del0
1
Hello,
is there a way to limit qvm-run-vm inside a qube to specific service / .desktop file, similar to qvm-run --service qubes.StartApp+my-service in dom0?
This at least would allow qube B to control the commands invoked from qube A, providing security benefits.
Background: I am evaluating different alternatives to have disposables in combination with minimal persistent state (in form of separate data qubes).
del0
2
After some more research:
IMO, qvm-run-vm does not provide this option. Instead, you can use qrexec-client-vm. E.g.:
/usr/bin/qrexec-client-vm <dest-qube> qubes.<action>
<action> would be similar to a .desktop file, where an executable script needs to be placed in /etc/qubes-rpc/qubes.<action> of the destination qube.
Permissions are set through dom0 as usual.