This is a technique for automatically passing custom information to named disposables as they boot up. Our example case will be making a disposable sys-net remember your wifi password, but the same technique can be used for disposable sys-net remembering your static IP address, or other information.

If you are unfamiliar with the "disposable sys-net needs wifi password each time system boots" issue, it's this:

So lets say that during install, you saw the option for "make sys-net disposable", thought it sounded good, but then later found out that every time you reboot sys-net that you either: * have to enter your wifi password in again (if you use wifi) * have to enter your static IP address in again (if you use static IP addresses)

The technique:

This is a technique for fixing that. It's actually a general solution that came from @marmarek that I thought could use more publicity. The key is how to hand off the information. For this you can use qvm-features with vm-config.* . The important part is that with qvm-features, you can just make up what you want to come after the vm-config. part!

So you can do like: qvm-features sys-net vm-config.wifi-1-name NETGEAR1000 qvm-features sys-net vm-config.wifi-1-pass MyWIFIPassword

Then start a shell inside sys-net, and type: qubesdb-read /vm-config/wifi-1-name qubesdb-read /vm-config/wifi-1-pass

Examples:

Example of using the technique to automatically give your wireless password to sys-net each time it starts:

GIven the commands demonstrating the technique shown above, you can make a /rw/config/rc.local file that includes something like:

#!/bin/bash
###Note: setting shell to /bin/bash as /bin/sh had strange results when evaluating conditions###

WIFI_1_NAME=`qubesdb-read /vm-config/wifi-1-name`
WIFI_1_PASS=`qubesdb-read /vm-config/wifi-1-pass`

echo hostname is $(hostname)

if [ $(hostname) = 'sys-net' ]; then
    echo "ok, we are on sys-net, check for the wifi password";
    if [[ `qubesdb-read /vm-config/wifi-1-pass  | wc --bytes` -gt 1 ]]; then
    echo "Found Wifi  password!  configuring now..."

    nmcli device wifi list 2>&1 | tee /tmp/debug.5.1
    date >> tee /tmp/debug.5.1-stamp
    nmcli device wifi scan 2>&1 | tee /tmp/debug.5.2
    date >> tee /tmp/debug.5.2-stamp
    nmcli device wifi rescan 2>&1 | tee /tmp/debug.5.3
    date >> tee /tmp/debug.5.3-stamp
        ###next, try to fix the race condition
    sleep 30;
    nmcli device wifi list 2>&1 | tee /tmp/debug.5.4
    date >> tee /tmp/debug.5.4-stamp

    nmcli device wifi connect "$WIFI_1_NAME" password "$WIFI_1_PASS"  | tee /tmp/debug.5.5;
    else
    echo "no password found... moving on"
    fi;
else
    echo "you are not on sys-net... moving on"
fi

(Note: there seems to be some kind of race condition with the above in that it works about 9 out of 10 times (the 30 second pause is attempting to fix that))

Of course, if we put that directly in sys-net, since sys-net is disposable, it'll be gone next time sys-net reboots. Thus you need to edit the /rw/config/rc.local in the disposable template that sys-net uses. You can find which system this is with: qvm-prefs sys-net template

so with that in the rc.local of the template, and running the the 2 qvm-features sys-net {blah blah blah} commands in dom0, your 802.11 should become persistant.

Other example uses

Static IP address example

Similarly, you could create and set differnt vm-config.* parameters, then call nmcli with other options in the rc.local to configure a static IP address. Something like: qvm-features sys-net vm-config.ip_address 192.168.0.127 qvm-features sys-net vm-config.gateway 192.168.0.1

with a: qubesdb-read /vm-config/ip_address and qubesdb-read /vm-config/gateway in the rc.local

Customize a named disposable using the vm-config feature

Intro

The technique:

Examples:

Example of using the technique to automatically give your wireless password to sys-net each time it starts:

Other example uses

Static IP address example

Securedrop example: