Lingolol

🆘Bill Cole 🇺🇦My best "rubber duck" is whatever public support fora exist for whatever I'm bloodying my forehead on. I rarely actually get useful responses, but just asking does something, sometimes.e.g. <a href="https://forum.opennebula.io/t/debugging-domain-creation/14158/1" rel="nofollow noopener" translate="no" target="_blank">https://forum.opennebula.io/t/debugging-domain-creation/14158/1</a>I'd been fighting this problem for many weeks, making little progress, largely because I didn't have decent time focusing on it. This morning I hit on the right places to look and found a huge mess underneath, but at least I fixed it.<a href="https://toad.social/tags/Sysadminnery" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sysadminnery</a> <a href="https://toad.social/tags/OpenNebula" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenNebula</a> <a href="https://toad.social/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> <a href="https://toad.social/tags/qemu" class="mention hashtag" rel="nofollow noopener" target="_blank">#qemu</a>

Neustradamus :xmpp: :linux:<a href="https://mastodon.social/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxmoxVE</a> 9.0 has been released (<a href="https://mastodon.social/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> / <a href="https://mastodon.social/tags/VirtualEnvironment" class="mention hashtag" rel="nofollow noopener" target="_blank">#VirtualEnvironment</a> / <a href="https://mastodon.social/tags/Virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Virtualization</a> / <a href="https://mastodon.social/tags/VirtualMachine" class="mention hashtag" rel="nofollow noopener" target="_blank">#VirtualMachine</a> / <a href="https://mastodon.social/tags/VM" class="mention hashtag" rel="nofollow noopener" target="_blank">#VM</a> / <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> / <a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a> / <a href="https://mastodon.social/tags/Trixie" class="mention hashtag" rel="nofollow noopener" target="_blank">#Trixie</a> / <a href="https://mastodon.social/tags/DebianTrixie" class="mention hashtag" rel="nofollow noopener" target="_blank">#DebianTrixie</a> / <a href="https://mastodon.social/tags/QEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#QEMU</a> / <a href="https://mastodon.social/tags/LXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#LXC</a> / <a href="https://mastodon.social/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> / <a href="https://mastodon.social/tags/ZFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZFS</a> / <a href="https://mastodon.social/tags/OpenZFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenZFS</a> / <a href="https://mastodon.social/tags/Ceph" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ceph</a>) <a href="https://proxmox.com/" rel="nofollow noopener" translate="no" target="_blank">https://proxmox.com/</a>

CryptGoatFor anyone still using or considering the free <a href="https://fedifreu.de/tags/oVirt" class="mention hashtag" rel="nofollow noopener" target="_blank">#oVirt</a> as virtualization management platform:⚠️ Please don't. It is a broken nightmare on community life support.⚠️After <a href="https://fedifreu.de/tags/RedHat" class="mention hashtag" rel="nofollow noopener" target="_blank">#RedHat</a> has ended support for its commercial spin Red Hat Virtualization (RHV) last year the development of oVirt practically came to a halt.There hasn't been an official stable release for over a year despite security issues, and numerous bugs. The official recommendation is to use nightly releases to get the latest fixes. Too bad you won't be able to roll back via DNF if an update fails because older nightly releases are gone from the repo.And yes, nightly releases do break oVirt at times. The latest nightly causes updates to fail because of incomplete dependency changes.The web interface of the official mailing list is offline most of the time, the documentation is a confusing and outdated mess.Upgrades to newer Linux distribution releases such as RHEL 9 or even 10 based systems are extremely painful and not officially supported.Move your VMs to <a href="https://fedifreu.de/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxmoxVE</a> or any other actively maintained KVM based solution.<a href="https://fedifreu.de/tags/Virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Virtualization</a> <a href="https://fedifreu.de/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> <a href="https://fedifreu.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://fedifreu.de/tags/Hypervisor" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hypervisor</a> <a href="https://fedifreu.de/tags/Admin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Admin</a> <a href="https://fedifreu.de/tags/oVirtEngine" class="mention hashtag" rel="nofollow noopener" target="_blank">#oVirtEngine</a>

