[qubes-users] Re: Xen high CPU usage, but nothing is running in the VM
BTW, I remember having such issue (including real CPU load), but that time, avahi-daemon was to blame, related to VPN. But it was shown in htop. Disabling avahi-daemon has helped. On recreating VMs (or VM templates): It might help if the load is shown in Qubes Manager. If the load is not shown in Qubes Manager, I'd guess it is a Xen-related or dom0-related issue. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cd5f36b3-492b-4ec9-bad2-306c7664f742%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On Saturday, June 17, 2017 at 9:45:08 PM UTC-5, cooloutac wrote: > tks for your post alot of users have this issue. No prob. Hope it proves helpful to others, that's why I posted. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/01f0b09e-8a71-4187-860d-9d4a100172ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Setting up privateinternetaccess on qubes 3.2
On 06/15/2017 02:15 PM, Steven Walker wrote: Can anyone give me any feedback on how to setup privateinternetaccess on qubes. I wrote to pia, and they didn't really give me much help on how to set this up. Any help greatly appreciated. Thanks, Steve I have PIA, I'd suggest just using the CLI, slog through it and pick two geo locations you want. , like one in the US and one outside. I used this : https://helpdesk.privateinternetaccess.com/hc/en-us/articles/219438247-Installing-OpenVPN-PIA-on-Linux Then the CLI stuff, it's a little tricky at a few points, and if it fails, better just wipe the whole VM and start over, till its stable. But, I also tried the Network Manager, and in the long term, it's just more PITA, it gives you seemingly more Geolocations easiert with the script, but its constantly going up and down, if you suspend your Computer. And just too time consuming, unless you MUST have many geo locations, but even then With the CLI just watch your in the correct dir when your doing things, and your permissions , I suggest just copy and paste verbatim, then one little mistake won't B0rk the whole attempt once you get one working, it goes quicker the 2nd time, though, took me a long time, to get 2 stable, But, then you'll never have to guess if your VPN is up or not. As unlike the NManager, it won't work unless it's up. then, you need to make a launcher on the desktop to restart rc.local after suspend, see the previous stuff Mr. Laprisse contributed and then sometimes/often you'll have to manually right click execute multiple times till its back up after suspend, but it's at least reliable -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9dffda7a-273e-3b11-8d73-34881b2d9002%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On Saturday, June 17, 2017 at 9:58:49 PM UTC-4, Mike Freemon wrote: > On 06/17/2017 08:34 AM, cooloutac wrote: > > The kabylake systems seems not to be that well supported on linux yet. > > Maybe someone who has had success with one can help. > > I have a Kaby Lake (i7-7500U) and Qubes works great (*). > > The qualifier on that is: "once installed, and the kernel is upgraded". > > The main issue, at least for me, is that the version of the kernel that > comes with the Qubes R3.2 installation ISO is "too old", i.e. it does > not support the latest hardware. This is not a criticism of Qubes, just > a reflection of the nature of the relationship between linux and > hardware support. But it's important to clarify that current linux > kernels do have support for this hardware. > > The challenge facing new Qubes users is getting Qubes installed to the > point where they can bring the kernel up to current. > > More details: > https://groups.google.com/forum/#!msg/qubes-users/Eq2zZU5yXEs/qs94AX1uAAAJ tks for your post alot of users have this issue. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ff0036e7-ef42-4516-a9fd-b580bb81b57e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Breakthrough! Successful installation v3.2 on MSI Intel i7 7th gen, HD 630 graphics; has boot issue
On Saturday, June 17, 2017 at 10:12:37 PM UTC-4, motech man wrote: > BTW, here is one of the many articles I've read about UEFI published by the > Linux Foundation: > https://www.linuxfoundation.org/sites/lfcorp/files/lf_uefi_secure_boot_open_platforms.pdf > > > It set me straight regarding exactly how Secure Boot was intended to function > and dispelled my perspective it was Microsoft who tainted it's design to make > it difficult to boot alternate Op Systems. > > I'll grant you that achieving a truly secure boot process is a more > complicated process than previous approaches, but the blame for most > difficulties lies more with BIOS vendors than Microsoft, their strong-arm > tactics not withstanding. > > Another factor is lack of a certification process or testing procedures which > I mentioned above. > > Certification can be a bad thing as well, as that could become a point of > control that limits practical use only to those who can pay a fee. If the fee > is too high it would be exclusionary and possibly prohibitive to smaller open > source projects. > > I hope that the next release of Qubes will endeavor to fully utilize Secure > Boot and thus improve it's integrity and ease installation. Of course given > the variability of UEFI implementations it may prove to be too exclusionary > to certain hardware manufacturers. > > I don't see Qubes as overly concerned about that however, as even without > Secure Boot it has rather specific hardware requirements as it is. Richard Stallman admits now that secure boot is ok to use for security purposes, and has for some time now, because its "failed its intended purpose"... So I still dont' see why even fsf people hesitant about it. Maybe microsoft never even had no intended purposes who knows, who cares. I still dont' trust them cause of how they pushed and using win10. But I do hope also Qubes use secure boot in the future. To me its too silly not to. And I keep saying it ont he forums. But unless you just want Qubes for experimentation of cool tech. Dual booting even with detachable hdd's undermines qubes security by alot imo. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cc9e217a-bab7-4677-a96d-f753829bb773%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Xen high CPU usage, but nothing is running in the VM
On Saturday, June 17, 2017 at 6:41:00 AM UTC-4, lok...@gmail.com wrote: > On Saturday, 17 June 2017 18:35:39 UTC+8, Vít Šesták wrote: > > What CPU usage does Qubes Manager show? I guess is shows low CPU usage. > > > > Do you see any other symptoms of high CPU usage like heat or fan activity? > > > > I guess the Xen just allocates some CPU time for some VMs, but the time is > > not > > used. As a result, xentop seems to overestimate actual CPU usage. > > I've restarted the offending VM's now, so I can't test anymore. > > The fan was blowing at maximum speed (which is why I looked into this in the > first place) so there was definitely something happening. > > The VM that was running with the most CPU usage according to xentop (150% or > so) had been used to run an Atari ST emulator (which uses lots of CPU). > However, the emulator had been killed and the machine left idle while I was > off doing other things for at least 30 minutes. It was when I came back to > the computer that I noticed that the fan was blowing and that's when I > noticed the problem. ya man I wouldn't just restart them I'd delete them and recreate them. I don't think I notice this happening on my machine. I have noticed that xentop shows cpu more accurately though then qubes manager in the past. it will show cpu usage qubes manager doesn't show. But I would still see something happening qubes manager at least. And I don't notice anything weird on idle vms. But I always shut down more trusted ones that have net access just in case they get attacked form other vms. I have noticed, when first started using qubes, that sometimes when an appvm is open it will check for updates. Or that updates won't be checked until you open up an appvm that use that template, but I don't know if thats changed since earlier Qubes versions. I never dug into what process, just correlated the cpu activity with the network activity that would go at the same time on sys-net. Its too hard for me to monitor so many vms on a polylithic system like Qubes. So at first sign of anomaly I just delete the vm so much easier. I mean unless I was experimenting I really don't give a crap whats causing something at this point in my life. Possible malicious? ok wipe it. Qubes makes it easy. If it keeps happening then you need to find out whats going on. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/da253983-1081-4c88-a738-ddbc93345488%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Breakthrough! Successful installation v3.2 on MSI Intel i7 7th gen, HD 630 graphics; has boot issue
BTW, here is one of the many articles I've read about UEFI published by the Linux Foundation: https://www.linuxfoundation.org/sites/lfcorp/files/lf_uefi_secure_boot_open_platforms.pdf It set me straight regarding exactly how Secure Boot was intended to function and dispelled my perspective it was Microsoft who tainted it's design to make it difficult to boot alternate Op Systems. I'll grant you that achieving a truly secure boot process is a more complicated process than previous approaches, but the blame for most difficulties lies more with BIOS vendors than Microsoft, their strong-arm tactics not withstanding. Another factor is lack of a certification process or testing procedures which I mentioned above. Certification can be a bad thing as well, as that could become a point of control that limits practical use only to those who can pay a fee. If the fee is too high it would be exclusionary and possibly prohibitive to smaller open source projects. I hope that the next release of Qubes will endeavor to fully utilize Secure Boot and thus improve it's integrity and ease installation. Of course given the variability of UEFI implementations it may prove to be too exclusionary to certain hardware manufacturers. I don't see Qubes as overly concerned about that however, as even without Secure Boot it has rather specific hardware requirements as it is. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/357eb842-c401-4275-9eb4-daca1da3d935%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On 06/17/2017 08:34 AM, cooloutac wrote: The kabylake systems seems not to be that well supported on linux yet. Maybe someone who has had success with one can help. I have a Kaby Lake (i7-7500U) and Qubes works great (*). The qualifier on that is: "once installed, and the kernel is upgraded". The main issue, at least for me, is that the version of the kernel that comes with the Qubes R3.2 installation ISO is "too old", i.e. it does not support the latest hardware. This is not a criticism of Qubes, just a reflection of the nature of the relationship between linux and hardware support. But it's important to clarify that current linux kernels do have support for this hardware. The challenge facing new Qubes users is getting Qubes installed to the point where they can bring the kernel up to current. More details: https://groups.google.com/forum/#!msg/qubes-users/Eq2zZU5yXEs/qs94AX1uAAAJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ba89be76-b67a-a7c1-39ab-a3e17aa22b62%40zoho.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Weird graphical error on a i5 2500k integrated graphics
On June 17, 2017 10:19:40 PM GMT+02:00, Hugo Costa wrote: >Sorry for taking so long to answer, I tested that today, my results >were: > >1 - changing the cable had no effect. I used both another VGA cable as >well >as an HDMI cable, the result was the same. I swapped the cables and the >issue moved to the other monitor, as expected >2 - yes, I always did the testing with the cables tightned >3 - I forgot this test, I'll try it again tomorrow >4 - No, both on the BIOS and on other OSes (such as Linux Mint and >Win10), >it all works fine, I'm sure it's something to do with the integrated >graphics compatibility with qubes :( > >Thanks for taking the time! > Since other OSes work well, it sounds like a driver issue. Since some other Linux distribution works well and this issue does not seem to be a common QubesOS issue (I don't remember any other occurrence of it on this mailinglist), I guess it is related to driver version. I suggest trying to update kernel to version from qubes-dom0-current-testing. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6057f4df-2110-4965-aa02-bba7f0e219f6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Request for feedback: 4.9 Kernel
On Friday, June 16, 2017 at 11:02:48 AM UTC-5, Vít Šesták wrote: > Not using i915 driver on new CPU is my experience with i7-7500U (Intel HD > graphics 620). But Haswell is not so new and I believe even Skylakes should > be covered by i915.preliminary_hw_support=1. > > Regards, > Vít Šesták 'v6ak' I have a kabi-xxx??? cpu 7700 4.2GHz system with a 4.4 kernel. It uses the i915 driver with the Intel HD 630 mobo graphics. I'g going to recompile the kernel after I get more familiar with Qubes. I just got it installed for the first time only a couple of hours ago. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e5ada59b-74f6-4fa7-944b-1d02dc0667f6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes installation hangs at 717/930
On Thursday, June 15, 2017 at 6:47:30 PM UTC-5, interest...@gmail.com wrote: > I have an ASUS computer, GTX 970M and an i7-6700, 8 GB RAM. Installation > stops at 717/930 at installing some qubes-salts-mgmt (something along those > lines). The circle keeps spinning, which indicates it is being installed, but > it gets stuck there for a long time and just won't continue. I have Qubes > installed and running on my HP desktop so I decided to try it on my ASUS > laptop, and when I installed it on my desktop it did not hang at any > particular step for more than a few minutes. > > I tried googling the issue and read that it could be that Qubes takes a > fairly long time to install on certain hardware but the reason I don't want > to leave my computer on for too long during the installation process is > because the fan is really loud, even though my computer doesn't get warm or > anything. > > Any idea what it could be and how I can go about resolving the issue? Check my topic "Great Difficulties... 7th gen. i7". I noticed it took a very long time near the same spot, and there was no drive led activity or movement of the progress bar. 4 - 8 minutes. I was emailing a friend and when I looked up the installation was finally successfully completed. May not be the same issue you're seeing but my suggestion is to be patient and give it more time. If no progress is made after 30 minutes I'd say you either have a very slow machine or something else is going on. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0400de90-14e2-40d2-b45a-88217cf72527%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Breakthrough! Successful installation v3.2 on MSI Intel i7 7th gen, HD 630 graphics; has boot issue
> I still don't understand why you can't boot on legacy mode. only diff I see > my bios has 3 options. uefi, uefi+legacy, or legacy only. I use legacy > only but I don't see why it should make a diff. > > I don't bother with uefi cause secure boot aint used. I'm not sure why else > one would need it? The main reason is b/c legacy booting does not work well with GPT partitioned drives. Besides, GPT partitioning is a newer and superior scheme, with far fewer limitations. Same is true of UEFI although it's currently a PITA primarily b/c there is no certification process or adequate test procedures to normalize its' implementation across manufacturers. After reviewing the troubleshooting page I used the efi shell to make a copy of /EFI/qubes on /EFI/BOOT and renamed the xen.efi & xen.cfg and the system boots Qubes off the SSd directly now. I couldn't resolve the encryption passphrase issue so I ran thru the installation a second time without encrypting the drives after using the GParted DVD to remove the encrypted partitions. I want to encrypt the filesystems but not yet sure how to do that with the (apparently) buggy installer that doesn't save the passphrase. I need to run through another installation again and confirm the behavior before claiming definitively the encryption passphrase is incorrectly handled. > Another guy in another thread has similar issue to you. Are you also using > another os on a diff drive and swapping? No, this is a brand spanking new machine and Qubes is now the only OS installed. But since you mentioned swap, I noticed there is a swap entry in /etc/fstab despite specifically not setting one. The installer even warned me about it. I don't think it's good for the life of the SSD to use it for swap. Also unfamiliar with the scheme Qubes uses for swap. I decided to leave it as Qubes set it up for now. >maybe your bios gets confused. Or maybe its just the partitioning? The >installer should be able to partition your drive for you. I have most bios >features off. like fast boot off top of my head. I have to double check my >controller hand offs but I believe I have those off too. These new mobos >certainly have alot of usb options worth double checking. I have it set to >other os, secure boot and everything else off. > > I have no more suggestions for you so hopefully someone else can chime in. Appreciate your reply, but aside from the encryption passphrase issue I think I've crossed the main hurdles. The rest is just getting familiar with how Qubes does things. The friend of mine who tuned me onto Qubes said he was limited to a single resolution of 800x600 and had to recompile a new kernel to provide more choices. I am limited to a single resolution of 1024x768 so I will probably need to do the same thing. He mentioned it involved a few more steps to do that than on a typical Linux system but nothing too difficult. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0c2c4fa1-da69-423f-be35-3cec48cf52e1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] “Convert to Trusted PDF” protocol, & Backup VMs, which typically?
