[qubes-users] HCL

2016-09-04 Thread Drew White 
Is it possible that I can get a copy of every HCL report that has ever been 
posted in here please?

I'm asking to know if there is a single location, or whether I have to go 
through the entire thing to find them?

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5d80278f-8408-4a0b-90a8-e441dc976f80%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] HCL - Lenovo Thinkpad T430s

2016-09-04 Thread bob2361 
No problems at all running Qubes 3.1 with a Thinkpad T430s. Everything 
works fine.


Cheers and thank you for Qubes OS

Luca

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6fe8b719-5924-1f53-6de9-d71115de41e3%40warpmail.net.
For more options, visit https://groups.google.com/d/optout.


Qubes-HCL-LENOVO-23551V1-20160905-110048.cpio.gz
Description: application/gzip


Qubes-HCL-LENOVO-23551V1-20160905-110048.yml
Description: application/yaml

[qubes-users] Re: App shortcuts in XFCE

2016-09-04 Thread Drew White 
On Sunday, 4 September 2016 11:50:21 UTC+10, Gaijin  wrote:
> I just upgraded from 3.1 to 3.2R3 and was wondering of the best way to 
> restore some of my App shortcuts. I use some portable apps and 
> executables that don't show up in the Applications shortcuts. In KDE I 
> was used to the Menu Editor. I'm not familiar with XFCE and didn't see a 
> similar option.

If you are talking about windows WITH QREXEC, then just add the shortcuts again.
You can add them to the menu using KMENUEDIT, or many other ways

Including copying the .desktop files to the new machine onto your desktop, or 
else into another folder and adding them directly to the menu system using 
kmenuedit or similar CLI interface.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7e2300bc-6a54-47b6-b427-e3ef81929555%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: How to share data between 2 Qubes installations via USB in a sensible way?

2016-09-04 Thread Drew White 
How about you just have 1 USB device that you keep secure?

I have a 128GB device that I ONLY use for Qubes, and is completely secure and 
safe.

Why go to all the trouble of having things set up so weirdly?

I have all USB devices go immediately to dom0.

They don't auto-play, they don't auto-mount, they don't do anything like that. 
so I'm safe.

If I have a device that I want to attach to a VM, then I attach it to that VM. 
simple.

But I NEVER attach my Qubes drive to anything, UNLESS I really really have to..

And in that case...

I create a VM with no networking, get the data off, transfer from the drive 
through the secure virtual to another VM that has networking, then use that to 
send the data to the network.

All while the drive is being used by Qubes for VMs.

It's safe, and reliable the way it can be done. But only if you have your 
system secured and safe. (without having the need for a separate USB Guest to 
have everything attached to when it gets attached to the PC.)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/bc91338e-4706-4e02-9261-0c895ec899dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: security question: keepass vault password

2016-09-04 Thread pixel fairy 
On Sunday, September 4, 2016 at 10:37:53 AM UTC-7, Eva Star wrote:
> Simple question:
> 
> Are there any reasons to set up passwords to keepass databases if it 
> stored at separate vaultVM and OS is already encrypted?
> I queses NO. Only much fuss every time typing password
> 
> -- 
> Regards

you might want to share your keepassdb (or other keys) with another device.
you should only have to unlock it on boot, so it only adds one more passphrase 
to the boot up process.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/31365478-d6eb-452d-a4c3-a3bfb24ae88f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] QubesOS under VMware - I know I know ...

2016-09-04 Thread Drew White 
On Friday, 2 September 2016 16:51:27 UTC+10, p.@.com  wrote:
> 
> Thanks Andrew for the hint with USB. I imagine every time you reboot your 
> laptop to run your disk installed OS you loose everything you configured in 
> your USB-based Qubes ?

No, not at all. It was an installation, not a snapshot or anything, completely 
full.



On Friday, 2 September 2016 16:53:33 UTC+10, p.@.com  wrote:
> Which QubesOS version did you install on ESXi ?

It was ESXi 5.5 IBM custom.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2084cce8-da20-4c81-b01d-dfab4fb52ec9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Recovery Disk & Suggest Live Linux CD to recovery system like WinPE

2016-09-04 Thread Connor Page 
I think nowadays many live installers that have capability to install on 
encrypted partitions give possibility use the tools in a terminal window. For 
instance, when I realised that somehow only a swap partition got encrypted in a 
fresh Qubes install I launched Manjaro live ISO, dd root partition to a temp 
location, created a new dm-crypt/LUKS partition, mounted that, dd root 
partition back, chroot'ed into that updated crypttab and grub config, rebooted 
and was happy.
I think it would be most appropriate to use a distro with a recent kernel not 
much older or newer than Qubes dom0 kernel.

Caution: you should trust the recovery system.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/25b714fa-2f13-42ac-a44e-ad77c6e17098%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] security question: keepass vault password

2016-09-04 Thread Connor Page 
it makes an evil maid's mission a bit more complicated

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/47b5f46c-0719-403b-9e65-b8eb223cc3f7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Qubes 3.1 and 3.2 beta both fail in post-install configuration

2016-09-04 Thread Marek Marczykowski-Górecki 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Sun, Sep 04, 2016 at 11:42:24AM -0700, Bob Newell wrote:
> Hello,
> I tried installing both Qubes 3.1 and Qubes 3.2 on my Lenovo T420S. Both 
> exhibit the same problem, during the first-boot setup, after clicking ok from 
> the checkboxes (I didn't change the defaults), there is an extremely lengthy 
> error message generated. I think all of it was captured in the messages I 
> read with journalctl. The bottom line is my VMs weren't generated. If I try 
> to create a debian or fedora VM from the Q menu nothing happens. If I try to 
> create a disposable VM for firefox with the shortcut I get "DVM savefile 
> creation failed."  Any suggestions?
> 
> here are my messages: http://hastebin.com/ixifaqenad.md

How are you booting the system? It looks like you have modified
bootloader configuration to load Linux directly, excluding Xen.

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJXzGuqAAoJENuP0xzK19cs8cAH/iC16M2FiB0wjxJyRZus2F0S
bLCjQtVsBEuI8/3VId1tkiDm30bIg8yGWPjz2WxU4DaRwiWpyWWGBcf/db0mRdWk
Qj7ogPyLLPU1/JET+3BSmwHoamX69LogUfv/CXVc4dtMreO2nLDAfROP7eIshTL5
abPrYWIKVvTx1b7yJQ9Q+b2b+FWheMvfe7K3kBjF7bqGaI+ur8W5/9DZVuR7XsiS
DgGRxzatlrxfAH7+53qu3S6fFAlYTGrUk1JQxHpURlwMn1+3GgYlHRfxEDKIS6uZ
wp/eo9AVCa/ObESaJDE90b8tkRVkIPPFXaNDlZLMseL3F2lhHsYKVwfMP5nTcaY=
=a8g/
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20160904184457.GU328%40mail-itl.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Networking between Linux and Windows VMs

2016-09-04 Thread Micah Lee 
I've installed Windows 10 in an HVM (called dev-win10), and I'd like to
be able to connect to its RDP service from a Linux VM (called dev).

The documentation [1] says both VMs need the same netvm, and in that
netvm I need to enable an iptables rule to let dev communicate with
dev-win10:

iptables -I FORWARD 2 -s $DEV -d $DEV_WIN10 -j ACCEPT

Then in the VM that will hosting the service, dev-win10 in this case, I
need to allow incoming connections from the source IP:

iptables -I INPUT -s $DEV -j ACCEPT

This seems to work fine if the VM hosting the service is Linux. Since
it's Windows I obviously just need to allow access using the Windows
Firewall instead of with iptables.

It sure seems like I'm allowing all inbound connections to the Remote
Desktop service in the Windows Firewall [2], however when I try
connecting to it from dev it times out.