gyptazy🤫 Pssssst - ProxLB 1.1.5 for your Proxmox Clusters has been released!Just one small new feature: * You can now use custom ports for the API requestThis becomes handy when using additional/external load balancers on different ports than tcp/8006. Have fun :)<a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> <a href="https://mastodon.gyptazy.com/tags/proxmoxve" class="mention hashtag" rel="nofollow noopener" target="_blank">#proxmoxve</a> <a href="https://mastodon.gyptazy.com/tags/virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#virtualization</a> <a href="https://mastodon.gyptazy.com/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a> <a href="https://mastodon.gyptazy.com/tags/ProxLB" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxLB</a> <a href="https://mastodon.gyptazy.com/tags/loadbalancing" class="mention hashtag" rel="nofollow noopener" target="_blank">#loadbalancing</a> <a href="https://mastodon.gyptazy.com/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#foss</a> <a href="https://mastodon.gyptazy.com/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a>

0x0Here's the customary <a href="https://hachyderm.io/tags/introduction" class="mention hashtag" rel="nofollow noopener" target="_blank">#introduction</a>: i'm into <a href="https://hachyderm.io/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#C</a> and tolerate C++ on a daily basis at work, i've also used others like java, kotlin, python, PHP, etc and am curious about <a href="https://hachyderm.io/tags/COBOL" class="mention hashtag" rel="nofollow noopener" target="_blank">#COBOL</a>, <a href="https://hachyderm.io/tags/AdaLanguage" class="mention hashtag" rel="nofollow noopener" target="_blank">#AdaLanguage</a> and <a href="https://hachyderm.io/tags/erlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#erlang</a>.My dislike of jenkins is only surpassed by my hate of githubactions and everything MS-related. AI is not I, only A. I'm interested in <a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> stuff but atm that's a VPS with some sites, which doesn't really count. For now <a href="https://hachyderm.io/tags/syncthing" class="mention hashtag" rel="nofollow noopener" target="_blank">#syncthing</a> is quite useful and <a href="https://hachyderm.io/tags/wireguard" class="mention hashtag" rel="nofollow noopener" target="_blank">#wireguard</a> is on the horizon once i reformat/reinstall my current <a href="https://hachyderm.io/tags/gentoo" class="mention hashtag" rel="nofollow noopener" target="_blank">#gentoo</a> (i'll keep the root <a href="https://hachyderm.io/tags/ZFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZFS</a> aproach and am on the fence regarding <a href="https://hachyderm.io/tags/XFCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#XFCE</a> or <a href="https://hachyderm.io/tags/KDE" class="mention hashtag" rel="nofollow noopener" target="_blank">#KDE</a>), would be interesting to have a barebones <a href="https://hachyderm.io/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a>/#QEMU running all the stuff and i digress.kthxbai\0

Droppie [anonsys] 🐨♀🌈🐧🦘Wonder if i'll ever discover why <a href="https://anonsys.net/search?tag=QuickEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#QuickEMU</a> 100% fails for me, on any pooter i install it? 🤔🤷‍♀️<a href="https://anonsys.net/search?tag=Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://anonsys.net/search?tag=QEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#QEMU</a> <a href="https://anonsys.net/search?tag=KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> <a href="https://anonsys.net/search?tag=ArchLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#ArchLinux</a> <a href="https://anonsys.net/search?tag=Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a> <a href="https://anonsys.net/search?tag=LMDE" class="mention hashtag" rel="nofollow noopener" target="_blank">#LMDE</a>

Markus FeilnerRead all about the Regensburg University (OTH) and my friends there who didnt have a quantum computer so they decided to simulate emulate virtualize one. That way they can provide useful results for software architecture and science of quantum computing. Awesome. <a href="https://social.linux-magazin.de/tags/OTHRegensburg" class="mention hashtag" rel="nofollow noopener" target="_blank">#OTHRegensburg</a> <a href="https://social.linux-magazin.de/tags/OTHR" class="mention hashtag" rel="nofollow noopener" target="_blank">#OTHR</a> <a href="https://social.linux-magazin.de/tags/regensburg" class="mention hashtag" rel="nofollow noopener" target="_blank">#regensburg</a> <a href="https://social.linux-magazin.de/tags/quantumcomputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#quantumcomputing</a> <a href="https://social.linux-magazin.de/tags/quantummechanics" class="mention hashtag" rel="nofollow noopener" target="_blank">#quantummechanics</a> <a href="https://social.linux-magazin.de/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://social.linux-magazin.de/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://social.linux-magazin.de/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a> <a href="https://social.linux-magazin.de/tags/qemu" class="mention hashtag" rel="nofollow noopener" target="_blank">#qemu</a> . Thanks to Professor Mauerer, Ralf Ramsauer and their team. Read all about it in the next <a href="https://social.linux-magazin.de/tags/linuxmagazin" class="mention hashtag" rel="nofollow noopener" target="_blank">#linuxmagazin</a> <a href="https://social.linux-magazin.de/@redaktion" class="u-url mention" rel="nofollow noopener" target="_blank">@redaktion</a> !

