[qubes-users] Re: dispvm browser retains information
On 3/13/19 11:06 AM, unman wrote: On Tue, Mar 12, 2019 at 06:57:41PM +, Jon deps wrote: On 3/12/19 4:34 PM, unman wrote: On Tue, Mar 12, 2019 at 08:35:04AM +, Jon deps wrote: Hello, in Thunderbird when I do open-in-vm and check firefox it has retained bookmarks from a previous session, I believe this is Not how DVMs are supposed to work ? If so how would I troubleshoot and/or remove old DVM data sesssions please You're right. It isn't how disposableVMs are supposed to work. The obvious question is, what did you select when you "did" open-in-vm? If you selected an appVM, have you made sure that you have made that appVM in to a template for disposableVMs? (qvm-prefs template_for_dispvms True) Also check to see what you have set in /etc/qubes-rpc/policy/qubes.OpeninVM and /etc/qubes-rpc/policy/qubes.OpenURL unman What I did/have done is for secure printing(per Qubes docs advice) , cloned fedora-29 -> fedora-29printtemplate, then I use the clone as the template for an AppVM (named fedoraprintqube). when I do : $qvm-prefs fedoraprintqube template - fedora-29printtemplate template_for_dispvms - True $qubes-prefs default_dispvm - fedoraprintqube re: "what did I choose" there is only 1 choice in Thunderbird Open-in-dispvm right click and choose and it open the atttachment in a dispvm re: rpc policy everything is as default setup further the AppVM in which Thunderbird is running has it's default DispVM set to: fedoraprintqube is there some directory I should clear where dispVM information would be stored to perhaps reset the system ? or any further ideas welcome regards There was an issue before where disposableVMs were leaking information but that was under 3 where the structure was somewhat different. There may be 2 cases: 1. a disposableVM is created and you are seeing information from the underlying fedoraprintqube - normal, and to be expected; 2. a disposableVM is created and you are seeing information from a previous disposableVM session. Bug. Are you able to rule out (1) and confirm that it is (2)? When a qube is created, it is definitely named dispXX? ah ok , so it's #1 , so what is disposed of in this configuration by using the DVM based on a AppVM instead of a TemplateVM ? or is there any benefit for the disposable-ness ? perhaps I should be using a Template for true disposable data ? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/aa853f6b-9a9e-d241-1411-464f40f8c98e%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] i3-dmenu-desktop not providing access to DispVM apps
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I was just giving i3 a try as window manager and stumbled across a minor issue with i3-dmenu-desktop. For some reason, it doesn't display applications from a DispVM. When looking at all the *.desktop files under the user's home directory in dom0, I also didn't find anything that corresponding to apps in DispVM. Any suggestion how this could be fixed? --w -BEGIN PGP SIGNATURE- Version: ProtonMail Comment: https://protonmail.com wsBcBAEBCAAGBQJciW/hAAoJECSqZ/Wlg0uw+WYIAKc8ntHe/yWsKsJPGiQv QPGQyMMZkEQK7rbeB4ZRiWWQqUOZOAa5bfnCHrkNOW9dXrJIAUhUDztmte4D 0u1dly7GirQ7ZACGXbFl1ueoYMloUQvdcMdsMKQh569yutQXWgUm/7DQNY/N as6sZxzI/9nbkSpRn+0E0sffQiDk8UU/uGAWgp721WEdevB1OB6oI9G8jB+5 pVTU0GJXnt8l0rBTizRnlSwflUz+6rKvBXrEWuJyd99GWE7u0di57om/uLEr cXnqxLISFhBKpaMPkCGmncSqbG5htSvOKMT6BIi9rq4jbpgfKg8/FXKuVXWr w9/K2KDl9BgrL/zl34M08Kk= =FbV3 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fo8UBYQLpZFmkrRUWTgXQoUlSPACGYkCm4smgNt8s57QXk2lGEHQOxglXZ9TOPxsnXwJ36UTNJfgmr7WDWxZzFDuSOFqEzQQbiyP1p6zBP4%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout. publickey - wintermute2019@protonmail.com - 0x2D8F35C2.asc Description: application/pgp-keys publickey - wintermute2019@protonmail.com - 0x2D8F35C2.asc.sig Description: PGP signature
[qubes-users] vchan doesn’t work on recent mainline kernels
I built a Linux kernel from Linus’s git master, with a slight modification (u2mfn module moved in-tree). The resulting kernel does not work with Qubes: libvchan gets -EINVAL from mmap(). Any suggestions? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJEMUN8E%3DC%3Dm2F5YeU9mqmtyQPdsDTGGfS59%3DX%2ByH3EcOrmazw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] QWT and win updates
On Wed, Mar 13, 2019 at 12:32 PM unman wrote: > On Wed, Mar 13, 2019 at 06:56:03AM -0700, Hugo Costa wrote: > > On Wednesday, 13 March 2019 11:12:46 UTC, unman wrote: > > > On Tue, Mar 12, 2019 at 04:53:02PM -0300, Franz wrote: > > > > I installed again windows following this > > > > > https://www.qubes-os.org/doc/windows-vm/#xen-pv-drivers-and-qubes-windows-tools > > > > > > > > Windows now is working and fully updated but no additional driver is > > > > installed. > > > > > > > > Reading this tutorial many times, for me, it is not yet clear what > the > > > > following means: > > > > > > > > "If you plan to update your newly installed Windows VM it is > recommended > > > > that you do so *before* installing Qubes Windows Tools (QWT). If QWT > are > > > > installed, you should temporarily re-enable the standard VGA adapter > in > > > > Windows and disable