DispVM always based on Fedora 23, even if parent VM is different template

[mfc]

Opening a file using GUI in an x-template-based AppVM in a DispVM should open it in a x-template-based DispVM, rather than a Fedora 23-based DispVM.

This includes:

• user-modified Fedora-23 templates
• Debian 8 templates
• Whonix-ws templates (I am aware of the current work on this front)

Numerous reasons for this, such as the user may have installed programs to open certain types of files in a particular AppVM (say, libreoffice) and this requires the user to install all programs also in Fedora 23 if they would like to open those types of files in DispVMs.

[marmarek]

Actually having DispVM based on different template than the calling VM is a feature. Consider for example work-archive VM used to store all the work related documents, including some trade secrets etc. Surely you want to have it based on some trusted template (maybe even minimal one?). But then you still want the opportunity to open the files there, even in some fancy formats supported only by some not-so-trusted applications. This is where you can use DispVM, based on some "full" template.

You can select which template is used for DispVMs

There is also planned feature to have multiple DispVM templates (#866), which would allow what you request. This isn't decided yet, but probably it will be VM setting - which template should be used for DispVMs started from it.

[marmarek]

Actually having DispVM based on different template than the calling VM is a feature. Consider for example work-archive VM used to store all the work related documents, including some trade secrets etc. Surely you want to have it based on some trusted template (maybe even minimal one?). But then you still want the opportunity to open the files there, even in some fancy formats supported only by some not-so-trusted applications. This is where you can use DispVM, based on some "full" template.

You can select which template is used for DispVMs

There is also planned feature to have multiple DispVM templates (#866), which would allow what you request. This isn't decided yet, but probably it will be VM setting - which template should be used for DispVMs started from it.

[mfc]

probably it will be VM setting - which template should be used for DispVMs started from it.

yes, that sounds good, I looked in the VM settings and didn't find it (hence thinking it wasn't possible).

I disagree with the assessment it is a feature, I think most people do not use Fedora 23 as their main "full" template since backup & restore is difficult for "system" templates. So people instead clone their own Fedora 23 template and install whatever additional programs they want there. I agree that that "full" template is the ideal template for the DispVM template to be based on though.

[mfc]

probably it will be VM setting - which template should be used for DispVMs started from it.

yes, that sounds good, I looked in the VM settings and didn't find it (hence thinking it wasn't possible).

I disagree with the assessment it is a feature, I think most people do not use Fedora 23 as their main "full" template since backup & restore is difficult for "system" templates. So people instead clone their own Fedora 23 template and install whatever additional programs they want there. I agree that that "full" template is the ideal template for the DispVM template to be based on though.

[marmarek]

I agree that that "full" template is the ideal template for the DispVM template to be based on though.

Exactly. And this makes it possible, even for DispVMs opened from stock/minimal templates.
As for not using "system" templates - I wouldn't be so sure about this in practice, as it require some additional step (which isn't obvious if one didn't read the documentation).

Maybe we want to run some survey on qubes-users ML? That would be interesting and useful data (also what templates are used mostly, like Debian/Fedora/Archlinux/...).

[marmarek]

I agree that that "full" template is the ideal template for the DispVM template to be based on though.

Exactly. And this makes it possible, even for DispVMs opened from stock/minimal templates.
As for not using "system" templates - I wouldn't be so sure about this in practice, as it require some additional step (which isn't obvious if one didn't read the documentation).

Maybe we want to run some survey on qubes-users ML? That would be interesting and useful data (also what templates are used mostly, like Debian/Fedora/Archlinux/...).

[andrewdavidwong]

I agree that that "full" template is the ideal template for the DispVM template to be based on though.

I disagree. My "full" template is much less trusted than my system template, but I need my DispVM template to be trustworthy since I often use DispVMs for sensitive tasks.

[andrewdavidwong]

I agree that that "full" template is the ideal template for the DispVM template to be based on though.

I disagree. My "full" template is much less trusted than my system template, but I need my DispVM template to be trustworthy since I often use DispVMs for sensitive tasks.

[andrewdavidwong]

Should this be closed as a duplicate, or changed to "Survey users' TemplateVM/DispVM habits"?

[andrewdavidwong]

Should this be closed as a duplicate, or changed to "Survey users' TemplateVM/DispVM habits"?

[marmarek]

I think there is no good solution for this without multiple DispVM templates at the same time. Which hopefully is not that far away. So closing as a duplicate of #866.

[marmarek]

I think there is no good solution for this without multiple DispVM templates at the same time. Which hopefully is not that far away. So closing as a duplicate of #866.

[mfc]

maybe this could be instead changed to: "have GUI for changing template DispVMs are based on"?

[mfc]

maybe this could be instead changed to: "have GUI for changing template DispVMs are based on"?