Re: [qubes-users] Re: Android-x86 7.1-r2 with GAPPS installation guide
I was able to run PrimeOS live, but I had exactly the same issue with installation. The explanation with /dev/xvdX sopunds plausible. Maybe it has a half support for Xen virtual devices – the kernel supports them (so they are not emulated like in Windows), but the installer has no idea about them… Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/026DBC86-D4A9-42D1-8CD5-AFBF8EE7BEB6%40v6ak.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Android-x86 7.1-r2 with GAPPS installation guide
W dniu środa, 27 lutego 2019 00:24:09 UTC+1 użytkownik 799 napisał: > Hello Yethal, > > > On Tue, 26 Feb 2019 at 00:08, Yethal wrote: > > >> Can't we just use a prebuilt image such as PrimeOS? > > > I downloaded PrimeOS and created a HVM but I am unable to choose a harddisk > from within the PrimeOS installer. > Even when my "primeos-Qubes" has a 20G root device: > > > PrimeOS keeps saying "Ok. There is no hard drive to edit partitions" when I > try to choose my harddrive during installation. > Have you tried to install PrimeOS within Qubes? > > > > - O Interesting. I did manage to install and run PrimeOS in VirtualBox on my non-Qubes box but on Qubes I ran into the same issue. It appears the PrimeOS installer searches for block devices under /dev/sdX whereas Qubes exposes them under /dev/xvdX -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fa89c2d4-fd7a-4c23-8806-7b40d911669f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: No Bootable Devices Found with /boot/efi/ Missing
'Rainier30' via qubes-users: So, the black screen isn't instantaneous. There is a little text that shows up for a second or two before it goes black. I changed the boot order setting so that only UEFI showed up. When I selected "UEFI: SanDisk", the following is the what appears: Xen 4.8.4 (c/s) EFI loader Using configuration file 'BOOTX64.cfg' vmlinuz: 0x41103000-0x416e2b20 initrd.img: 0x3fdad000-0x41102168 0x:0x00:0x1f.0x6: ROM 0x10400 bytes at 0x5044f018 OK [qubes-verbose] options=console=vga efi=attr=uc # noexitboot=1 # mapbs=1 kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 i915.alpha_support=1 ramdisk=initrd.img" Sadly, I don't understand that. I'm also a little confused about where to make these alterations. I understand how to get to a shell in Troubleshooting mode in the installer, but I could only get there in Legacy boot. Is this for somewhere else? Yes, I guess these steps aren't very detailed: "Attach the usb disk, mount the EFI partition (second partition available on the disk) Edit your xen config (xen.cfg/BOOTX64.cfg) changing the kernel key to add your kernel parameters on the boot entry of your choice" You want to edit the xen.cfg file directly on your Qubes install USB drive. You might be able to do it from Troubleshooting mode, but it could be easier if you had access to another computer running some type of GNU/Linux live boot/rescue and could edit it from there. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c07c98e3-fa4a-11bc-1b41-dbede4587ae3%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Weird dnf update command behavior on fedora-29 template
It started happening just today Executing sudo dnf update command on my fedora-29 template forcefully makes my sys-net start But thing is, I'm no longer using sys-net template as my net vm and this caused me to triple check my settings and my update VM is showed correctly as I had intended = a VM designed to securely process DNS queries that is attached to sys-firewall Despite this, the behavior continues, even if I kill and/or halt my fedora-29 template and I have no clue as to why this happens it's like something is forcing it to use sys-net in an attempt to get through my secure processing of DNS queries I also double checked that the template has no assigned net vm as intended according to how Qubes was designed and it's also set properly to 'none' It's absolutely persistent to the point that I ended up deleting my sys-net template and now the sudo dnf update command abruptly ends with "Error: Failed to synchronize cache for repo 'fedora-modular'" Can anyone help me with the logs to check/commands to use in diagnosing this problem properly? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/12e13d20-2841-4576-8ddb-a2db1a941008%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Android-x86 7.1-r2 with GAPPS installation guide
Hello awokd, >> [...] >> You might want just the 800x600 setting, and maybe not Cirrus... >> [...] I was able to change the resolution, so that the android AppVM can run on my lowres x230: On launch I added the follwing line to grub: video=800x600-32 Unfortunately I have to do this on each run, as I don't know how and if I can push those setting into the Android Qube. I tried to find something like /boot from within the Android AppVM using the Terminal Emulator, but I didn't succeed. So how can I update grub of the Android AppVM? - O -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2vW7kShiNW6gVuSrJPnFSBauGfAPXa12-G2a8-uQKXJuA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL - Lenovo Carbon X1 Gen 6 20KHCTO1WW
Everything was surprisingly smooth and easy. Thanks to BIOS and kernel upgrades, I didn't need to apply any patches to get suspend/restore working. I made the following adjustments: 1. Change BIOS sleep mode from Windows to Linux. 2. Remove the Thunderbolt 3 controller from the device list for the sys-usb Qube. 3. Followed the DPI scaling guide at https://github.com/Qubes-Community/Contents/blob/master/docs/customization/dpi-scaling.md to have sane-looking fonts and UI elements. I have the WQHD display, and found that setting the DPI to 192, while not precisely accurate, gave a good result. In VMs, a text-scaling-factor of 1.25 seems about right; scaling-factor appears to have no effect. I did NOT enable BIOS support for Thunderbolt 3 as recommended in some other HCL reports; doing so fixed the lockup-on-wake issue, but at the cost of disabling all USB devices. Leaving this disabled and removing the thunderbolt controller from the sys-usb device list fixes the issue and doesn't seem to affect USB support at all, as far as I can tell. The following peripherals are tested and functional: - USB - Keyboard, trackpad - Built-in microphone - Built-in camera - Sound output - Suspend and restore I haven't yet tested HDMI output, but based on other reports don't anticipate trouble. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAMpk%2BvAW36JtgLHzfBZzeor099cSkfeQwdao%3DgX3nZKJ8tUddQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-LENOVO-20KHCTO1WW-20190227-115635.cpio.gz Description: application/gzip Qubes-HCL-LENOVO-20KHCTO1WW-20190227-115635.yml Description: application/yaml
[qubes-users] Running Qubes on X230 with the FullHD Mod - someone tried this before?
Hello, for me the lenovo x230 is the perfect laptop to run qubes as it has a core i7, SSD, 16GB RAM, working LTE-WWAN and can be "coreboot'ed" and using the external slice battery pack it has a great battery runtime (even when running Qubes). The only problem I have is the low screen resolution from the stock display. Some people have mod'ed their x230 adding a Full HD Display, as described here: https://forum.thinkpads.com/viewtopic.php?t=122640 As this process involves some working I'd like to know if someone within the Qubes Community has tried this and how the success was when using the machine with Qubes. - O -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2ub%3DusASO53tOY3O-on6U5hA5wQNZCzDb18gYY%3DF-F3Nw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Problem buildung a fedora-29-minimal-based sys-usb AppVM
