Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On March 10, 2018 1:02 AM, 799 wrote: > On 10 March 2018 at 01:48, 'MirrorWay' via qubes-users > wrote: > >> Unlike regular dispvms, the lifetime of a named dispVMs is not tied to an >> app, you have to shutdown manually. Like regular dispvms, named dispVMs >> forget all changes to private storage after shutdown. >> >> To create a named dispVM called "disp-untrusted" that is based on the >> "untrusted" VM: >> $ qvm-prefs untrusted template_for_dispvms True >> $ qvm-create --class DispVM --template untrusted -l red disp-untrusted >> >> Your new named dispvm doesn't appear in the menu, so you'll need to rely on >> CLI to manipulate it: >> $ qubes-vm-settings disp-untrusted >> $ qvm-run disp-untrusted firefox >> $ qvm-shutdown disp-untrusted > > but this VM is just one (1) VM that will be reset (including the home > directory) on each reboot, as such I can't start two of those VMs which are > separated from each other (like real disposable VMs)? Right, they would not be separated. You'd just send both documents to the same running VM instance. > $ qvm-prefs untrusted template_for_dispvms True > I can't run this command. It seems something is wrong here > I'm running Qubes 4rc5 and if I enter: > > qubes-prefs --get > > I can't see a property template_for_dispvms qvm-prefs, not qubes-prefs > [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ZOQpYsq4KJ6YK7ClL-gGe-T1uCwN7gsnDUSELgSj3UkJiNjfDHBz55GqA2bjs9Xwdb2Cvrjymrq-GUakQ1r2VOX6HXtIl7dHAo4mKLEwVdA%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
@Mirrorway On Saturday, March 10, 2018 at 1:48:12 AM UTC+1, MirrorWay wrote: > Unlike regular dispvms, the lifetime of a named dispVMs is not tied to an > app, you have to shutdown manually. Like regular dispvms, named dispVMs > forget all changes to private storage after shutdown. > > > > To create a named dispVM called "disp-untrusted" that is based on the > "untrusted" VM: > > $ qvm-prefs untrusted template_for_dispvms True > > $ qvm-create --class DispVM --template untrusted -l red disp-untrusted > > > > Your new named dispvm doesn't appear in the menu, so you'll need to rely on > CLI to manipulate it: > > $ qubes-vm-settings disp-untrusted > > $ qvm-run disp-untrusted firefox > > $ qvm-shutdown disp-untrusted > > > > At this point you can verify that changes to /home DO NOT persist. You can > also make sys-net, sys-usb disposable. > > > > marmarek has some more posts about this. > > > > I personally think this feature should be better advertised (e.g. added to > Create Qubes VM). Agreed, there is sometimes some very interesting information/use-cases about/for Qubes, which is either lost in long detailed guides as a quick remark, or not documented at all. It's understandable that the developers are busy though, but it'd be interesting if we one day can get these interesting use-cases of Qubes highlighted more. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2526e793-2b6d-43c5-995a-b04e369230db%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On 10 March 2018 at 01:48, 'MirrorWay' via qubes-users < qubes-users@googlegroups.com> wrote: > Unlike regular dispvms, the lifetime of a named dispVMs is not tied to an > app, you have to shutdown manually. Like regular dispvms, named dispVMs > forget all changes to private storage after shutdown. > > To create a named dispVM called "disp-untrusted" that is based on the > "untrusted" VM: > $ qvm-prefs untrusted template_for_dispvms True > $ qvm-create --class DispVM --template untrusted -l red disp-untrusted > > Your new named dispvm doesn't appear in the menu, so you'll need to rely > on CLI to manipulate it: > $ qubes-vm-settings disp-untrusted > $ qvm-run disp-untrusted firefox > $ qvm-shutdown disp-untrusted > but this VM is just one (1) VM that will be reset (including the home directory) on each reboot, as such I can't start two of those VMs which are separated from each other (like real disposable VMs)? $ qvm-prefs untrusted template_for_dispvms True I can't run this command. It seems something is wrong here I'm running Qubes 4rc5 and if I enter: qubes-prefs --get I can't see a property template_for_dispvms [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2tMr2n9%2B_rOsrAZFLaAEXiX4kMqBScxL5GuLt2MbNuueQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On Saturday, March 10, 2018 at 1:49:55 AM UTC+1, Unman wrote: > On Sat, Mar 10, 2018 at 01:21:22AM +0100, 799 wrote: > > Hello, > > > > Am 10.03.2018 1:10 vorm. schrieb "'MirrorWay' via qubes-users" < > > qubes-users@googlegroups.com>: > > > > You can reduce the start time to almost zero by using an already-running, > > named DIspVM, see marmarek's post in https://github.com/QubesOS/ > > qubes-issues/issues/2801. > > > > > > That sounds very interesting. > > I have looked at the link, but didn't figure out what to do, to get faster > > DispVM boot up times. > > What do I need to do? > > > > > > You can set a cron job that ensures they shutdown at least once per day. > > > > > > Why? The DispVM should be shutdown after I close the window. > > > > [799] > > > No, it wont be - what Marek suggests is creating a qubes with a > disposableVM as its template. Then you can start this, and open term or > firefox in it straight away. But that qube stays running until you > actually close it. > > Just qvm-create a qube with a dvm as the template. the speed people reply around here is indeed scary sometimes, I didn't even chance to try correct my self after realizing I had read it all wrong before you posted a few seconds before me ^^; but I appreciate the explanation, it does make more sense now by reading your interpretation. I didn't catch the use of a dispVM as a template. That does however seem very fascinating. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bbe7277d-8ce0-475b-8f5d-87da1c9f19d7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On Saturday, March 10, 2018 at 1:21:25 AM UTC+1, [ 799 ] wrote: > Hello, > > > > Am 10.03.2018 1:10 vorm. schrieb "'MirrorWay' via qubes-users" > : > > You can reduce the start time to almost zero by using an already-running, > named DIspVM, see marmarek's post in > https://github.com/QubesOS/qubes-issues/issues/2801. > > > > > That sounds very interesting. > I have looked at the link, but didn't figure out what to do, to get faster > DispVM boot up times. > What do I need to do? > > > > > > > > You can set a cron job that ensures they shutdown at least once per day. > > > > Why? The DispVM should be shutdown after I close the window. > > > [799] or maybe I should go catch some sleep, I completely miss-read the savefile thing in Marek's post. It seems the savefile is what actually generates the long bootup's of dispVM's, contrary to what I thought at first. So by not using a pagefile, it becomes faster. But Qubes 4 doesn't even use page-files it seems. Qubestion then is, what is it that is lacking development/manpower. I'm too tired to think about that right now though, I just need to correct my mistake here at least. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8fefd731-873b-4007-a61f-61e454ec2a04%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On Sat, Mar 10, 2018 at 01:21:22AM +0100, 799 wrote: > Hello, > > Am 10.03.2018 1:10 vorm. schrieb "'MirrorWay' via qubes-users" < > qubes-users@googlegroups.com>: > > You can reduce the start time to almost zero by using an already-running, > named DIspVM, see marmarek's post in https://github.com/QubesOS/ > qubes-issues/issues/2801. > > > That sounds very interesting. > I have looked at the link, but didn't figure out what to do, to get faster > DispVM boot up times. > What do I need to do? > > > You can set a cron job that ensures they shutdown at least once per day. > > > Why? The DispVM should be shutdown after I close the window. > > [799] > No, it wont be - what Marek suggests is creating a qubes with a disposableVM as its template. Then you can start this, and open term or firefox in it straight away. But that qube stays running until you actually close it. Just qvm-create a qube with a dvm as the template. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180310004952.z2xfnxodxexhc3e4%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
Unlike regular dispvms, the lifetime of a named dispVMs is not tied to an app, you have to shutdown manually. Like regular dispvms, named dispVMs forget all changes to private storage after shutdown. To create a named dispVM called "disp-untrusted" that is based on the "untrusted" VM: $ qvm-prefs untrusted template_for_dispvms True $ qvm-create --class DispVM --template untrusted -l red disp-untrusted Your new named dispvm doesn't appear in the menu, so you'll need to rely on CLI to manipulate it: $ qubes-vm-settings disp-untrusted $ qvm-run disp-untrusted firefox $ qvm-shutdown disp-untrusted At this point you can verify that changes to /home DO NOT persist. You can also make sys-net, sys-usb disposable. marmarek has some more posts about this. I personally think this feature should be better advertised (e.g. added to Create Qubes VM). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/tuSp8G46MAfqiSHVBBKxwOnpqGFSUUt9zaZZSV7T9RKlaQCWxP2CzP2peugTNZRDRWcnlmKcKmWxO_PZ-y6t5dGqQkgFaVv8JQ51A8d5Qhg%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
On Saturday, March 10, 2018 at 1:21:25 AM UTC+1, [ 799 ] wrote: > Hello, > > > > Am 10.03.2018 1:10 vorm. schrieb "'MirrorWay' via qubes-users" > : > > You can reduce the start time to almost zero by using an already-running, > named DIspVM, see marmarek's post in > https://github.com/QubesOS/qubes-issues/issues/2801. > > > > > That sounds very interesting. > I have looked at the link, but didn't figure out what to do, to get faster > DispVM boot up times. > What do I need to do? > > > > > > > > You can set a cron job that ensures they shutdown at least once per day. > > > > Why? The DispVM should be shutdown after I close the window. > > > [799] nice CPU/virt_mode/memory benchmarks! That was a really interesting read. btw I think what Mirrorway meant is if it automatically shutting down are to make up for down-time, for example if you don't use dispVM's for a full day or longer, then it'll shutdown on it's own and start again. Thereby, I believe, you prevent any potential internet based attacks by reloading fresh and clean system-files from the template. It seems like a pretty cool idea, it automates everything even if not using the computer for a period of time. Maybe make it more frequent, say once every 3 or 6 hours? btw I found this too just now https://github.com/QubesOS/qubes-issues/issues/2253 It seems even if the dispVM is shutdown, it can be made much faster too with a savefile. But if I understood it right, as Marek write in the first post they lack the manpower to get a savefile working for Qubes 4. But Qubes 3.2. has one, as it can be seen in Marek's time comparison in his second post. but whoa, in Qubes 3.2. a savefile makes a difference from 25,5 seconds to 4 seconds, on this particular hardware. Considering this is a completely shutdown dispVM, that is some pretty impressive speed differences. I wonder what would happen on Qubes 4 with PVH mode, savefile enabled, powerful CPU with a really fast NVMe SSD and RAM, all cores assigned but one which is kept in dom0, just how fast would it be then? In theory it should be less than 4 seconds at least if Marek's number on Qubes 3.2. can be seen as a maximum here for hardware, which is hardware that right now isn't the fastest available. What speeds would be possible here? Once a savefile is made for Qubes 4, this could probably be possible. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/32d92eb2-f5a2-4c62-a931-713fd227d78c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
Hello, Am 10.03.2018 1:10 vorm. schrieb "'MirrorWay' via qubes-users" < qubes-users@googlegroups.com>: You can reduce the start time to almost zero by using an already-running, named DIspVM, see marmarek's post in https://github.com/QubesOS/ qubes-issues/issues/2801. That sounds very interesting. I have looked at the link, but didn't figure out what to do, to get faster DispVM boot up times. What do I need to do? You can set a cron job that ensures they shutdown at least once per day. Why? The DispVM should be shutdown after I close the window. [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2tAXrTGAT35HzixtYHz5A5SppS0RmirEo6%2BYPj%3Dz2CmGw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Launching speed of disposable VMs 15-18sec
You can reduce the start time to almost zero by using an already-running, named DIspVM, see marmarek's post in https://github.com/QubesOS/qubes-issues/issues/2801. You can set a cron job that ensures they shutdown at least once per day. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/eww0NIFhdQ_-sR_NahvQm2TT8YayiHW6J22VygHk2KUxY7s40V1BJeb217hqn3Zq64NNkwPdI_mq2o0LBqWIVUL4wFihmBFWDgdtvdw0sPs%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Launching speed of disposable VMs 15-18sec
Hello, I am just wondering if there is a way to speed up the start of disposable VMs. On my W540 with an Intel Core i7-4900MQ with 4 Cores @ 2.8GHz / 32 GB RAM / 512GB SSD and having only sys-net / sys-firewall running the first boot of a disposable VM takes 18sec, later starts take 15sec. There is not much difference compared to my less powerful X230. Are these normal launch times (~15sec) for a DispVM? What could be done to accelerate this to get below 10sec? [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2s4NwxpHFHp6-P-hjA%3Dj2yCZ1nYd8Qr%3D2v0bfKnQB4J4w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.