Deploy NetworkManager randomized mac configuration file under an already configured sys-net

[tlaurion]

Hey @marmarek @SkypLabs,

I am looking into deploying a NetworkManager configuration file under sys-net for it to randomize macs, since QubesOS didn't choose to deploy it by default. That is based on this

I'm reading how to deploy this but didn't figured out how to do it for already configured AppVMs.

Content of the files would be/etc/NetworkManager/conf.d/randomized_macs.conf:

[device]
wifi.scan-rand-mac-address=yes

[connection]
wifi.cloned-mac-address=random
ethernet.cloned-mac-address=random
connection.stable-id=${CONNECTION}/${BOOT}

User can then change the mac configuration for known networks, keeping the randomized mac stable if desired.

Any idea how a salt formula would look like?

[SkypLabs]

Actually, I had already planned to implement it 😃

Any idea how a salt formula would look like?

Yes. I will do it when I will find a moment.

[tlaurion]

@SkypLabs discussion happened here

So I believe this would look something like https://github.com/viq/qubes-mgmt-salt-dom0-virtual-machines/commit/02738ed385eda797a42b77ce83f3f3e36ddee902 No, I did not test it, and I'm not sure how to tie it in with the master_tops system, as the other *.top files present in this directory.

[SkypLabs]

Thanks @tlaurion for the link and your support in this project :smile:

I'm pretty busy these days so don't worry if I don't answer you straight away but I take all your comments into account :+1:

[tlaurion]

@viq : How would your recipe be applied? Commented here

[tlaurion]

@unman?

[tlaurion]

Upstreamed under accessible security nlnet grant.