After having run Qubes OS 4.1 for a couple of weeks, mainly to enable a way to separate my work and private content, I realized that I could actually solve the same thing with two accounts on a normal Linux operating system, while avoiding some of the annoyances and limitations I experienced with Qubes, as detailed in the linked blog post.

Here I jot down some random notes from when doing this.

See especially the end for info about how to set up a nice integration between the work and private accounts, such that one can e.g. occasionally start the mail client or web browser from the private account from the work one etc.

Caveats when installing Debian 11

• Make sure that an EFI partition is created (when I manually modified the partition table I accidentally deleted it, and had to reinstall to get it created properly again).
• Had to turn off safe boot in BIOS
• Had to set SATA settings to AHCI
• Had to manually create a boot option with the path to \EFI\debian\grubx64.efi in the EFI partition

Instructions for configuring Debian to my liking

• Add current user to sudo
  • Switch user to root
    usermod -aG sudo <username>
  • Log out and back the user
• Uncomment CDROM remotes in /etc/apt/sources.list
• Change default search engine in firefox to duckduckgo
• Replace applications menu with whiskers menu
• Install some packages
  sudo apt install vim git tig tmux curl tree
• Clone rc folder
  git clone https://github.com/samuell/rc.git
• Link rc files
  ln -s rc/.{b,v,t}* .
• Create empty .bash_aliases_local
  touch ~/.bash_aliases_local
• Activate in bashrc
  cat 'if [ -f ~/.bashrc_mods ]; then . ~/.bashrc_mods; fi' >> ~/.bashrc && source ~/.bashrc
• Install vim-plug
  curl -fLo ~/.vim/autoload/plug.vim --create-dirs https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
• Run :PlugInstall in vim
  vim -c ":PlugInstall" -c "qa!"
• In "Keyboard settings > Application shortcuts" add two shortcuts:
  xfce4-popup-whiskermenu # Ctrl+Esc
  xfce4-terminal --drop-down # Super+Space
• Open the terminal with Win+Space, and configure:
  • Set width to 100%
  • Uncheck always show tabs
  • Uncheck show menubar in new windows
  • Configure color to more pastel like colors according to my new method
• In Appearance...
  • Set style to Adwaita-dark
  • Set fonts to Adwaita
  • Set main font to Sans Regular 8
  • Let main monospace font be Monospace Regular 10
• In terminal preferences, set font to Monospace Regular 10
• In Window manager, set shortcuts:
  • Tile window up/down/left/right : Super up/down/left/right
  • Move window Ctrl+Alt+F
  • Resize window Ctrl+Alt+R
• Install and configure Brave browser
• Encrypt home folder

Set up separate work and private accounts

• Create the separate accounts
• Encrypt folder of both

In order to run private commands from the work account and vice versa:

• Make sure both users are logged in on the system (so that home folders are unencrypted)
• Run:
  xhost local:<other-user>; sudo -i -u <other-user>
• Now you have a terminal for the other user, and can start applications such as Thunderbird:
  thunderbird &