[qubes-users] Re: how to reinstall whonix-14 templates
On Monday, 8 July 2019 11:37:35 UTC+3, Claudio Chinicz wrote: > Hi, > > I've broken my whonix-gw-14 when trying to upgrade to whonix-15 and ended up > removing both gw and ws templates for version 14. > > I'me trying to reinstall following instructions from > https://www.qubes-os.org/doc/templates/ but it does not work. > > Anyone can help with instructions to download whonix-14 from scratch? > > Thanks in advance, > Claudio Hi Chris, I tried on dom0 to issue the commands and I got a message "using sys-firewall as UpdateVM to download updates for Dom0; this may take some time..." but nothing happened. Did I do something wrong? did I miss something? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fe26c995-bd47-4759-913d-743cf0854f1e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: I don't see no stinkin' jinja file
Worked! > In dom0. > > Open file whonix.jinja with root rights. > > sudo nano /srv/formulas/base/virtual-machines-formula/qvm/whonix.jinja > > Change 14 to 15 . > > Save. Strange, it was already set to 15. > hence, I can't vouche that this is the official "way" forward > > also note after you do get it installed with the script (waiting up to > 30-60 minutes to avoid the dreaded "unstable system" there is a new caveat Actually, the "sudo qubesctl state.sls qvm.anon-whonix" gave me a bunch of errors, so I did it the old fashioned way, which worked: sudo qubes-dom0-update --action=install qubes-template-whonix-gw-15 That worked fine. > you likely/may not be able to do sudo apt-get update in the new -ws -gw > templates until you 1st do > > sudo apt-get --allow-releaseinfo-change update THIS is what I needed. I wish we could fix it so we don't need to do this, but for now, this works too. BTW the Debian-10 template has the same update problem. I got around it by cloning Debian-9 to Debian-10 and upgraded from there. No update problems. > sometimes I think there are about 15 people in the world using this OS :) I suspect hundreds, if not thousands of journalists use Qubes. They've made more than one youtube video. I get your point though, support sites sure are quiet. > > yours truly, > jinja Thanks again -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3372ae36-eb15-4979-87d1-107da0b029e2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Whonix 15 has been released
On 7/3/19 6:54 PM, 'awokd' via qubes-users wrote: Make sure you're on mgmt-salt-dom0-virtual-machines v4.0.16 or higher. If you are doing it manually, you should review everything the scripts do to make sure you've run the appropriate qvm-features commands, etc. Not following all the same steps as the Salt scripts could result in unexpected traffic disclosures. so for the record as far as I can tell v4.0.15 is the "latest" please tell me if it makes some difference. if I'm going to need to 'review salt scripts'probably time to move on appreciate the Qubes devs, but I sort of don't want to know what salt is and does beyond the very basics :) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e85814a8-d271-579d-e263-49c83be316f3%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: I don't see no stinkin' jinja file
On Monday, July 8, 2019 at 8:00:40 PM UTC-7, Jon deps wrote: > On 7/9/19 2:17 AM, drokmed-re5jqeeqqe8avxtiumw...@public.gmane.org wrote: > > Giving up trying to run tor on qubes. > > > > whonix-gw-14 no longer updates, and I got the whonix-gw-15 installed, but > > it doesn't update either. > > > > Saw something about a jinja file mentioned in a couple comments here, but > > no mention of it on the whonix installation instructions. Don't know where > > it is, and wouldn't know what to do with it if I found it. > > > > I'm glad you veterans knee deep in testing here got it working, but for us > > new people, not a prayer. > > > > maybe you don't see it because the developer removed it , as it Was > there before > https://www.whonix.org/wiki/Qubes/Install > > > In dom0. > > Open file whonix.jinja with root rights. > > sudo nano /srv/formulas/base/virtual-machines-formula/qvm/whonix.jinja > > Change 14 to 15 . > > Save. > > > > hence, I