I have several Qubes. Disposable cubes and normal ones. For example, if I click on a link in my TelegramVM, where only the Telegram client should be running, it opens in the “TelegramVM”. But since this is not a disposable cube, I take a critical view of this. So my goal is when I click on a URL link to a website in Qube XYZ that it automatically opens a disposable cube where it opens the website. Can this be set?
I have already been to the Global Config under URL Handling and selected the Telegram Cube, then will ask and default to “default dvm”. But that doesn’t work. When I click on a link in Telegram it asks me if I want to open it, then it opens the browser in the Telegram Cube which is not disposable.
What have I done wrong or is the setting (if there is one) somewhere else?
Thank you and best regards
Use the following commands:
$ xdg-mime default qvm-open-in-dvm.desktop x-scheme-handler/https
$ xdg-mime default qvm-open-in-dvm.desktop x-scheme-handler/http
This will make each link open in a fresh disposable. If you want, you can also create a named disposable that would handle opening all the links in that one - do you want me to write a quick guide, how to do that?
Thank you, I would be very grateful. Can you also write how I can undo it with which command if necessary?
What I didn’t understand, for example, is why it doesn’t do it although I have set it in the global settings, I even wrote a cubes.OpenURL but it keeps opening the link in the email in my email VM or in Telegram in the TelegramVM.
Thanks for your quick help.
do I have to write the command in Dom0 or in the template?
I’ll improvise a bit since it’s after midnight and I’m tired after the whole day. It’s mostly inspired by this topic.
In your TelegramVM create a file named
Exec=qvm-open-in-vm --view-only Telegram-URL-Handler-VM %u
Then in your TelegramVM run the following commands:
$ xdg-mime default mybrowser.desktop x-scheme-handler/https
$ xdg-mime default mybrowser.desktop x-scheme-handler/http
In dom0 create a new named disposable and give it the name Telegram-URL-Handler-VM. Then still in dom0 open the Policy Editor GUI, open the
30-user policy and write there:
qubes.OpenURL * TelegramVM Telegram-URL-Handler-VM allow target=Telegram-URL-Handler-VM
qubes.OpenInVM * TelegramVM Telegram-URL-Handler-VM allow target=Telegram-URL-Handler-VM
qubes.OpenURL * Telegram-URL-Handler-VM @anyvm deny
qubes.OpenInVM * Telegram-URL-Handler-VM @anyvm deny
Then save this policy. Assuming I didn’t forget anything, from now on by clicking on a link in your TelegramVM qube it should open in a browser in the qube Telegram-URL-Handler-VM.
And if I did forget, provide some feedback - I’ll correct myself after getting some sleep.
First of all, a big thank you.
I decided to use your first option (2nd post), the Fedora Qubes, which are not disposable, that these clickable URLs are executed in a new dvm Qube.
Now I have also realized my mistake. I have to execute these two commands from you in the respective Qube, I had always done it only in dom0, which of course only applied to dom0 in the end. Now it works. Now I have also realized that if I decide to ask me, I can set this in the Cube Global Config under “URL Handling” under “ask”.
Now I still have to ask 2 more questions.
- if I want the Whonix Cubes to create a link with Whonix dvm, how do I have to optimize your two commands?
- if I want to undo the two commands, what would I have to enter? I would like to make my own documentation for my records so that I don’t have to ask again in a few months if I want to change something.
Thank you very much for your time.
unfortunately this only works for fedora VM. I just tried a Whoney VM with the command and I got an error message:
Denied Qubes.OpenUrl from Telegram-1 to @dispvm
Do you have any idea what I need to change in the command?