KaiXinI just upgraded <a href="https://snac.bsd.cafe?t=openbsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenBSD</a> from 7.1 all the way up to 7.7 one release at a time in a <a href="https://snac.bsd.cafe?t=kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> VM running on my laptop <a href="https://snac.bsd.cafe?t=debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a>. At first <a href="https://snac.bsd.cafe?t=tcsh" class="mention hashtag" rel="nofollow noopener" target="_blank">#tcsh</a> and <a href="https://snac.bsd.cafe?t=vim" class="mention hashtag" rel="nofollow noopener" target="_blank">#vim</a> were giving coredumps. I realized I did not even run <a href="https://snac.bsd.cafe?t=pkg_add" class="mention hashtag" rel="nofollow noopener" target="_blank">#pkg_add</a> even once so I did a <code>doas pkg_add -u</code>. After that all is fine and everything was like before. <a href="https://snac.bsd.cafe?t=openbsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenBSD</a> is truely awesome! <a href="https://snac.bsd.cafe?t=bsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#BSD</a> <a href="https://snac.bsd.cafe?t=usebsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#UseBSD</a> <a href="https://snac.bsd.cafe?t=runbsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#RunBSD</a> <a href="https://snac.bsd.cafe?t=unix" class="mention hashtag" rel="nofollow noopener" target="_blank">#unix</a> <a href="https://snac.bsd.cafe?t=foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a>

gyptazyWant to get rid of license costs of your <a href="https://mastodon.gyptazy.com/tags/VMware" class="mention hashtag" rel="nofollow noopener" target="_blank">#VMware</a> environment? Switching to <a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> & looking for enterprise features like DRS? <a href="https://mastodon.gyptazy.com/tags/ProxLB" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxLB</a> (opensource) has you covered!With ProxLB you extend the features of your Proxmox cluster with DRS alike features including affinity & anti-affinity support, maintenance mode and soon also power management (DPM alike) and automated security patching!<a href="https://github.com/gyptazy/ProxLB" rel="nofollow noopener" translate="no" target="_blank">https://github.com/gyptazy/ProxLB</a><a href="https://mastodon.gyptazy.com/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#foss</a> <a href="https://mastodon.gyptazy.com/tags/debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#debian</a> <a href="https://mastodon.gyptazy.com/tags/proxmoxve" class="mention hashtag" rel="nofollow noopener" target="_blank">#proxmoxve</a> <a href="https://mastodon.gyptazy.com/tags/esx" class="mention hashtag" rel="nofollow noopener" target="_blank">#esx</a> <a href="https://mastodon.gyptazy.com/tags/esxi" class="mention hashtag" rel="nofollow noopener" target="_blank">#esxi</a> <a href="https://mastodon.gyptazy.com/tags/vsphere" class="mention hashtag" rel="nofollow noopener" target="_blank">#vsphere</a> <a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://mastodon.gyptazy.com/tags/enterprise" class="mention hashtag" rel="nofollow noopener" target="_blank">#enterprise</a> <a href="https://mastodon.gyptazy.com/tags/virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#virtualization</a> <a href="https://mastodon.gyptazy.com/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a>

