2017-05-11 20:20:55 +02:00
|
|
|
.. program:: qvm-features
|
|
|
|
|
|
|
|
:program:`qvm-features` -- manage domain's features
|
|
|
|
===================================================
|
|
|
|
|
|
|
|
Synopsis
|
|
|
|
--------
|
|
|
|
|
|
|
|
:command:`qvm-features` [-h] [--verbose] [--quiet] *VMNAME* [*FEATURE* [*VALUE*]]
|
|
|
|
|
|
|
|
Options
|
|
|
|
-------
|
|
|
|
|
|
|
|
.. option:: --help, -h
|
|
|
|
|
|
|
|
show this help message and exit
|
|
|
|
|
|
|
|
.. option:: --verbose, -v
|
|
|
|
|
|
|
|
increase verbosity
|
|
|
|
|
|
|
|
.. option:: --quiet, -q
|
|
|
|
|
|
|
|
decrease verbosity
|
|
|
|
|
|
|
|
.. option:: --unset, --default, --delete, -D
|
|
|
|
|
|
|
|
Unset the feature.
|
|
|
|
|
|
|
|
Description
|
|
|
|
-----------
|
|
|
|
|
|
|
|
This command is used to manually manage the *features* of the domain. The
|
|
|
|
features are key-value pairs with both key and value being strings. They are
|
|
|
|
used by extensions to store information about the domain and make policy
|
|
|
|
decisions based on them. For example, they may indicate that some specific
|
|
|
|
software package was installed inside the template and the domains based on it
|
|
|
|
have some specific capability.
|
|
|
|
|
|
|
|
.. warning::
|
|
|
|
|
|
|
|
The features are normally managed by the extensions themselves and you should
|
|
|
|
not change them directly. Strange things might happen otherwise.
|
|
|
|
|
|
|
|
Some extensions interpret the values as boolean. In this case, the empty string
|
|
|
|
means :py:obj:`False` and non-empty string (commonly ``'1'``) means
|
|
|
|
:py:obj:`True`. An absence of the feature means "default", which is
|
2017-08-08 21:31:34 +02:00
|
|
|
extension-dependent. In most cases the default value for feature is retrieved
|
|
|
|
from a qube template.
|
|
|
|
|
|
|
|
List of known features
|
|
|
|
----------------------
|
|
|
|
|
|
|
|
.. warning::
|
|
|
|
|
|
|
|
This list of features may be incomplete, because extensions are free to use any
|
|
|
|
values, without registering them anywhere.
|
|
|
|
|
|
|
|
gui
|
|
|
|
^^^
|
|
|
|
|
2018-07-09 20:00:05 +02:00
|
|
|
Qube has gui-agent installed. Setting this feature to :py:obj:`True` enables GUI
|
|
|
|
based on a gui-agent installed inside the VM.
|
|
|
|
See also `gui-emulated` feature.
|
2017-08-08 21:31:34 +02:00
|
|
|
|
2018-07-09 20:00:05 +02:00
|
|
|
If neither `gui` nor `gui-emulated` is set, emulated VGA is used (if
|
|
|
|
applicable for given VM virtualization mode).
|
|
|
|
|
|
|
|
gui-emulated
|
|
|
|
^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Qube provides GUI through emulated VGA. Setting this feature to
|
|
|
|
:py:obj:`True` enables emulated VGA output. Note that when gui-agent connects to
|
|
|
|
actual VM, emulated VGA output is closed (unless `debug` property is set to
|
|
|
|
:py:obj:`True`). It's possible to open emulated VGA output for a running qube,
|
2019-11-17 23:54:05 +01:00
|
|
|
regardless of this feature, using `qvm-start-daemon --force-stubdomain QUBE_NAME`
|
2018-07-09 20:00:05 +02:00
|
|
|
command.
|
|
|
|
|
|
|
|
This feature is applicable only when qube's `virt_mode` is set to `hvm`.
|
|
|
|
See also `gui` feature.
|
|
|
|
|
|
|
|
If neither `gui` nor `gui-emulated` is set, emulated VGA is used (if
|
|
|
|
applicable for given VM virtualization mode).
|
2017-08-10 15:26:55 +02:00
|
|
|
|
2020-06-25 16:30:27 +02:00
|
|
|
gui-\*, gui-default-\*
|
|
|
|
^^^^^^^^^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
GUI daemon configuration. See `/etc/qubes/guid.conf` for a list of supported
|
|
|
|
options.
|
|
|
|
|
|
|
|
To change a given GUI option for a specific qube, set the `gui-{option}`
|
|
|
|
feature (with underscores replaced with dashes). For example, to enable
|
|
|
|
`allow_utf8_titles` for a qube, set `gui-allow-utf8-titles` to `True`.
|
|
|
|
|
|
|
|
To change a given GUI option globally, set the `gui-default-{option}` feature
|
|
|
|
on the GuiVM for that qube.
