The plan here is to delete sys-net qube to recreate it with as a non disposable. As sys-net can’t be stopped if sys-firewall is up, and sys-firewall is up can’t be stopped as long as a qube using it as a netvm is up, you have to:
- stop all qubes using networking
- stop sys-firewall
- stop sys-net
- open Qubes Manager
- set sys-firewall network to none
- open sys-net settings, check the “devices” tabs and write down the numbers of each lines in the right colums, this is the internal address of network devices attached to sys-net, it should look like hexadecimal numbers with 5 digits (i.e. 00:14.3 or 2e:00.4)
- rename sys-net (in case you need to restore it)
- create a new qube named sys-net
- name: sys-net
- type: AppVM
- template: whatever you want to use
- networking: none
- check “launch settings after creation”
- click on “OK”
- in Advanced tab
- on “mode” choose HVM
- check “Provides network”
- in “Devices”, add the network devices
- in “Services” tab, add “clocksync” service
- Apply changes and exit the settings window
- Start sys-net
- Edit sys-firewall and set sys-net as its netvm
- Enjoy
If you have no network manager, add the service “network-manager” to sys-net, it is not set on mine although I need to add it to VPN qubes, so I guess you won’t have to add this service manually.