I've also tried running a simple http server using python3:

python3 -m http.server

And I allowed python.exe through the Windows firewall, but I can't
connect to that service either. When I try the same experiment in a
Linux VM, I can connect to it fine from dev.

Any idea what I'm missing?

[1] https://www.qubes-os.org/doc/qubes-firewall/#tocAnchor-1-1-4
[2] https://i.imgur.com/PyrKLAm.png

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/1615c334-65bc-5cd3-348a-c935e4392abf%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] security question: keepass vault password

2016-09-04 Thread Eva Star 

Simple question:

Are there any reasons to set up passwords to keepass databases if it 
stored at separate vaultVM and OS is already encrypted?

I queses NO. Only much fuss every time typing password

--
Regards

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a7d73166-8553-8540-eaf5-afc1b9a4b253%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Recovery Disk & Suggest Live Linux CD to recovery system like WinPE

2016-09-04 Thread Eva Star 

Are there some live recovery CDs as we have on windows (Windows PE)?

I notice that qubes have some recovery console, but it's hard to 
understand how to use it (maybe some examples at Documentation and 
"Recovery page" at documentation? Some basic examples...
How to add utilities to it? What utilities we already have on this 
console? How to use them? Please, add the page to docs about it...


Now, I'm searching the way to run some LiveLinuxCD to reencrypt my 
drive. So, this LiveCD must have 1) cryptsetup / cryptsetup-reencrypt tool.




--
Regards

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c3f67c09-8b8a-3962-1899-3e37229a490b%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Anonymizing MAC adress through dvm ?

2016-09-04 Thread Eva Star 

On 08/30/2016 05:19 AM, Marek Marczykowski-Górecki wrote:


In theory it can be probably applied there (apply the instruction in the
template - the same way as for sys-net). But in practice it doesn't give
you much more anonymity. First of all, MAC address of the VM network
interface have no relation to your real hardware. It is always
00:16:3e:5e:6c:XX, where XX is ID of the VM. So it gives information
that you use Qubes OS. And if one can read that MAC address, can also
read a dozen other indicators that you use Qubes OS - like running on
Xen, or /var/lib/qubes directory presence, or simply a hostname
("dispXX").


Why not add some settings and gill them with some random when OS installed?


--
Regards

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/41534c0c-e5a9-a5c5-bce5-2254a2f91b22%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] 3.2-rc1, xfce4 volume control

2016-09-04 Thread Michael Carbone 
sebastian@gmail.com:
> However the mute is still broken. When you press mute, it mutes both Master & 
> Speaker, when it unmutes it only unmutes property "active-track" which is 
> typically Master OR Speaker.

just want to highlight/confirm the muting issue, I created an issue for it:

https://github.com/QubesOS/qubes-issues/issues/2291

-- 
Michael Carbone

Qubes OS | https://www.qubes-os.org
@QubesOS 

PGP fingerprint: D3D8 BEBF ECE8 91AC 46A7 30DE 63FC 4D26 84A7 33B4


-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c0227746-05cb-92ea-ec7b-d756780ba91f%40qubes-os.org.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

Re: [qubes-users] Re: WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Andrew David Wong 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 2016-09-04 04:37, Arqwer wrote:
> Hmm, I guess that last column does not represent any info at 
> beginning of month. (I hope so.)

Correct. As it says on that page, "The graph is updated daily," and
the last date and time of update is in the lower left hand corner of
the image, immediately below the graph. So, the data for 2016-09
(September 2016) is all the data available through 2016-04-09 at
05:09. Naturally, fewer connections have occurred in the past four
days than in the past entire month. No cause for alarm.

> I think it should not be shown, to prevent misunderstanding.
> 

IMHO, the information accompanying the graph (as explained above) is
sufficient.