Qubes’ (see the section above)." > > > > > > > > Does it mean that once QWT is installed I can no more regularly > update my > > > > system, unless every time remember to do some strange and not well > > > > understood VGA tweaking? > > > > > > > > This seems very strange because on 3.2 I always updated windows even > if QWT > > > > was already installed, with no issues. > > > > > > > > So did this really change with Qubes 4.0 > > > > > > > > Best > > > > > > That is the implication. > > > You could test this by updating *without* changing the adapter. > > > If everything works as expected, head over to > > > www.qubes-os.org/doc/windows-vm and edit that page. > > > You can help improve Qubes by doing this. > > > > I believe the "don't update" message has always been there, it didn't > change from Q3.2 to Q4.x. But, obviously, the processes used to provide > Qubes integration may stop working due to a certain update, so it's a valid > warning. > > > > I dont think that this is true - there was not a "dont update" > message and there isnt one now. > In the past there used to be a recommendation to re-enable the VGA adapter > when > updating, so really I dont think that anything has changed. > > I never saw this alert before. Anyway I recovered the old windows VM installed under 3.2 and it is still working even if network is not connected anymore. How do you re-enable the VGA adaptor? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qAKxtiUitGih92ME0yRs4SKpSEgcniMy%3DEyZpra_7JC3w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] QWT and win updates
On Wed, Mar 13, 2019 at 06:56:03AM -0700, Hugo Costa wrote: > On Wednesday, 13 March 2019 11:12:46 UTC, unman wrote: > > On Tue, Mar 12, 2019 at 04:53:02PM -0300, Franz wrote: > > > I installed again windows following this > > > https://www.qubes-os.org/doc/windows-vm/#xen-pv-drivers-and-qubes-windows-tools > > > > > > Windows now is working and fully updated but no additional driver is > > > installed. > > > > > > Reading this tutorial many times, for me, it is not yet clear what the > > > following means: > > > > > > "If you plan to update your newly installed Windows VM it is recommended > > > that you do so *before* installing Qubes Windows Tools (QWT). If QWT are > > > installed, you should temporarily re-enable the standard VGA adapter in > > > Windows and disable Qubes’ (see the section above)." > > > > > > Does it mean that once QWT is installed I can no more regularly update my > > > system, unless every time remember to do some strange and not well > > > understood VGA tweaking? > > > > > > This seems very strange because on 3.2 I always updated windows even if > > > QWT > > > was already installed, with no issues. > > > > > > So did this really change with Qubes 4.0 > > > > > > Best > > > > That is the implication. > > You could test this by updating *without* changing the adapter. > > If everything works as expected, head over to > > www.qubes-os.org/doc/windows-vm and edit that page. > > You can help improve Qubes by doing this. > > I believe the "don't update" message has always been there, it didn't change > from Q3.2 to Q4.x. But, obviously, the processes used to provide Qubes > integration may stop working due to a certain update, so it's a valid warning. > I dont think that this is true - there was not a "dont update" message and there isnt one now. In the past there used to be a recommendation to re-enable the VGA adapter when updating, so really I dont think that anything has changed. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190313153216.l4sji5u3bcjnujrc%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't set default_target to @dispvm:foo in policy
On Fri, Mar 8, 2019 at 7:03 PM Marek Marczykowski-Górecki wrote: > > Seems like a bug? > > Indeed. Could you report it at > https://github.com/QubesOS/qubes-issues/issues ? OK, done: https://github.com/QubesOS/qubes-issues/issues/4881 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAFOviU-dKRs4NaE1Gerr-niH94YsMdVNFg9EB%3DZD_Mp4M-%2Bcng%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] QWT and win updates
On Wednesday, 13 March 2019 11:12:46 UTC, unman wrote: > On Tue, Mar 12, 2019 at 04:53:02PM -0300, Franz wrote: > > I installed again windows following this > > https://www.qubes-os.org/doc/windows-vm/#xen-pv-drivers-and-qubes-windows-tools > > > > Windows now is working and fully updated but no additional driver is > > installed. > > > > Reading this tutorial many times, for me, it is not yet clear what the > > following means: > > > > "If you plan to update your newly installed Windows VM it is recommended > > that you do so *before* installing Qubes Windows Tools (QWT). If QWT are > > installed, you should temporarily re-enable the standard VGA adapter in > > Windows and disable Qubes’ (see the section above)." > > > > Does it mean that once QWT is installed I can no more regularly update my > > system, unless every time remember to do some strange and not well > > understood VGA tweaking? > > > > This seems very strange because on 3.2 I always updated windows even if QWT > > was already installed, with no issues. > > > > So did this really change with Qubes 4.0 > > > > Best > > That is the implication. > You could test this by updating *without* changing the adapter. > If everything works as expected, head over to > www.qubes-os.org/doc/windows-vm and edit that page. > You can help improve Qubes by doing this. I believe the "don't update" message has always been there, it didn't change from Q3.2 to Q4.x. But, obviously, the processes used to provide Qubes integration may stop working due to a certain update, so it's a valid warning. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4add9b5b-7ee2-4604-a1a5-bf775223bd71%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] transient appvm failed to start
On Mon, Mar 11, 2019 at 01:45:13PM -0700, pixel fairy wrote: > just got a pop up notification > > Qube Status: myvm > Domain myvem has failed to start: internal error: libexenlight failed to > create new domain 'myvm' > > myvm has existed and started fine for many months. trying it again worked. > > is this a known issue? should it be reported? if so, anything besides the > logs in /var/log/qubes worth providing? > What is myvm? Are there any devices attached? What is in the logs? Could it be a transient memory issue? Without more definite information it's hard to form an opinion. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190313111526.ettajt2cxtbe3lsb%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] QWT and win updates
On Tue, Mar 12, 2019 at 04:53:02PM -0300, Franz wrote: > I installed again windows following this > https://www.qubes-os.org/doc/windows-vm/#xen-pv-drivers-and-qubes-windows-tools > > Windows now is working and fully updated but no additional driver is > installed. > > Reading this tutorial many times, for me, it is not yet clear what the > following means: > > "If you plan to update your newly installed Windows VM it is recommended > that you do so *before* installing Qubes Windows Tools (QWT). If QWT are > installed, you should temporarily re-enable the standard VGA adapter in > Windows and disable Qubes’ (see the section above)." > > Does it mean that once QWT is installed I can no more regularly update my > system, unless every time remember to do some strange and not well > understood VGA tweaking? > > This seems very strange because on 3.2 I always updated windows even if QWT > was already installed, with no issues. > > So did this really change with Qubes 4.0 > > Best That is the implication. You could test this by updating *without* changing the adapter. If everything works as expected, head over to www.qubes-os.org/doc/windows-vm and edit that page. You can help improve Qubes by doing this. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190313111243.6riez2j2sty24z4e%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: dispvm browser retains information
On Tue, Mar 12, 2019 at 06:57:41PM +, Jon deps wrote: > On 3/12/19 4:34 PM, unman wrote: > > On Tue, Mar 12, 2019 at 08:35:04AM +, Jon deps wrote: > > > Hello, in Thunderbird when I do open-in-vm and check firefox it has > > > retained bookmarks from a previous session, > > > > > > I believe this is Not how DVMs are supposed to work ? > > > > > > > > > If so how would I troubleshoot and/or remove old DVM data sesssions > > > please > > > > You're right. It isn't how disposableVMs are supposed to work. > > > > The obvious question is, what did you select when you "did" open-in-vm? > > If you selected an appVM, have you made sure that you have made that > > appVM in to a template for disposableVMs? > > (qvm-prefs template_for_dispvms True) > > > > Also check to see what you have set in > > /etc/qubes-rpc/policy/qubes.OpeninVM and > > /etc/qubes-rpc/policy/qubes.OpenURL > > > > unman > > > > > What I did/have done is for secure printing(per Qubes docs advice) , cloned > fedora-29 -> fedora-29printtemplate, then I use the clone as the template > for an AppVM (named fedoraprintqube). > > when I do : > $qvm-prefs fedoraprintqube > > template - fedora-29printtemplate > template_for_dispvms - True > > $qubes-prefs > > default_dispvm - fedoraprintqube > > > re: "what did I choose" there is only 1 choice in Thunderbird > Open-in-dispvm > > right click and choose and it open the atttachment in a dispvm > > > re: rpc policy everything is as default setup > > > further the AppVM in which Thunderbird is running has it's default DispVM > set to: fedoraprintqube > > > > is there some directory I should clear where dispVM information would > be stored to perhaps reset the system ? > > > or any further ideas welcome regards There was an issue before where disposableVMs were leaking information but that was under 3 where the structure was somewhat different. There may be 2 cases: 1. a disposableVM is created and you are seeing information from the underlying fedoraprintqube - normal, and to be expected; 2. a disposableVM is created and you are seeing information from a previous disposableVM session. Bug. Are you able to rule out (1) and confirm that it is (2)? When a qube is created, it is definitely named dispXX? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190313110627.s2vsso7ann32cgnu%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
