Disposable VMs' names--can the launcher know the name?

User Support
#1

I’m working on a split-veracrypt schema.

Let’s say dom0 starts a disposable VM…one with the default disp-1234 naming scheme. (Unlocking a veracrypt container and making it available to other vms turns out to be a multi-step process.)

Can dom0 determine what number was appended, in the event s/he wants to communicate with it? Or otherwise have a “handle” to the DVM? Or is it purely “launch and forget”?

(Also applies to other qubes creating the disposable VM via qrexec. Since I might go that route instead.)

I know I could manage this with a named template (one for each veracrypt volume), but if I do that I’m likely going to end up a lot of them cluttering the manager, menus, etc. when they only should be dealt with by other pieces of the split-veracrypt schema.

#2

Not directly afaik.

You can search in the syslog for the started disposable(s):

journalctl -r --since "10 seconds ago" |\
  sed -nE "s/.*Starting (disp[[:digit:]]{1,4})$/\1/p"

will give all created anonymous disposables since x (here 10) seconds ago.

disp1234

1 Like
#3

This is good because I’m starting to get the suspicion that even though a “named disposable” is supposed to have no persistent state, it does anyway. Reusing the same name might not be terribly secure. (There appear to be files in dom0 for every qube that ever existed, including ones you thought were deleted.)

Of course with the unnamed disposables (disp1234) you will eventually reuse the same number by sheer happenstance.

#4

Now in concept, I’ve come up with a way to do this: When you start the disposable, pass it the name of your qube.

Then have the disposable send its own name back through qrexec.

However as a practical matter I haven’t been able to get it to work without either losing all other comm back from the disposable, or hanging. That’s probably just bash scriptsmanship, which I am still learning.