Permit me to ask two questions? 1) I was reading this - https://security.stackexchange.com/questions/151300/what-is-the-safest-way-to-deal-with-loads-of-incoming-pdf-files-some-of-which-c (Credits: Micah Lee) What's that “Convert to Trusted PDF” you were talking about? Let's say you found an interesting document, and let's say that you had an offline virtual machine specifically dedicated for storing and opening documents. Of course, you can directly send that document to that VM, but there could still be a chance that this document is malicious and may try for instance to delete all of your files (a behavior that you wouldn't notice in the short-lived DisposableVM). But you can also convert it into what's called a ‘Trusted PDF’. You send the file to a different VM, then you open the file manager, navigate to the directory of the file, right-click and choose “Convert to Trusted PDF”, and then send the file back to the VM where you collect your documents. But what does it exactly do? The “Convert to Trusted PDF” tool creates a new DisposableVM, puts the file there, and then transform it via a parser (that runs in the DisposableVM) that basically takes the RGB value of each pixel and leaves anything else. It's a bit like opening the PDF in an isolated environment and then ‘screenshoting it’ if you will. The file obviously gets much bigger, if I recall it transformed when I tested a 10Mb PDF into a 400Mb one. You can get much more details on that in this blogpost by security researcher and Qubes OS creator Joanna Rutkowska. [https://theinvisiblethings.blogspot.nl/2013/02/converting-untrusted-pdfs-into-trusted.html] -- Upon reading it on the suggested sequence of opening random/all PDFs, maybe , people vary their sequence. It sounds like in say my Whonix Anon-appvm , I d/l a PDF, is it then suggested I copy this PDF to a , what, PDF dedicated AppVM 1st, Before doing a “Convert to Trusted PDF” on the PDF file ? This would add a step to the much faster, just “Convert to Trusted PDF” from the actual Anon-Whonix AppVM 2) Do folks typically backup their Template VMs ? as I noticed they aren't set up by default to backup ? and/or what is the thinking behind backing up various VMs ? I guess the ones that have been the most modified eg the AppVMs ? I have 1 very large 20 gigabyte VM with old videos/pictures on it, do I back that one up ? for example? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5d7631b1-9885-ec62-abe9-4ee4c20f82a6%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Xen high CPU usage, but nothing is running in the VM
Interesting, I'd expect kswapd to be capable of performing I/O berserk, nou CPU berserk. The only CPU-intensive part should be dm-crypt, but it runs in dom0, not in standard AppVMs (unless you adjust it accordingly). Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/24c949e5-6ddc-4dc5-a707-e35dadd6df90%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Xen high CPU usage, but nothing is running in the VM
On 06/17/2017 06:40 AM, loke...@gmail.com wrote: I've restarted the offending VM's now, so I can't test anymore. The fan was blowing at maximum speed (which is why I looked into this in the first place) so there was definitely something happening. The VM that was running with the most CPU usage according to xentop (150% or so) had been used to run an Atari ST emulator (which uses lots of CPU). However, the emulator had been killed and the machine left idle while I was off doing other things for at least 30 minutes. It was when I came back to the computer that I noticed that the fan was blowing and that's when I noticed the problem. This happens to me sometimes on the current Xen/Linux versions. When I look at top in the offending VM its 'kswapd' that has gone berserk. -- Chris Laprise, tas...@openmailbox.org https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/020ac419-ce1e-49cd-52d6-6d95118a64ac%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Keyboard input going into dom0 but not into vms
On 06/17/2017 11:02 AM, carr...@gmail.com wrote: The keyboard input shows up in dom0 but not into any of the vms. Mouse input still works for dom0 and the vms. My keyboard input was initially working. It just stopped working while I was browsing the internet and building the qubes-builder iso. My hardware might be compromised. Is there a way to confirm without a doubt? What happens when you grab a console from dom0... $ sudo xl console vmname -- Chris Laprise, tas...@openmailbox.org https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/79ebe146-4b76-9d96-b751-f9021b20373c%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Virtualization in the cloud
On 06/17/2017 10:04 AM, iamrootyr...@gmail.com wrote: I was just wondering. Is it possible to get a VM on Google Cloud Compute (for e.g.) and be able to mitigate the security issues caused by not being the owner of the metal/hypervisor. If, say, you run an https enabled apache instance, the ease of creation/setup, ability to later scale and redundancy are all nice. But Google have access to your ssl key contained within the virtual drive. You could use LUKS with full system encryption but I'm not sure this helps. They could snapshot a running instance (post LUKS pw challenge) and respin the VM in that state. They could also modify the hypervisor to add a keylogger to the virtualised keyboard input interface to capture the LUKS password. They could also simply lift the key from the VM's RAM (Evil Maid in the cloud?). So the real question is .. could Qubes run in an AWS/Azure/Google instance and it's assumptions of everything being permanently comprimised withstand even the hypervisor being untrustworthy? Or do you have to ultimately not only trust the hypervisor but also be the owner of it and the hardware? Is there ANY way to maintain security in the cloud or if you care about security should you simply avoid cloud-hosting altogether and do it in-house? Lots of people seem to do it, maybe they've just accepted the risk. Normally, ownership = control over whichever keys are used by the CPU. Something called Intel SGX could change that: http://theinvisiblethings.blogspot.com/2013/08/thoughts-on-intels-upcoming-software.html Note, this is a desktop PC-focused list so is not the best place to ask about the dynamics of server/cloud security. -- Chris Laprise, tas...@openmailbox.org https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/887ebfd6-7023-46d3-dc56-56d3ce5bfe9a%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes installation hangs at 717/930
On Thursday, June 15, 2017 at 7:47:30 PM UTC-4, interest...@gmail.com wrote: > I have an ASUS computer, GTX 970M and an i7-6700, 8 GB RAM. Installation > stops at 717/930 at installing some qubes-salts-mgmt (something along those > lines). The circle keeps spinning, which indicates it is being installed, but > it gets stuck there for a long time and just won't continue. I have Qubes > installed and running on my HP desktop so I decided to try it on my ASUS > laptop, and when I installed it on my desktop it did not hang at any > particular step for more than a few minutes. > > I tried googling the issue and read that it could be that Qubes takes a > fairly long time to install on certain hardware but the reason I don't want > to leave my computer on for too long during the installation process is > because the fan is really loud, even though my computer doesn't get warm or > anything. > > Any idea what it could be and how I can go about resolving the issue? you sure its not overheating? did you format the drive? try a diff iso? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b4e3767a-0820-4896-865a-bd74496a3db6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] certified laptop delivery to Russia
On Thursday, June 15, 2017 at 12:31:39 PM UTC-4, Oleg Artemiev wrote: > On Thursday, June 15, 2017 at 5:43:42 PM UTC+3, Oleg Artemiev wrote: > > On Wed, Jun 14, 2017 at 9:34 AM, Alex wrote: > > > On 06/13/2017 10:00 PM, Oleg Artemiev wrote: > > >> Has anyone sent the Qubes certified laptop to Russia? > > >> Are there any delivery or customs issues that Russian citizen should > > >> be aware of? > > >> > > >> How do I check that US vendor hasn't passed implant into device? > > > It's long been a bad idea in general buying computers that are meant to > > > have any appreciable level of security and have them shipped by mail > > > delivery... > > I've spent some time to defend idea that I'll get qubes certified > > laptop paid by my organisation. > > Are there any ideas for anonymouse delivery? I am okay to pay for that. > > > > > And you are planning to buy something from the United States of America > > > (known for the very problem you are asking about), > > No idea how to get that laptop in any other relatively secure way. > > It is shipped worldwide but > > > > > have it delivered to > > > the Russian Federation (not a very believable defender of citizen > > > privacy), > > Yep. This is my second motherland since USSR has been killed by gorby & > > company. > > > > > and believe it will arrive safe and secure? > > The vendor should provide some security check algorithm I guess.. > > I beleave in Qubes. I beleave Qubes team. > > Could anyone from Qubes team buy such a certified laptop for me and > > make delilvery using my money? > > The company I currently work with is okay with any delivery method I choose. > > > > The url with paper for qubes certified laptop delivery: > > https://arstechnica.com/gadgets/2015/12/qubes-os-will-ship-pre-installed-on-purisms-security-focused-librem-13-laptop/ > > How can I check for "hardware implant free" state of delivered laptop? > > I'd reinstall Qubes so software implants are out of this discussion. > > > > > Mmmm... I would not try that :/ > > Does anyone know any tor covered anonymous delivery service? > > The question with tor initiated anonymous delivery is reputation. > > Laptop costs about 2k$. > > > > > And I'm sorry, but apart from suspicion I can't really give you any > > > actual advice :( best of luck for your next laptop > > I know that there's no laptop store that sells that laptops in Russia. > > I also know that Qubes QA team should not be bothered by bugreports > > from non-certified hardware . > > > > So better I should buy a laptop from compatible but not certified list? > > > > It looks like buying Qubes certified laptop via any well known to me > > american citizen could be better idea. > > > > But laptop would be delivered cross-customs anyway.. > > > > Is there a US law restriction for delivery of librem13 or librem 15 to > > Russia ? I guess not or not yet. At least their buying form has > > Russian Federation in destination country list ) > > > > https://www.crowdsupply.com/purism/librem-15 > > https://www.crowdsupply.com/purism/librem-13 > > > > As I guess librem-15 is the same, but not yet certified? The Qubes > > ceritified list has only librem-13 . > > Also "Aside from compatibility, we do not believe that it should be > > considered any safer than other laptops." is inside the notice on > > qubes web https://www.qubes-os.org/doc/hardware/#qubes-certified-laptops > > . > > > > I'm okay to order delivery of parts and pay someone to build librem-15 > > from delivered parts or just do that myself. > > > > Anyway where should I reed vendor instruction on "how to check the > > delivered laptop for hardware implants"? > > > > BTW: I love their claims: https://www.crowdsupply.com/about#user-rights > > > > I don't think that my person is that important to merit goverment > > backdoor from US or Russian Federation. > > Though since that is just possible I should have exact rules how to > > check hardware after delivery. > > > > -- > > Bye.Olli. > > gpg --search-keys grey_olli , use key w/ fingerprint below: > > Key fingerprint = 9901 6808 768C 8B89 544C 9BE0 49F9 5A46 2B98 147E > > Blog keys (the blog is mostly in Russian): > > http://grey-olli.livejournal.com/tag/ > > I'm sorry for Russian - no unofficial russian speakers mailing list > yet (except telegram group), > but that is really funny, please google translate this or just ignore: > > [ cut from our company #security chat ] > Олег Артемьев > https://groups.google.com/forum/#!topic/qubes-users/k_WPyUAkW_U > обсуждение параноиков стоит ли покупать в магазине ноутбук с security фичами. > А вдруг там предусмотрено энэсэй в комплекте с ноутом. > А вдруг по дороге деливери сервис с карманами полными имплантов ) (edited) > > В студию приглашаются призраки Сноудена и Ассанжа ) > > [19:07] > ладно.. как самый неуловимый и нафик не нужный Джо я переживу h/w > госзакладку - лишь бы [our company name] приобрела ноут с qubes > compatible характеристиками по vt-d и vt-x . ; ) > [ end of our comp
[qubes-users] Re: Breakthrough! Successful installation v3.2 on MSI Intel i7 7th gen, HD 630 graphics; has boot issue
On Saturday, June 17, 2017 at 3:06:21 PM UTC-4, motech man wrote: > I made a breakthrough this morning after reading the "Support for EFI" thread > 794, where one guy said he was able to successfully install by invocation of > xen.efi directly from a shell. > > When I used the efi shell override I was able to launch the xen.efi with: > > fs0: > cd EFI\BOOT > xen.efi placeholder qubes > > I made sure the BIOS boot mode was UEFI and not EFI+Legacy, and I booted from > the USB key. > > I previously partitioned the SSD using a GParted Live CD and I could see all > of those partitions. However I elected to delete them all and let Qubes > "autopart" the drive instead. > > The installation was generally straightforward. There was a very long pause > when the progress bar reached 790 out of 900ish, but it finally completed and > gave me the Successfully Installed message. > > I have 2 drives but I was only asked for a passphrase once that I recall. If > I was asked for one a second time I used the same value, that I'm absolutely > positive of. > > I still have 2 major hurdles to resolve: > > 1) The system will not boot Qubes automatically, I must use the efi shell > override to boot off the SSD. > > 2) Once booted I get the gray screen with a Q in the middle, and a prompt for > a disk password. It doesn't accept the passphrase I was asked for during > installation. > > If I hit the ESC key it switches to text mode and asks for a password / > phrase for each drive. Entering the same value I provided during installation > doesn't work, and suggests to use