On 02/04/2017 01:12 PM, szalonylabra...@gmail.com wrote:
> Hi, I am desktop end-user looking for additional security for my
> daily driver PC. I need to have access to all of the files on the
> system that I currently use for work - planning to fade it off, but
> at this time I was thinking I will try converting live system to a VM
> in Qube OS to use it when needed as I cannot afford re-configuring
> all of the software that I need on daily basis from scratch (time
> What would be the best way to do that?
First, you may already have thought about it, but the simple
transposition of a work pc to a VM environment (be it qubes or not) does
not give you any additional security benefit. It only increases the
To actually benefit from the Qubes architecture a deep restructuring of
both your filesystem and your habits must be done. If you want to
benefit from multi-vm-isolation, then you will need to split your
software usage (thus, configurations) among several VM. If you want to
benefit from fake persistence of system files, you will need to try to
move as much software as possible in either the template (installing
with dnf) or in /usr/local/bin (if manually-compiled or direct binary
TL: DR; it takes time to get used to the split-vm environment,
especially so if you come from a single-workstation (both personal and
work) mindset. It took me ~1 month, and a couple reinstallations, two
For your actual question, there's no tool to assist in "converting" a
live system to a Qubes VM: since there would be so little benefit
there's no actual reason to make such a tool. Since linux PVM are just
Xen domains, you may try to move all the files in your home directory
into the /home directory into the private.img ext4 volume of an AppVM of
your choice. If you use custom systemd unit files for your automations,
you could either put them in the template or in ~/.config/systemd/user
and enable/start them as user units (I do that for syncthing, for example).
If you use Windows, since this OS is supported as HVM (a nearly standard
virtual machine), you would not be able to easily move things between
the live system and the HVM, since the easiest way to have it working is
to install Windows *in* the HVM, thus having its own registry and system
files. If your main programs are on Windows, you will need to
reconfigure them from scratch. Trying to mount an image of the live
system in the HVM, or trying to mount it as a separate disk, could lead
to way more time being spent in investigating poorly documented issues.
Not that a Windows HVM is that much documented itself...
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.
Description: OpenPGP digital signature