/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't leak all VM config in backup of single VM. #2645

Closed
jpouellet opened this Issue Feb 22, 2017 · 1 comment

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
No milestone
2 participants
@jpouellet @marmarek
@jpouellet
Contributor

jpouellet commented Feb 22, 2017

Qubes OS version (e.g., R3.2):

R3.2

Affected TemplateVMs (e.g., fedora-23, if applicable):

dom0

Actual behavior:

Currently, the qubes.xml in a backup of a single VM includes the details of all your VMs.

A backup of just one VM (in this case idle-test):

$ find .
.
./backup-header.hmac
./qubes.xml.000
./qubes.xml
./qubes-2017-02-22T111040
./backup-header
./appvms
./appvms/idle-test
./appvms/idle-test/whitelisted-appmenus.list.000.hmac
./appvms/idle-test/whitelisted-appmenus.list.000
./appvms/idle-test/private.img.000.hmac
./appvms/idle-test/icon.png.000
./appvms/idle-test/icon.png.000.hmac
./appvms/idle-test/private.img.000
./qubes.xml.000.hmac

includes info on all my VMs:

$ cat qubes.xml
<QubesVmCollection clockvm="5" default_fw_netvm="5" default_kernel="4.8.9-12" default_netvm="6" default_template="40" updatevm="6">
  <QubesNetVm autostart="True" backup_content="False" backup_path="" backup_size="0" conf_file="sys-net.conf" debug="False" default_user="user" dir_path="/var/lib/qubes/servicevms/sys-net" dispvm_netvm="none" firewall_conf="firewall.xml" include_in_backups="False" installed_by_rpm="False" internal="False" kernel="4.4.14-11" kernelopts="nopat iommu=soft swiotlb=8192" label="red" maxmem="3000" memory="300" name="sys-net" netid="1" pci_e820_host="True" pci_strictreset="True" pcidevs="['04:00.0']" pool_name="default" qid="5" qrexec_timeout="60" services="{'ntpd': False, 'meminfo-writer': False}" template_qid="44" uses_default_dispvm_netvm="True" uses_default_kernel="False" uses_default_kernelopts="True" uuid="307dc9e0-461e-480b-affb-599c987fa1ba" vcpus="2"/>
  <QubesProxyVm autostart="True" backup_content="False" backup_path="" backup_size="0" conf_file="sys-firewall.conf" debug="False" default_user="user" dir_path="/var/lib/qubes/servicevms/sys-firewall" dispvm_netvm="5" firewall_conf="firewall.xml" include_in_backups="True" installed_by_rpm="False" internal="False" kernel="4.8.9-12" kernelopts="nopat" label="green" maxmem="3000" memory="500" name="sys-firewall" netid="2" netvm_qid="5" pci_e820_host="True" pci_strictreset="True" pcidevs="[]" pool_name="default" qid="6" qrexec_timeout="60" services="{'meminfo-writer': True}" template_qid="44" uses_default_dispvm_netvm="True" uses_default_kernel="True" uses_default_kernelopts="True" uuid="9c18836e-9837-4530-92e1-92be0e3fb842" vcpus="2"/>
  <QubesNetVm autostart="True" backup_content="False" backup_path="" backup_size="0" conf_file="sys-usb.conf" debug="False" default_user="user" dir_path="/var/lib/qubes/servicevms/sys-usb" dispvm_netvm="none" firewall_conf="firewall.xml" include_in_backups="True" installed_by_rpm="False" internal="False" kernel="4.8.9-12" kernelopts="nopat iommu=soft swiotlb=8192" label="red" maxmem="3000" memory="300" name="sys-usb" netid="4" pci_e820_host="True" pci_strictreset="False" pcidevs="['00:14.0', '02:00.0']" pool_name="default" qid="9" qrexec_timeout="60" services="{'network-manager': False, 'meminfo-writer': False}" template_qid="67" uses_default_dispvm_netvm="True" uses_default_kernel="True" uses_default_kernelopts="True" uuid="558c23f2-5087-4f9d-b52f-6a538b392d27" vcpus="2"/>
  ... dozens of other VMs ...
  <QubesAppVm autostart="False" backup_content="True" backup_path="appvms/idle-test" backup_size="83578880" conf_file="idle-test.conf" debug="False" default_user="user" dir_path="/var/lib/qubes/appvms/idle-test" dispvm_netvm="6" firewall_conf="firewall.xml" include_in_backups="True" installed_by_rpm="False" internal="False" kernel="4.8.9-12" kernelopts="nopat" label="red" maxmem="4000" memory="400" name="idle-test" netvm_qid="6" pci_e820_host="True" pci_strictreset="True" pcidevs="[]" pool_name="default" qid="36" qrexec_timeout="60" services="{'meminfo-writer': True}" template_qid="40" uses_default_dispvm_netvm="True" uses_default_kernel="True" uses_default_kernelopts="True" uses_default_netvm="True" uuid="30b1dce4-8ed6-4dd7-af53-8bca80bac1e0" vcpus="2"/>
  ...
</QubesVmCollection>

Expected behavior:

It would be nice if VM backups did not leak all that info.

Steps to reproduce the behavior:

Back up a single VM. Follow manual restore instructions to extract qubes.xml. Observe the contents.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Feb 22, 2017

Member

This is a duplicate of #1747. Design goal of backup utility is to preserve data/configuration as closely as possible (including dependencies on other VMs, even if not directly included in backup).
Member

marmarek commented Feb 22, 2017

This is a duplicate of #1747. Design goal of backup utility is to preserve data/configuration as closely as possible (including dependencies on other VMs, even if not directly included in backup).

@marmarek marmarek closed this Feb 22, 2017

@marmarek marmarek added the duplicate label Feb 22, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment