Re: [qubes-users] Bad GPG Signature is Good on 2nd Try?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-05 19:23, entr0py wrote: > Andrew David Wong: >> On 2016-08-05 16:21, entr0py wrote: >>> After downloading Qubes 3.1 iso, I attempted to verify with Release 3 >>> Signing Key: >> >>> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.asc gpg: >>> assuming signed data in `Qubes-R3.1-x86_64.iso' gpg: Signature made Wed >>> 09 Mar 2016 03:40:56 AM UTC gpg:using RSA key >>> 0xCB11CA1D03FA5082 gpg: BAD signature from "Qubes OS Release 3 Signing >>> Key" [unknown] >> >> >>> I verified the hash .DIGESTS: >> >>> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.DIGESTS gpg: >>> Signature made Wed 09 Mar 2016 11:35:48 AM UTC gpg: >>> using RSA key 0xCB11CA1D03FA5082 gpg: Good signature from "Qubes OS >>> Release 3 Signing Key" [unknown] >> >> >>> I compared checksums: >> >>> user@host:~/Downloads$ sha1sum Qubes-R3.1-x86_64.iso >>> 990b7765ee209b42b3cad78673463daae769c729 Qubes-R3.1-x86_64.iso >> >>> user@host:~/Downloads$ cat Qubes-R3.1-x86_64.iso.DIGESTS | grep >>> 990b7765ee209b42b3cad78673463daae769c729 >>> 990b7765ee209b42b3cad78673463daae769c729 *Qubes-R3.1-x86_64.iso >> >> >>> So tried verifying the .iso again: >> >>> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.asc >>> Qubes-R3.1-x86_64.iso gpg: Signature made Wed 09 Mar 2016 03:40:56 AM >>> UTC gpg:using RSA key 0xCB11CA1D03FA5082 gpg: Good >>> signature from "Qubes OS Release 3 Signing Key" [unknown] >> >> >>> What am I missing? Is the 2nd argument necessary even though gpg found >>> the signed data properly the first time? >> >> >> Is it possible that the ISO hadn't completely finished downloading when >> you tried to verify it the first time? >> >> >> > > I don't think so, because then it would have had the .part extension. Is > there a long write after the download completes? > That probably depends on things like your hardware and which filesystem you're using. > RAM / HD limitations? 4.7 GB iso vs 1.0 GB RAM, 10 GB Private storage. > > Not sure it's important but kinda unnerving to be producing different > results :/ > Well, it should only be unnerving if you know with certainty that GnuPG is returning different results on the *exact same* sequence of bits. Since you didn't hash the ISO before the first (failed) verification attempt, we don't have any evidence that that's the case. It's much more likely that the bits changed (e.g., due to write caching, as you suggested). - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXpU/DAAoJENtN07w5UDAwleAP/RHsRdSvgeDMsH/PMmzHuWK2 BNH8vTD2kTb/ojO1XSgJu7jPTs9LJmmTf7+LuO4PqDpnWyssZYXcNDMtEnoojFvi MIdBuRwdUS0ayYX8aUVWG5NF6XhqMhrojGdWiJ1RhvE3had7BbYmTOwNi+JAZF9Y nuQTQYt4mBzOR/z9JfPmd+acfHBXc7TyAB0APKNU42r+wVTJ70vVuWIioXdhtqup F6CgmpspJGxXKkogAtbekIpigRTFOqC9ShADTAY3gKDtSXmHD8jpEQBAJtFvpyNW 9DtkesEjMbbDc7wOutKMk1pT7feb7Zpks7WSnyads6OL+ilWoqdn0NoD43X+K97A 95OwSBnZY3d5uFZcXLY59OdCEOQdeS8jzn8C7rk7Z/3s+P+Cq17mfKD53WHPIglI M9s3ahsI8D+iukNo/KsU+gZJfKWc8rAWi0I7vd4geSd0pGC3sWAPkWsY7IZhRpS+ cOLn7/3qzHoyOr2vU/5rc6LGEMF2sCCicy9Y/EI6HsZKZZYdI6mdaBfqyvrOTpMF XWFE2uOO/+UoHZ6t+ZDkzDOlBZdbhvZmb/UaoGfjHqIjiuYwL5nKdRk4LHP6U0ZK 2je5DW6lOE22M752MtV/Xv/kQtaQM/nxyIJxMI6Etu6vKZIFMMYGpvGzQaPOWrGN ZbL/7LFKvJt/UsMBC2VO =P+iK -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5548e639-89c8-74f1-6966-46d4e230308a%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bad GPG Signature is Good on 2nd Try?
Andrew David Wong: > On 2016-08-05 16:21, entr0py wrote: >> After downloading Qubes 3.1 iso, I attempted to verify with Release 3 >> Signing Key: > >> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.asc gpg: assuming >> signed data in `Qubes-R3.1-x86_64.iso' gpg: Signature made Wed 09 Mar 2016 >> 03:40:56 AM UTC gpg:using RSA key 0xCB11CA1D03FA5082 gpg: >> BAD signature from "Qubes OS Release 3 Signing Key" [unknown] > > >> I verified the hash .DIGESTS: > >> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.DIGESTS gpg: >> Signature made Wed 09 Mar 2016 11:35:48 AM UTC gpg:using >> RSA key 0xCB11CA1D03FA5082 gpg: Good signature from "Qubes OS Release 3 >> Signing Key" [unknown] > > >> I compared checksums: > >> user@host:~/Downloads$ sha1sum Qubes-R3.1-x86_64.iso >> 990b7765ee209b42b3cad78673463daae769c729 Qubes-R3.1-x86_64.iso > >> user@host:~/Downloads$ cat Qubes-R3.1-x86_64.iso.DIGESTS | grep >> 990b7765ee209b42b3cad78673463daae769c729 >> 990b7765ee209b42b3cad78673463daae769c729 *Qubes-R3.1-x86_64.iso > > >> So tried verifying the .iso again: > >> user@host:~/Downloads$ gpg --verify Qubes-R3.1-x86_64.iso.asc >> Qubes-R3.1-x86_64.iso gpg: Signature made Wed 09 Mar 2016 03:40:56 AM UTC >> gpg:using RSA key 0xCB11CA1D03FA5082 gpg: Good signature >> from "Qubes OS Release 3 Signing Key" [unknown] > > >> What am I missing? Is the 2nd argument necessary even though gpg found the >> signed data properly the first time? > > > Is it possible that the ISO hadn't completely finished downloading when you > tried to verify it the first time? > > > I don't think so, because then it would have had the .part extension. Is there a long write after the download completes? RAM / HD limitations? 4.7 GB iso vs 1.0 GB RAM, 10 GB Private storage. Not sure it's important but kinda unnerving to be producing different results :/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/82efc921-c394-63b7-1f5b-cad9fbad45b2%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Device attached failed with USB3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Aug 05, 2016 at 04:43:02PM -0700, kotot...@gmail.com wrote: > Hi, > > When attaching a USB3 hard-drive to the untrusted VM I get the following > error: > > dom0$ qvm-usb -a untrusted sys-usb:4-1 > ERROR: Device attach failed: sh: printf: I/O error > > untrusted$ dmesg > <...> > [ 7482.281057] vhci_hcd: connection closed > [ 7482.281166] vhci_hcd: stop threads > [ 7482.281197] vhci_hcd: release socket > [ 7482.281219] vhci_hcd: disconnect device > [ 7489.228732] vhci_hcd: Failed attach request for unsupported USB speed: > super-speed > > sys-usb$ dmesg > <...> > [ 7627.651333] usbip-host 3-2: recv a header, 0 > [ 7627.651449] usbip-host 3-2: lock for reset > [ 7634.596562] usbip-host 4-1: stub up > [ 7634.601226] usbip-host 4-1: recv a header, 0 > [ 7634.705358] usbip-host 4-1: reset SuperSpeed USB device number 3 using > xhci_hcd > [ 7634.716919] usbip-host 4-1: device reset > > Any ideas? I'm using Qubes 3.2RC2. Unfortunately drivers we use (usbip) doesn't support USB3.0 yet. Anyway, for hard drivers, you should use block attach (qvm-block command). https://www.qubes-os.org/doc/usb/#tocAnchor-1-1-5 Stating with Qubes 3.2, it is possible to attach a single USB device to any Qube. While this is useful feature, it should be used with care, because there are many security implications from using USB devices and USB passthrough will expose your target qube for most of them. *If possible, use use method specific for particular device type (for example block devices described above), instead of this generic one.* - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXpSXoAAoJENuP0xzK19csyBoH+QFiQKphsMQxV09d88GF4u4D kb4c6eLtx/W6mJ7m0PVyejkXExIaWej0Y1XyQsFAshcw1dpku/OLlFV7GE9gBJ9d Gu0GK/JIjGnULgKmP2F+6mp4KbF5RpzdfFzAakeTWrmgWyNBVRO7a/ick9e/rvvN 1cjf4RMRcNTBiFuFlThRXppT66CmGSCVmxc2G0ufNTgEmVMRtGK7VMw5U2+5wcoy TWzDGgKc1JU1/Yj9XdDFOtCf4MlqMiEP19H6vXhYKkJoDIVCi2+Pktl8HTmB7VMg Sjk0+3cyFgnsV/zj2vs6eUm+Be1hl4oWWgCSrHu4ORD26K4S3dF9pYTp6n/OD3w= =hNr7 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160805234855.GW32095%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Device attached failed with USB3
Hi, When attaching a USB3 hard-drive to the untrusted VM I get the following error: dom0$ qvm-usb -a untrusted sys-usb:4-1 ERROR: Device attach failed: sh: printf: I/O error untrusted$ dmesg <...> [ 7482.281057] vhci_hcd: connection closed [ 7482.281166] vhci_hcd: stop threads [ 7482.281197] vhci_hcd: release socket [ 7482.281219] vhci_hcd: disconnect device [ 7489.228732] vhci_hcd: Failed attach request for unsupported USB speed: super-speed sys-usb$ dmesg <...> [ 7627.651333] usbip-host 3-2: recv a header, 0 [ 7627.651449] usbip-host 3-2: lock for reset [ 7634.596562] usbip-host 4-1: stub up [ 7634.601226] usbip-host 4-1: recv a header, 0 [ 7634.705358] usbip-host 4-1: reset SuperSpeed USB device number 3 using xhci_hcd [ 7634.716919] usbip-host 4-1: device reset Any ideas? I'm using Qubes 3.2RC2. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6a089818-9785-4311-991a-d4a57b7391f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Poor performance when reading external DVD
> In VLC try to change output mode to x11, that dropped my cpu use by 60% to > 20%. It did help. Thank you so much! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c2ea6dbb-d7f0-4bab-b1d7-bb0ac7aa9383%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Poor performance when reading external DVD
In VLC try to change output mode to x11, that dropped my cpu use by 60% to 20%. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cabee3c5-82c0-4596-b9de-b91156a269a4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Poor performance when reading external DVD
When testing with Xine I got bad performance and this error message: "The amount of dropped frame is too high, your system might be slow, not properly optimized or just too loaded". I have an integrated intel card for video, how can I check it is properly configured? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c4eaa723-e0ec-42d7-9a22-88c63edd10ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Poor performance when reading external DVD
It seems to be related to VLC because mplayer works nicely! Very good news. Here the command for history: $ mplayer -zoom -fs -vo x11 dvd:// -dvd-device /dev/sr0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/62f785d0-4368-467c-8e9d-4b53170dd3be%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Upgrading from Qubes 3.1 to 3.2 fail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Aug 03, 2016 at 09:35:45AM +0200, donoban wrote: > On 08/02/2016 10:57 PM, Marek Marczykowski-Górecki wrote: > > > > Could you paste also list of packages in dom0 (rpm -qa)? This > > should allow me to reproduce the problem. > > > > > > Yes Marek! Here is it: > https://paste.debian.net/786712 > > The only think that I did on both install was installing Xfce after > the default KDE install (or maybe xfce was already installed?), I am > not sure. > > I hope it helps. I've added additional step to the instruction[1] for Debian-based UpdateVM: If you are using Debian-based VM as UpdateVM (sys-firewall by default), you need to download few more packages manually, but do not install them yet: sudo qubes-dom0-update systemd-compat-libs perl-libwww-perl perl-Term-ANSIColor perl-Term-Cap gdk-pixbuf2-xlib speexdsp qubes-mgmt-salt-admin-tools (...) Transaction Summary === Install 15 Packages (+ 31 Dependent packages) Upgrade 4 Packages (+200 Dependent packages) Total download size: 173 M Is this ok [y/d/N]: n Exiting on user command Your transaction was saved, rerun it with: yum load-transaction /tmp/yum_save_tx. Please let me know if that helps. [1] https://www.qubes-os.org/doc/upgrade-to-r3.2/ - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXpNp4AAoJENuP0xzK19csRlYH/1C3pqb5UVcpXSTGKD0QriKf P9QYza6aPFbJkqLXlmNQQpYifO7Le/JGcByQfBWYRWkyz8F0bj6ccUr6VQ4Zf/VM ZQXE9opp/pDO/UVE7LFuzzkK9coKecdFrlc1cUfHM/RnYc/PQ4Iz1iCdQg849m+M 4HGUmWV7LoDnlama+OOC3cMhBTNfLvqfi1tj/ot1/DRLligu6ylMcjEe+7IkNivq PdIvkuPjml91AjZ0+Up6OW9upCa0qmjUjDbkUQqghqCLRsdtMLBZbg0ibpYVEJ5H xOqTXrXxvh7W9Qc+edt1rDTcQTFoPyMgbxlzTRBEh+ewTuJ+1NtwZCRZA16gQz4= =wR9Q -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160805182703.GS32095%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: External USB DVD fails to attach to the VM
I found the solution by reading this: https://www.qubes-os.org/doc/usb/ and not this https://www.qubes-os.org/doc/assigning-devices/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/337ac69b-c527-4ead-964c-c45a60aeb9cf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] External USB DVD fails to attach to the VM
Hi, I'm using an optical DVD reader/burner and attached it to one of the VM: dom0$ qvm-block -l sys-usb:sr0 Slim_USB_Burner (0782852) 6GiB (attached to 'my-new-vm' as 'xvdi') It fails to show up in the VM: [user@my-new-vm ~]$ ls -alh /dev/xvdi ls: cannot access /dev/xvdi: No such file or directory Also lsusb returns nothing: dom0$ lsub -v dom0$ I also tried to attach the whole USB controller to the VM, it didn't solve the problem. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5f9edb83-9e5b-474c-a90a-17af48beec44%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Fedora Minimal ProxyVPN template?
VPN Services usually offer a number of different sites/cities to connect to. I am trying to set up a minimalist bare-bones Fedora23 template that I can base all of my ProxyVM's off of (via cloning), such that I only have to change the .ovpn file within each Proxy in the /rw/config/openvpn folder (and name the ProxyVM accordingly). This would allow me to choose to have a quick way to easily have a distinct proxyvm for each appvm that I can change at will w/o taking up excess memory. Does anyone have this set-up (or a better idea)? If you do, care to share what packages you have pared it down to? Inspired by Olivier Médoc's post below.. https://groups.google.com/d/msg/qubes-users/LkGNj-mCVHI/e0N0FeLFCQAJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b0dca587-1e2d-498a-88d4-b6b9ad9da017%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] disposableVM not really disposable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Marek Marczykowski-Górecki: > On Fri, Aug 05, 2016 at 11:57:38AM +0200, Marek Marczykowski-Górecki wrote: >> On Wed, Jul 27, 2016 at 10:38:52AM +0100, cubit wrote: >>> 26. Jul 2016 23:14 by marma...@invisiblethingslab.com: >>> Check file list in /var/lib/qubes/appvms/fedora-23-dvm. Especially date and permissions of volatile.img there. >>> >>> >>> >>> >>> It's actually fedora-23-stable-dvm based off a copy of the template >>> >>> >>> >>> >>> Here is the file list, there is one noticeable difference when >>> comparing it to fedora-23-dvm folder.For my template >>> volatile.img is chmod 600 while it is 644 in fedora-23-dvm. >>> Changing the permissions to match 644 does not change anything, the >>> problem still exists @cubit: What is the output of 'sudo sh -c umask' in dom0? >> Change it to 664 (same as other files there) - so qubes group will have >> write access. > > What are permissions on the directory itself? > > >> (...) > >>> -rw-rw-r-- 1 user qubes1669 Jun 2 20:15 disp8.conf >>> -rw-rw-r-- 1 user qubes1670 Jun 2 20:15 disp9.conf >>> -rw-rw-r-- 1 user qubes 309223442 Jul 21 09:49 dvm-savefile >>> -rw-rw-r-- 1 user qubes1925 Jul 21 09:49 fedora-23-stable-dvm.conf >>> lrwxrwxrwx 1 user qubes 55 Mar 31 16:15 icon.png -> >>> /usr/share/icons/hicolor/128x128/devices/appvm-gray.png >>> -rw-rw-r-- 1 user qubes 1 Jul 21 09:49 netvm-id.txt >>> -rw-rw 1 user qubes 2147483648 Jul 21 09:49 private.img >>> -rw-rw-r-- 1 user qubes1024 Jul 21 09:49 saved-cows.tar >>> -rw--- 1 root qubes 12348030976 Jul 26 20:00 volatile.img >>> -rw-rw-r-- 1 user qubes 70 Mar 31 16:15 whitelisted-appmenus.list One case in which this happens is when the root user has a restrictive umask. Then prepare-volatile-img.sh creates a file as show above. qubes-prepare-saved-domain.sh then fails siletly to include volatile.img into saved-cows.tar. This can be simply fixed by not running prepare-volatile-img.sh as root (see attached patch, sudo is no longer necessary there). But I'm not sure if this is the problem in the reported cases. Especially this should be rather easily noticed since you can't start a dispvm when another is still running. What are the reasons for using bsdtar instead of tar? I tried to make the script to fail in this case but bsdtar justs prints a warning on permission errors and still exits with 0 (in contrast to GNU tar). -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXpJl2AAoJEOSsySeKZGgWFFIQALrQQB4n7uGNpsbdlopX166W 8sqACeMwJ5eozMt8uZ0g6IalfCUW58YSKCYPtepUxN1I7S3hxVBHQcx0M3q2yxhJ LMmsAv7YdzFOxEr1oS+2UsmHJfuhCJjWMYEoIjTgskSVzB1Gd8vENptSPGUZedd9 IOYxfxIzahhx/2jYd5YdilqtW94Nr8iGCGVAqCnibE0oac16y5NTmSa4WP0gv4ou QBuj5ejm7VrUDbsexdzxOVR33AeGv4kize+PT23WDVM8Fjr3Nt60zUhFRVUY6eSD eSFmXw/re+KR9wweUiQBhtDk8WFFMkzSEBeh0Qxfs3SN7x2LeRLjIn+n5ns55TFA wIRMkfGykyAC9k468bkjcE4pUJs8EfTnKc6yNmFVn68Jxpip3R90hb4orgtdLEQc