Whonix KVM dnsmasq - listen port on host operating system - attack surface reduction

gentoo2 · February 8, 2024, 11:38am

I got my Debian Guest VM working without dnsmasq.

1.Removed dnsmasq completely.

2.Tried start Guest VM, virt-manager gives error about dnsmasq missing.

3.Edited “default” network xml file.
added: <dns enable="no"/>
removed: dhcp range

4.Tried start Guest VM again, all working.

Same should work with Whonix, since whonix don’t need dns or dhcp.
I hope you guys can fix this in whonix network xmls. And attack surface will be reduced.

HulaHoop · February 10, 2024, 5:34pm

My experience was different. After uninstalling dnsmasq-base and modifying default network settings, I ended up with libvirt process instability where it crashed and refused to start-up or let the virtual machine manager GUI to connect to it until

Patrick · June 11, 2024, 5:00pm

Done:
KVM: Difference between revisions - Whonix

Could you please report this upstream as a bug?

HulaHoop · June 19, 2024, 6:23pm

Went ahead and asked upstream on how to do this if possible

https://lists.libvirt.org/archives/list/users@lists.libvirt.org/thread/PVI6KFUVNUKG6FZK7UOHM5PMSIWNHLNC/

Patrick · June 20, 2024, 8:54am

Nice! I think we’re onto something here…

Suggestions to include in reply, draft:

> It sounds like you're using the old monolithic 'libvirtd' daemon.

How to check that?

> Thus if you're not intending to use the libvirt virtual network feature,
simply don't install its modyle, and then libvirtd will see the module
doesn't exist, and skip the dlopen.

That sounds like something people would do who compile from source code?

We're using libvirtd (9.0.0-4) from Debian package sources. [1]

> If you're using the new modular daemons,

That is libvirtd 9.x or 10.x?

Is there a chance that something is wrong with the libvirtd compilation settings by Debian's packaging?

[1] packages.debian.org/bookworm/libvirt-daemon

Patrick · June 20, 2024, 8:55am

Which Linux distribution did you you? From user name, I suppose Gentoo.

Which version of libvirtd did you use?

HulaHoop · June 22, 2024, 7:43pm

Sent

HulaHoop · June 27, 2024, 6:12pm

@Patrick got a reply and it seems that Debian package maintainers are causing this by the way they choose to put it together. Let’s work on a draft for a request/bug report and ill go ahead and send it to their tracker.

Patrick · June 28, 2024, 12:33pm

Draft.

to:

submit@debian.org

subject:

Running libvirt without dnsmasq broken due to Debian’s packaging

content:

Package: libvirt-daemon
Severity: normal

Expected behavior:
Running libvirt should be possible without dnsmasq should be possible

Actual behavior:
Libvirt crashes when dnsmasq is not installed by default.

Additional information:
Upstream libvirt confirmed, that Debian packages all into libvirt-daemon. [1] This is apparently not how upstream libvirt has designed it to be. Could you look into it please?

[1] https://lists.libvirt.org/archives/list/users@lists.libvirt.org/thread/PVI6KFUVNUKG6FZK7UOHM5PMSIWNHLNC/

HulaHoop · July 2, 2024, 7:43am

https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1978297.html

Patrick · July 2, 2024, 1:01pm

Debian bug report:
Running libvirt without dnsmasq broken due to Debian’s packaging

Patrick · July 2, 2024, 1:24pm

Should,

use <dns enable="no"/>? Or unnecessary?