can't vouche that this is the official "way" forward > > also note after you do get it installed with the script (waiting up to > 30-60 minutes to avoid the dreaded "unstable system" there is a new caveat > > you likely/may not be able to do sudo apt-get update in the new -ws -gw > templates until you 1st do > > sudo apt-get --allow-releaseinfo-change update > > https://forums.whonix.org/t/apt-get-error-e-repository-tor-https-cdn-aws-deb-debian-org-debian-security-buster-updates-inrelease-changed-its-suite-value-from-testing-to-stable/7704 > > > sometimes I think there are about 15 people in the world using this OS :) > > yours truly, > jinja Thanks! I'll do that now :) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d6909548-b0c4-493d-87d6-fd644ba708e1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: I don't see no stinkin' jinja file
On 7/9/19 2:17 AM, drokmed-re5jqeeqqe8avxtiumw...@public.gmane.org wrote: Giving up trying to run tor on qubes. whonix-gw-14 no longer updates, and I got the whonix-gw-15 installed, but it doesn't update either. Saw something about a jinja file mentioned in a couple comments here, but no mention of it on the whonix installation instructions. Don't know where it is, and wouldn't know what to do with it if I found it. I'm glad you veterans knee deep in testing here got it working, but for us new people, not a prayer. maybe you don't see it because the developer removed it , as it Was there before https://www.whonix.org/wiki/Qubes/Install In dom0. Open file whonix.jinja with root rights. sudo nano /srv/formulas/base/virtual-machines-formula/qvm/whonix.jinja Change 14 to 15 . Save. hence, I can't vouche that this is the official "way" forward also note after you do get it installed with the script (waiting up to 30-60 minutes to avoid the dreaded "unstable system" there is a new caveat you likely/may not be able to do sudo apt-get update in the new -ws -gw templates until you 1st do sudo apt-get --allow-releaseinfo-change update https://forums.whonix.org/t/apt-get-error-e-repository-tor-https-cdn-aws-deb-debian-org-debian-security-buster-updates-inrelease-changed-its-suite-value-from-testing-to-stable/7704 sometimes I think there are about 15 people in the world using this OS :) yours truly, jinja -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e44bdad6-520a-c022-4c2a-4ff2dee2a183%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: What is the path to the usb drive in sys-usb?
oak2...@gmail.com: Sorry, forgot to mention, I want the USB to show up in a Windows 7 VM, which is a Standalone VM. Don't know if you can attach a USB drive directly to a Win7 VM like that. Think I tried it before and had problems. Have heard of people passing through a USB controller and that working, but what I did instead was transfer files via a LAN FTP server. Eventually I converted nearly all my workflows to open-source instead, so haven't powered up the Win7 VM in months. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/22d199cf-ec74-06e4-7c53-33eb71a7683e%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
[qubes-users] I don't see no stinkin' jinja file
Giving up trying to run tor on qubes. whonix-gw-14 no longer updates, and I got the whonix-gw-15 installed, but it doesn't update either. Saw something about a jinja file mentioned in a couple comments here, but no mention of it on the whonix installation instructions. Don't know where it is, and wouldn't know what to do with it if I found it. I'm glad you veterans knee deep in testing here got it working, but for us new people, not a prayer. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a25ac7c4-8211-4de2-acab-d9d28633b390%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Failed qubesd deamon connection
cammum...@gmail.com: On Monday, 8 July 2019 23:42:36 UTC+3, camm...@gmail.com wrote: I have tried everything on the internet to solve my problem it says Start-limit-hit. I try you post in another chat nano var/lib/qubes/qubes.xml.resut no directory exist. I try everything else I find on the web withe no solution. I have photos I don't want to lost and work stuff I need. Please help me. https://postimg.cc/2bPYyHMW https://postimg.cc/YjGq7FZg More details of my problem. Provide text log file of "sudo journalctl -b" output. Note you may want to edit out hardware serial #s, etc. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4597f146-895a-5053-6a89-6ca2e47a2e7a%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: using static dispVM for sys-net
On Mon, Jul 08, 2019 at 07:24:53PM +, Jon deps wrote: > On 7/3/19 8:50 PM, 'awokd' via qubes-users wrote: > > Jon deps: > > > > > https://www.qubes-os.org/doc/disposablevm-customization/#using-static-disposablevms-for-sys- > > > > > > > > > > > > I can't really understand what the differences would be?? with a static > > > dispvm (based on a dispvm-template) vs?? just a regular?? sys-net > > > > > > if nothing is disposed (static) isn't it just the same > > > > > "Static" there refers to the name and VM configuration, not the > > contents. You only have to set them up once, not every time. > > > > > so making a sys-net2 as a -C DispVM (with persistent PCI tag) based on a > custom-dispvm-template has more disposable qualities than > > just an appvm based on say Deb-9 template ? > > > and hence might be a security protocol to make and toss sys-net2 (dispvm) > from time to timeor > > is it very minor and not worth the effort? > Do you use DisposableVMs instead of a standard appVM? Why? If you see an advantage there, then you should see advantage in using them for sys-. Since the effort is minimal I'd recommend. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190709001544.nvcp7x6icefqj6gv%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to get Ledger Nano S connected to VM
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 > How do I uncover the Nano S in Qubes? Hi, after unlocking the ledger it shows up in qvm-usb for me. I think this may be something to do with the way you have the USBs configured, so it's not specifically a ledger problem. -BEGIN PGP SIGNATURE- iIgEARMKADAWIQRFNnsoPo7HH0XEMXc88cBGMbAIWAUCXSPV0RIccHJhZ29AdHV0 YW5vdGEuZGUACgkQPPHARjGwCFgTlAEA+fn1CsG5GDEl18QwEEU1FbJT5Mxzhb85 q1CU2zKQmYwA/3pMkr70piOWOlxRH5OzxGppVgy5Cir9pCYeY8cwjI/s =VxgA -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LjIz5jJ--3-1%40tuta.io. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Status of Archlinux template
can the build guide be updated for the arch template, doesn't have to be specific to 4.0.1 but i think the keys are out of date -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/682ff37e-7043-46b4-a8e5-b3fa8ae82d66%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Question on the new format of rules for Qubes mirage firewall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
>> Hi,
>> With the old format of rules for the mirage firewall I had the following
>> setup:
>> ...
>> let git_addr = Ipaddr.V4.of_string_exn "192.168.1.101"
>>
>> let allowed_to_git = List.map Ipaddr.V4.of_string_exn
>> [ "10.137.0.20" ;
>> "10.137.0.21"
>> ]
>>
>>
>> let local_subnet = Ipaddr.Prefix.of_string_exn "192.168.0.0/16"
>>
>> let mgmt_local = Ipaddr.V4.of_string_exn "10.137.0.22"
>>
>> let from_client = function
>> | { src = `Client c; dst = `External e } when Ipaddr.Prefix.mem e
>> local_subnet
>> && c#other_ip = mgmt_local -> `NAT
>> | { src = `Client c; dst = `External e } when e = Ipaddr.V4 git_addr
>> && List.mem c#other_ip allowed_to_git -> `NAT
>> ...
>>
>> Is it possible to get the same functionality with the new rules using the
>> prefix
>> and the lists of addresses? It would also be useful to be able to block
>> prefixes
>> as well if that's possible.
> There are two ways to get that working. The quick way is to get the src/dst
> IP addresses from the `packet` field instead, e.g.
>
> let externals = [
> "192.168.1.101", `Git;
> ]
>
> ...
>
> | { src = `Client _;
> dst = `External `Git;
> packet = `IPv4 ({Ipv4_packet.src}, _)}
> when List.mem src allowed_to_git -> `NAT
>
> Another solution would be to edit firewall.ml to allow specifying subnets,
> not just hosts. That's a bit more work, though.
Many thanks for your help with this and for the project!
I went with the quick way for now.
