Help Fedora minimal template guide for newbie

Paranoid-user · March 11, 2022, 6:28pm

Continuing the discussion from Help Fedora minimal template guide for newbie:

Hello, everybody. I’m trying to create special fedora-minimal-templates. I’m a new GNU/Linux learner.

I read the wiki page, but I need to ask some questions;

Does NetVM only need what I see on the wiki page? (sample: qubes-core-agent-networking qubes-core-agent-network-manager etc.)
Is fedora-minimal default qube isolation without user firewall installation? (For virus)
How can I check fedora-minimal template erors? (For privacy and security)
If it can’t be done with what’s happening on the wiki page, can you help me install a sample for Netvm, sys-firewall? -(I think it’s enough, but could there be a security problem?) -

I think I’ve created a proper qube-vault and qube-browser, but I have security concerns. - vault: keepass, browser: qubes-core-agent-networking , pulseaudio-qubes minimal: qubes-core-agent-thunar , qubes-menus , qubes-desktop-linux-common , qubes-core-agent-passwordless-root -

I did not succeed in installing sys-net. I received a “RTL8168/8111 driver card not found” error. I also tried downloading it from firmware and driver RTL and installing it with autorun.sh, but the qube broke down and never opened again.

Paranoid-user · March 18, 2022, 6:14pm

card-issue-solution

I had to select my ethernet card from the PCI section for the card to work.

I tried again and this time I succeeded! I’m hoping that by writing down what I’ve done here, experienced or advanced user will tell me what I’ve done wrong. Also, new users will benefit easily from this page :).

fedora-minimal-netvm installed packages

qubes-libvchan-xen-4.1.7-1.fc34.x86_64
qubes-core-agent-passwordless-root-4.1.31-1.fc34.x86_64
qubes-db-libs-4.1.12-1.fc34.x86_64
qubes-utils-libs-4.1.16-1.fc34.x86_64
qubes-db-4.1.12-1.fc34.x86_64
qubes-core-qrexec-libs-4.1.16-1.fc34.x86_64
qubes-db-vm-4.1.12-1.fc34.x86_64
python3-qubesimgconverter-4.1.16-1.fc34.x86_64
qubes-utils-4.1.16-1.fc34.x86_64
python3-dnf-plugins-qubes-hooks-4.1.31-1.fc34.x86_64
python3-qubesdb-4.1.12-1.fc34.x86_64
qubes-core-qrexec-4.1.16-1.fc34.x86_64
qubes-core-qrexec-vm-4.1.16-1.fc34.x86_64
qubes-core-agent-4.1.31-1.fc34.x86_64
qubes-core-agent-systemd-4.1.31-1.fc34.x86_64
qubes-gui-agent-4.1.24-1.fc34.x86_64
qubes-vm-dependencies-4.1.20-1.fc34.noarch
python3-qubesadmin-4.1.20-1.fc34.noarch
qubes-core-agent-nautilus-4.1.31-1.fc34.x86_64
qubes-mgmt-salt-vm-connector-4.1.13-1.fc34.noarch
qubes-core-agent-dom0-updates-4.1.31-1.fc34.x86_64
qubes-desktop-linux-common-4.1.11-1.fc34.noarch
qubes-menus-4.1.11-1.fc34.noarch
qubes-core-agent-networking-4.1.31-1.fc34.x86_64
qubes-core-agent-network-manager-4.1.31-1.fc34.x86_64

Instead of recreating sys-net and sys-firewall, I replaced it with minimal-template. I didn’t get any leaks or errors in the Tor network. Do we need to recalibrate the firewall settings?