Persistent timezone for specific standalone vms

tokaso80 · January 21, 2026, 9:17pm

So, I have several vms for not so privacy friendly sites and I found out the hard way that modern sites somehow acquire not just my timezone. But my actual country even if the vm is run over Tor or any other ip changing application. What I found out that timedatectl is the reason for this information leak

And the accounts I had to make where all made with specific countries in mind. In one standalone vm I need to always run timedatectl set-timezone Asia/Calcutta before opening the specific site with the specific account. In another I always need to run timedatectl set-timezone Europe/Paris This is not a good solution. Because eventually I might forget to run these specific commands and this will ban my accounts while simultaneously revealing my location

Another issue is that for certain vms I specifically want them to have my actual timezone. Namely the government and banking websites. So I don’t need randomization for those

So, how do I set custom timezones for certain standalone vms only?

tokaso80 · January 21, 2026, 9:31pm

Semi-solution. You can add the command timedatectl set-timezone Europe/Paris to .bashrc and then 'source ~/.bashrc` But it will require running all programs from the terminal specifically. And removing all programs but the terminal from the shortcut list in Qubes Application Menu for the specific standalone vm

DVM · January 21, 2026, 10:37pm

This is what I use for some of my qubes:

/rw/config/rc.local

TIMEZONE=$(qubesdb-read /vm-config/timezone)
timedatectl set-timezone "$TIMEZONE"
ln -sf /usr/share/zoneinfo/"$TIMEZONE" /etc/localtime

I use the vm-config feature to customize the timezone from dom0 like this:

qvm-features <qube> vm-config.timezone <TZ>

If you use Qubes 4.3, you can also enable the anon-timezone feature:

qvm-features <qube> anon-timezone 1

tokaso80 · January 21, 2026, 11:03pm

Currently trying out ‘qvm-features anon-timezone 1’ in dom0 and it didn’t work. Still shows my default timezone when running timedatectl

tokaso80 · January 21, 2026, 11:04pm

‘qvm-features vm-config.timezone ’ Also does not work

UPD. It does work. Unlike the rest

tokaso80 · January 21, 2026, 11:18pm

I now tried TIMEZONE=$(qubesdb-read /vm-config/timezone) timedatectl set-timezone "$TIMEZONE" ln -sf /usr/share/zoneinfo/"$TIMEZONE" /etc/localtime

And it just permanently stuck to Europe/Berlin Is it how it is supposed to work? Rebooting the test vm for this feature does not change the timezone to anything else but Europe/Berlin

DVM · January 21, 2026, 11:33pm

anon-timezone is only working on Qubes 4.3, if you are on 4.2 it won’t work.

Have you set the commands inside /rw/config/rc.local?
The timezone set with “qvm-features” is the one that should always be used by the qube.

When you say “standalone,” do you mean it was created from a template or an ISO?

tokaso80 · January 21, 2026, 11:36pm

I am on Qubes 4.3

I did set up Europe/Berlin for the untrusted vm. It did work. It didn’t work for standalone vm for whatever reason

Template

tokaso80 · January 21, 2026, 11:42pm

Alright. I good confused. I thought for some reason that

this part may be omitted. But it is necessary. Thank you

linuxuser1 · January 22, 2026, 8:19pm

qvm-features <qube> anon-timezone 1 not working for me. What’s the nuance?

UPD: work

tokaso80 · January 31, 2026, 4:03pm

It required me to restart the vm for it to work

fb2043 · February 17, 2026, 5:40am

as per this post, there are two mechanisms by which the time is set in a qube:

at system boot, the dom0 timezone is read as part of qubes-early-vm-config.service, using the qubesdb-read /qubes-timezone command.
regularly, as part of qubes-sync-time.service, using the qubes.GetDate RPC call. But this only pulls UTC time for synchronisation purposes and sets it using date -u; so it’s not relevant for timezones.

Using timedatectl set-timezone will work to change the timezone in a given qube, but with two caveats:

At least in Debian 12 templates, as part of qubes-early-vm-config.service also the config file /etc/timezone will be set; this is a debian-specific file that is largely useless. This file is ignored by timedatectl set-timezone, so once it gets set, it will contain your dom0 timezone, unless you delete it. Presumably in R4.3 this stops being an issue if you use anon-timezone with qvm-features (but I haven’t checked).
The timezone info still remains in qubesdb, unless you run qubesdb-rm /qubes-timezone to delete the entry (again, not necessary if you use anon-timezone).

tl;dr if you’re on R4.2, make sure you delete /etc/timezone and run qubesdb-rm /qubes-timezone

OTOH, timedatectl set-timezone does change /etc/localtime, so it’s not necessary to link it again manually.