I now have the following rules if anyone else finds them useful:
...
let clients = [
"10.137.0.22", `MgmtLocal;
]
let externals = [
"192.168.1.101", `Git;
]
let allowed_to_git = List.map Ipaddr.V4.of_string_exn
[ "10.137.0.20";
"10.137.0.21"
]
let local_subnet = Ipaddr.V4.Prefix.of_string_exn "192.168.0.0/16"
let from_client (...
match info with
| { src = `Client `MgmtLocal; dst = `External _; packet = `IPv4
({Ipv4_packet.dst}, _) }
when Ipaddr.V4.Prefix.mem dst local_subnet -> `NAT
| {src = `Client _; dst = `External `Git; packet = `IPv4
({Ipv4_packet.src}, _) }
when List.mem src allowed_to_git -> `NAT
...
This all compiled and seems to be working well.
Thanks again
-BEGIN PGP SIGNATURE-
iIgEARMKADAWIQRFNnsoPo7HH0XEMXc88cBGMbAIWAUCXSPR6RIccHJhZ29AdHV0
YW5vdGEuZGUACgkQPPHARjGwCFgMagD+I396tJHqYi94dCOT1hDanLHojr0NIJsz
nXqKCzr3CfgA/3N0UcEPddAyuW3TlXlui74CYr9MHQxTUCR3I1cl5yXx
=637A
-END PGP SIGNATURE-
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/LjIvTlK--3-1%40tutanota.de.
For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Upgrading to whonix 15
Jon deps: On 7/7/19 10:06 PM, Steven Walker wrote: I am a virtual newbie to qubes. I am using 4.0.1 on a thinkpad T420. I would like to upgrade from whonix 14 to 15 without screwing anything up. Can anyone advise? Steve Uninstall old whonix-14 Reinstall new whonix-15 search this forum then ask https://www.whonix.org/wiki/Qubes/Install it may look more complicated than it is ; because of the formatting start at the start , learn the terminology , your just changing the appvms to not reference the whonix-14 templates then removing the templates via dom0 and either running the script or reinstalling the same way most templates are installed via dom0 only trick may be changing the "jinja" config file from -14 to -15 though if you read the thread some folks didn't remove -14 before installing -15 and apparently that may be "safe" also Or if you've made template customizations you want to keep you can upgrade your existing templates. https://www.whonix.org/wiki/Upgrading_Whonix_14_to_Whonix_15 Just clone your templates first and follow the upgrade procedure on the clones. Then once you've confirmed everything works as expected and switched your appvms over to the new template you can remove the original ones. -- Jackie -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/936c29dc-5ca2-e281-7908-e9603209ac2b%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: What is the path to the usb drive in sys-usb?
On Monday, July 8, 2019 at 3:56:51 PM UTC-4, brend...@gmail.com wrote: > On Monday, July 8, 2019 at 3:55:08 PM UTC-4, brend...@gmail.com wrote: > > On Monday, July 8, 2019 at 11:14:41 AM UTC-4, oak...@gmail.com wrote: > > > Easy question, but I'm a noob: What is the path to the usb drive that is > > > connecting through sys-usb? I am trying to get the usb to startup with a > > > certain vm. Thanks. > > > > Since the VMs use /dev/xvd[a-d] as the operational drives, the entire > > /dev/sd_ list isn't used unless you attach a USB driver. > > > > Therefore, your first USB drive will be dev/sda (/dev/sda1 for the first > > partition, etc.). > > > > If you're feeling lazy like I do, try running gnome-disks and it'll show > > you. > > > > Brendan > > Oops, my bad. In sys-usb it is /dev/sdX. > > In the VM that you pulled it from sys-usb into, it's going to be > "/dev/xvd[i-z]". > > [a-d] are taken by the Qubes-owned LVs. [e,f,g,h] are skipped. [i-z] are > available for storage pass through. > > B Sorry, forgot to mention, I want the USB to show up in a Windows 7 VM, which is a Standalone VM. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a04618fa-8bff-41a0-ab1b-5ca8a94087f2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: What is the path to the usb drive in sys-usb?
