From 02738ed385eda797a42b77ce83f3f3e36ddee902 Mon Sep 17 00:00:00 2001
From: viq <vicviq@gmail.com>
Date: Sun, 13 May 2018 21:56:33 +0200
Subject: [PATCH] Randomize MAC address in sys-net

Following instructions from
https://www.qubes-os.org/doc/anonymizing-your-mac-address/ and
https://www.qubes-os.org/doc/bind-dirs/
---
 qvm/randomize-mac.sls | 45 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 qvm/randomize-mac.sls

diff --git a/qvm/randomize-mac.sls b/qvm/randomize-mac.sls
new file mode 100644
index 0000000..23503e9
--- /dev/null
+++ b/qvm/randomize-mac.sls
@@ -0,0 +1,45 @@
+# -*- coding: utf-8 -*-
+# vim: set syntax=yaml ts=2 sw=2 sts=2 et :
+
+##
+# qvm.ramdomize-mac
+# =================
+#
+# Sets sys-net to randomize MAC address as per
+# https://www.qubes-os.org/doc/anonymizing-your-mac-address/
+#
+# Execute:
+#   qubesctl state.sls qvm.randomize-mac sys-net
+##
+
+NetworkManager bind-dir config:
+  file:
+    - managed
+    - name: /rw/config/qubes-bind-dirs.d/68_networkmanager.conf
+    - makedirs: True
+    - user: root
+    - group: root
+    - mode: 0644
+    - contents:
+      - binds+=( '/etc/NetworkManager/conf.d/' )
+
+NetworkManager persistent directory:
+  file:
+    - directory
+    - name: /rw/bind-dirs/etc/NetworkManager/conf.d/
+    - makedirs: True
+
+NetworkManager MAC config:
+  file:
+    - managed
+    - name: /rw/bind-dirs/etc/NetworkManager/conf.d/mac.conf
+    - contents: |
+        [device]
+        wifi.scan-rand-mac-address=yes
+
+        [connection]
+        wifi.cloned-mac-address=stable
+        ethernet.cloned-mac-address=stable
+        connection.stable-id=${CONNECTION}/${BOOT}
+    - require:
+      - file: NetworkManager persistent directory