OeP7XERg/s78QDgjPod3CnroMKy7wTFQxsCgAFHpDiQKVNCSfQvGURMwcz/Mw37t +FAnCK85BMgKF0CsTHWoF+KXmTI5VqyrbfFElKHxtuJ+yQCJfWj0JyqudQ5Ff7Sd u9dZY1txUD5NJ3mPHISLRGzPEzdm/O1YDsNMEPu8ofGOK+fKDsQWlQWeXBVhD5pn 7SU/NXUvVjo5jK6Ii22QIch1IVehWdcjYahMpCOdZcR5kDoerksnYkWosUo/giO7 O2o/oh3+rIqIit705cTF =cWHQ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2065e306-d473-706a-a000-14c11ae76540%40ipsumj.de. For more options, visit https://groups.google.com/d/optout. From 469a88067fb724a27d8a912c398a4fa9ef9e46eb Mon Sep 17 00:00:00 2001 From: HW42Date: Fri, 5 Aug 2016 15:44:05 +0200 Subject: [PATCH] prepare-volatile-img.sh: don't run as root This is no longer necessary since volatile.img is formated inside the VM. This also fixes DispVM creation if the user sets a restrictive umask for root. Maybe related to #2200. --- linux/aux-tools/prepare-volatile-img.sh | 4 1 file changed, 4 deletions(-) diff --git a/linux/aux-tools/prepare-volatile-img.sh b/linux/aux-tools/prepare-volatile-img.sh index 40e22f5..b32142b 100755 --- a/linux/aux-tools/prepare-volatile-img.sh +++ b/linux/aux-tools/prepare-volatile-img.sh @@ -1,9 +1,5 @@ #!/bin/sh -if [ "`id -u`" != "0" ]; then - exec sudo $0 $* -fi - set -e if ! echo $PATH | grep -q sbin; then -- 2.8.1 0001-prepare-volatile-img.sh-don-t-run-as-root.patch.sig Description: PGP signature
[qubes-users] Re: black screen after installation v3.1 on dell XPS 15
Op donderdag 4 augustus 2016 17:04:24 UTC+2 schreef kelo: > is it a dell xps 15 9950 , the newest edition? > > if yes does your network card get detected by qubes 3.1 and work properly? > > do you have any issues with a 4k display? No it's a rather old machine. 5 years old. I don't own a 4k display. But I see the cursor blinking and than the screen goes black. I think one can call it "warm black". (as read in the discussions over here). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b3b6ff57-28b3-4905-9587-ba52fe3a528c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] disposableVM not really disposable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Jul 27, 2016 at 10:38:52AM +0100, cubit wrote: > 26. Jul 2016 23:14 by marma...@invisiblethingslab.com: > > > Check file list in /var/lib/qubes/appvms/fedora-23-dvm. Especially date > > and permissions of volatile.img there. > > > > > > > It's actually fedora-23-stable-dvm based off a copy of the template > > > > > Here is the file list, there is one noticeable difference when comparing it > to fedora-23-dvm folder. For my template volatile.img is chmod 600 while > it is 644 in fedora-23-dvm. Changing the permissions to match 644 does not > change anything, the problem still exists Change it to 664 (same as other files there) - so qubes group will have write access. (...) > -rw-rw-r-- 1 user qubes 1669 Jun 2 20:15 disp8.conf > -rw-rw-r-- 1 user qubes 1670 Jun 2 20:15 disp9.conf > -rw-rw-r-- 1 user qubes 309223442 Jul 21 09:49 dvm-savefile > -rw-rw-r-- 1 user qubes 1925 Jul 21 09:49 fedora-23-stable-dvm.conf > lrwxrwxrwx 1 user qubes 55 Mar 31 16:15 icon.png -> > /usr/share/icons/hicolor/128x128/devices/appvm-gray.png > -rw-rw-r-- 1 user qubes 1 Jul 21 09:49 netvm-id.txt > -rw-rw 1 user qubes 2147483648 Jul 21 09:49 private.img > -rw-rw-r-- 1 user qubes 1024 Jul 21 09:49 saved-cows.tar > -rw--- 1 root qubes 12348030976 Jul 26 20:00 volatile.img > -rw-rw-r-- 1 user qubes 70 Mar 31 16:15 whitelisted-appmenus.list - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEbBAEBCAAGBQJXpGMTAAoJENuP0xzK19cs3nQH92oO91qw15Sa0f8jTAWbFtGX pzVsXwH2i5jd9ctMufe6kqzAua32Bhuzyouj89F5XfD2CHUGpIA6W998P46RtxNG FGDpyT20gKSpdfZlfpwwZGDlDCp4cbfiep15cSnC+yLhr8knTUBTlP+co9rXUyhk 7a/Ut7C8YknTLogkuHl7zfwodpi6ZUS+Iae4/4H2BJKMTeTS+Z0/OgpQUuI8aOXH oESm6aTqkcrync2kLx8XZBkaBoXWdgj7W/Ram4bKNUO6p+k7oA7DrnpwRNsikt3M 0g0Yx97AN6qeZfsUgjqP219GqM0AqzN55k6nfLDkn12HkJSbLh+a5bvlY9LPuQ== =pj6H -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160805095738.GN32095%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: PS2 Mouse with adaptor