On Monday, July 8, 2019 at 3:56:51 PM UTC-4, brend...@gmail.com wrote: > On Monday, July 8, 2019 at 3:55:08 PM UTC-4, brend...@gmail.com wrote: > > On Monday, July 8, 2019 at 11:14:41 AM UTC-4, oak...@gmail.com wrote: > > > Easy question, but I'm a noob: What is the path to the usb drive that is > > > connecting through sys-usb? I am trying to get the usb to startup with a > > > certain vm. Thanks. > > > > Since the VMs use /dev/xvd[a-d] as the operational drives, the entire > > /dev/sd_ list isn't used unless you attach a USB driver. > > > > Therefore, your first USB drive will be dev/sda (/dev/sda1 for the first > > partition, etc.). > > > > If you're feeling lazy like I do, try running gnome-disks and it'll show > > you. > > > > Brendan > > Oops, my bad. In sys-usb it is /dev/sdX. > > In the VM that you pulled it from sys-usb into, it's going to be > "/dev/xvd[i-z]". > > [a-d] are taken by the Qubes-owned LVs. [e,f,g,h] are skipped. [i-z] are > available for storage pass through. > > B I can't find a terminal for my Windows 7 Qube (maybe because it's a standalone vm, idk). In sys-usb terminal, I typed in "qvm-start win7new --hddisk sys-usb: /dev/sdk" and it said "bash: qvm-start: command not found." -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ab0de358-e8d8-418e-8346-780e901a1baa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Exciting day for Debian! Watching the twitter feed
Heads up on the debian-10 update error (with workaround): https://forums.whonix.org/t/apt-get-error-e-repository-tor-https-cdn-aws-deb-debian-org-debian-security-buster-updates-inrelease-changed-its-suite-value-from-testing-to-stable/7704 -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/443e45a4-36e2-b593-8e20-1414cb2497a5%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Failed qubesd deamon connection
On Monday, 8 July 2019 23:42:36 UTC+3, camm...@gmail.com wrote: > I have tried everything on the internet to solve my problem it says > Start-limit-hit. I try you post in another chat nano > var/lib/qubes/qubes.xml.resut no directory exist. > I try everything else I find on the web withe no solution. I have photos I > don't want to lost and work stuff I need. > Please help me. https://postimg.cc/2bPYyHMW https://postimg.cc/YjGq7FZg More details of my problem. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/09bedad4-d4d8-4ca4-896d-09dd3caf5867%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Failed qubesd deamon connection
I have tried everything on the internet to solve my problem it says Start-limit-hit. I try you post in another chat nano var/lib/qubes/qubes.xml.resut no directory exist. I try everything else I find on the web withe no solution. I have photos I don't want to lost and work stuff I need. Please help me. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ebf99ccd-e8b0-48fc-a48e-ab951f7c15f9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: What is the path to the usb drive in sys-usb?
On Monday, July 8, 2019 at 3:56:51 PM UTC-4, brend...@gmail.com wrote: > On Monday, July 8, 2019 at 3:55:08 PM UTC-4, brend...@gmail.com wrote: > > On Monday, July 8, 2019 at 11:14:41 AM UTC-4, oak...@gmail.com wrote: > > > Easy question, but I'm a noob: What is the path to the usb drive that is > > > connecting through sys-usb? I am trying to get the usb to startup with a > > > certain vm. Thanks. > > > > Since the VMs use /dev/xvd[a-d] as the operational drives, the entire > > /dev/sd_ list isn't used unless you attach a USB driver. > > > > Therefore, your first USB drive will be dev/sda (/dev/sda1 for the first > > partition, etc.). > > > > If you're feeling lazy like I do, try running gnome-disks and it'll show > > you. > > > > Brendan > > Oops, my bad. In sys-usb it is /dev/sdX. > > In the VM that you pulled it from sys-usb into, it's going to be > "/dev/xvd[i-z]". > > [a-d] are taken by the Qubes-owned LVs. [e,f,g,h] are skipped. [i-z] are > available for storage pass through. > > B Ok, much thanks, last line is gibberish to me, but I think the path is all I need. Is Gnome-disks in the Settings somewhere? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1442d85b-b0a2-4d8d-80c0-7c3fb40ebc2a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: What is the path to the usb drive in sys-usb?
