I have a Waydroid template and Waydroid appVMs built off of debian-12-minimal, using 6.1.0-20-amd64 in-VM kernel under PVH mode as part of my Waydroid-on-Qubes setup (from this great Waydroid Template guide).
I’m partial to using the in-VM kernel to prevent apps within the Waydroid qube seeing that they are being run on a QubesOS system (Waydroid apps can read the qube’s system kernel version e.g. 6.8.6-1.qubes.fc37.x86_64).
The qubes themselves work fine, Waydroid on Qubes is great, but it seems these in-VM kernel qubes are missing the key integration functions with the rest of the OS (salt update management from dom0, inter-qube file transfer, open in dispVM).
I have the qubes-mgmt-salt-vm-connector and qubes-core-agent integration packages for my file manager installed in the template, but dom0 salt-managed updates for the template fails, and the “copy to VM/open in disposable” functions don’t do anything. I have set the relevant RPC policies to both “allow” and “ask”, but nothing happens and no RPC prompt even appears.
I have a general understanding of the broader Qubes qrexec framework, but am not an expert. Am I just missing some packages in these own-kernel VMs needed to get these integrations running, or are they tied to using the Qubes kernel provided by dom0?
It shouldn’t be related to in-VM kernel use.
If you’re using minimal template then you need to install the packages for integration to work.
Search the forum for what is missing.
E.g. for file manager integration you need to install:
I’ve been through the Minimal Templates documentation you’ve linked above, as well as the Managing Qubes Kernels docs (to get the in-VM kernel working in the first place).
I already have all (as far as I can tell) the requisite packages. At least the ones you’ve listed.
And that’s right, simply switching the qube kernel back to the dom0-provided one seems to restore the inter-VM functionality. Hence why I’m now wondering if this is a kernel thing.
EDIT: Just to add that I generally use minimal Debian 11/12 templates as the base for most of my qubes. Never have any qrexec problems with these other qubes. Only this latest one, difference being that this one is using an in-VM kernel.
If this isn’t a standard issue with in-VM kernels, I’ll try to troubleshoot via dom0 guest qubes logs.
I’ve just tried to install thunar qubes-core-agent-thunar in debian-12-minimal template with in-VM kernel and file manager integration worked for me.
Can you try to use inter-qube file transfer using terminal in qube with in-VM kernel where file manager integration is not working?
GUI inter-qube transfer works on a fresh debian-12-minimal template, too. Just tried it as well. Something must be borked in my templateVM. Salt updates still aren’t working, though.
Will make a fresh Waydroid template to sort it out. Thanks apparatus!
I posted recently about errors in using salt with a Debian management qube after an update.
You need to downgrade the salt and salt-common packages, and then put them to hold.
The new update tool doesnt use salt - what issue do you see that leads
to your “Salt updates still aren’t working”?
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.