- -- 
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJXzDlLAAoJENtN07w5UDAwUOYP/28GklRlWGrsyxko8VpnI97M
USFihxUZ4p7v/aWC05RVipO9oAthk9+ZEIYHz902TVimVIWvQFkV+LgN9Rhznp0m
gyePvEjrp9ml+jCJcUVhz/Pkt08xqlFp9j7u452TT6Lqge0jU3tNxVleq+jevlJS
IkEDA20XCsdm5gyD8fFWbJ49YPWpjtTbrMvq71VDP+Dbq3k1VaLEZoo3cLzbcBF8
9igLPyBO2mPKoYU9CQSZP8C10txuZDNwIrTHyOHniQockJ8NVMJyA1gHnn6ugk9g
HXEnrvvTGBEql83O+tkQicAJ/oixFXSTQ2+JRQlKDNDoZDR/f0F67KK3F0+eNQDb
FQzk/dxVIj1AJ82WNxRfGDLAL6dd5Yt4gE9beA0tbxAC+PYPnw4inxu5CN1QmPox
ekWNhNM+gMpx3dAtHnYrWEew2VIYLOVbkwBKMMoyPWj8dZbR/KxuCc4b3mCAuSSs
+UfrLYImhFzwtQn14Fk1uPGyOw1BYj5t3qNS840R0YrB8tHj/5cSuxhIhrlxH0nO
wF2TReOKoHcuxVWvtCK3YefPXL4GhmWtp6wxcfkfP6WHcBZ5uIs3jNsrXai0D5gN
tlgnIAJVnbp3XTMSfCUikIxJBv3ABU+UwzJ9JuanxB21x6Ge8Bk4Gl3779O23upL
eSDk+sb1VF7LaGU/FvWT
=MSCf
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7da69248-d985-3c76-902c-fe7477c6c0e9%40qubes-os.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Cube 
On Sunday, September 4, 2016 at 4:16:38 AM UTC-7, Arqwer wrote:
> Statistics page (https://www.qubes-os.org/counter/) shows that number of 
> users have fallen from 15 000 to less then 4000. Is it just a bug in counter, 
> or what is happening?

glitch in the Matrix

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/298a18fb-120e-4cf0-9fac-6f095b6763d5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Arqwer 
Hmm, I guess that last column does not represent any info at beginning of 
month. (I hope so.) I think it should not be shown, to prevent misunderstanding.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2f6f5bd8-6a95-441d-aaf6-f737cf7c9906%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] WTF with userbase counter? Is Qubes OS dying?

2016-09-04 Thread Arqwer 
Statistics page (https://www.qubes-os.org/counter/) shows that number of users 
have fallen from 15 000 to less then 4000. Is it just a bug in counter, or what 
is happening?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0853a44c-50ae-47e3-8972-ae45476468fb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] seafile applet integration with the panel is not working

2016-09-04 Thread kototamo 
Thanks for listing these bugs. It is probably something else: the icon neither 
appear/disappear nor is being transparent. It is just not being shown.

There is something specific to the seafile-applet: it is an application that 
can be minimized in the system tray, not only an "applet". Maybe there is a 
difference with "pure" applets such as the network-manager? 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b3740aa4-6ad1-46ce-b5ef-087d7483b409%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] How to share data between 2 Qubes installations via USB in a sensible way?

2016-09-04 Thread David Hobach 



On 06/27/2016 07:22 PM, David Hobach wrote:

On 06/19/2016 01:12 PM, Chris Laprise wrote:



On 06/19/2016 05:25 AM, David Hobach wrote:

I wonder whether there's any sensible (= relatively secure) way
of sharing data between 2 Qubes installations via a single USB
pen drive or hard disk?

What are you using or do you have any thoughts?

[...]



I think I identified the probably optimal solution: In short you can use
some less known qvm-block tricks to mount files from one VM to another
and thus force all FS & USB attacks to happen inside your USB VM.

In long:

Run a service in dom0:
1. Every 3s check whether a specific USB drive was attached to the USB
VM (vendor & product ID match); if yes:
2. Mount it and iterate over the folders found there (--> USB driver &
filesystem parsing attacks only affect the usb VM)
3. If a folder found there matches a name of a list of VMs defined in
the script and that VM is started, mount the luks file in the folder to
that VM using qvm-block (qvm-block can mount files from one VM to
another), if it's not already mounted.
4. Each of these luks files can only be decrypted by the respective VM
via a key file that only that VM has. From dom0 we can locate that file
and do the necessary decrypt & mount operations as well. The service
should also provide a state in dom0 for other services to indicate for
which VMs it is currently active and can be active.