Hello, since the first days using Qubes I made notes how I setup my templates and AppVMs to able to rebuild my system from scratch if parts of it get compromised or if I migrate the system to other hardware. I have been able to rebuild all my Sys-VMs (sys-net / sys-firewall / sys-usb) from a fedora-26-minimal and fedora-28-minimal template but I am struggling to do the same from a fedora-29-minimal template: I am unable to get a working sys-usb AppVM. Steps to reproduce: #base template template=fedora-29-minimal #name of the new custom build template systemplate=t-fedora-29-sys #clone template qvm-clone $template $systemplate # update template qvm-run --auto --user root --pass-io --no-gui $systemplate 'dnf update -y' # install a missing package for fedora-29-minimal without it, gui-apps will not start qvm-run --auto --user root --pass-io --no-gui $systemplate 'dnf install -y e2fsprogs' # Install required packages for Sys-VMs qvm-run --auto --user root --pass-io --no-gui $systemplate \ 'dnf -y install qubes-core-agent-qrexec qubes-core-agent-systemd \ qubes-core-agent-networking polkit qubes-core-agent-network-manager \ notification-daemon qubes-core-agent-dom0-updates qubes-usb-proxy \ iwl6000g2a-firmware qubes-input-proxy-sender iproute iputils \ NetworkManager-openvpn NetworkManager-openvpn-gnome \ NetworkManager-wwan NetworkManager-wifi network-manager-applet' I use this new template as base for my sys-net and sys-firewall AppVms everything works, but sys-usb will not work as USB devices can't be mounted, even within the sys-usb VM. QUESTION: Any idea what I am missing, to get a sys-usb AppVM which is based on a custom build fedora-29-minimal based template? If I use the default (fat) fedora-29 AppVM from the Qubes Repository as Template for sys-usb, it is working fine. So it is possible to use fedora-29 for sys-usb, but it seems that I am missing some part to get it work when building a template from the ground up Uusing fedora-29-minimal as base template) - O -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2uT6Nxwmj%3DyM8KW277bYOmxbBryt6KmaiOhFbKU7xRPkw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Shrinking a private volume
Hello, I've migrated ~150gb of data into a Qubes Storage Qube. After cleaning up older files I have reduced the data to 100gb. Now I'd like to free the additional 50gb so that dom0 can use this capacity for other qubes. Unfortunately I found out that shrinking volumes is not possible according to the Qubes Docs: --- --- --- From: Qubes Docs > Resize Disk Image https://www.qubes-os.org/doc/resize-disk-image/ [...] ext4 and most other filesystems do not support online shrinking [...] 1. Create a new qube with smaller disk using Qube Manager or qvm-create 2. Move data to the new qube using qvm-copy, backup & restore, or OS utilities 3. Delete old qube using Qube Manager or qvm-remove --- --- --- As I have several files and subdirectories in the Storage Qubes, I can't run qvm-copy but as I don't have enough free space I am also unable to zip everything into one big file, qvm-copy this file to a new (smaller) storage qube and then delete the old qubes. Is there a better to shrink the volume or migrate the data to another Qube? Honestly I don't understand why it is not possible to shrink a volume as this is something which can done in linux. Does someone has an idea how to "reclaim" the free capacity from an AppVM? - O -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2tfyDKS9j3WoDCdeLapnbhzw0Z8j0tkHY7NTzbE6TzCtg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] between Qubes-tunnel and Qubes-vpn-support
Hello,Chris Laprise, I’ve been using qubes-tunnel for a few months now, and first tried with qubes-vpn-support, ,thank you for develop them and answered so many questions in a very clear manner, that helped a lot, I accumulated some questions along this time, now would like to understand both of them better, could you answer some of them while you are free, thank you. 1.Qubes-tunnel and Qubes-vpn-support ,chose which one on what stage is better? from these two app’s Github description, ‘qubes-tunnel is tested on Debian and Fedora, more for basic users’,‘qubes-vpn-support has ipv6 anti leak and whonix tested’ does it mean qubes-vpn-suppor is more advanced, when a user is more familiar with Qubes, he’s suggested to move from tunnel to vpn-support? ---Since qubes-tunnel is officially integrated in Qubes OS now, is vpn-support still being maintained. BTW,does this mean the qubes official document on vpn is slightly out-dated as well. 2. how to use these security tools together? When Im online, firefox won’t show ip, ipv6,dns, but tor, with it’s exit node, show them all. Please note this is not my info, but tor exit node’s. However, tor team publish all ivp6 exit on their website publicly, with ipv6 is too traceable, and most of ipcheck website can tell a browser is from a tor exit, and you once suggested as well, ipv6 is a ‘naïve’ concept. Does this mean using tor for sign-in service like check email is not secure and not recommended, so it’s better just for browsing? ---In that case is firefox or opera more secure for email-checking?