Re: AW: Re: [qubes-users] Using fedora-26-minimal sys-vms

2018-01-21 Thread haaber
On 01/20/2018 07:53 PM, '[799]' via qubes-users wrote:
> Hello,
> 
> --- --- --- 8< --- --- ---
> # Install default minimal template in dom0
> sudo qubes-dom0-update qubes-template-fedora-26-minimal
> 
> # Clone template to keep the original template
> qvm-clone fedora-26-minimal t-sys
> 
> # Launch xterm in the new template as root
> qvm-run -u root t-sys xterm
> 
> # Install basic applications in the template VM
> sudo dnf -y install gnome-terminal terminus-fonts less vim-minimal nano
> dejavu-sans-fonts
> 
> # install basic tools
> dnf -y install sudo pciutils psmisc gnome-keyring
> 
> # Install missing packages für Sys-VMs
> dnf -y install qubes-core-agent-qrexec qubes-core-agent-systemd
> qubes-core-agent-passwordless-root qubes-core-agent-nautilus
> qubes-core-agent-networking qubes-core-agent-network-manager
> qubes-core-agent-dom0-updates pulseaudio-qubes usbutils
> 
> # Install missing drivers (to support the network devices)
> dnf -y install linux-firmware iwl7260-firmware
> 
> # install additional packages to get network manager working
> dnf install -y NetworkManager NetworkManager-wifi network-manager-applet
> wireless-tools
> 
> # shutdown template
> shutdown -h now
> 
> # Change Templates for sys-VMs in dom0
> qvm-prefs --set sys-net template t-sys
> qvm-prefs --set sys-firewall template t-sys
> qvm-prefs --set sys-usb template t-sys
> --- --- --- 8< --- --- ---

Thank you! That is vey helpful. One point is missing to my pov: known
wirelesses in "old sys-net" before moving over. In my Q4rc4 sys-net
/etc/Networkmanager/system-connections is a symbolic link to
/rw/config/NM-system-connections  that contains one file per wireless.

When following your guide until the last dnf command that same dir
1) is not a symlink but a "hard" subdir
2) is (of course) empty


If the structure were the same I'd say a qvm-copy line is missing, but
actually I do not know what this symlink is good for. Can someone
explain this to me, Please?   Bernhard

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9a543885-55b4-68a2-a4bd-f3baa35d9bdf%40web.de.
For more options, visit https://groups.google.com/d/optout.


AW: Re: [qubes-users] Using fedora-26-minimal sys-vms

2018-01-20 Thread '[799]' via qubes-users
Hello,

Unman wrote:

> You DO have a working network manager -
> see the response from systemctl.
> I assume what you want is a nice gui
> interface this is nm-applet. If  it is installed,
> start it and you will get the nice tray icon - if
> not installed, install it.

I was able to get Network Manager running and instead of using the default 
"fat" fedora-templates, I am now running the sys-VMs with fedora-26-minimal 
templates.
I was always wondering why Qubes doesn't come with a dedicated sys-template, so 
that the sys VMs (sys-net | sys-firewall | sys-usb) are running with a 
smaller/maybe even hardened template.

For the Google Archive a short how-to, how I have built the template for the 
sys-VMs:

--- --- --- 8# Install default minimal template in dom0
sudo qubes-dom0-update qubes-template-fedora-26-minimal

# Clone template to keep the original template
qvm-clone fedora-26-minimal t-sys

# Launch xterm in the new template as root
qvm-run -u root t-sys xterm

# Install basic applications in the template VM
sudo dnf -y install gnome-terminal terminus-fonts less vim-minimal nano 
dejavu-sans-fonts

# install basic tools
dnf -y install sudo pciutils psmisc gnome-keyring

# Install missing packages für Sys-VMs
dnf -y install qubes-core-agent-qrexec qubes-core-agent-systemd 
qubes-core-agent-passwordless-root qubes-core-agent-nautilus 
qubes-core-agent-networking qubes-core-agent-network-manager 
qubes-core-agent-dom0-updates pulseaudio-qubes usbutils

# Install missing drivers (to support the network devices)
dnf -y install linux-firmware iwl7260-firmware

# install additional packages to get network manager working
dnf install -y NetworkManager NetworkManager-wifi network-manager-applet 
wireless-tools

# shutdown template
shutdown -h now

# Change Templates for sys-VMs in dom0
qvm-prefs --set sys-net template t-sys
qvm-prefs --set sys-firewall template t-sys
qvm-prefs --set sys-usb template t-sys
--- --- --- 8
[799]

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/-BuSXf2YMvlH0cwfdLE7WPqqYBMjDeV3JAj5CIthJ0Ri61D74wyUpvaGiO_NZ2AVV8WxzXzdrH8Rwimf-IFACspMTgWegOvXXhb-8N4iYsw%3D%40protonmail.com.
For more options, visit https://groups.google.com/d/optout.