I have a few problem setting up usv mouse proxyvm. Which STEP/GUIDE did you followed? Thanks you. On 08/03/2016 09:19 PM, raahe...@gmail.com wrote: > On Tuesday, August 2, 2016 at 8:57:52 AM UTC-4, Herbies wrote: >> Hi, >> >> Qubes advice to use ps2 mouse and keyboard but is impossible to find one >> in local shop. >> >> I have bought some usb/ps2 adapter to connet usb keyboard and mouse to >> my ps2 port. My keyboard is working well, but I have tried several model >> of mouse unsuccessfully. >> >> Do you know the reason because my usb mouses fail to function while >> connected to the adapter? >> >> Any other suggestion? >> >> Thanks you > > imo, it is not as important to have pci mouse as it is for keyboard. I > just use a usb to pci adapter for keyboard. and Use a usb mouse with the > qubes mouse proxy from usbvm. For extra security set lockscreen. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a3170361-d781-6bdc-3508-1761220ec9d1%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] disposableVM not really disposable
Same issue here. Solved by entering on the template fedora-23-dispvm (or the name you are using) I have opened FF for addon updates. run command touch. qubes-disp.customized as you can find here https://www.qubes-os.org/doc/dispvm-customization/ Than use the command qvm-create-default-dvm And you should start with empty tempaltes. Hope it help you On 07/27/2016 11:38 AM, cubit wrote: > 26. Jul 2016 23:14 by marma...@invisiblethingslab.com: > >> Check file list in /var/lib/qubes/appvms/fedora-23-dvm. Especially date >> and permissions of volatile.img there. >> > > > > > It's actually fedora-23-stable-dvm based off a copy of the template > > > > > Here is the file list, there is one noticeable difference when comparing it > to fedora-23-dvm folder.For my template volatile.img is chmod 600 while > it is 644 in fedora-23-dvm. Changing the permissions to match 644 does not > change anything, the problem still exists > > > > > > total 503544 > -rw-rw-r-- 1 user qubes1671 Jun 3 11:18 disp10.conf > -rw-rw-r-- 1 user qubes1671 Jun 3 11:33 disp11.conf > -rw-rw-r-- 1 user qubes1671 Jun 4 19:58 disp12.conf > -rw-rw-r-- 1 user qubes1671 Jun 4 19:59 disp13.conf > -rw-rw-r-- 1 user qubes1671 Jun 4 20:01 disp14.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:25 disp15.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:26 disp16.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:27 disp17.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:28 disp18.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:34 disp19.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 15:08 disp1.conf > -rw-rw-r-- 1 user qubes1671 Jul 14 18:53 disp20.conf > -rw-rw-r-- 1 user qubes1671 Jul 15 12:44 disp21.conf > -rw-rw-r-- 1 user qubes1671 Jul 17 07:27 disp22.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 08:55 disp23.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 09:20 disp24.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 13:30 disp25.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 16:25 disp26.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 20:48 disp27.conf > -rw-rw-r-- 1 user qubes1671 Jul 18 20:56 disp28.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 11:47 disp29.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 15:58 disp2.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:23 disp30.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:31 disp31.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:35 disp32.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:36 disp33.