QubesOS Contrib Package
PROJECT
Part of: BusKill
Fiscal Host: Open Source Collective
This funding is available as a bounty for compensation towards the effort to create an officially accepted BusKill package on QubesOS
About
QubesOS Contrib Package
This funding is available as a bounty for compensation towards the effort to create an officially accepted BusKill package on QubesOS.
Why?
BusKill is currently supported on QubesOS, but the install process is time-consuming, complicated, and less safe (vulnerable to user-error and requires trusting unsigned text guides on the internet).
1. https://www.buskill.in/qubes-os/
2. https://www.buskill.in/qubes-disarm/
The purpose of this project is to make it easier (and safer) to install BusKill on QubesOS.
1. https://www.buskill.in/qubes-os/
2. https://www.buskill.in/qubes-disarm/
The purpose of this project is to make it easier (and safer) to install BusKill on QubesOS.
Bounty Reward
To receive the bounty for developing a contrib package for BusKill on QubesOS, you must submit the deliverables that meet the acceptance criteria below.
The bounty will be the full value of the funds available in this project, minus transaction and administration fees.
The bounty will be the full value of the funds available in this project, minus transaction and administration fees.
Deliverables
The deliverable of this project should be a contrib package that has been accepted by the QubesOS devs as an official contrib package, such that (after a fresh install of the latest stable QubesOS), a user can install BusKill with one install command:
sudo qubes-dom0-update buskill
For additional requirements, please see Acceptance Criteria below.
Acceptance Criteria
The following acceptance criteria must be met in order to receive the bounty reward:
1. The deliverable should be tested & functional on the latest stable version of QubesOS (v4.3 at the time of writing)
2. Installing the BusKill contrib package should require the user to execute just one command after a fresh install of the latest stable version of QubesOS.
3. After installing the BusKill contrib package, the QubesOS system should be modified as described in these two guides [a] https://www.buskill.in/qubes-os/ [b] https://www.buskill.in/qubes-disarm/
4. One modification to [a] should be made: the `buskill.rules` files should be changed such that BusKill triggers on removal of any USB device. This change means the “ENV{ID_MODEL}” attribute should be removed from all lines in this file.
5. After installing BusKill on QubesOS, the default trigger (already enabled after install) should be to lock the screen. This install process must not require users to edit files on dom0 or VMs.
1. The deliverable should be tested & functional on the latest stable version of QubesOS (v4.3 at the time of writing)
2. Installing the BusKill contrib package should require the user to execute just one command after a fresh install of the latest stable version of QubesOS.
3. After installing the BusKill contrib package, the QubesOS system should be modified as described in these two guides [a] https://www.buskill.in/qubes-os/ [b] https://www.buskill.in/qubes-disarm/
4. One modification to [a] should be made: the `buskill.rules` files should be changed such that BusKill triggers on removal of any USB device. This change means the “ENV{ID_MODEL}” attribute should be removed from all lines in this file.
5. After installing BusKill on QubesOS, the default trigger (already enabled after install) should be to lock the screen. This install process must not require users to edit files on dom0 or VMs.
6. The install should work when `sys-usb` has a fedora-based TemplateVM and also where `sys-usb` has a debian-based TemplateVM
7. After installing BusKill on QubesOS, the keyboard shortcut (ctrl+shift+d) should be configured to execute `qvm-run sys-usb buskill-disarm.sh` (as described in [b] above)
8. It should just require the user to edit a file and update udev rules (two commands total) in order to change between lockscreen, reboot, and self-destruct triggers (as described in the “Customization” section in [a] above)
9. Uninstalling the BusKill contrib package should require the user to execute just one command. This should delete all of the installed files and update the udev configuration.
10. The repo should have a `README.md` file that explains what BusKill is, what this repo is for, what commands a Qubes user needs to run to install this package, what commands a Qubes user needs to run to uninstall this package, and how a user can configure BusKill after install (to change between lockscreen, hard reboot, and self-destruct). It should also include a disclaimer section that’s very clear about the dangers of irrevocable data loss when using the self-destruct trigger.
