-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/01/2017 01:02 PM, Marek Marczykowski-Górecki wrote: > On Tue, Aug 01, 2017 at 11:25:11AM +0200, Zrubi wrote:
>> - The isntall process is really looooong. Not debugged jet but >> the creating initramfs seems to be running forever. But at least >> was successfull at the end :) > > Is it just about initramfs and "post installation tasks" - compared > to the whole installation time? There may be some bug causing > initramfs being generated twice (or more...) - I think I've fixed > something like this before, but maybe not all the places. Yes, this is the case. But have no time to install it again and again to identify the root cause :( > >> - the missing Qubes Manager is a pain. - the 'replacement' in the >> task bar is small and buggy: the tooltip? like thing is randomly >> shirk to unusable. But too samll in general. I have 40 vm's right >> now. > > What do you mean by "randomly shirk to unusable"? Can you provide > a screenshot? #2970 > What do you mean? Domains widget is specifically there to show you > VM status. Can't see the networking stuff. The most important is (at least for me) the actual NetVM used by a Qube. >> - the 'new' Qubes firewall solution causing more confusions. - >> mixed iptables and nftables? why? > > What do you mean by mixed? Setting for VMs are applied using > nftables if supported (Fedora), or iptables when not (Debian). Not > both. the default "self defending rules" are Iptables based, the VM traffic forwarding rules are nftables based. Custom firewall scripts now have to handle both. My opinion that there is no real need for nftables until it can really replace iptables. We are using just a really few rules here and the VM based chains achievable by iptables too. BTW: I plan to continue the L7 filtering thing I started to play with. Can you point the related documentation - if any - or at least the VM side code processing the Qubes firewall rules please? >> - even if Allow is the default policy I see a DROP rule at the >> end. Why? :o > > To fail closed - if something goes wrong, there will be that DROP > rule at the end anyway. :) It should be decided by the user, by selecting default policy. IMHO Qubes should not try to override the user decisions. >> - the default login screen is just ugly. I know that this is not >> the first priority, and not even a technical issue. But new users >> will see that ugly thing first. So it's should be a Qubes skinned >> one. at least. > > Hmm, I do see Qubes logo in the background there. Do you have > something different? Nope, I see the qubes backround. :) But still feels like a bare naked login screen. IMHO this should be just as important as the Qubes boot (splash) screen. - -- Zrubi -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZhFaWAAoJEH7adOMCkunmwEwQAIbwUTS/qKwczyhclNTPRknb lSNTH9xPuh44fx3Iql+cwU6EpcDRvTswTZ0uuMsrCE5vk1XsZlgyRbJSL5n0Nmof Ax+x6nMoEiOo3pbKOYRmqc5SmWCdi6rUbHRYmOa0eij7+rvdStAD6opca5x8lhkO rStnTKVMTQSSYk/BHT7V2P27tChDAiD2ahB3tvi00SrszhHGrxW/oZ/8RPwkHEWi XEdsqEqJWDS1BkR85IYV0bzoED/uDEtfNqMzPpvAaIORDGdClQi6Ky31BR7dxJRZ o3ngKj9F/lvOd/1HYeD2bErB/y5LJSzgX/18lMiaA+CJa3cXwjzGMEuho7Hra0dK ts1G5bfBDomHfriQElXhspggsleHV+V0aQJnMKd4gGfY0/5/h+xgeUMi/RevVScX nCDvjguDJoktoUQXK8dgt5hwauvPWsSTyJjk5h9I94ij9hMGkbfRzwA+2gEriZw/ g8Dl3WGzm3kX5aOzO9S3CqKY2bQoJwWTO11q9VcjfdE3Qtnu7Y44ECa3bi59B1AD UMc2RQEs9RZ37hUXd5Yfdj68fTD1qCuTX0NRBwxGddT/tOZYXvwEUjs8HqXsM2qf mRGspB/OnHZ2F48J1q6uE4JE+Hyap1lJeSgXaUKpMtzvLBwQTC8v/v5wF8j581ao vwPw7/gGelMGQ4qIAS6S =zTfv -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bdecc032-8cf8-047d-6cd9-f02c42ee9c56%40zrubi.hu. For more options, visit https://groups.google.com/d/optout.