To ensure the anonymity of the cubes, we are planning to deploy separate sys whonixs, sys firewalls, and sys nets for each app.
For example, app qube A has a dedicated sys firewall A, app qube B has a dedicated sys firewall B, and so on.
There is no point in using the service cube I used before, so I am thinking of making a new one.
But there is a question. Is such a thing possible? How is it possible?
For example, if you want to create a default DVM that will serve as a template for Sys Firewall and Sys Net, You can make your appFedora disposable, but some applications and settings are different. I think we can deal with them by adding additional applications. But does that work the same way as the default DVM?
Also, the same question arises with sys firewall, sys net, sys whonix.
I also want to remove those services, including the original default DVM. However, another question arises. Is it possible to erase them? Also, does erasing cause problems?
I’m not sure I understood what you meant, but you can have any kind of qube disposable like sys-firewall is by default, you can make a template for each use, then create an appvm you customize the way you want, then make “named disposable” from it, that way you have a disposable qube that can be used as a firewall or web browser or whatever and is trashed when closed.
A named disposable does not close when you quit the application that started it, and you can have only one instance of that named at the same time. sys-firewall is a named disposable. Otherwise, disposables are just named disp12345 and the numbers are randomly chosen.
service VM’s are pretty much the same as any other VM. So yes, you can create new ones, like multiple different firewalls.
The sys-net is kind of spacial, because it is having your WiFi and Ethernet devices via PCI Passtrough. and that’s limiting the use of multiple sys-net.
But you can still create a separate Wifi and Ethernet ‘sys-net’ equivalent VMs, and this way you can separate your network traffic much more strictly…
other that that, some default ‘sys-’ VM name is used / referenced in configuration, so deleting it might cause issues, but only until you update those references…
Even the default installer let you start with zero pre-created VMs, so yes you have all the freedom to create as many and as ‘separate’ service VMs as you wish.
Check qubes-prefs (I think that’s the right name…unfortunately I am imprisoned on a Windoze box right now so I can’t readily check) for settings that reference a qube you don’t want to be using. (For example sys-firewall; you may want a “special” firewall qube with a different name.)
For a while I was seeing the system create a sys-firewall and sys-net on the fly when it wanted to check for updates, before I found the appropriate settings and changed them to sys-net-wifi and sys-firewall-wifi (the names of my qubes that use the wifi controller rather than the ethernet one). it wasn’t so bad having a sys-firewall be created, but sys-net collided with sys-net-wifi (you can’t have two qubes use the same controller at the same time). Bad scene.
Thank you all for your polite answers. It was very helpful.
In particular, I would like to note that you cannot use the service cube at the same time. Also, I will be careful about clearing the default service cube.
One last question. Solene explained that sys-firewall is “named disposable”. Sys Firewall and Sys Net are made from the default DVM, so the explanation is convincing. So, since it is disposable, does that mean there is no record left in the service cube? If so, I don’t need to turn off these service cubes.
Disposables are running in their own LVM volumes like any other qubes, but these volumes are created when you start the disposable and destroyed immediately when you stop the qube.
After the volumes are deleted, LVM takes care of cleaning what was stored inside How does LVM provide erased storage? but it’s not 100% guaranteed you can’t recover any of this I guess. There is a way to encrypt these volumes with temporary encryption keys that are immediately trashed, it adds some overhead but not much I guess, it does not seem documented very well though…
sys-net is not always a named disposable qube, you were prompted during Qubes OS first boot wizard after the installation if you want it to be disposable or not. It can be practical to have it not disposable when you store wifi passwords in it.
To be clear, you cannot use two qubes at the same time if they have
the same devices allocated. You can have multiple “sys-net” running at
the same time if you have separated out the devices- eg one has Wireless
controller, one has wired NIC, one has USB device.
There is no issue in deleting the default qubes - you will be warned if
they are used in the system. You may have to check and amend the policies in /etc/qubes/policy.d or in the global config GUI.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
Certainly I remember being asked if I wanted to keep the WI-FI settings at the beginning when it came to SYS-NET. I chose not to hold, so it’s more robust in terms of security.
I received information that it is okay to delete the default service cube systematically, so I think it will be used that way.