systemctl with a very long arg. > > At first I thought #1 was caused by not providing a hard disk boot option, > but after adding it as the only option I am directed to setup. > > I noticed that there are 2 devices that seem to point to the same EFI > partition. Only 1 will start the OS using: > > fs0: > cd \EFI\Qubes > xen.efi > > I used no args. I presume it gets the details from the xen.cfg file. > > So here I am at the next hurdle to overcome. Time to google again, and should > I not find any help from that will try: > Re: Great difficulty > 1) Using recovery/rescue option of installer > 2) Going through installation once more > > Any and all suggestions welcome. I still don't understand why you can't boot on legacy mode. only diff I see my bios has 3 options. uefi, uefi+legacy, or legacy only. I use legacy only but I don't see why it should make a diff. I don't bother with uefi cause secure boot aint used. I'm not sure why else one would need it? Another guy in another thread has similar issue to you. Are you also using another os on a diff drive and swapping? maybe your bios gets confused. Or maybe its just the partitioning? The installer should be able to partition your drive for you. I have most bios features off. like fast boot off top of my head. I have to double check my controller hand offs but I believe I have those off too. These new mobos certainly have alot of usb options worth double checking. I have it set to other os, secure boot and everything else off. I have no more suggestions for you so hopefully someone else can chime in. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e30a6042-d8d8-4606-8209-eed08271e3ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On Saturday, June 17, 2017 at 10:07:15 AM UTC-4, motech man wrote: > On Saturday, June 17, 2017 at 8:34:29 AM UTC-5, cooloutac wrote: > > Qubes doesn't support secure boot so I would leave it off. I would look > > into bios settings for hdd also, sounds as if its not being recognized by > > the installer. Also usb settings. Like Put external boot on, check > > controller settings, put hdd in ahci mode, boot order, anything else. > > Falling back to text mode might be a graphics driver problem. You probably > > need a newer kernel. > > > > The kabylake systems seems not to be that well supported on linux yet. > > Maybe someone who has had success with one can help. > > Ok, thx for the reply. I've gone over the BIOS setting several times. The > last time I upped the video RAM to 500MB based on other posts but it had no > affect. > > I see a lot of people mention UEFI but I have not seen it explicitly stated > UEFI is not supported. Secure Boot is a subclass of UEFI. The fact the errors > mention keys when I have disabled secure boot is troubling and points to a > BIOS bug it seems to me. > > I am able to boot a GParted Live CD and partition the drives, which is based > on Debian linux, and that shows no signs of errors. I am going to try to > install linux Mint with UEFI just to see if I can without errors or what > errors I might get. > > I am disappointed its so difficult to install, but I was warned so no > surprises it is. No other linux distro I've used installs a xen hypervisor > either, so that is a major difference, plus this is bleeding edge hardware. good idea I should of suggested that. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f2bc2dba-9415-433c-bfae-ca5b47597b45%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: install Qubes 3.2 Stucked at "Starting Switch Root..."
On Saturday, June 17, 2017 at 3:33:17 PM UTC-4, cooloutac wrote: > On Tuesday, June 13, 2017 at 6:06:12 PM UTC-4, Paulo Marques wrote: > > In Fact when I went to the global settings in Qubes 3.2 Running in Virtual > > box AFTER I made an update either of Domm(o) and also of Fedora 23 (wich is > > the template that I'm using) it gives me a Kernel 4.4.67-12 (current) ... > > > > When I runned it from VMware Workstation in the beginning gives me a: > > Loading Kernel > > xen 4.6.1... > > Linux 4.4.14-11 popvs qubes x86_64 > > > > so It seems my image have an Linux 4.4.14-11 Kernel? what can I do? > > unfortunately I don't know, hopefully someone else can answer. it would > require building your own iso or using some kickstart file. I believe this > has been done before but I'm failing to find it searching the mailing list. > > Building your own iso is out of my expertise, but there is documentation on > the website. I believe a kickstart file would be easier if you can find the > discussion. what if you burn qubes on a dvd? is that possible for you? and instal legacy mode that way, won't helpt with graphics issue though. but then maybe you can actually install in text mode and get a tty later to install newer kernel. Swapping drives really isn't a solution man if the firmware of the mobo and other peripherals get infected your Qubes still at risk if another os being used on the machine regardless. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4b6554c5-6868-42b1-a4fd-209eb015ff63%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Virtualization in the cloud
I'm of the opinion that if "everybody's doing it" then it's probably best to take a different approach;. I don't trust or play around with the cloud, especially with a behemoth like Google. Color me paranoid. Sent with [ProtonMail](https://protonmail.com) Secure Email. Original Message Subject: [qubes-users] Virtualization in the cloud Local Time: June 17, 2017 2:04 PM UTC Time: June 17, 2017 2:04 PM From: iamrootyr...@gmail.com To: qubes-users I was just wondering. Is it possible to get a VM on Google Cloud Compute (for e.g.) and be able to mitigate the security issues caused by not being the owner of the metal/hypervisor. If, say, you run an https enabled apache instance, the ease of creation/setup, ability to later scale and redundancy are all nice. But Google have access to your ssl key contained within the virtual drive. You could use LUKS with full system encryption but I"m not sure this helps. They could snapshot a running instance (post LUKS pw challenge) and respin the VM in that state. They could also modify the hypervisor to add a keylogger to the virtualised keyboard input interface to capture the LUKS password. They could also simply lift the key from the VM"s RAM (Evil Maid in the cloud?). So the real question is .. could Qubes run in an AWS/Azure/Google instance and it"s assumptions of everything being permanently comprimised withstand even the hypervisor being untrustworthy? Or do you have to ultimately not only trust the hypervisor but also be the owner of it and the hardware? Is there ANY way to maintain security in the cloud or if you care about security should you simply avoid cloud-hosting altogether and do it in-house? Lots of people seem to do it, maybe they"ve just accepted the risk. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8f94ba97-cc72-44d6-a065-7171b707e00a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/_kHSBQKb9x7PnAuVK7BuZVO8vlu_bQgiRNo14axMllsIVcLAANsw8aVPj9_09CDiNPfAaS0BrxdkhJ0fqVjWb7Bo9Y6v1betHghk-U8ydJo%3D%40protonmail.ch. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: install Qubes 3.2 Stucked at "Starting Switch Root..."
