[qubes-users] Re: Connect to LAN while VPN is running?
On Sunday, September 17, 2017 at 5:56:44 PM UTC+2, Stumpy wrote: > I have noticed that I can't connect to my home server on my LAN when the > VPN vm is running, or at least can't connect to the LAN using AppVMs > that are using the VPN netvm. > > Is there a way I can make an exception or something similar to make it > so that at least a few of my AppVMs can access the lan? AppVM1-->Proxy VPN VM>sys-firewall>sys-net--->Router--->Internet | | AppVM2- --->Home server >From AppVM2 you can connect to Home Server. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4e286cac-0bdf-4b91-80d4-59df447e50b6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Fixing BOOT of Qubes OS
On Friday, September 15, 2017 at 11:31:33 PM UTC+2, Stanislav Serdyuk wrote: > Good afternoon, > > > > > > I had working qubes OS, everything worked as it should, and then I installed > ubuntu on separate partition > > > > Ubuntu replaced Qubes bootloader with GRUB and now I cannot make Qubes > working again > > > > > > Qubes OS is located on encrypted partition, I can see it when I am inserting > Qubes Install USB (boot located on sda3) > > > > > > On qubes website I can see how to fix it if it's UEFI, but in my case it's in > legacy boot > > > > > > I can load rescue mode, and it is locating qubes os on partition and I have > ability to mount /mnt/sysimage > > > > > > I am not that professional to fix it further, I hope you can help me, please > advise how to fix it. > > > > > > I would simply reinstall Qubes, but I have important files inside of old > system. > > > > > > You are the great guys, and I really appreciate the work you are doing for us > - simple users. > > > > > Thank you > > > > And have a good day Remember you make it at your own risk! 1)Install Qubes in other hard disk or partition (In this option before you do anything clone your hard disk.). 2)In new Qubes create AppVMs on this same names, configurations and templates as in old Qubes. 3)In new Qubes delete private.img for all AppVMs in folder "/var/lib/qubes/appvms". 4)Copy private.img for all AppVMs in folder "/var/lib/qubes/appvms" from old Qubes to new Qubes. In the future remember to make a backup! You were very lucky that Ubuntu installator did not overwrite your LUKS partition, because then it would be "game over". -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6da65f25-c15b-4a32-bdc7-c830718e642d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes OS 4.0 without IOMMU
On Friday, September 15, 2017 at 11:44:58 PM UTC+2, Marek Marczykowski-Górecki wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Fri, Sep 15, 2017 at 08:58:22AM -0700, damm swing wrote: > > On Friday, September 15, 2017 at 12:42:12 AM UTC+2, Damm Swing wrote: > > > On Thursday, September 14, 2017 at 11:12:26 PM UTC+2, Yethal wrote: > > > > W dniu czwartek, 14 września 2017 21:22:52 UTC+2 użytkownik damm swing > > > > napisał: > > > > > Hello, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Will it be possible to use the final version of Qubes OS 4.0 (at your > > > > > own risk) on hardware without IOMMU (only with SLAT)? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Regards > > > > > > > > PCI assignment won't work without IOMMU so no sys-net and no sys-usb > > > > > > Is there no way to force PV mode in PCI VMs? > > > > I found some sentence about that: "The new Core Stack allows one to do this > > with the flip of a switchproperty" > > https://www.qubes-os.org/news/2017/07/31/qubes-40-rc1/ > > Yes, it is possible to switch sys-net and sys-usb to PV, but even for PV > IOMMU makes a great difference. See here: > https://www.qubes-os.org/doc/user-faq/#can-i-install-qubes-on-a-system-without-vt-d > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJZvEnSAAoJENuP0xzK19csQ4EH/1feU2j6eYUvRN0WBlwDtYdb > 8PvF3Qk/nXuYRIzBjQ2ykHc6MsX4YQdvRU1gI90JdHX+5y6PSrKGGm8O5AWxhRp6 > Xl1Ev5Xs5vV8wCjcYp9FVpMmD+aGx06CtHaWkhQkMe7rhSxcoxASBZiMNvCl/kWC > D4wZ2Hvg5Fp3LqiEHfx3Kei8OSqnd/UaVRnLcMSkQ4B64ilkJbT036AbNNYCN0wW > saTSOxzEHzSrLvBvBm50n7v7f+jJCxnGPeeWxdW9dWXyXdAThTiKk/RtYp+0ZYv3 > /FNdvNhJ24kjF7KE1NffHGVoYY4veoGISfV/TSeQ86GIjxF98yaV0ji0UonRYIo= > =aHth > -END PGP SIGNATURE- Thank you for your answer. By the way, is it possible that some AppVM could compromise NetVM (e.g. by a hypothetical bug in Xen net backend) and then use the DMA attack? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7f8d45cb-653a-4735-9307-b3d4ce54c101%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes OS 4.0 without IOMMU
On Friday, September 15, 2017 at 12:42:12 AM UTC+2, Damm Swing wrote: > On Thursday, September 14, 2017 at 11:12:26 PM UTC+2, Yethal wrote: > > W dniu czwartek, 14 września 2017 21:22:52 UTC+2 użytkownik damm swing > > napisał: > > > Hello, > > > > > > > > > > > > > > > > > > Will it be possible to use the final version of Qubes OS 4.0 (at your own > > > risk) on hardware without IOMMU (only with SLAT)? > > > > > > > > > > > > > > > > > > Regards > > > > PCI assignment won't work without IOMMU so no sys-net and no sys-usb > > Is there no way to force PV mode in PCI VMs? I found some sentence about that: "The new Core Stack allows one to do this with the flip of a switchproperty" https://www.qubes-os.org/news/2017/07/31/qubes-40-rc1/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1a535519-9b3b-49b4-ac50-bf79daa62b0f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes OS 4.0 without IOMMU
Hello, Will it be possible to use the final version of Qubes OS 4.0 (at your own risk) on hardware without IOMMU (only with SLAT)? Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/trinity-7bc4b58c-de1d-4138-8d39-bedffb81254d-1505416969553%403c-app-mailcom-lxa14. For more options, visit https://groups.google.com/d/optout.
