Re: PlagueOS

[Geblaat <geblaat@riseup.net>]

On 2022-03-15 22:10, Alyssa Ross wrote:
> On Tue, Mar 15, 2022 at 12:23:13PM -0700, Geblaat wrote:
>> On the mailing list, I saw an article about FlexOS, which has some
>> similar goals, though it seems to be in very early stages. I thought
>> PlagueOS might be of interest to people here as well. Like Spectrum, it
>> has better hardware compatibility and performance compared to Qubes OS.
>> They use Void OS as hypervisor(looks like standard KVM compared to a
>> more secure Rust alternative) and a lot of hardening. It already has an
>> ISO image available and a graphical desktop environment, so it can
>> already be used by people with not much technical skills.
> 
> That's very interesting, thank you for sharing.
> 
> I took a look at their documentation.  I also had a quick go at running
> it in a VM but couldn't get it to boot.  It looks like it's a hardened
> Linux distro, with some out of the box support for running applications
> in virt-manager VMs.  I'm very curious about how those VMs are
> integrated with the system, and whether there's any tooling for making
> it easier to create/manage VMs on top of the standard virt-manager
> stuff — it was difficult for me to tell just going by the information on
> their GitLab site.
> 
> I've seen a few other projects now that bundle virt-manager or
> crosvm and try to make it a bit easier to use, at varying stages of
> development[1][2].  The main difference between these projects and
> Spectrum is that Spectrum is aiming for a higher level of integration
> than just using the standard virtualization programs can provide.  I want
> it to be difficult to tell that the application you're using is even
> running in a VM.  I want it not to be necessary to configure and manage
> VMs just to run applications.  But that's not something that existing
> Linux virtualization stuff is quite up to (Qubes is closer than anything
> else), so I'm working on that virtualization technology to try to push
> it forward to that end.  In my mind, that's what separates Spectrum from
> lots of the other efforts I've seen.  (If any of those projects *are*
> doing development work on virtualization software that I've missed, I'd
> be very happy to be corrected and to learn about it!)
> 
> [1]: https://github.com/jollheef/appvm
> [2]: https://blog.openw3b.org/crosvm-for-os-and-app-virtualization-on-linux/
> 
> P.S.  Looks like the reason PlagueOS wouldn't boot is that its initramfs
>       is looking for /dev/disk/by-label/PLAGUE_LIVE, but the actual path
>       is /dev/disk/by-label/plague_live (lowercase).
Yes, I had issues as well with installing PlagueOS from their ISO.
However, the 2nd method(use Void Live ISO to clone Git repo and install)
worked for me. It doesn't look like they have any extra integration with
the system except what virt-manager provides.

Qubes OS is indeed great with this, I probably wouldn't use it so much
if it didn't provide that integration. Managing files across different
VM's can still be a fuss sometimes, so your plans for Spectrum to allow
multiple VM's to work on the same file sounds very nice.

Another project, Subgraph Citadel, seemed to have VM integration, at
least Qubes style GUI virtualization with colored border windows, but
unfortunately it looks like development stopped.