On Tuesday, June 13, 2017 at 6:06:12 PM UTC-4, Paulo Marques wrote: > In Fact when I went to the global settings in Qubes 3.2 Running in Virtual > box AFTER I made an update either of Domm(o) and also of Fedora 23 (wich is > the template that I'm using) it gives me a Kernel 4.4.67-12 (current) ... > > When I runned it from VMware Workstation in the beginning gives me a: > Loading Kernel > xen 4.6.1... > Linux 4.4.14-11 popvs qubes x86_64 > > so It seems my image have an Linux 4.4.14-11 Kernel? what can I do? unfortunately I don't know, hopefully someone else can answer. it would require building your own iso or using some kickstart file. I believe this has been done before but I'm failing to find it searching the mailing list. Building your own iso is out of my expertise, but there is documentation on the website. I believe a kickstart file would be easier if you can find the discussion. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/65c71ac9-a947-4813-9ff9-b09f3e229381%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Breakthrough! Successful installation v3.2 on MSI Intel i7 7th gen, HD 630 graphics; has boot issue
I made a breakthrough this morning after reading the "Support for EFI" thread 794, where one guy said he was able to successfully install by invocation of xen.efi directly from a shell. When I used the efi shell override I was able to launch the xen.efi with: fs0: cd EFI\BOOT xen.efi placeholder qubes I made sure the BIOS boot mode was UEFI and not EFI+Legacy, and I booted from the USB key. I previously partitioned the SSD using a GParted Live CD and I could see all of those partitions. However I elected to delete them all and let Qubes "autopart" the drive instead. The installation was generally straightforward. There was a very long pause when the progress bar reached 790 out of 900ish, but it finally completed and gave me the Successfully Installed message. I have 2 drives but I was only asked for a passphrase once that I recall. If I was asked for one a second time I used the same value, that I'm absolutely positive of. I still have 2 major hurdles to resolve: 1) The system will not boot Qubes automatically, I must use the efi shell override to boot off the SSD. 2) Once booted I get the gray screen with a Q in the middle, and a prompt for a disk password. It doesn't accept the passphrase I was asked for during installation. If I hit the ESC key it switches to text mode and asks for a password / phrase for each drive. Entering the same value I provided during installation doesn't work, and suggests to use systemctl with a very long arg. At first I thought #1 was caused by not providing a hard disk boot option, but after adding it as the only option I am directed to setup. I noticed that there are 2 devices that seem to point to the same EFI partition. Only 1 will start the OS using: fs0: cd \EFI\Qubes xen.efi I used no args. I presume it gets the details from the xen.cfg file. So here I am at the next hurdle to overcome. Time to google again, and should I not find any help from that will try: Re: Great difficulty 1) Using recovery/rescue option of installer 2) Going through installation once more Any and all suggestions welcome. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a5786a4c-33db-4153-96b2-9361fb287462%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Terminalcomman Lockscreen
On Fri, Jun 09, 2017 at 08:16:21AM -0700, Finsh wrote: > i want to create a shortcut with the windows-key to lock my screen, > but therefore i guess i would have to know the terminal-command to > lock the screen, which i dont know? is there a "library" ore something > like that to search for the commands? If you're just looking for a quick way to lock your screen, take a look at slock[0] or i3lock[1]. [0] http://tools.suckless.org/slock/ [1] https://i3wm.org/i3lock/ No dependencies, no xscreensaver required. -- noor |_|O|_| |_|_|O| Noor Christensen |O|O|O| n...@fripost.org ~ 0x401DA1E0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170617184438.g5llvhlazude26zc%40mail.local. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature
[qubes-users] nextcloud installation of appimage
Hello, Wondering if anyone has any experience with installing the NextCloud appimage client? Installing it into an AppVM works, but then when I start it up again, the client is asking me for the password again that I had already given it when I authorized this device to my Nextcloud in the "Apps Password" section. Thank You! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/be82c824-2ae6-4877-bd1a-667165130ef7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Keyboard input going into dom0 but not into vms
The keyboard input shows up in dom0 but not into any of the vms. Mouse input still works for dom0 and the vms. My keyboard input was initially working. It just stopped working while I was browsing the internet and building the qubes-builder iso. My hardware might be compromised. Is there a way to confirm without a doubt? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0bdad97f-2a2c-4751-a796-2baa78ad7b32%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Keyboard input going into dom0 but not into vms
I am able to type input(from my keyboard) into dom0 but when I try to type something into the any of the vms, nothing happens. My mouse still works for both the dom0 and the vms. My keyboard input was initially working. I wasn't doing anything in particular that would cause the keyboard to stop working(99% sure). My hardware might be compromised. How do I confirm without a doubt that my hardware is compromised? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3d6120fb-e2f4-43bb-bc96-4e83e4fd32ff%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] accessing nfts secondary harddrive in qube
On Friday, June 16, 2017 at 6:24:55 PM UTC-4, Unman wrote: > On Fri, Jun 16, 2017 at 10:02:27AM -0700, carr...@gmail.com wrote: > > I mounted a secondary hard drive to my qube using the "qvm-block" cmd and > > it shows up in the file explorer. When I double click it, nothing happens > > and don't have permissions to access it via the terminal. What else do I > > need to do to access my drive? > > > > This really isn't a Qubes problem, and is solvable with a quick search. > You most likely need to install ntfs-3g and associated packages - for > Debian look at wiki.debian.org/NTFS > > The only Qubes specific thing here is that you will want to install the > drivers in the template on which your qube is based. I checked and ntfs-3g is installed. Fedora comes with them out of the box. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e36e10e4-8b8c-4faa-824e-df30c7e01817%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Not enough memory to start VM
Den lördag 17 juni 2017 kl. 13:58:21 UTC+2 skrev Nikolai Stenfors: > Den lördag 17 juni 2017 kl. 12:52:23 UTC+2 skrev lok...@gmail.com: > > On Saturday, 17 June 2017 18:38:10 UTC+8, Nikolai Stenfors wrote: > > > Hello Qubes-users, > > > > > > I've made a fresh standard installation of Qubes OS on a Lenovo SL510 with > > > 220 GB memory. A reclaimed all disk memory during the installation to > > > whipe > > > out my previous Debian installation. > > > However, whatever I do, for instance open firefox on my personal VM, I get > > > the message "Not enough memory to start VM. Close on or more running > > > VMs" > > > > Your computer doesn't have 220 GB of memory. You have 220 GB of disk space. > > Assuming your computer is the Lenovo X220, you probably only have 4 GB of > > memory in this machine, as this was the amount the machine was sold with > > back when it came out. > > > > Unfortunately, 4 GB will not get you very far with Qubes. You can do wotk > > with 8, but you really need 16. > > > > > Could somebody give my some step-by-step instructions on how to solve my > > > problem? > > > > I've googled a bit, and it seems as though the X220 supports up to 16 GB, > > so the solution for you is to buy a memory upgrade. It should be reasonably > > cheap. > > OK, my mistake... > But "free -ht" gives: > mem 1.2G (119M free) > swap 9.4G (9,4G free) > > /N ... and I assume the large swap is not of any use. /N -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3771bee0-50a4-44e5-9dc6-d5d9781965c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On Saturday, June 17, 2017 at 9:07:15 AM UTC-5, motech man wrote: > On Saturday, June 17, 2017 at 8:34:29 AM UTC-5, cooloutac wrote: > > Qubes doesn't support secure boot so I would leave it off. I would look > > into bios settings for hdd also, sounds as if its not being recognized by > > the installer. Also usb settings. Like Put external boot on, check > > controller settings, put hdd in ahci mode, boot order, anything else. > > Falling back to text mode might be a graphics driver problem. You probably > > need a newer kernel. > > > > The kabylake systems seems not to be that well supported on linux yet. > > Maybe someone who has had success with one can help. > > Ok, thx for the reply. I've gone over the BIOS setting several times. The > last time I upped the video RAM to 500MB based on other posts but it had no > affect. > > I see a lot of people mention UEFI but I have not seen it explicitly stated > UEFI is not supported. Secure Boot is a subclass of UEFI. The fact the errors > mention keys when I have disabled secure boot is troubling and points to a > BIOS bug it seems to me. > > I am able to boot a GParted Live CD and partition the drives, which is based > on Debian linux, and that shows no signs of errors. I am going to try to > install linux Mint with UEFI just to see if I can without errors or what > errors I might get. > > I am disappointed its so difficult to install, but I was warned so no > surprises it is. No other linux distro I've used installs a xen hypervisor > either, so that is a major difference, plus this is bleeding edge hardware. The GParted starts X Windows with default settings too. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3ffd92f7-6de6-45cd-a436-bb3c0e1cd36c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
On Saturday, June 17, 2017 at 8:34:29 AM UTC-5, cooloutac wrote: > Qubes doesn't support secure boot so I would leave it off. I would look > into bios settings for hdd also, sounds as if its not being recognized by the > installer. Also usb settings. Like Put external boot on, check controller > settings, put hdd in ahci mode, boot order, anything else. Falling back to > text mode might be a graphics driver problem. You probably need a newer > kernel. > > The kabylake systems seems not to be that well supported on linux yet. Maybe > someone who has had success with one can help. Ok, thx for the reply. I've gone over the BIOS setting several times. The last time I upped the video RAM to 500MB based on other posts but it had no affect. I see a lot of people mention UEFI but I have not seen it explicitly stated UEFI is not supported. Secure Boot is a subclass of UEFI. The fact the errors mention keys when I have disabled secure boot is troubling and points to a BIOS bug it seems to me. I am able to boot a GParted Live CD and partition the drives, which is based on Debian linux, and that shows no signs of errors. I am going to try to install linux Mint with UEFI just to see if I can without errors or what errors I might get. I am disappointed its so difficult to install, but I was warned so no surprises it is. No other linux distro I've used installs a xen hypervisor either, so that is a major difference, plus this is bleeding edge hardware. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/381e9fae-cd25-4fae-a755-9cfee001afdb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Virtualization in the cloud
I was just wondering. Is it possible to get a VM on Google Cloud Compute (for e.g.) and be able to mitigate the security issues caused by not being the owner of the metal/hypervisor. If, say, you run an https enabled apache instance, the ease of creation/setup, ability to later scale and redundancy are all nice. But Google have access to your ssl key contained within the virtual drive. You could use LUKS with full system encryption but I'm not sure this helps. They could snapshot a running instance (post LUKS pw challenge) and respin the VM in that state. They could also modify the hypervisor to add a keylogger to the virtualised keyboard input interface to capture the LUKS password. They could also simply lift the key from the VM's RAM (Evil Maid in the cloud?). So the real question is .. could Qubes run in an AWS/Azure/Google instance and it's assumptions of everything being permanently comprimised withstand even the hypervisor being untrustworthy? Or do you have to ultimately not only trust the hypervisor but also be the owner of it and the hardware? Is there ANY way to maintain security in the cloud or if you care about security should you simply avoid cloud-hosting altogether and do it in-house? Lots of people seem to do it, maybe they've just accepted the risk. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8f94ba97-cc72-44d6-a065-7171b707e00a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: tools for "burning" bootable USB to install qubes
On Friday, June 16, 2017 at 6:13:56 PM UTC-4, Ray Rizzuto Jr wrote: > I was hoping to hear what is known to work, aside from Rufus. I'll probably > reinstall when the next version comes out and try a few other options. I > like etcher - used that on a Raspberry Pi project, so that will be my first > test. > > > On Fri, Jun 16, 2017 at 4:40 PM motech man wrote: > On Wednesday, June 14, 2017 at 10:56:03 AM UTC-5, Raymond Rizzuto wrote: > > > Are their any other Windows tools aside from Rufus that can be used to > > successfully create a bootable USB drive for installing Qubes? I.e. > > Etcher, Unetbootin, YUMI, etc. > > > > > > The install manual mentions that "Be sure to select “DD image” mode (you > > need to do that after selecting the Qubes ISO)" when using Rufus. Is there > > an equivalent step if using other tools? > > > > You might try https://www.rmprepusb.com/ or https://unetbootin.github.io/ > > > > -- > > You received this message because you are subscribed to a topic in the Google > Groups "qubes-users" group. > > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/qubes-users/LXR8p9UFgQQ/unsubscribe. > > To unsubscribe from this group and all its topics, send an email to > qubes-users...@googlegroups.com. > > To post to this group, send email to qubes...@googlegroups.com. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/44733768-f8a4-4508-a7de-2c2f030838f6%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. I always use the one laszio linked on windows, rawrite32.exe. Its the one fedora website recommend. Pull the stick out immediately when done though. Dont' even eject, cause apparenlty windows puts files on there when mounted and then qubes will fail integrity check. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/56cb78b3-f305-4096-9d36-f8d038642d13%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Great difficulty installing Qubes OS 3.2 (current release) on MSI Intel i7 7th gen, HD 630 graphics
Qubes doesn't support secure boot so I would leave it off. I would look into bios settings for hdd also, sounds as if its not being recognized by the installer. Also usb settings. Like Put external boot on, check controller settings, put hdd in ahci mode, boot order, anything else. Falling back to text mode might be a graphics driver problem. You probably need a newer kernel. The kabylake systems seems not to be that well supported on linux yet. Maybe someone who has had success with one can help. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee7116bb-e03c-4c35-8c04-a06b1da761d3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bug in qubes-backup or tar?
The -i (--ignore-zeros) parameter is missing in the tar command. So it is. Thank you! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ40yazfL1A2mP%3D_M_%3DCh%2B_Pw2Km5H%3D9RiKFTuDSLDjhFYYTUw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Not enough memory to start VM
Den lördag 17 juni 2017 kl. 12:52:23 UTC+2 skrev lok...@gmail.com: > On Saturday, 17 June 2017 18:38:10 UTC+8, Nikolai Stenfors wrote: > > Hello Qubes-users, > > > > I've made a fresh standard installation of Qubes OS on a Lenovo SL510 with > > 220 GB memory. A reclaimed all disk memory during the installation to whipe > > out my previous Debian installation. > > However, whatever I do, for instance open firefox on my personal VM, I get > > the message "Not enough memory to start VM. Close on or more running > > VMs" > > Your computer doesn't have 220 GB of memory. You have 220 GB of disk space. > Assuming your computer is the Lenovo X220, you probably only have 4 GB of > memory in this machine, as this was the amount the machine was sold with back > when it came out. > > Unfortunately, 4 GB will not get you very far with Qubes. You can do wotk > with 8, but you really need 16. > > > Could somebody give my some step-by-step instructions on how to solve my > > problem? > > I've googled a bit, and it seems as though the X220 supports up to 16 GB, so > the solution for you is to buy a memory upgrade. It should be reasonably > cheap. OK, my mistake... But "free -ht" gives: mem 1.2G (119M free) swap 9.4G (9,4G free) /N -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/46a419da-1b0f-4361-9124-d8a5e0027aef%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bug in qubes-backup or tar?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 svenssona...@gmail.com: > Emergency recovery of backups as described in > https://www.qubes-os.org/doc/backup-emergency-restore-v3/ states > that tar should be able to unpack a qubes backup file. > > [...] > tar tvf bu/qubes-* > # Shows only backup-header, size 94 bytes, no other file. > # Extracting the tar file produces only backup-header. > # However, the tar file has size 563200 bytes. The -i (--ignore-zeros) parameter is missing in the tar command. Rusty -BEGIN PGP SIGNATURE- iQJ8BAEBCgBmBQJZRQv0XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEI1OUJDRkM2MkIxMjlGRTFCMDZEMDQ0 NjlENzhGNDdBQUYyQURGAAoJEEadePR6ryrfohgQAIra88HMA5feWJTII1Aodg53 yvNYaFHo8YR9RX3GlprYgMDjil8PMy0sHUNWYzN7rAkyqsuyJWzCEI0eeVKOVlK+ nvMbFCAg6259kXnpCcQwYbLvpoLR/IVAntAwMcEEXGPsREQhUoxu1U1Ou/hmgpJN xg4kUK/+mYebWvNfMBTYDgL+iqv9RMJBhXIctybsb/o0xBq2AmAciZEPZgPBgnBI 9CZDvJA1Zs5tTvW8WShir+JtLMRlOkuACVOJNy6pRzJVkuo3KkaG24GBx5qPXXHb 7NlbuLba7vZI3eF0ApJ20p2gM97ljVJEjBZ75xmbkpPCE9If3LrefEQ7heC0oihJ m9Y7Z26FN/wDFP2uEop5GLPcINqxr8WaChHLjosDJl+sGonAorrN3aXB5YpMxu9L RlUgXKb2d24RqET8QghG8q0JYhkwkJYy+HdA67CgrYLYNEMUiC72ZMQCg8bqJQis 1NzDWgmXbf9lBQH8IjLMGcGzGZKBDLyGF4u0ONYoQc8PMURit3K2zwhWFbdlpGa7 /h5q9qfiA2oA2N6ehZsHQ8waCbBGb5KrZEiEs9PPmvZ1zMCg0sIpKRdiYzHsP4B/ sdXW7n7SVaX31AXljOfIxWChpUP3GA0BMZugiZHaKrWwqqqZ0FSR5I8+xROveIHJ 9nt/w5KheaDFIpSYOUo2 =2C80 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170617110109.GA32654%40mutt. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Not enough memory to start VM
On Saturday, 17 June 2017 18:38:10 UTC+8, Nikolai Stenfors wrote: > Hello Qubes-users, > > I've made a fresh standard installation of Qubes OS on a Lenovo SL510 with > 220 GB memory. A reclaimed all disk memory during the installation to whipe > out my previous Debian installation. > However, whatever I do, for instance open firefox on my personal VM, I get > the message "Not enough memory to start VM. Close on or more running VMs" Your computer doesn't have 220 GB of memory. You have 220 GB of disk space. Assuming your computer is the Lenovo X220, you probably only have 4 GB of memory in this machine, as this was the amount the machine was sold with back when it came out. Unfortunately, 4 GB will not get you very far with Qubes. You can do wotk with 8, but you really need 16. > Could somebody give my some step-by-step instructions on how to solve my > problem? I've googled a bit, and it seems as though the X220 supports up to 16 GB, so the solution for you is to buy a memory upgrade. It should be reasonably cheap. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1d74e8c7-b07d-4594-9f65-18187b350453%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Bug in qubes-backup or tar?
On Saturday, June 17, 2017 at 11:36:29 AM UTC+2, Connor Page wrote: > qvm-backup has a different syntax and vms are excluded from rather than > included in a backup. Well, it also lists the VMS that are about to be backed up, for confirmation. The test-bu VM was listed, and no other VMs. Also, if the VM was not included in the backup, why is the backup file so much larger than what it supposedly contains? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a210aaa5-502d-4840-bf1f-ee49da129429%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Xen high CPU usage, but nothing is running in the VM
On Saturday, 17 June 2017 18:35:39 UTC+8, Vít Šesták wrote: > What CPU usage does Qubes Manager show? I guess is shows low CPU usage. > > Do you see any other symptoms of high CPU usage like heat or fan activity? > > I guess the Xen just allocates some CPU time for some VMs, but the time is not > used. As a result, xentop seems to overestimate actual CPU usage. I've restarted the offending VM's now, so I can't test anymore. The fan was blowing at maximum speed (which is why I looked into this in the first place) so there was definitely something happening. The VM that was running with the most CPU usage according to xentop (150% or so) had been used to run an Atari ST emulator (which uses lots of CPU). However, the emulator had been killed and the machine left idle while I was off doing other things for at least 30 minutes. It was when I came back to the computer that I noticed that the fan was blowing and that's when I noticed the problem. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a10f889e-9c51-460a-9615-58af1dd0c986%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Not enough memory to start VM
Hello Qubes-users, I've made a fresh standard installation of Qubes OS on a Lenovo SL510 with 220 GB memory. A reclaimed all disk memory during the installation to whipe out my previous Debian installation. However, whatever I do, for instance open firefox on my personal VM, I get the message "Not enough memory to start VM. Close on or more running VMs" Could somebody give my some step-by-step instructions on how to solve my problem? /N -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9e9181ff-1ad4-434b-bcfe-d7d584f76b50%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Xen high CPU usage, but nothing is running in the VM
What CPU usage does Qubes Manager show? I guess is shows low CPU usage. Do you see any other symptoms of high CPU usage like heat or fan activity? I guess the Xen just allocates some CPU time for some VMs, but the time is not used. As a result, xentop seems to overestimate actual CPU usage. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8ec64d6f-ecb4-44e9-892a-ac0b442e270d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Bug in qubes-backup or tar?
qvm-backup has a different syntax and vms are excluded from rather than included in a backup. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/90133a68-60e2-404a-b3f2-3f6d14415779%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Xen high CPU usage, but nothing is running in the VM
I noticed that my laptop fan was blowing more than usual, so I started ‘xentop’ in dom0 to see which VM was using CPU. I noticed two VM's were using 150% and abour 70% respectively (according to ‘xentop’ output). However, when running ‘top’ in the VM's themselves, I saw nothing using any CPU. That is what I would expect, as they were not running anything CPU-intensive at the time. Has anyone seen this before, and what can I do to diagnose this problem when/if it happens again? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/003254bd-a9fb-445c-809f-1c1cac1261f4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Bug in qubes-backup or tar?
Emergency recovery of backups as described in https://www.qubes-os.org/doc/backup-emergency-restore-v3/ states that tar should be able to unpack a qubes backup file. It seems that qvm-backup produces a corrupt tar file, or the included tar has a bug. It seems to include data, but only one file will show up in list or extract. My system is a recently updated 3.2. # To reproduce, run in dom0: qvm-create -t fedora-23 -l red test-bu qvm-start test-bu qvm-run test-bu 'echo "This text should be included in backup." > examplefile' qvm-run -p test-bu 'ls -l e*; cat examplefile' # Shows file and text qvm-run test-bu 'sudo shutdown 0' mkdir bu qvm-backup bu test-bu # Choose 'y', empty passphrase tar tvf bu/qubes-* # Shows only backup-header, size 94 bytes, no other file. # Extracting the tar file produces only backup-header. # However, the tar file has size 563200 bytes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9ba80c06-e1b1-4ba4-b222-e65cb9479211%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