openSUSE LinuxSuccessful set up of <a href="https://fosstodon.org/tags/firewalld" class="mention hashtag" rel="nofollow noopener" target="_blank">#firewalld</a>, <a href="https://fosstodon.org/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> & <a href="https://fosstodon.org/tags/Cockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cockpit</a> Web Console on <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#openSUSE</a> Leap 16 Beta done manually & without <a href="https://fosstodon.org/tags/YaST" class="mention hashtag" rel="nofollow noopener" target="_blank">#YaST</a>! 🛠️ Check out <a href="https://fosstodon.org/tags/CLI" class="mention hashtag" rel="nofollow noopener" target="_blank">#CLI</a> this <a href="https://fosstodon.org/tags/testing" class="mention hashtag" rel="nofollow noopener" target="_blank">#testing</a> with <a href="https://fosstodon.org/tags/Leap16" class="mention hashtag" rel="nofollow noopener" target="_blank">#Leap16</a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://dbaxps.blogspot.com/2025/05/setup-firewalld-and-kvm-on-opensuse.html" rel="nofollow noopener" translate="no" target="_blank">https://dbaxps.blogspot.com/2025/05/setup-firewalld-and-kvm-on-opensuse.html</a>

HistoPol (#HP) 🏴 🇺🇸 🏴<a href="https://social.pmj.rocks/@pmj" class="u-url mention" rel="nofollow noopener" target="_blank">@pmj</a> <a href="https://mastodon.social/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> Das klingt allerdings wirklich sehr interessant.KVM sagt mir nichts und ich habe bislang keine Linux-Erfahrung, nur recht viel mit Windows als Nicht-ITler.Hast du da einen Link, bei dem ich mich einlesen kann?<a href="https://mastodon.social/@marquito" class="u-url mention" rel="nofollow noopener" target="_blank">@marquito</a> <a href="https://astronomy.social/@admin" class="u-url mention" rel="nofollow noopener" target="_blank">@admin</a> <a href="https://netsphere.one/@VMwareRN" class="u-url mention" rel="nofollow noopener" target="_blank">@VMwareRN</a>

Joe Steinbring :thisisfine:Does anyone know of a Thunderbolt dock that can also act as a KVM? I’m hoping to be able to use it with a M1 Pro MBP, a Steamdeck, and a MacMini.<a href="https://toot.works/tags/Hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hardware</a> <a href="https://toot.works/tags/Thunderbolt" class="mention hashtag" rel="nofollow noopener" target="_blank">#Thunderbolt</a> <a href="https://toot.works/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a>

Ricardo Martín :bsdhead:Well well well, I can't believe it's finally here, but, it will need to wait until the weekend.<a href="https://mastodon.bsd.cafe/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#networking</a> <a href="https://mastodon.bsd.cafe/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a>

TimjanMadeMeDoItOkay, that was it, I guess. My <a href="https://social.linux.pizza/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> switch's USB output port 1 died. My wife's failed in a similar fashion last year. Any recommendations? I don't need anything fancy: 2 or possibly 3 computers, 1 monitor, at least one of the inputs has to be HDMI, the other could be HDMI or DP.

gyptazyNo April Fools' joke - the new <a href="https://mastodon.gyptazy.com/tags/ProxLB" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxLB</a> release is scheduled for the 1st of April! Stay tuned!ProxLB is an advanced <a href="https://mastodon.gyptazy.com/tags/loadbalancer" class="mention hashtag" rel="nofollow noopener" target="_blank">#loadbalancer</a> for <a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> clusters that brings in features like <a href="https://mastodon.gyptazy.com/tags/DRS" class="mention hashtag" rel="nofollow noopener" target="_blank">#DRS</a> (known from <a href="https://mastodon.gyptazy.com/tags/VMware" class="mention hashtag" rel="nofollow noopener" target="_blank">#VMware</a>), <a href="https://mastodon.gyptazy.com/tags/maintenance" class="mention hashtag" rel="nofollow noopener" target="_blank">#maintenance</a> mode and (anti-)#affinity groups.<a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://mastodon.gyptazy.com/tags/virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#virtualization</a> <a href="https://mastodon.gyptazy.com/tags/VM" class="mention hashtag" rel="nofollow noopener" target="_blank">#VM</a> <a href="https://mastodon.gyptazy.com/tags/virtualmachine" class="mention hashtag" rel="nofollow noopener" target="_blank">#virtualmachine</a> <a href="https://mastodon.gyptazy.com/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#ProxmoxVE</a> <a href="https://mastodon.gyptazy.com/tags/Prox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Prox</a> <a href="https://mastodon.gyptazy.com/tags/xen" class="mention hashtag" rel="nofollow noopener" target="_blank">#xen</a> <a href="https://mastodon.gyptazy.com/tags/alternatives" class="mention hashtag" rel="nofollow noopener" target="_blank">#alternatives</a> <a href="https://mastodon.gyptazy.com/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://mastodon.gyptazy.com/tags/coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#coding</a> <a href="https://mastodon.gyptazy.com/tags/projects" class="mention hashtag" rel="nofollow noopener" target="_blank">#projects</a> <a href="https://mastodon.gyptazy.com/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a> <a href="https://mastodon.gyptazy.com/tags/qemu" class="mention hashtag" rel="nofollow noopener" target="_blank">#qemu</a> <a href="https://mastodon.gyptazy.com/tags/guests" class="mention hashtag" rel="nofollow noopener" target="_blank">#guests</a> <a href="https://mastodon.gyptazy.com/tags/workloads" class="mention hashtag" rel="nofollow noopener" target="_blank">#workloads</a> <a href="https://mastodon.gyptazy.com/tags/LXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#LXC</a> <a href="https://mastodon.gyptazy.com/tags/container" class="mention hashtag" rel="nofollow noopener" target="_blank">#container</a>

AlexWell hello there. <a href="https://mastodon.org.uk/tags/pixel" class="mention hashtag" rel="nofollow noopener" target="_blank">#pixel</a> <a href="https://mastodon.org.uk/tags/pkvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#pkvm</a> <a href="https://mastodon.org.uk/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a>

Pope Bob the UnsaneAfter taking the nickle tour of <a href="https://kolektiva.social/tags/Qubes" class="mention hashtag" rel="nofollow noopener" target="_blank">#Qubes</a>, my hasty conclusion is that it is anti-<a href="https://kolektiva.social/tags/KISS" class="mention hashtag" rel="nofollow noopener" target="_blank">#KISS</a>; there are seemingly many moving parts under the surface, and many scripts to grok to comprehend what is going on.I plan to give it some more time, if only to unwrap how it launches programs in a VM and shares them with dom0's X server and audio and all that; perhaps it's easier than I think.I also think <a href="https://kolektiva.social/tags/Xen" class="mention hashtag" rel="nofollow noopener" target="_blank">#Xen</a> is a bit overkill, as the claim is that it has a smaller kernel and therefore smaller attack surface than the seemingly superior alternative, <a href="https://kolektiva.social/tags/KVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#KVM</a>. Doing some rudimentary searching out of identified / known VM escapes, there seem to be many more that impact Xen than KVM, in the first place.Sure, the <a href="https://kolektiva.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> kernel may be considerably larger than the Xen kernel, but it does not need to be (a lot can be trimmed from the Linux kernel if you want a more secure hypervisor), and the Linux kernel is arguably more heavily audited than the Xen kernel.My primary concern is compartmentalization of 'the web', which is the single greatest threat to my system's security, and while <a href="https://kolektiva.social/tags/firejail" class="mention hashtag" rel="nofollow noopener" target="_blank">#firejail</a> is a great soltion, I have run into issues maintaining my qutebrowser.local and firefox.local files tuned to work well, and it's not the simplest of solutions.Qubes offers great solutions to the compartmentalization of data and so on, and for that, I really like it, but I think it's over-kill, even for people that desire and benefit from its potential security model, given what the threats are against modern workstations, regardless of threat actor -- most people (I HOPE) don't have numerous vulnerable services listening on random ports waiting to be compromised by a remote threat.So I am working to refine my own security model, with the lessons I'm learning from Qubes.Up to this point, my way of using a system is a bit different than most. I have 2 non-root users, neither has sudo access, so I do the criminal thing and use root directly in a virtual terminal.One user is my admin user that has ssh keys to various other systems, and on those systems, that user has sudo access. My normal user has access to some hosts, but not all, and has no elevated privileges at all.Both users occasionally need to use the web. When I first learned about javascript, years and years ago, it was a very benevolent tool. It could alter the web page a bit, and make popups and other "useful" things.At some point, <a href="https://kolektiva.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> became a beast, a monster, something that was capable of scooping up your password database, your ssh keys, and probe your local networks with port scans.In the name of convenience.As a result, we have to take browser security more seriously, if we want to avoid compromise.The path I'm exploring at the moment is to run a VM or two as a normal user, using KVM, and then using SSH X forwarding to run firefox from the VM which I can more easily firewall, and ensures if someone escapes my browser or abuses JS in a new and unique way, that no credentials are accessible, unless they are also capable of breaking out of the VM.What else might I want to consider? I 'like' the concept of dom0 having zero network access, but I don't really see the threat actor that is stopping. Sure, if someone breaks from my VM, they can then call out to the internet, get a reverse shell, download some payloads or build tools, etc.But if someone breaks out of a Qubes VM, they can basically do the same thing, right? Because they theoretically 'own' the hypervisor, and can restore network access to dom0 trivially, or otherwise get data onto it. Or am I mistaken?Also, what would the <a href="https://kolektiva.social/tags/LXC" class="mention hashtag" rel="nofollow noopener" target="_blank">#LXC</a> / <a href="https://kolektiva.social/tags/LXD" class="mention hashtag" rel="nofollow noopener" target="_blank">#LXD</a> approach look like for something like this? What's its security record like, and would it provide an equivalent challenge to someone breaking out of a web browser (or other program I might use but am not thinking of at the moment)?

Eva Winterschön💻 HomeLab Chanukah 💻Ok not really, but every HomeLab hardware weekend feels like a wonderful gift! 🎁 Today I'll be setting up a new 25U rack, and then mostly recuperating. I'm also working on the FreeBSD port of this OSS KVM: <a href="https://www.crowdsupply.com/techxartisan/openterface-mini-kvm" rel="nofollow noopener" translate="no" target="_blank">https://www.crowdsupply.com/techxartisan/openterface-mini-kvm</a> .. couple of Qt6 bugs with serial usb handling but otherwise can get video just fine. It arrived yesterday, so of course the first thing to do is de-pack the Debian package and start reviewing repo source. Love it.Disregard the boxes and living room clutter in these photos, we're still unpacking from the move. <a href="https://mastodon.bsd.cafe/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://mastodon.bsd.cafe/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://mastodon.bsd.cafe/tags/freebsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#freebsd</a> <a href="https://mastodon.bsd.cafe/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a> <a href="https://mastodon.bsd.cafe/tags/saturday" class="mention hashtag" rel="nofollow noopener" target="_blank">#saturday</a>

Ravenlibvirt 11.0.0 released with VLAN support on standard Linux host bridges, support for VLAN tagging and trunking in the network, qemu and lxc drivers<a href="https://gitlab.com/libvirt/libvirt/-/blob/master/NEWS.rst" rel="nofollow noopener" translate="no" target="_blank">https://gitlab.com/libvirt/libvirt/-/blob/master/NEWS.rst</a><a href="https://mastodon.bsd.cafe/tags/libvirt" class="mention hashtag" rel="nofollow noopener" target="_blank">#libvirt</a> <a href="https://mastodon.bsd.cafe/tags/qemu" class="mention hashtag" rel="nofollow noopener" target="_blank">#qemu</a> <a href="https://mastodon.bsd.cafe/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a> <a href="https://mastodon.bsd.cafe/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a>

Bardiasomeone in the chat asked if the flx1 can run a KVM machine and my initial thought process was well, probably not out of the box since during the boot process EL2 is locked and even if kernel has KVM, it will never initialize correctly.so today after finishing my daily tasks i decided to take a stab at our bootloader, preloader and trustzone's source code.Lo and behold, turns out i did indeed cook.Docker support will land in the next release too!<a href="https://social.likeadragonmaid.dev/tags/flx1" class="mention hashtag" rel="nofollow noopener" target="_blank">#flx1</a> <a href="https://social.likeadragonmaid.dev/tags/furilabs" class="mention hashtag" rel="nofollow noopener" target="_blank">#furilabs</a> <a href="https://social.likeadragonmaid.dev/tags/FuriPhoneFLX1" class="mention hashtag" rel="nofollow noopener" target="_blank">#FuriPhoneFLX1</a> <a href="https://social.likeadragonmaid.dev/tags/qemu" class="mention hashtag" rel="nofollow noopener" target="_blank">#qemu</a> <a href="https://social.likeadragonmaid.dev/tags/kvm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kvm</a>

Recent searches

Search options

Administered by:

Server stats:

#kvm