutting down (timeout ${SHUTDOWN_TIMEOUT})"
> /usr/bin/qvm-shutdown --wait --timeout ${SHUTDOWN_TIMEOUT} ${VM_NAME}
> echo " - Deleting VM named ${VM_NAME}"
> /usr/bin/qvm-remove --force ${VM_NAME}
> fi
>
> CREATE NEW VM
>
> ==============
>
> echo ""
> echo " Creating VM: ${VM_NAME}"
> echo " ---------------------------"
> echo " Class AppVM"
> echo " VirtMode hvm"
> echo " Template bionic"
> echo " Label orange"
> echo " NetVM sys-net"
> echo " Kernel ''"
> echo " VCPU(s) 8"
> echo " Memory 4096"
>
> /usr/bin/qvm-create --class StandaloneVM --template bionic --label orange
> --property vcpus=8 --property memory=4096 --property maxmem=4096 --property
> netvm=sys-net --property virt_mode=hvm --property kernel='' ${VM_NAME}
> exit
> echo ""
> echo " - Disabling Memory info writer service"
> /usr/bin/qvm-service ${VM_NAME} meminfo-writer off
> /usr/bin/qvm-features --unset ${VM_NAME} service.meminfo-writer
> etc etc ...
>
> -----------------------------------------------
>
> ================================================
>
> Here is the isolated command that fails:
>
> =========================================
>
> [user@dom0 bin]$ /usr/bin/qvm-create --class StandaloneVM --template bionic
> --label orange --property vcpus=8 --property memory=4096 --property
> maxmem=4096 --property netvm=sys-net --property virt_mode=hvm --property
> kernel='' Ubuntu18
>
> And here the output from journalctl -xe
>
> ========================================
>
> [user@dom0 bin]$ journalctl -xe
> -- Unit user-0.slice has finished shutting down.
> Oct 29 10:27:38 dom0 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
> ses=4294967295 msg='unit=user@0 comm="systemd" exe="/usr/lib/systemd/systemd"
> hostname=? addr=? terminal=? res=success'
> Oct 29 10:27:38 dom0 kernel: audit: type=1131 audit(1540805258.364:226):
> pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=user@0 comm="systemd"
> exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
> Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]:
> balance_when_enough_memory(xen_free_memory=70634428,
> total_mem_pref=3319025152.0, total_available_memory=28691692055.0)
> Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]: left_memory=7070424208
> acceptors_count=2
> Oct 29 10:27:41 dom0 qmemman.daemon.algo[2611]: left_memory=2881216460
> acceptors_count=1
> Oct 29 10:27:42 dom0 sudo[7047]: pam_unix(sudo:session): session closed for
> user root
> Oct 29 10:27:42 dom0 audit[7047]: USER_END pid=7047 uid=0 auid=1000 ses=2
> msg='op=PAM:session_close
> grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix
> acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/de
> Oct 29 10:27:42 dom0 audit[7047]: CRED_DISP pid=7047 uid=0 auid=1000 ses=2
> msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo"
> hostname=? addr=? terminal=/dev/pts/5 res=success'
> Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]:
> balance_when_enough_memory(xen_free_memory=70634428,
> total_mem_pref=3254653644.8, total_available_memory=28756063562.199997)
> Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]: left_memory=7293221351
> acceptors_count=2
> Oct 29 10:27:42 dom0 qmemman.daemon.algo[2611]: left_memory=3062594825
> acceptors_count=1
> Oct 29 10:27:46 dom0 qubesd[2612]: unhandled exception while calling
> src=b'dom0' meth=b'admin.vm.Create.StandaloneVM' dest=b'dom0' arg=b'bionic'
> len(untrusted_payload)=26 <-- NOTICE THE UNTRUSTED MARKING HERE IS THAT THE
> PROBLEM ?
> Oct 29 10:27:46 dom0 qubesd[2612]: Traceback (most recent call last):
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib/python3.5/site-packages/qubes/api/init.py", line 262, in respond
> Oct 29 10:27:46 dom0 qubesd[2612]: untrusted_payload=untrusted_payload)
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib64/python3.5/asyncio/futures.py", line 381, in iter
> Oct 29 10:27:46 dom0 qubesd[2612]: yield self # This tells Task to wait for
> completion.
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib64/python3.5/asyncio/tasks.py", line 310, in _wakeup
> Oct 29 10:27:46 dom0 qubesd[2612]: future.result()
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib64/python3.5/asyncio/futures.py", line 294, in result
> Oct 29 10:27:46 dom0 qubesd[2612]: raise self._exception
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib64/python3.5/asyncio/tasks.py", line 240, in _step
> Oct 29 10:27:46 dom0 qubesd[2612]: result = coro.send(None)
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib64/python3.5/asyncio/coroutines.py", line 213, in coro
> Oct 29 10:27:46 dom0 qubesd[2612]: res = yield from res
> Oct 29 10:27:46 dom0 qubesd[2612]: File
> "/usr/lib/python3.5/site-packages/qubes/api/admin.py", line 998, in _vm_create
> Oct 29 10:27:46 dom0 qubesd[2612]: assert not self.arg
> Oct 29 10:27:46 dom0 qubesd[2612]: AssertionError
This is the code line that is raising an error:
https://github.com/QubesOS/qubes-core-admin/blob/master/qubes/api/admin.py#L998
I think it's because of the argument "bionic". I'm still familiarizing myself
with Qubes' CLI tools, but I think you might need to use "qvm-create
--hvm-template". Reading https://www.qubes-os.org/doc/windows-tools/ it looks
like "--hvm" and "--template" are to be used to create an AppVM based off a
Standalone HVM.
If this doesn't work you could edit
/usr/lib/python3.5/site-packages/qubes/api/admin.py and add a "print self.arg"
right before the assert, that way you should see what is the argument that is
not expected by the code.
Fidel Ramos
PGP 7F07 1B7C 479F EDD1 - https://keybase.io/fidel
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/8kf67cfb97OGkbL-sMyBwX4Z5ALhcJPCWHd_55sLVsOtwc904mV7a88MB1xfZk5iPBEr0-0FTyVxqGhbuyynJA%3D%3D%40fidelramos.net.
For more options, visit https://groups.google.com/d/optout.