So assuming qvm-block is reasonably secure, only attacking the luks
implementation would still work to compromise VMs, but that's pretty
much it from my point of view. Plus the attacker might have to destroy
data he'd like to extract in order to get the attack done.



Attached a sample implementation for anyone interested.

Use it at your own risk!

Kind Regards
David

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/18f5517b-927f-7fa4-59a1-502a9d5d6862%40hackingthe.net.
For more options, visit https://groups.google.com/d/optout.
#!/bin/bash
#
# author: David Hobach
# version: 1.0 / 04.09.2016
#
# See usage.
#
# For testing you can use losetup devices.

#errorOut [message]
function errorOut {
>&2 echo "ERROR: $1"
>&2 echo "Aborting..."
exit 1
}

#infoNoNewLine [message] [optional: 1 = also log]
function infoNoNewline {
echo -n "INFO: $1"
[ -n "$2" ] && [ $2 -eq 1 ] && log "$1"
}

#info [message] [optional: 1 = also log]
function info {
infoNoNewline "$1" "$2"
echo ""
}

#log [message]
function log {
#in Qubes use journalctl|grep "$SCRIPT_NAME" to find related logs
logger "${SCRIPT_NAME}: $1"
}


function reloadPid {
PID=$([ -f "$PID_FILE" ] && cat "$PID_FILE")
}

## start: config variables #

#name & directory of this script (hopefully...)
SCRIPT_DIR="$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")"
SCRIPT_NAME="$(basename "$0")"
SCRIPT="$SCRIPT_DIR/$SCRIPT_NAME"

#full path to the default config file & load it
DEFAULT_CONFIG="${SCRIPT}_default.conf"
source "$DEFAULT_CONFIG"
[ $? -ne 0 ] && errorOut "Failed to load the default config from 
${DEFAULT_CONFIG}."

#full path to the custom config file & load it, if it exists
#the custom config is meant to be used to override variables from the default 
config
CUSTOM_CONFIG="${SCRIPT}_custom.conf"
if [ -f "$CUSTOM_CONFIG" ] ; then
source "$CUSTOM_CONFIG"
[ $? -ne 0 ] && errorOut "Failed to load the custom config from 
${CUSTOM_CONFIG}."
else
errorOut "No custom configuration file found at ${CUSTOM_CONFIG}. 
You'll probably at least want to specify the VMs you'd like to use with qusb 
there."
fi

#path to the PID file to use by this script
PID_FILE="${SCRIPT_DIR}/${SCRIPT_NAME}.pid"

#PID of the currently running service
PID=
reloadPid

#the qvm-run command with necessary parameters
#NOTE: qvm-run will always make dom0 wait during the execution of the script in 
the client VM!
QVM_RUN="qvm-run -p -u root"

#timeout for error notifications to the user in ms
(( NOTIFY_ERROR_TIMEOUT_MS = $NOTIFY_ERROR_TIMEOUT * 1000 ))

## end: config variables #

#joinArray [delimiter] [all array elements expanded]
function joinArray {
local d=$1;
shift;
echo -n "$1";
shift;
printf "%s" "${@/#/$d}";
}

function usage {
echo "$SCRIPT_NAME start|stop|restart|status|mountAll|umountAll|setupDrive 
[partition]|setupDriveData|mountAllToSingle [target VM] [target VM: key file 
base path] [target VM: decrypted data path]|help"
echo ""
echo "$SCRIPT_NAME is a small service which runs in dom0 and attempts to 
provide a secure way of sharing data between two Qubes installations (each with 
multiple VMs) via a single USB drive. The service is configured via global 
variables in this script."
echo ""
echo