LogoLogo
  • Software Independence
  • System Security Architecture Description
    • Access Control
    • Artifact Authentication
      • Hashing of Continuously Exported Cast Vote Records
      • Preserving Voter Privacy
    • System Integrity
    • Networking
    • Password and Credential Policies
    • Defense-in-Depth and Least Privilege
    • Cryptography
  • Procedural and Operational Security
  • Known Vulnerabilities
  • Trusted Build
    • Build Machine Configuration
      • Installing Debian 12 to VxBuild
    • Online Phase
    • Offline Phase
    • Final Configuration
      • Secure Boot Signing
    • Installing an Image via vx-iso
      • Preparing USB Installation Drives
      • Installing a VotingWorks Image
      • Machine Configuration Wizard and VxCertifier
      • Verifying an installed image
    • Hash/Checksum Verification
    • Virt Manager - Network Access & Troubleshooting
  • Reliably Detectable Marks
Powered by GitBook
On this page
  • Disabling Network Access
  • Troubleshooting
Export as PDF
  1. Trusted Build

Virt Manager - Network Access & Troubleshooting

Disabling Network Access

By default, newly created VMs have networking enabled. To ensure the offline VM does not have access to the Internet, the networking link is disabled before the VM is ever used. This is accomplished by editing the VMs configuration (found in /etc/libvirt/qemu/offline.xml) and setting the link state to down. This functionality can be seen in the vxsuite-build-system repository, in playbooks/virtmanager/clone-base-vm.yaml.

If an offline VM exists, the XML configuration file is updated to set the link state to down. After that, the offline VM is explicitly re-defined from this updated XML configuration file. These steps always execute, even if the network link state is already set to down.

Any VM cloned from this offline VM will also have a disabled network since those settings are inherited from the original VM.

Troubleshooting

Virt Manager uses a local bridge network to connect to VMs. If you receive an error when starting a VM that says “Error starting domain: Cannot get interface MTU on ‘virbr0: No such device”, run the following command in the terminal on the build machine:

sudo virsh net-start default

You should now be able to return to the VM and start it without issue.

PreviousHash/Checksum VerificationNextReliably Detectable Marks

Last updated 1 year ago