Page MenuHomePhabricator

cover Qubes specific steps in advice by whonixcheck
Closed, ResolvedPublic

Description

Usability Question:

For better usability, whonixcheck sometimes (i.e. invalid /etc/tor/torrc) advices various steps to help users fix their issue. Examples:

  • Start Menu -> Applications -> System -> Torrc
  • Start Menu -> Applications -> System -> Restart Tor
  • Start Menu -> Applications -> System -> Whonix Check

This advice does not fully cover Qubes. Instructions could be better. For example:

  • Start Menu in dom0 -> sys-whonix -> Torrc

What do you think?

Is it sane to have AppVMs / ProxyVMs advice to use dom0 to do x? Or do you see a security issue in training users to do so?

Technical Question:

Can AppVMs / ProxyVMs read their own VM name, i.e. if they are called sys-whonix vs my-gateway etc.?

Details

Impact
Normal

Event Timeline

Patrick created this task.Jun 27 2015, 3:27 PM
Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, nrgaway, marmarek and 4 others.

Do you mean TemplateVM or dom0.

In regards to TemplateVM:

/etc/tor directory is bound to /rw so changes to Tor configuration can happen in ProxyVM

The bind-directories script contains all the directories that are bound. Changes made in TemplateVM to those directories will not be reflected in ProxyVM once the initial bind occurs in ProxyVM

I have a TODO item to consider updating /rw from dom0 changes in NOTES.

System updates (apt-get) are still preformed from TemplateVM

In regards to dom0:

Not much needs to be done in dom0 once installed and configured. Qubes-manager takes care of most of that. What type of things were you thinking about?

AppVMs can read thier own name, it's what the host name is usually set to

Patrick added a comment.EditedJun 28 2015, 4:21 AM

Wrong track.

Example: user messes something up in sys-whonix (ProxyVM as per Qubes Whonix documentation. Not TemplateVM). Really doesn't matter where. Let's say the user messed up /etc/tor/torrc. In non-Qubes-Whonix, classically, whonixcheck would note "something wrong with torrc, to fix it try x, y, z...". Including step by step instructions what to click next. For example "Start Menu -> Applications -> System -> Torrc". But exactly "Start Menu -> Applications -> System -> Torrc" does not apply to Qubes-Whonix. More correct instructions for Qubes would be "Start Menu in dom0 -> sys-whonix -> Torrc".

Another example: Tor is unable to connect. Whonixcheck advices various actions a user could try. These instructions again differ slightly Whonix vs Qubes-Whonix.

These steps documentation differences happen, because in Qubes you don't have a start menu per VM. You don't have a task bar per VM. (And that's fine.) I mean, compared to for example VirtualBox. In VirtualBox, each VM has it's own task bar and start menu. In Qubes, a "VMs start menu" can be found in dom0's start menu.

To repeat the usability question here... That has a security aspect to it... Which is a conceptually discussion...
"Is it sane to have applications (such as whonixcheck) that re running in AppVMs to advice to use dom0 to do x? Or do you see a security issue in training users to do so?"

AppVMs can read thier own name, it's what the host name is usually set to

Hopefully not in Whonix, because we set hostname by default to host. Any command line tool to figure out one's AppVM name for an AppVM?

Can AppVMs / ProxyVMs read their own VM name, i.e. if they are called `sys-whonix` vs `my-gateway` etc.?

R2: xenstore-read name
R3: qubesdb-read /name

Ok, if no one has any concern, I'll go for it.

Patrick changed the task status from Open to Review.Jun 30 2015, 3:34 PM
Patrick closed this task as Resolved.Oct 29 2015, 6:31 PM
Patrick claimed this task.