-- Especially, when tor team claimed tor +vpn would make a user’s traffic ‘more obvious’. How to check webmails if it were you? 323. Just to confirm some configure details --On firewall rules,Adding below lines iptables -I FORWARD -o eth0 -j DROP iptables -I FORWARD -i eth0 -j DROP ip6tables -I FORWARD -o eth0 -j DROP ip6tables -I FORWARD -i eth0 -j DROP in /rw/config /qubes-firewall-user-script This is in vpn-vm not app-vm, sys-net or dom0 right? ---When you suggested to test a uplink-vm with package send to non-vpn address, do you mean by something like ware-shark? in sys-net right? ---Disable ipv6 should by qvm-features VM ipv6 '' should be in sys-net as well correct? is it permanent, or should we do it on each boot. Lots of thank you again. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/201902262118.x1QLI1Gx011762%40api2.scryptmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: No Bootable Devices Found with /boot/efi/ Missing
"I say square one or two at least, now you know! Since UEFI boot's working, proceed with trying some of the related troubleshooting steps. Start with [https://www.qubes-os.org/doc/uefi-troubleshooting/#installation-freezes-before-getting-to-anaconda-qubes-40](https://www.google.com/url?q=https%3A%2F%2Fwww.qubes-os.org%2Fdoc%2Fuefi-troubleshooting%2F%23installation-freezes-before-getting-to-anaconda-qubes-40=D=1=AFQjCNEl7BS2bWTu5WdbqhuVTcmy_FAwsQ). How far into the boot process does the black screen show up, immediately after selecting the partition?" So, the black screen isn't instantaneous. There is a little text that shows up for a second or two before it goes black. I changed the boot order setting so that only UEFI showed up. When I selected "UEFI: SanDisk", the following is the what appears: Xen 4.8.4 (c/s) EFI loader Using configuration file 'BOOTX64.cfg' vmlinuz: 0x41103000-0x416e2b20 initrd.img: 0x3fdad000-0x41102168 0x:0x00:0x1f.0x6: ROM 0x10400 bytes at 0x5044f018 Also, I went back and allowed legacy boot devices alongside UEFI, and that expanded my UEFI options to "UEFI: SanDisk" and "UEFI: SanDisk, Partition 2". When I selected either of those two options, I got the slightly different result of: Xen 4.8.4 (c/s) EFI loader Using configuration file 'BOOTX64.cfg' vmlinuz: 0x41103000-0x416e2b20 initrd.img: 0x3fdad000-0x41102168 0x:0x00:0x02.0x0: ROM 0x1 bytes at 0x503f7018 0x:0x00:0x1f.0x6: ROM 0x10400 bytes at 0x50397018 So, that's where I'm at with the UEFI options so far. I read through the "Installation freezes before getting to Anaconda" troubleshooting page, but I'm afraid I don't understand what the directions are talking about. On that page, step one reads: "Follow the [steps above](https://www.qubes-os.org/doc/uefi-troubleshooting/#change-installer-kernel-parameters-in-uefi) to edit the [qubes-verbose] section of your installer’s xen.cfg. You want to comment out the mapbs and noexitboot lines. The end result should look like this: [qubes-verbose] options=console=vga efi=attr=uc # noexitboot=1 # mapbs=1 kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0-x86_64 i915.alpha_support=1 ramdisk=initrd.img" Sadly, I don't understand that. I'm also a little confused about where to make these alterations. I understand how to get to a shell in Troubleshooting mode in the installer, but I could only get there in Legacy boot. Is this for somewhere else? Thanks again Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐ Original Message ‐‐‐ On Monday, February 25, 2019 11:52 PM, Rainier30 wrote: > Actually, I may have to sheepishly admit that Legacy was enabled at the same > time as UEFI, meaning that it automatically booted into Legacy instead. All > previously reported symptoms seem to stem from this. > > Bottom line, UEFI isn't working for me period it seems. I end up with a black > screen, regardless of whether I select partition one or two on my flash drive > (not sure why it displays like that. Perhaps that is indicative of > something?). > > I'm back to square zero. Any varied options are appreciated. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/EWi8Cy69uGCFqAZpGl7g7X1Q8LgCYnFx1N9YesVTARQo-42m3nufYTXJfDLfTKDHVG5VqLCq8TjVtT9JPJjV-Cl5vZBW6tUMdQEfiKqFF8Q%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Oryx Pro laptop (BOOTX64.cfg for Qubes 4.0.1)
Hi everyone and especially those who useing Oryx Pro with 4.0.1 Release :) Tell me please what config variations I must try in BOOTX64.cfg (or maybe somewhere else) to successfuly install Qubes? Now with .iso (dd via Rufus) without any changes I got this problem: https://drive.google.com/open?id=1y38UJKq1ucuZIKtvlHLFyMKbMhYO3VBo Also tried different options in BOOTX64.cfg. Example 1: [qubes-verbose] options=console=vga efi=no-rs (here I changed 'efi=attr=uc' on efi=no-rs') and got this: https://drive.google.com/open?id=1ms_p53vRnSMy7OTjYFuSBlMH2ULvypLh Example 2: [qubes] options=console=none kernel=vmlinuz inst.stage2=hd:LABEL=Qubes-R4.0.1-x86_64 i915.alpha_support=1 nouveau.modeset=0 quiet rhgb ramdisk=initrd.img (here I added 'nouveau.modeset=0') and got this: https://drive.google.com/file/d/1zGI53XZ6f-8BoX28XueuuAmDQmFVf4FT/view Maybe I missing something or doing something wrong? Will appriciate to any help. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b4081c13-0b33-49d8-ade1-549166368fe2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Best practices?
...always forget something right after hitting "Post": Similar to Stuart to avoid a borked update which happens(although rarely these days) I: 1) Back up my data prior to an update 2) I only update my original templates after updating the clones, if the clones update OK I then update my original template -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/74c2ff54-4b3e-4fbb-ab9c-4561c6096e3e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Best practices?
To answer the OP question you would use the clone for AppVMs, for example: 1) Original Fedora Template = I avoid using it 2) Clone of "Original Fedora Template" = Vault AppVM 3) Cloned Template with Libre Office installed = Personal VM & for another disposable VM for printing and opening email attachments (multiple disposable VMs available in 4.0) 4) Cloned Template configured for VPN = VPN AppVMs If one screws up due to my doing, borked update, suspicion of malware I delete the clone and rebuild it from my Original Template. I highly recommend backing up your data VMs prior to updates (I can't stress this enough!). When I first started I screwed up a lot and was constantly reinstalling Qubes. Similar cloning for Debian...I tend to use Debian where I can. The logic is the more software you install in a template the more vulnerable the template becomes... I use the GUI but also picked up some commands for the terminal. I didn't know Linux but figured I would start with Qubes as I needed the security ASAP(I didn't have a choice). Here are some basic commands I might use in a terminal: Debian - To install Nautilus su apt-get install nautilus Debian - To install OpenVPN su apt-get install openvpn Debian - To install GNOME (Including Libre Office): sudo tasksel select GNOME (with space bar) Fedora (Install Libre Office): Sudo dnf install libreoffice Update Dom0 in terminal: sudo qubes-dom0-update I again thank all on this mailing list who have helped me directly and indirectly. I also recommend to donate if you can to keep Qubes going...its good stuff! Kudos to the development team and all those writing code...thank you! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4b9d29d9-ec79-47c6-bd5a-5618affe2556%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] why mail-list?
On 20190225 at 16:00 -0600 John Goold wrote: > Making the leap to "catering to the lowest common denominator" is simply > insulting. No. it's necessary. And often enough people even miss the necessary steps in that setting (like registering their PGP keys... even though it is quite simple). And you're missing the obvious points like minimal use of available bandwidth or asynchronous delivery. And as long as using Qubes is more complicated than getting Arch running there are more important tasks than catering to people who are think mailing lists are lacking sophistication or comfort. Achim -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/24a4503e18a68b8c3548d589eccc81316660f1ea.camel%40noses.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] g505s BIOS settings for installing 4.0.1
On 25 Feb 2019 23:44, taii...@gmx.com wrote: > > On 01/10/2019 10:27 AM, cyber.citi...@tutanota.com wrote: > > Hello everyone, > > > > I'd like to install Qubes 4.0.1 on a g505s, but the installation routine is > > telling me that IOMMU/Vt-d/AMD-Vi, and Interrupt Remapping are not > > available. I've tried every possible combination of BIOS settings I can > > imagine (such as enabling SVM support and toggling between Legacy boot and > > UEFI boot), but nothing is working. I've seen a lot of posts on this > > discussion forum saying that the g505s is compatable with Qubes 4.0, so I'm > > confused. Might someone toss me a clue? > > > > Thank you. > > > > You need to install coreboot and MAKE SURE that you have included the > microcode updates otherwise it won't work and you will have no security. > > The issue is a lack of microcode updates without them IOMMU won't work, > this has been posted many times before FYI. > Yes, indeed. For convenience, the instructions about how to easily patch the coreboot with the latest microcodes before building it for G505S - are available at "G505S hacking" page from DangerousPrototypes wiki - http://dangerousprototypes.com/docs/Lenovo_G505S_hacking . By the way Mike updated it recently so I encourage you to take a look and maybe contribute if you have something to add. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFDs6v25udXy0Q9kkYpXvE9dnZCu%2Bna64taG83RQS3vuRA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Best practices?
On Tue, 26 Feb 2019 03:59:18 + "'awokd' via qubes-users" wrote: >dexinthec...@gmail.com: >> Just recently installed Qubes being new to Linux altogether I haven’t quiet >> developed my own best practices and the documentation online has a pretty >> steep learning curve. Anyway I was wondering what do you guys usually >> perform after a clean install. What do you do on a weekly basis, monthly, >> annually etc? How do you optimize Qube OS or is it already pretty optimized? >> >I set up a trim cron job per https://www.qubes-os.org/doc/disk-trim/ and >set issue_discards = 1 in /etc/lvm/lvm.conf. Thought I also set up >something to delete all logs older than a month but either I forgot to >or it doesn't seem to be working. > Starting your Linux life with Qubes is a bit like starting your political career by running for President, or starting your mountain climbing hobby at Everest. Much of what you do with Qubes is no different than straight up Linux, but there is a lot more to it as well. If you have previous virtualization experience, it is a plus. VMWare is where I started back in VMWare Workstation 4 days. I was a paying customer of theirs from versions 4 through 6 before jumping over to VirtualBox. Qubes with its Xen based virtualization was a logical next step for me...as I was already planning on moving over to Xen. What I do as a matter of course with my Qubes box is create ONE clone of each template...Fedora and Debian are the ones I use...and proceed on my merry way. I do the updates on the templates, and if there is a TON of updates...not just a browser like Chrome, Vivaldi, Chromium, Firefox...I back out of the update without doing it, delete the old clone of the template (space is a bit tight) and make a fresh clone of the working template. If the updated template causes trouble, I shut down everything but dom0, change all of the VM's using the borked template to use the last clone, delete the borked template, clone the clone back to the original name then change all the VM's to use the original name again. A small PITA but it pretty much guarantees that I am workable in the event of a borked update...which unfortunately does happen from time to time. I use qvm-clone and qvm-ls and qvm-prefs on the command line in a dom0 terminal to make the changes, but they could be done through the gui interface. I'm still on 3.2 with an install of 4 planned as soon as I get my new motherboard received and installed...my usb's are toast on this one. Stuart -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190226065511.5d64c5f5%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] HCL - Purism Librem 15 v4
Qubes is not selling hardware at all :) On 2/25/19 9:42 PM, taii...@gmx.com wrote: > Nice ad. > > When will you guys finally admit that you aren't selling owner > controlled computers and change the name "librem" since they aren't at > all libre? > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0ec6338f-6284-8db0-27d5-9ef47ae0e1ea%40privacy.farm. For more options, visit https://groups.google.com/d/optout.
