[nmglug] PureOS GnomeBoxes virtual machine on MX 'writable LiveUSB'
trailerdog234 at comcast.net
Fri Aug 7 07:33:38 PDT 2020
PureOS GnomeBoxes virtual machine on MX 'writable LiveUSB'
My notes with a bit of explication in case someone else might like to
try this (looking at you, Brian) or maybe provide additional virtual
machine/USB hints or comments.
So far it all seems to work rather nicely--but it does make a
ten-year-old plus AMD Turion II Toshiba Satellite L505 with 4MB RAM
I decided to try Qemu-KVM-VirtualMachineManager first rather than the
recent edition proprietary VirtualBox available in MX for the sake of
reinforcing general Debian transferable GNU FOSS skills.
A couple of years ago I'd gotten fairly comfortable with setting up
Ubuntu and Debian servers in Qemu-KVM-VirtualMachineManager virtual
machines. Also, yesterday I had just done a passably successful
installation of Windows 10 with spice guest additions that produced
really nice choices of display resolutions, but was slow because I was
unable to find any way to specify more than 16MB default for video,
though it is supposed to be possible to do this through XML setting that
never materialized in my instance of virt-manager). Probably some
missing dependency that was unmentioned in the YouTube video I was using
as a guide. At any rate, I couldn't make PureOS run under Qemu-KVM-VMM
probably for similar reasons (i.e. I didn't know what I was doing.)
Searching YouTube again I came accross Gnome Boxes which I had heard
about from Jared at an abqlug meeting but forgotten.
Like Qemu-KVM, gnome-boxes passes muster as Debian free software, shows
and installs with apt. Really easy to use and works like a dream.
However, there are several packages/dependencies in common with
qemu-kvm, and also a few additional packages in common with both that
are required to get both to work properly, at least in the case of using
PureOS as a virtual machine. Also, there is one more that I think will
be nice to have, and one more that is required to make it all go under MX.
So here's all the stuff, probably pretty closely in order of best
priority and sequence of installation.
But first an aside about PureOS. The first update to the latest version
replaces Pure Browser with Firefox ESR. Apparently most everything in
PureOS is just Debian along with a special somewhat more highly
curated/ranked software repository. I added several of my favorite
packages via apt and noticed they were listed with a slash followed with
the word amber. I assume this is as in green/amber/red categories of
suspicion. Just a guess. I haven't yet looked into it.
And just in case one happens to be preparing to create virtual machines
on a computer not used for virtual machines before, remember to restart
the computer, go into BIOS settings and make sure the virtualization
setting is enabled...
Now. Every command that follows a dollar sign below should be done
(except in one case where noted otherwise):
https://wiki.debian.org/KVM applicable command/packages summation:
$ sudo apt-get install qemu-kvm libvirt-clients libvirt-daemon-system
(lifted from Chris Titus Tech who is coming from a place other than
Debian but catches most of what seems to be missing in other references
$ sudo apt install gnome-boxes qemu-kvm libvirt-bin
*But* if you did the above from wiki.debian.org/KVM (as I think is
likely best), all but gnome-boxes packages are consequently obsoleted
and will cause defeat the entire command, so just do:
$ sudo apt install gnome-boxes
Add User to kvm:
sudo usermod -a -G kvm $USER
Allow users in kvm group to start VMs:
sudo sed -i -e 's/\#group\ =\ "root"/group=kvm/g' /etc/libvirt/qemu.conf
Fix MX problem with gnome-boxes and have more network options:
$ sudo apt install bridge-utils qemu-utils
And that did it. GnomeBoxes is pretty well entirely self-teaching and
easy to figure out by clicking around a little. A very nice program.
PureOS install thereafter initiates loading of live/demo instance, then
imap & smtp, email password and keyring password setup is required in
order to proceed to first full use of desktop.
Closed welcome page and hit Activities > Install.
Uses the Calamares installer
Other things about the automated aspects of my virtual installation that
I noted to note:
Auto set/detected 'ATA QEMU HARDDISK - 20.0 GiB (/dev/sda)'
Selected 'Erase disk', 'no swap', 'encrypt system'.
Auto set/detected 'Boot loader location: Master Boot Record of ATA QEMU
Username, computer name, user password are set, then final commitment to
overwrite the 20.0 GiB above is made and permanent installation proceeds.
Takes at least a half-hour probably more on L505.
Initial login and setup again first requires imap & smtp, email address
info and setup in order to achieve first full access to desktop
Seems to me that from the security point of view, one's identity is
probably now already compromised by association with an ip address and
probably also some un-announced machine and browser identifications.
However, if anonymity is not a necessary requirement for one's personal
security, this set of arrangements likely represents a reasonable
workable compromise on the part of the Librem developers between
necessary social accountability/responsibility and the user's legitimate
needs for privacy against the prevailing ubiquitous conditions of
rampant unwarranted commercial/criminal/government intrusion.
Therefore, in my case, because of the "pure" orientation of PureOS, I
opted FOR DoH in Firefox. (The initial state was opt-in, not opt-out as
Dr. Vixie has feared, and as I seem to remember it actually is in the
non-ESR version of Firefox.) That is, it is perhaps reasonable that
"they" should know who I am, but it is certainly none of their business
what I do, unless it is illegal. I don't lie on my driver's license; I
lock the door of my house; I draw my shades together in the evening.
Firefox hamburger menu > Preferences > General. Scroll all the way to
the bottom of the bottom, Network Settings > Settings. Scroll to bottom
of opened Connection Settings window. Check box 'Enable DNS over
HTTPS'. One does have to wonder exactly why this setting is so far out
So. An easy-to-use encrypted Debian-based privacy-oriented OS in an
easy-to-use GNU virtual machine in an encrypted easy-to-use Debian OS on
a portable USB stick that still works as a storage device and likely
works on, as far as I presently know, just about any Linux or Windows
machine. A veritable Swiss army knife. Might work as a cat toy or
bottle opener too (once).
More information about the nmglug