11. The `README.md` file should include a section titled "License" which contains the following contents (you may modify the year add your name to the copyright, but it must indicate that the contents of the repo are dual-licensed with the GNU GPL v3 and CC BY-SA licenses) https://github.com/buskill/buskill-app?tab=readme-ov-file#license
12. The repo should include a `LICENSE` file at its root, which should contain the following contents https://github.com/BusKill/buskill-app/blob/master/LICENSE
13. Your qubes contrib package must be accepted by the BusKill dev team. It is your responsibility to test the package and make modifications to it, as required by the BusKill devs, in order for your PR to be merged.
14. Your qubes contrib package must be accepted by the QubesOS dev team as an official Qubes contrib package. It is your responsibility to test the package and make modifications to it, as required by the QubesOS devs, in order to meet their inclusion criteria for acceptance as an official package. For more info, see https://doc.qubes-os.org/en/latest/developer/general/package-contributions.html
8. It should just require the user to edit a file and update udev rules (two commands total) in order to change between lockscreen, reboot, and self-destruct triggers (as described in the “Customization” section in [a] above)
9. Uninstalling the BusKill contrib package should require the user to execute just one command. This should delete all of the installed files and update the udev configuration.
10. The repo should have a `README.md` file that explains what BusKill is, what this repo is for, what commands a Qubes user needs to run to install this package, what commands a Qubes user needs to run to uninstall this package, and how a user can configure BusKill after install (to change between lockscreen, hard reboot, and self-destruct). It should also include a disclaimer section that’s very clear about the dangers of irrevocable data loss when using the self-destruct trigger.
11. The `README.md` file should include a section titled "License" which contains the following contents (you may modify the year add your name to the copyright, but it must indicate that the contents of the repo are dual-licensed with the GNU GPL v3 and CC BY-SA licenses) https://github.com/buskill/buskill-app?tab=readme-ov-file#license
12. The repo should include a `LICENSE` file at its root, which should contain the following contents https://github.com/BusKill/buskill-app/blob/master/LICENSE
13. Your qubes contrib package must be accepted by the BusKill dev team. It is your responsibility to test the package and make modifications to it, as required by the BusKill devs, in order for your PR to be merged.
14. Your qubes contrib package must be accepted by the QubesOS dev team as an official Qubes contrib package. It is your responsibility to test the package and make modifications to it, as required by the QubesOS devs, in order to meet their inclusion criteria for acceptance as an official package. For more info, see https://doc.qubes-os.org/en/latest/developer/general/package-contributions.html
How to claim this Bounty
- Read this page completely, and understand fully the deliverables, acceptance criteria, etc.
- Let us know that you'd like to work on this by submitting a proposal as a comment in the following ticket: https://github.com/BusKill/buskill-app/issues/106
- Work with the BusKill team to finalize plans for the best implementation. Proposals will be judged on their maintainability, design quality, and adherence to acceptance criteria. Note that other developers may submit competing proposals at this time as well.
- If your proposal is accepted, the ticket will be assigned to you, and you may proceed.
- Fork the following repo https://github.com/BusKill/buskill-qubes-contrib
- Update the repo as needed to implement the Qubes Contrib package.
- When ready, you’ll need to work with both BusKill devs and QubesOS devs. First, submit a PR to the forked repo source. Work with the BusKill dev team to complete the PR https://github.com/BusKill/buskill-qubes-contrib
- After the BusKill team accepts your PR, you’ll need to submit it to Qubes, following this guide https://doc.qubes-os.org/en/latest/developer/general/package-contributions.html
- After Qubes accepts it and the Deliverables are met (meeting all of the Acceptance Criteria above), you can submit an expense for receiving the bounty reward.
Deadlines
Telling us that you're working on the above ticket (#3) is critical for the process of winning this bounty. We will assign the ticket to you, and you will have exclusive claim to the bounty while the ticket is assigned to you. However, If you don't make any meaningful commits for 2-weeks, we will unassign the ticket, you will no longer be eligible for the bounty, and the bounty will again become available to the general public.
