[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

[development] Why disable network-manager in Qubes?

I wanted to work on:
‘disable rads, whonix-initializer and swap-file-creator systemd unit files in qubes-whonix’
(https://phabricator.whonix.org/T315)

Before I re-implement that… Got a question…

disableSystemdUnits \ ... network-manager \

Why is that? It doesn’t interfere with Whonix networking that is using ifupdown. Does it conflict with any Qubes networking?

You might wonder, why is network-manager installed in Whonix by default?

From Whonix 8.3 changelog:
[html]

VPN-Firewall features have been added to Whonix-Gateway’s firewall in Whonix 8.3. network-manager-kde and OpenVPN is now being installed by default to aid users who want to hide Tor and Whonix from their ISP. [/html]

(So they can use these interfaces, these guis to setup their VPN.)

Network Manager is only enabled for netvm’s, not proxyvm’s.

A netvm is a network VM that is directly connect to the LAN/WAN.

A proxyvm is what they label a firewallvm; it routes traffic to and from AppVM’s via the netvm.

Whonix gateway is setup to be a proxyvm to give it one more level of protection and as a proxyvm it is also able to act as an update proxy for other AppVMs. Whonix can run as netvm I suppose, but it is not tested at this point.

I have no current plans on enabling Whonix as a netvm at this point as I do not see any benefits, only drawbacks.

Someone could just re-enable network-manager, and it may work, or Qubes may prevent it from opening since it also has logic to only run in a netvm. User can configure their VPN from netvm maybe.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]