Submitted by josefStallman in freeAsInFreedom

I haven't been on in a couple days because I've been moving and setting up networking, but at some point along the way I decided to install Qubes onto the bigger SSD I had lying around. Here's my experience so far:

Qubes is definitely based on Fedora. It uses the same anaconda installer that Fedora has used for as long as I've been using it. Anaconda is really well made, and installing it worked very well the first time. After installation, it drops you into a menu where you set up your VM's. By default, it comes with:

  • Disposable (resets every time you close it)

  • Anon-Whonix (all networking is routed through tor)

  • Personal (Basic fedora 23 VM)

  • Vault (Mostly just to isolate anything you don't want anywhere else on your system)

  • Work (Basic fedora 23 VM)

  • Sys-Firewall (a dedicated VM for the firewall to avoid compromising the rest of your system)

  • Sys-Net (a dedicated VM for networking to avoid compromising the rest of your system)

  • Sys-Whonix (The other half of Whonix to ensure no leakage)

As you'll notice, all of the non-whonix VM's are based on Fedora 23. As far as I can tell, there's no easy way to upgrade these to newer versions, but someone more technically adept would probably be able to. You can add new templates, including arch, ubuntu, and some pen-testing distros (kali, blackarch), but I like fedora, so I didn't.

Finishing the setup drops you at a very basic XFCE4 desktop, with a custom applications menu to allow you to launch programs from each of your VM's. Each VM has it's own color, and the GTK theme matches the color of whatever VM you're using. The built-in Qubes VM Manager GUI is very intuitive and lets you stop, start, create, delete, and edit VM's as needed. It also runs in the tray, so you don't have to have it open all the time. After updating all my VM's and struggling with networking for a while (all I needed to do was an update and a restart), I got the OS to a generally usable state.

Using Qubes is kind of weird at first. You can launch 4 or 5 different firefoxes, and edit settings, but only on a vm-by-vm basis, and installing packages is only for that VM, and update things vm-by-vm, but that's kind of the point. Qubes is very much an advanced OS with a very niche userbase that will understand all of this stuff already.

I've ran into plenty of problems already I've had to troubleshoot, (networking keeps breaking, packages aren't installing, firefox can't find a newer version, etc) but with enough experience with Linux a lot of this stuff you've probably run into before. The actual Xen hypervisor and VM stuff is very well implemented and hasn't caused me any trouble so far. It's a small price to pay for the level of security that Qubes can guarantee.

This is all for my upcoming project of Red Square OS, which is a deblobbed version of Qubes (probably with some usability tweaks too). I have no idea what I'm doing, but it seems like a worthwhile thing to do. If anyone wants to help, or has any ideas on how to get started, I'm all ears.

11

Comments

You must log in or register to comment.

jaidedctrl wrote (edited )

This is all for my upcoming project of Red Square OS, which is a deblobbed version of Qubes (probably with some usability tweaks too). I have no idea what I'm doing, but it seems like a worthwhile thing to do. If anyone wants to help, or has any ideas on how to get started, I'm all ears.

We've talked about this before, it still sounds great. Frankly, I probably know just as much (or less) as you about building LiGNUx OSes, but I'd like to give a shot at helping you. When I'm free to take on another project (in about a week), I'll install Qubes and get in touch. :)

4

[deleted] wrote (edited )

2

jaidedctrl wrote (edited )

From this, it looks like they get kernel sources directly from kernel.org, blobs and all.
I don't know about the rest of the system, there's a good chance that's almost entirely/entirely libre already.
EDIT: It looks like they use Fedora as their default VM, which also uses a blobbed kernel, and isn't FSDG-approved. In a libre Qubes, the Fedora VM ought to be swapped out with a Parabola VM instead. (It's the most suitable FSDG system)

2

stardust_witch wrote

I have very little experience using VMs. Are they notably resource intensive? For the most part I tend to use older hardware (because I am poor) and every little bit of processing power I can muster counts.

I sort of understand what the point of Qubes is and I think that, for the most part, what it offers is not something that I really need to concern myself with, but I've still been really intrigued by it since I first heard of it.

4