To avoid loosing the bounty, we recommend that you make at least a few comments every week on your assigned GitHub issue, which describes your progress and blockers as you work on the implementation.
Experience Required
We recommend that you have the following experience to work on this bounty:
1. You should have experience with QubesOS, Xen, and the idea of dom0 and compartimentalization of usb devices via the sys-usb VM.
2. You should have read and followed the following guides, to be familiar with how to manually install and use BusKill on QubesOS: [a] https://www.buskill.in/qubes-os/ [b] https://www.buskill.in/qubes-disarm/
3. You should be familiar with QubesOS development, specifically qubes-builder v2 https://github.com/QubesOS/qubes-builderv2/
4. You should be familiar with git and have an account on GitHub
5. You should be familiar with udev, yaml, debian, and fedora
6. Experience with python, shell, and perl are a plus
7. You should be familiar with `make` and how to build rpm and deb install files
8. You should have read and be familiar with the qubes contrib requirements for acceptance https://doc.qubes-os.org/en/latest/developer/general/package-contributions.html
9. You need a USB device. You do not need a BusKill cable. Any usb device will work for testing.
10. You should have command of English. Communication with the BusKill project devs and the QubesOS project devs on GitHub will be done in English
11. You should be able to generate an invoice to submit an expense on Open Collective https://docs.oscollective.org/for-hosted-member-projects/spending-money-and-getting-paid/invoice-and-reimbursement-examples
12. You should have an eligible bank account or PayPal, to satisfy the requirements to be paid via Open Collective https://docs.oscollective.org/for-hosted-member-projects/spending-money-and-getting-paid/expense-policies-and-limitations#methods-of-payment
1. You should have experience with QubesOS, Xen, and the idea of dom0 and compartimentalization of usb devices via the sys-usb VM.
2. You should have read and followed the following guides, to be familiar with how to manually install and use BusKill on QubesOS: [a] https://www.buskill.in/qubes-os/ [b] https://www.buskill.in/qubes-disarm/
3. You should be familiar with QubesOS development, specifically qubes-builder v2 https://github.com/QubesOS/qubes-builderv2/
4. You should be familiar with git and have an account on GitHub
5. You should be familiar with udev, yaml, debian, and fedora
6. Experience with python, shell, and perl are a plus
7. You should be familiar with `make` and how to build rpm and deb install files
8. You should have read and be familiar with the qubes contrib requirements for acceptance https://doc.qubes-os.org/en/latest/developer/general/package-contributions.html
9. You need a USB device. You do not need a BusKill cable. Any usb device will work for testing.
10. You should have command of English. Communication with the BusKill project devs and the QubesOS project devs on GitHub will be done in English
11. You should be able to generate an invoice to submit an expense on Open Collective https://docs.oscollective.org/for-hosted-member-projects/spending-money-and-getting-paid/invoice-and-reimbursement-examples
12. You should have an eligible bank account or PayPal, to satisfy the requirements to be paid via Open Collective https://docs.oscollective.org/for-hosted-member-projects/spending-money-and-getting-paid/expense-policies-and-limitations#methods-of-payment
Additional Notes
BusKill installed on QubesOS is done with udev rules. It does not involve the BusKill GUI app. A GUI is out-of-scope for this project.
Please be aware that the final payout will be less than the advertised bounty reward, due to payment processing and administrative fees.
Please be aware that you are not guaranteed any compensation or credit for working on this project, and that bounties are not a contractual agreement. Submissions are built upon mutual trust and goodwill between the two parties.
Please only submit work that is your own and that you have the legal right to submit as your own. Do not use anything owned by another person or entity.
Please be aware that the final payout will be less than the advertised bounty reward, due to payment processing and administrative fees.
Please be aware that you are not guaranteed any compensation or credit for working on this project, and that bounties are not a contractual agreement. Submissions are built upon mutual trust and goodwill between the two parties.
Please only submit work that is your own and that you have the legal right to submit as your own. Do not use anything owned by another person or entity.
Our team
Contribute
Become a financial contributor.