On Monday, July 8, 2019 at 3:55:08 PM UTC-4, brend...@gmail.com wrote: > On Monday, July 8, 2019 at 11:14:41 AM UTC-4, oak...@gmail.com wrote: > > Easy question, but I'm a noob: What is the path to the usb drive that is > > connecting through sys-usb? I am trying to get the usb to startup with a > > certain vm. Thanks. > > Since the VMs use /dev/xvd[a-d] as the operational drives, the entire > /dev/sd_ list isn't used unless you attach a USB driver. > > Therefore, your first USB drive will be dev/sda (/dev/sda1 for the first > partition, etc.). > > If you're feeling lazy like I do, try running gnome-disks and it'll show you. > > Brendan Oops, my bad. In sys-usb it is /dev/sdX. In the VM that you pulled it from sys-usb into, it's going to be "/dev/xvd[i-z]". [a-d] are taken by the Qubes-owned LVs. [e,f,g,h] are skipped. [i-z] are available for storage pass through. B -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/63b57f19-7732-47c3-b60a-24794260163a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: What is the path to the usb drive in sys-usb?
On Monday, July 8, 2019 at 11:14:41 AM UTC-4, oak...@gmail.com wrote: > Easy question, but I'm a noob: What is the path to the usb drive that is > connecting through sys-usb? I am trying to get the usb to startup with a > certain vm. Thanks. Since the VMs use /dev/xvd[a-d] as the operational drives, the entire /dev/sd_ list isn't used unless you attach a USB driver. Therefore, your first USB drive will be dev/sda (/dev/sda1 for the first partition, etc.). If you're feeling lazy like I do, try running gnome-disks and it'll show you. Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/98089edd-525b-44ab-b518-535805c76e81%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: using static dispVM for sys-net
On 7/3/19 8:50 PM, 'awokd' via qubes-users wrote: Jon deps: https://www.qubes-os.org/doc/disposablevm-customization/#using-static-disposablevms-for-sys- I can't really understand what the differences would be with a static dispvm (based on a dispvm-template) vs just a regular sys-net if nothing is disposed (static) isn't it just the same "Static" there refers to the name and VM configuration, not the contents. You only have to set them up once, not every time. so making a sys-net2 as a -C DispVM (with persistent PCI tag) based on a custom-dispvm-template has more disposable qualities than just an appvm based on say Deb-9 template ? and hence might be a security protocol to make and toss sys-net2 (dispvm) from time to timeor is it very minor and not worth the effort? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c82977d9-1be3-6a88-457f-bc2073bb4296%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] how to reinstall whonix-14 templates
On 7/8/19 4:37 AM, Claudio Chinicz wrote: Hi, I've broken my whonix-gw-14 when trying to upgrade to whonix-15 and ended up removing both gw and ws templates for version 14. I'me trying to reinstall following instructions from https://www.qubes-os.org/doc/templates/ but it does not work. Anyone can help with instructions to download whonix-14 from scratch? Thanks in advance, Claudio Per the instructions here: https://www.qubes-os.org/doc/reinstall-template/ ...you can reinstall them with '--action=reinstall' (try this first) or if that doesn't work use '--action=upgrade'. -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e9a60a8a-e087-5af7-f505-9403c071a5df%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] What is the path to the usb drive in sys-usb?
