Kicksecure ™

Download

On Computer USB Installation Debian morph to Kicksecure Windows (VM) Linux (VM) Mac (VM) VirtualBox (VM) KVM (VM) Qubes (VM) More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print VersionDebug Helper Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Kicksecure Qubes OS related development documentation.

NOTE: This documentation is incomplete.

Building the Template Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Building_the_Template Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes#Building_the_Template|Building the Template]]
Copy as Wikitext Click = Copy Copied to clipboard! [Building the Template](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Building_the_Template)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Building the Template](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Building_the_Template)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Building_the_Template]Building the Template[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure has a Qubes OS template available that can be built and installed using qubes-builderv2. This can be used to install Kicksecure into Qubes OS without having to use distribution morphin.

WARNING: The Kicksecure Qubes OS template is still in development and may be unstable or have problems. Use at your own risk.

Setting up qubes-builderv2 Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Setting_up_qubes-builderv2 Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes#Setting_up_qubes-builderv2|Setting up qubes-builderv2]]
Copy as Wikitext Click = Copy Copied to clipboard! [Setting up qubes-builderv2](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Setting_up_qubes-builderv2)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Setting up qubes-builderv2](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Setting_up_qubes-builderv2)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Setting_up_qubes-builderv2]Setting up qubes-builderv2[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

It is recommended to use Fedora-based qubes for building the Kicksecure template.

Determine which Fedora template is used for the default-dvm DVM template. We will assume it is fedora-40-xfce in this document.

Installing dependencies Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_dependencies Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes#Installing_dependencies|Installing dependencies]]
Copy as Wikitext Click = Copy Copied to clipboard! [Installing dependencies](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_dependencies)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Installing dependencies](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_dependencies)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_dependencies]Installing dependencies[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Launch a terminal in the fedora-40-xfce template. Install all dependencies for qubes-builderv2 into the template. The dependencies are listed at https://github.com/QubesOS/qubes-builderv2/blob/main/dependencies-fedora.txt. Also ensure git is installed using sudo dnf install git. Shut down the template when you are complete.

Prepare qubes Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Prepare_qubes Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes#Prepare_qubes|Prepare qubes]]
Copy as Wikitext Click = Copy Copied to clipboard! [Prepare qubes](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Prepare_qubes)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Prepare qubes](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Prepare_qubes)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Prepare_qubes]Prepare qubes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

WARNING: It is not recommend to reuse an existing AppVM for running the template build. You will be transferring the built template to dom0 and installing it when you are complete. If your AppVM used for running the builder is compromised, the template may become compromised as well. Templates are simply RPM packages, meaning they can run arbitrary code as root during installation. This means that a compromised template can and probably will compromise dom0. To reduce the risk of this happening, you should use a fresh AppVM for the build process.

Create a new AppVM for running qubes-builderv2. You can this qube anything you want, we will call it work-qubesos in this document. Using Qube Manager, set the private disk space for work-qubesos to something reasonably large, 32 GB should work.

Clone the default-dvm template and name it qubes-builder-dvm. This DVM template will be used for fetching and building code. Once the template is cloned, adjust its settings with Qubes Manager and increase the private storage space to at least 30 GB (more is preferable). Once that's done, start a terminal in the template and install the list of packages at https://github.com/QubesOS/qubes-builderv2/blob/main/dependencies-fedora-qubes-executor.txt. (Note: Make very sure you launched the template, not a new DispVM!) Do not shut down the template yet, we will make more changes to it shortly.

Open a dom0 terminal and run sudo nano /etc/qubes/policy.d/50-qubesbuilder.policy. Type the contents of https://github.com/QubesOS/qubes-builderv2/blob/main/rpc/policy/50-qubesbuilder.policy into this file. (Note: If you have chosen names other than work-qubesos or qubes-builder-dvm for your qubes, you will have to adjust this configuration file to specify the correct VM names.) Save your changed with Ctrl+S and exit with Ctrl+X.

In the still-running qubes-builder-dvm template, run sudo mkdir -p /rw/bind-dirs/builder /rw/config/qubes-bind-dirs.d. Then run sudo nano /rw/config/qubes-bind-dirs.d/builder.conf and type binds+=('/builder') into this file. Save and close the file when this is done. Next, run sudo nano /rw/config/rc.local and add the command mount /builder -o dev,suid,remount to the file. Once this is done, shut down the template.

In a dom0 terminal, run qvm-prefs work-qubesos default_dispvm qubes-builder-dvm.

Finally, start the work-qubesos AppVM, and ensure that the Qubes Master Signing Key is imported and set to trust level ultimate. If it isn't, All needed configuration for running qubes-builderv2 should now be complete.

Installing qubes-builderv2 Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_qubes-builderv2 Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes#Installing_qubes-builderv2|Installing qubes-builderv2]]
Copy as Wikitext Click = Copy Copied to clipboard! [Installing qubes-builderv2](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_qubes-builderv2)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Installing qubes-builderv2](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_qubes-builderv2)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862#Installing_qubes-builderv2]Installing qubes-builderv2[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Ensure that fedora-40-xfce, qubes-builder-dvm, and work-qubesos are all shut down. This is to make sure all changes made to the templates apply to any new AppVMs and DispVMs that will be launched during the build process.

Start work-qubesos and open a terminal in it. Clone the qubes-builderv2 repository using git clone https://github.com/QubesOS/qubes-builderv2.git.

TODO: finish this

Kicksecure A secure by default operating system with the latest security research in place. Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862 Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Dev%2FQubes|Dev/Qubes - Kicksecure]]
Copy as Wikitext Click = Copy Copied to clipboard! [Dev/Qubes - Kicksecure](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Dev/Qubes - Kicksecure](https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Dev%2FQubes?direction=next&oldid=88862]Dev/Qubes - Kicksecure[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!