noobified the hypervisor setup

opsec/hypervisorsetup/index.html

@@ -104,41 +104,6 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-<!--          <h2><b>Host OS Hardening</b></h2> </br> </br>
-<p>Now that we're in our host OS, let's do a few basic things to harden it:</p>
-<pre><code class="nim">
-su -
-apt update ; apt full-upgrade ; apt install --no-install-recommends sudo adduser curl apt-transport-tor tor torsocks
-
-usermod -aG sudo nihilist
-
-[user ~]%:~$ sudo apt update -y ; sudo apt full-upgrade -y 
-	
-</code></pre>
-<p>Next, we make sure that unattended upgrades are activated so that minor package updates are automatically carried out by the system.</p>
-<pre><code class="nim">
-[user ~]%:~$ sudo apt install unattended-upgrades apt-listchanges -y
-[user ~]%:~$ sudo dpkg-reconfigure -plow unattended-upgrades
-	
-</code></pre>
-<img src="9.png" class="imgRz">
-<p>Next, we're going to trim out what we don't need from our Host OS. First and foremost, let's get rid of all the logs (both system and kernel logs) on the system. </p>
-<pre><code class="nim">
-[user ~]%:~$ su -
-root@debian:~# crontab -e # run it as the root user!
-
-* * * * * echo "" > /var/log/*.log /var/log/*/*.log /var/log/*/*/*.log  ; dmesg -c ; dmesg -n 1 ; dmesg -c 
-0 * * * *  apt clean -y ; apt autoremove -y  
-
-#also uncomment the kernel.printk line in /etc/sysctl.conf to avoid the kernel from printing out errors
-
-root@debian:~# vim /etc/sysctl.conf
-
-root@debian:~# cat /etc/sysctl.conf | grep printk
-kernel.printk = 3 4 1 3
-	
-</code></pre>
-<p>Like so we're making sure that logfiles, and that kernel output is minutely cleared</p>-->
           <h2><b>Virtualisation setup</b></h2> </br> </br>
 <p>Next <b>we do not virtualize anything using closed-source software</b> like VMWare Workstation or else. <b>We use QEMU/KVM with virt-manager, which is an open source hypervisor</b>:</p>
 <pre><code class="nim">
@@ -149,15 +114,23 @@ sudo systemctl enable --now libvirtd
 [user ~]%:~# sudo usermod -a -G libvirt user
 [user ~]%:~# sudo usermod -a -G kvm user
 
+</code></pre>
+<p>Next we're going to use vim (which is a terminal-based text editor) to edit the libvirtd config files, that is to make sure that we can create and edit vms without requiring to type the admin password every time. <b>From inside vim you need to press i to enter insert mode (to be able to actually edit the file contents)</b>, then you can edit the mentionned lines to mention the libvirt group and the "user" username, <b>then press ESC to exit insert mode, and then type :wq to save your edits and exit the config files:</b></p>
+<pre><code class="nim">
 [user ~]%:~# sudo vim /etc/libvirt/libvirtd.conf 
-[user ~]%:~# cat /etc/libvirt/libvirtd.conf  | grep sock_group
+
 unix_sock_group = "libvirt"
 unix_sock_rw_perms = "0770"
 
-[user ~]%:~#  cat /etc/libvirt/qemu.conf
+:wq
+
+[user ~]%:~# sudo vim /etc/libvirt/qemu.conf 
+
 group = "libvirt"
 user = "user"
 
+:wq
+
 [user ~]%:~# systemctl restart libvirtd.service
 
 [user ~]%:~# virt-manager
@@ -177,6 +150,7 @@ user = "user"
 	
 [user ~]%:~$ sudo chown nihilist:libvirt -R VMs
 [user ~]%:~$ sudo chown nihilist:libvirt -R ISOs
+
 </code></pre>
 
 <p>Then you can add the file directories in virt-manager like so:</p>