zlacker

[return to "QubesOS – A reasonably secure operating system"]
1. flashb+jc[view] [source] 2023-07-11 18:59:45
>>TheFre+(OP)
I really like QubesOS, but you cannot run VMs inside a qube, or other things that require VMs like Docker Desktop for Linux, because the xen hypervisor does not support nested virtualization.
◧◩
2. Syonyk+Zk[view] [source] 2023-07-11 19:40:32
>>flashb+jc
You can. It's just neither recommended nor enabled by default.

https://forum.qubes-os.org/t/nested-virtualization/14790

Poke around /etc/libvirt/libxl and your particular VM's config file. You'll find some lines like:

<feature name='vmx' policy='disable'/> <feature name='svm' policy='disable'/>

Enable it, and you should have working nested virtualization.

◧◩◪
3. flashb+Ro[view] [source] 2023-07-11 19:58:54
>>Syonyk+Zk
I did that very thing about a year ago when I still had QubesOS installed, and it did not work. There seems to be a lot of misinformation about this swirling around the web. It simply does not work. There is a post somewhere that confirms it but I don't have the link. Unless the QubesOS devs/maintainers made a 180 degree turn since I tried it and decided to start compiling QubesOS with xen nested virtualization enabled, but I doubt it because their reason was that xen's nested virtualization feature is basically broken anyway.
[go to top]