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:44 disp34.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 15:52 disp35.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 16:19 disp36.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 17:02 disp37.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 17:14 disp38.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 18:13 disp39.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 17:25 disp3.conf > -rw-rw-r-- 1 user qubes1671 Jul 19 20:07 disp40.conf > -rw-rw-r-- 1 user qubes1671 Jul 20 08:07 disp41.conf > -rw-rw-r-- 1 user qubes1671 Jul 20 16:30 disp42.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 09:49 disp43.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:00 disp44.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:01 disp45.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:02 disp46.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:05 disp47.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:05 disp48.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 12:06 disp49.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 18:34 disp4.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 14:15 disp50.conf > -rw-rw-r-- 1 user qubes1671 Jul 21 15:09 disp51.conf > -rw-rw-r-- 1 user qubes1671 Jul 22 09:23 disp52.conf > -rw-rw-r-- 1 user qubes1671 Jul 22 09:24 disp53.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 18:51 disp5.conf > -rw-rw-r-- 1 user qubes1669 Jul 26 19:59 disp6.conf > -rw-rw-r-- 1 user qubes1669 May 30 12:16 disp7.conf > -rw-rw-r-- 1 user qubes1669 Jun 2 20:15 disp8.conf > -rw-rw-r-- 1 user qubes1670 Jun 2 20:15 disp9.conf > -rw-rw-r-- 1 user qubes 309223442 Jul 21 09:49 dvm-savefile > -rw-rw-r-- 1 user qubes1925 Jul 21 09:49 fedora-23-stable-dvm.conf > lrwxrwxrwx 1 user qubes 55 Mar 31 16:15 icon.png -> > /usr/share/icons/hicolor/128x128/devices/appvm-gray.png > -rw-rw-r-- 1 user qubes 1 Jul 21 09:49 netvm-id.txt > -rw-rw 1 user qubes 2147483648 Jul 21 09:49 private.img > -rw-rw-r-- 1 user qubes1024 Jul 21 09:49 saved-cows.tar > -rw--- 1 root qubes 12348030976 Jul 26 20:00 volatile.img > -rw-rw-r-- 1 user qubes 70 Mar 31 16:15 whitelisted-appmenus.list > > > > > -- You received this message because you are subscribed to the Google
Re: [qubes-users] Re: Android Emulator
On 08/04/2016 07:51 PM, Torsten Grote wrote: > I tried it now and it works, but is barely usable, because it is > very(!!!) slow. On top of running ARM emulation in an AppVM, I needed > to turn on software graphic rendering, because hardware rendering > didn't work. Yeah, it's quite slow, but depending on your app it may suffice - my apps are "companions" for business applications, so there are no speed requirements nor fancy graphics to display. > It would be nice if Android guests would be officially supported by > Qubes OS, but until that's the case, maybe there's a way of running > Android guests in the meantime. > > An Android image comes with these files: > > kernel-qemu ramdisk.img system.img userdata.img > > Shouldn't it be possible somehow to create a XEN guest VM with these > files mounted, so Android can actually boot? While an Android x86 HVM guest may boot, would it work as an emulator suitable for debugging? There may be some work to do to route tcp port 5554 from the debuggee (server) to the debugger. I don't think a PV situation could easily work, because Qubes would like to have its tools installed in the VM to be able to compose windows coming from all the VMs in the system, while Android does not easily allow for such a modification. But an HVM may boot, with its own windowed fullscreen. -- Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/109e5728-9aca-4f36-3629-0c493f40852a%40gmx.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature