Submitted by josefStallman in freeAsInFreedom
I haven't been on in a couple days because I've been moving and setting up networking, but at some point along the way I decided to install Qubes onto the bigger SSD I had lying around. Here's my experience so far:
Qubes is definitely based on Fedora. It uses the same anaconda installer that Fedora has used for as long as I've been using it. Anaconda is really well made, and installing it worked very well the first time. After installation, it drops you into a menu where you set up your VM's. By default, it comes with:
-
Disposable (resets every time you close it)
-
Anon-Whonix (all networking is routed through tor)
-
Personal (Basic fedora 23 VM)
-
Vault (Mostly just to isolate anything you don't want anywhere else on your system)
-
Work (Basic fedora 23 VM)
-
Sys-Firewall (a dedicated VM for the firewall to avoid compromising the rest of your system)
-
Sys-Net (a dedicated VM for networking to avoid compromising the rest of your system)
-
Sys-Whonix (The other half of Whonix to ensure no leakage)
As you'll notice, all of the non-whonix VM's are based on Fedora 23. As far as I can tell, there's no easy way to upgrade these to newer versions, but someone more technically adept would probably be able to. You can add new templates, including arch, ubuntu, and some pen-testing distros (kali, blackarch), but I like fedora, so I didn't.
Finishing the setup drops you at a very basic XFCE4 desktop, with a custom applications menu to allow you to launch programs from each of your VM's. Each VM has it's own color, and the GTK theme matches the color of whatever VM you're using. The built-in Qubes VM Manager GUI is very intuitive and lets you stop, start, create, delete, and edit VM's as needed. It also runs in the tray, so you don't have to have it open all the time. After updating all my VM's and struggling with networking for a while (all I needed to do was an update and a restart), I got the OS to a generally usable state.
Using Qubes is kind of weird at first. You can launch 4 or 5 different firefoxes, and edit settings, but only on a vm-by-vm basis, and installing packages is only for that VM, and update things vm-by-vm, but that's kind of the point. Qubes is very much an advanced OS with a very niche userbase that will understand all of this stuff already.
I've ran into plenty of problems already I've had to troubleshoot, (networking keeps breaking, packages aren't installing, firefox can't find a newer version, etc) but with enough experience with Linux a lot of this stuff you've probably run into before. The actual Xen hypervisor and VM stuff is very well implemented and hasn't caused me any trouble so far. It's a small price to pay for the level of security that Qubes can guarantee.
This is all for my upcoming project of Red Square OS, which is a deblobbed version of Qubes (probably with some usability tweaks too). I have no idea what I'm doing, but it seems like a worthwhile thing to do. If anyone wants to help, or has any ideas on how to get started, I'm all ears.
jaidedctrl wrote (edited )
We've talked about this before, it still sounds great. Frankly, I probably know just as much (or less) as you about building LiGNUx OSes, but I'd like to give a shot at helping you. When I'm free to take on another project (in about a week), I'll install Qubes and get in touch. :)