zlacker

[return to "Qubes OS: A reasonably secure operating system"]
1. yewenj+ck[view] [source] 2022-03-23 11:31:03
>>RafelM+(OP)
I am looking forward to Spectrum which tries to make secure computing usable - https://spectrum-os.org/ .
◧◩
2. orbliv+Ou[view] [source] 2022-03-23 13:01:46
>>yewenj+ck
I like the idea of unifying configuration like that. Qubes does have templates but there are per-vm changes I want to make on top of them which adds a little more configuration work. NBD but not that smooth. Nix seems like a good fit for this problem, it's crossed my mind before. One could install everything on the "template" level safely (in theory?) and only run them in the VMs. I've never used Nix and I'd like to give it a try at some point.

HOWEVER, I like that Qubes has Debian. I'm used to it, it's predictable, etc etc. Some of my work basically even depends on it. With Spectrum I'd have to be stuck with the quirks of Nix, which I understand are less friendly than Debian. If I have the option of falling back to the equivalent of a Debian template, I'd likely switch.

◧◩◪
3. fsflov+GO[view] [source] 2022-03-23 15:09:03
>>orbliv+Ou
> there are per-vm changes I want to make on top of them which adds a little more configuration work

You can use Salt to automate this work: https://www.qubes-os.org/doc/salt/.

◧◩◪◨
4. orbliv+xT[view] [source] 2022-03-23 15:35:30
>>fsflov+GO
Yeah I remember I tried looking into this and I gave up on it. Iirc I couldn't understand exactly how it worked, and/or it seemed like a large time investment. Not to mention how I manage it in a repository if I can't safely move anything in and out of dom0?

Qubes I think could benefit from more resources for ramp-up documentation.

◧◩◪◨⬒
5. robcoh+lQ3[view] [source] 2022-03-24 15:03:26
>>orbliv+xT
I agree, I also gave it a shake and I could not grok it easily.
[go to top]