@Patrick I have not found any security warnings about this. Interesting is an understatement. This essentially gives us Whonix-KVM-cli without having to do an extra build (or am I missing something?). If a user doesn’t want the GUI they can dial back the RAM on the GW to as little as 200MB and the GUI won’t show. Also doing “Send Key → Ctrl + Alt +F2” will exit the GUI session.
We can support this out of the box by shipping a modified grub, pre-started getty service and adding the devices to the VM config. I have successfully tested the steps below.
@foieac5 Yes there is a serial device that needs to be added in the XML or from virt-manager. You also need to start a service and edit grub in the guest VM you want to attach the console too.
Here are the steps which I will add to the wiki shortly:
-
virtualization - virsh: VM console does not show any output - Server Fault
-
virtualization - virsh: VM console does not show any output - Server Fault
systemctl enable serial-getty@ttyS0.service
systemctl start serial-getty@ttyS0.service
in guest VM in /etc/default/grub replace
GRUB_CMDLINE_LINUX_DEFAULT=“quiet”
#GRUB_TERMINAL=console
by
GRUB_CMDLINE_LINUX_DEFAULT=“console=tty0 console=ttyS0”
GRUB_TERMINAL=“serial console”
guest# update-grub
the VM console for running VM can be get by
host# virsh console VM
XML
<controller type='virtio-serial' index='0'/>`
<serial type='pty'>
<target port='0'/>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
Edit by Patrick:
- Whitespace / formatting fixes.
- Note: As of September 2024, these XML settings are applied to Whonix default libvirt XML files for a long time already. Therefore there is no need to add these settings by hand.