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
qrexec
|
|
|
|
^^^^^^
|
|
|
|
|
|
|
|
Qube has qrexec agent installed - i.e. it is possible to request staring a
|
|
|
|
command/service in there.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: assume qrexec not installed (do not wait for it while starting the
|
|
|
|
qube)
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
rpc-clipboard
|
|
|
|
^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Use `qubes.ClipboardCopy` and `qubes.ClipboardPaste` qubes RPC services to
|
|
|
|
fetch/send clipboard content from/to this qube, instead of using GUI protocol.
|
|
|
|
This is supported (and required) by Qubes Windows Tools.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: use GUI protocol for clipboard operations
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
no-monitor-layout
|
|
|
|
^^^^^^^^^^^^^^^^^
|
|
|
|
|
2018-03-07 00:34:54 +01:00
|
|
|
When set to :py:obj:`True`, monitor layout is not sent to this qube. That is
|
2017-08-08 21:31:34 +02:00
|
|
|
avoid calling `qubes.SetMonitorLayout` in this qube.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: send monitor layout
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
internal
|
|
|
|
^^^^^^^^
|
|
|
|
|
|
|
|
Internal qubes (with this feature set to :py:obj:`True`) are not included in the
|
|
|
|
menu.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: not internal VM
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
appmenus-legacy
|
|
|
|
^^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Generate legacy menu entries, using `qubes-desktop-run` command inside a VM,
|
|
|
|
instead of `qubes.StartApp` qrexec service. This is used for qubes imported from
|
|
|
|
previous Qubes version.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: new style menu entries, using `qubes.StartApp` service
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
appmenus-dispvm
|
|
|
|
^^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Generate menu entries for starting applications in Disposable VM based on given
|
|
|
|
AppVM, instead of this AppVM directly.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: create menu entries for AppVM itself
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
qubes-firewall
|
|
|
|
^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Setting this to :py:obj:`True` means that qube support enforcing firewall rules
|
|
|
|
set with `qvm-firewall` command.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: assume qubes-firewall not enforced
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
net.fake-ip
|
|
|
|
^^^^^^^^^^^
|
|
|
|
|
|
|
|
Hide the real IP of the qube from it, and configure it with value set to this
|
|
|
|
feature. Note that you can assign the same `net.fake-ip` address to multiple
|
|
|
|
qubes and it shouldn't cause any troubles (unless you want to two such qubes
|
|
|
|
communicate with each other). This feature does not affect address used in
|
|
|
|
firewall rules, routing tables etc.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: do not hide IP (qube's `ip` property) from the qube
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
net.fake-gateway
|
|
|
|
^^^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Hide the real gateway of the qube from it, and configure it with value set to
|
|
|
|
this feature.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: do not hide geteway (qube's `gateway` property) from the qube
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
net.fake-netmask
|
|
|
|
^^^^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Hide the real netmask of the qube from it, and configure it with value set to
|
|
|
|
this feature.
|
|
|
|
|
2017-08-10 15:26:55 +02:00
|
|
|
Default: do not hide netmask (qube's `netmask` property) from the qube
|
|
|
|
|
2017-08-08 21:31:34 +02:00
|
|
|
updates-available
|
|
|
|
^^^^^^^^^^^^^^^^^
|
|
|
|
|
2018-01-05 16:23:02 +01:00
|
|
|
There are updates available. In most cases it is useful to (only) read this
|
|
|
|
feature to check if qube needs to be updated.
|
2017-08-08 21:31:34 +02:00
|
|
|
|
2018-01-05 16:23:02 +01:00
|
|
|
Default/no value: no updates available
|
|
|
|
|
|
|
|
video-model
|
|
|
|
^^^^^^^^^^^
|
|
|
|
|
|
|
|
Choose video card modes emulated by QEMU for this qube. For available values see
|
|
|
|
libvirt documentation about <video><model type=...> element:
|
|
|
|
https://libvirt.org/formatdomain.html#elementsVideo
|
|
|
|
Some systems (Windows) works better with 'cirrus' model set here.
|
|
|
|
|
|
|
|
Default: vga
|
2017-05-11 20:20:55 +02:00
|
|
|
|
2018-02-25 00:12:25 +01:00
|
|
|
pci-e820-host
|
|
|
|
^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Enable e820_host option in Xen domU config if qube has any PCI device assigned.
|
|
|
|
This is option is needed for some PCI device drivers to correctly allocate
|
|
|
|
memory. Refer to Xen documentation for details.
|
|
|
|
|
|
|
|
Default: yes if qube has any PCI device, otherwise no
|
|
|
|
|
2018-07-19 15:25:58 +02:00
|
|
|
linux-stubdom
|
|
|
|
^^^^^^^^^^^^^
|
|
|
|
|
|
|
|
Use Linux-based stubdomain for running device model (qemu). This makes use of
|
|
|
|
recent qemu upstream version. If disabled, use MiniOS-based stubdomain with old
|
|
|
|
qemu fork (aka qemu-traditional). This applies only to `hvm` `virt_mode`, for
|
|
|
|
other modes it is ignored.
|
|
|
|
|
|
|
|
Default: True
|
|
|
|
|
2017-05-11 20:20:55 +02:00
|
|
|
Authors
|
|
|
|
-------
|
|
|
|
|
|
|
|
| Joanna Rutkowska <joanna at invisiblethingslab dot com>
|
|
|
|
| Marek Marczykowski <marmarek at invisiblethingslab dot com>
|
|
|
|
| Wojtek Porczyk <woju at invisiblethingslab dot com>
|
|
|
|
|
|
|
|
.. vim: ts=3 sw=3 et tw=80
|