Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UpdateVM system defaults should only list NetVMs and ProxyVMs #1831

Closed
mfc opened this issue Mar 15, 2016 · 9 comments · Fixed by QubesOS/qubes-manager#105
Closed

UpdateVM system defaults should only list NetVMs and ProxyVMs #1831

mfc opened this issue Mar 15, 2016 · 9 comments · Fixed by QubesOS/qubes-manager#105
Labels
C: manager/widget help wanted This issue will probably not get done in a timely fashion without help from community contributors. r4.0-dom0-stable T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. ux User experience
Milestone
Release 4.0 updates

Comments

@mfc
Copy link
Member

mfc commented Mar 15, 2016

Currently in Qubes VM Manager > System > System defaults > UpdateVM, it lists all VMs as possibilities for UpdateVM. It should only list netvms and proxyvms. Probably the same should be done for ClockVM.
@marmarek
Copy link
Member

Why? It is perfectly fine to have any AppVM set there. For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.

@mfc
Copy link
Member Author

mfc commented Mar 15, 2016

For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.

those VMs are ProxyVMs, no?

@mfc
Copy link
Member Author

mfc commented Mar 15, 2016

Why?

I can't think of a single use-case where a user should be putting their network traffic through a "qube" (AppVM) or a template, rather than a ProxyVM.

@marmarek
Copy link
Member

those VMs are ProxyVMs, no?

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

(I agree templates are useless on that list)

@marmarek marmarek added C: manager/widget ux User experience help wanted This issue will probably not get done in a timely fashion without help from community contributors. labels Mar 18, 2016
@marmarek marmarek added this to the Release 4.0 milestone Mar 18, 2016
@adrelanos
Copy link
Member

Marek Marczykowski-Górecki:

I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

Yes.

@bnvk
Copy link

bnvk commented Mar 22, 2016

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

So, then perhaps the solution I think @mfc is after (making this selection process more simple + safe for users) is to only show AppVMs, or Whonix gateway so as to not allow users to accidentally leak their real IP

@andrewdavidwong
Copy link
Member

Probably the same should be done for ClockVM.

IIUC, this part is much more complicated. See:

@bnvk bnvk mentioned this issue Mar 23, 2016
Closed
12 tasks
andrewdavidwong added a commit that referenced this issue Jun 7, 2016
@andrewdavidwong
Track #1831
5a0da97
@andrewdavidwong andrewdavidwong added the T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. label Mar 31, 2018
@marmarta marmarta mentioned this issue Jul 12, 2018
Merged
marmarta added a commit to marmarta/qubes-manager that referenced this issue Jul 12, 2018
@marmarta
Offset context menu in Manager to avoid accidental clicks
7d477ae 
Small fix to Qubes Manager to open the context menu slightly to the
right of the mouse to avoid accidental clicks. Originally created by
@unman , ported to 3.2 branch.

references QubesOS/qubes-issues#1831
@qubesos-bot
Copy link

Automated announcement from builder-github

The package qubes-manager-4.0.19-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot mentioned this issue Jul 18, 2018
Closed
@qubesos-bot
Copy link

Automated announcement from builder-github

The package qubes-manager-4.0.19-1.fc25 has been pushed to the r4.0 stable repository for dom0.
To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: manager/widget help wanted This issue will probably not get done in a timely fashion without help from community contributors. r4.0-dom0-stable T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. ux User experience
Projects
None yet
Milestone
Release 4.0 updates
Development

Successfully merging a pull request may close this issue.

Remove templates from listing in UpdateVM and ClockVm in Global Settings marmarta/qubes-manager
6 participants
@bnvk @marmarek @mfc @adrelanos @andrewdavidwong @qubesos-bot