On Sunday, December 15, 2019 8:26:42 PM MST Chris Murphy wrote: > The PR and the PDF presentation, the three options are: > 1. Plain dir or subvolume (no encryption) > 2. Per user homes, i.e. ~/ not /home, encrypted using fscrypt(), right > now this means a hard requirement on ext4 > 3. Per user homes, i.e. ~/ not /home, encrypted LUKS2 file mounted on > loop device, this is the preferred/recommended workflow because it's > straightforward to make the user home portable, by dropping it on a > USB stick. Btrfs, ext4, XFS are supported. > > In the case of #3 you've got plausibly three file systems: > A. /home - ostensibly the same as system root, but that's not required. > B. ~/ - LUKS encrypted file on loop mount > C. VM filesystems, inside the qcow2 file that's located somewhere in ~/ > > It's early days, still in code review, and hasn't been merged yet. I'll send an email over to the overlord of systemd, see if anything has changed there, because that's not the best way to implement this, by far. > > Looks like Boxes is a GNOME thing, does it give you an option to specify > > the location of the disks? If not, I'd recommend opening a bug report > > with GNOME. > > GNOME Boxes's target audience is minimal configuration, highly > accessible to regular users. It's not a virt-manager replacement. > While it is managed by libvirtd and thus you can use virsh to edit the > configuration by CLI, since Boxes runs under the user, it doesn't have > permissions to write to /var so the backing file gets stored in I > think ~/.var or maybe ~/.local/share - I forget. Whereas virt-manager > runs as a privileged process and its images go in /var and can't go > anywhere in ~/ Why does GNOME insist on making things absolutely unusable? This is not configuration. It's a very basic option. It's one thing to set a default, another entirely to make it impossible to actually use the thing outside of what GNOME thinks is the most common option. It probably gets stored in ~/.config/boxes or something like that, if it's stored under the user at all. If it's using libvirtd, it's using libvirtd, and so the VM itself is running as a privileged user. virt-manager does NOT run as a privileged user. It's just a libvirtd client, essentially. I imagine Boxes is the same, since you mention it uses libvirtd. virt-manager can use your $HOME, without issue. You may run into issues if libvirtd doesn't have permission to enter your home dir though. Let me see what user that's running as. Oh. It runs as `root`. Yeah, it can access your home directory without issue. -- John M. Harris, Jr. Splentity _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
