Sys-gui: How do I create a network qube with no templates and no network qube?

My results installing sys-gui:

Procedure used:

  • Install 4.1 beta1 from iso
  • Use installation defaults for most things
  • After installing, do not update (updating causes the fedora-34?-xfce template missing issue, and if you install the fedora-34?-xfce template yourself then it works, but then there is qubes-related packages installed)
  • Then do:
    qubesctl top.enable qvm.sys-gui
    qubesctl top.enable qvm.sys-gui pillar=True
    qubesctl --all state.highstate
    
  • Shut down VM’s (I.E. sys-firewall, sys-usb, sys-net)
  • Log out
  • Click the things in the upper right corner to find a choice between “sys-gui” and “xfce”(I.E. dom0)
  • Choose the “sys-gui” one
  • Log in
  • Wander away while waiting for all desktop elements to load
  • Come back to a screensaver screen, and find that it uses a new password I don’t know. :slight_smile:
  • reboot
  • log in again, and keep the mouse active this time
  • Before the screensaver can activate, set the password for “user” to something I know.
    (This appears to be a proper sys-gui desktop. However there are no qubes or templates (I.E. no sys-firewall, sys-net, or sys-usb)
  • Load the template manager to download a new template

Get ERROR: ‘sys-firewall’

I also see that /srv is empty, so missing salt scripts?

  • In case I’m missing a qubes package, I try dnf search qubes- and get “could not resolve host mirrors.fedoraproject.org

Any help?

sys-gui has access only to VMs it’s a guivm for. By default: none. The easiest way to continue is to change default guivm using qubes-prefs default_guivm sys-gui.

1 Like

Perfect!

I see. qubes-prefs default_guivm sys-gui does not move all the already-existing qubes to sys-gui by default, it just enables the network and firewall qubes in the sys-gui VM list.

And I’ve discovered that even without qubes-prefs default_guivm sys-gui, by doing:
qvm-pref personal guivm sys-gui

then logout, swich to sys-gui, log in, then do qvm-start personal, and sys-gui now owns just the “personal” qube! :slight_smile:

(Note to people who are not marmarek: the personal qube displaying in sys-gui can ping things through sys-firewall, even though i did not give sys-firewall to sys-gui)

Notes to marmarek/other developers):

  • None of the qubes show up in the Qubes “upper left” menu.
  • The border color did not change to yellow when I ran the personal terminal in sys-gui (without doing the qubes-prefs default_guivm sys-gui)
  • When do qvm-pref personal guivm sys-gui in dom0, (and some other things), I seem to get a lot of “event errors” that refer to “sys-gui to dom0”. I also got the event errors when I wasn’t doing anything related to sys-gui, so not sure what that’s about.

Is all this stuff documented somewhere, or should I write something up?

Possibly https://github.com/QubesOS/qubes-doc/pull/1166?

1 Like

That’s it. Thanks

so dumb question, once I create the qui-vm, log out, then lightdm choose sys-gui, am I supposed to use qubes from sys-gui ?

as it seems to like the qubes tools like qubes manager etc, and doesn’t have any network access etc

or
am I supposed to continue working from lightdm ->dom0 and sys-gui just runs in the background ?

and/or once created is it undoable pros/cons of doing so

At this point, you need to shutdown all your running qubes as the default_guivm qubes global property has been set to sys-gui. In order to use sys-gui as GuiVM, you need to logout and, in the top right corner, select lightdm session type to Gui Domain (sys-gui). Once logged, you are running sys-gui as fullscreen window and you can perform any operation as if you would be in dom0 desktop.

`