Easy question, but I'm a noob: What is the path to the usb drive that is connecting through sys-usb? I am trying to get the usb to startup with a certain vm. Thanks. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1800caa7-b318-4940-ae8a-cf22f42d4f52%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Ubuntu templates
On Tuesday, 1 January 2019 02:11:21 UTC, unman wrote: > Once you have the package in dom0 you can install it with 'dnf install' > That will create a template, and you should be able to create qubes as > you will. > > unman Awesome! It worked but I can't sudo without knowing the built-in user's password. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/842a4b72-d7eb-42de-b541-c7309c438103%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Ubuntu templates
On Tuesday, 1 January 2019 02:11:21 UTC, unman wrote: > On Mon, Dec 31, 2018 at 10:35:31AM -0800, seshu wrote: > > On Wednesday, December 26, 2018 at 3:39:55 AM UTC-7, unman wrote: > > > For any one who wants to try out Xenial or Bionic, I've put some updated > > > templates for 4.0 online, including a bionic+desktop version. > > > They are pretty vanilla, except I have stopped the automatic search for > > > updates. The templates are signed with my key. > > > > > > If you use Ubuntu in Qubes I provide package repositories at > > > https://qubes.3isec.org for convenience. Full details on that page. > > > > > > As you may know Qubes doesn't provide official pre-built Templates for > > > Ubuntu, because of licensing concerns - details at > > > www.qubes-os.org/doc/templates/ubuntu > > > > > > To use my templates or packages, you will, of course, have to trust me > > > (and my key). If you're not happy doing this, then build the templates > > > and packages yourself using Qubes Builder. > > > It is simple to build templates using Qubes Builder, but some > > > people find it daunting, or don't have time. > > > If you want to do it, follow the instructions for building but select > > > "builder-debian" plugin and the Ubuntu distribution you want. If you > > > need help just ask. > > > > > > unman > > > > Hi, I'm new to Qubes and am interested in trying the ubuntu template. But, > > I"m confused on how to use the template you created? I went to 3isec.org > > site and the instructions are confusing. I see the key you have there, but > > the pgp.mit.edu server doesn't seem to be responding when I request keys. > > And then I'm not sure what to do with the rpm file for the template? > > > > Sorry to ask dumb questions, but thanks also for putting this together. > > thanks! > > > > No need to apologise. Everyone starts from somewhere. > > If you are connecting via Tor then pgp.mit.edu will often be > unresponsive. You should be able to find the key elsewhere, on other > keyservers (like keys.gnupg.net), and be able to check fingerprint > against github, or postings to this list. > Download the package in a qube. Use a Fedora based qube and you can > verify the package is signed by me, using 'rpm -K' or 'rpm -qpi' > > Once you are happy, (and have decided to trust me), you need to transfer > the package in to dom0. > Have a look at www.qubes-os.org/doc/copy-from-dom0/ for help with this. > > Once you have the package in dom0 you can install it with 'dnf install' > That will create a template, and you should be able to create qubes as > you will. > > unman Awesome! Install worked but can't sudo because I don't know the passwd for user. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/38548959-af1f-4735-8105-09ac7d600ff4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Question on the new format of rules for Qubes mirage firewall
On Saturday, July 6, 2019 at 6:09:52 AM UTC+1, pr...@tutanota.de wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi,
>
> With the old format of rules for the mirage firewall I had the following
> setup:
>
> ...
> let git_addr = Ipaddr.V4.of_string_exn "192.168.1.101"
>
> let allowed_to_git = List.map Ipaddr.V4.of_string_exn
> [ "10.137.0.20" ;
> "10.137.0.21"
> ]
>
> let local_subnet = Ipaddr.Prefix.of_string_exn "192.168.0.0/16"
>
> let mgmt_local = Ipaddr.V4.of_string_exn "10.137.0.22"
>
> let from_client = function
> | { src = `Client c; dst = `External e } when Ipaddr.Prefix.mem e
> local_subnet
> && c#other_ip = mgmt_local -> `NAT
> | { src = `Client c; dst = `External e } when e = Ipaddr.V4 git_addr
> && List.mem c#other_ip allowed_to_git -> `NAT
> ...
>
> Is it possible to get the same functionality with the new rules using the
> prefix
> and the lists of addresses? It would also be useful to be able to block
> prefixes
> as well if that's possible.
There are two ways to get that working. The quick way is to get the src/dst IP
addresses from the `packet` field instead, e.g.
let externals = [
"192.168.1.101", `Git;
]
...
| { src = `Client _;
dst = `External `Git;
packet = `IPv4 ({Ipv4_packet.src}, _)}
when List.mem src allowed_to_git -> `NAT
Another solution would be to edit firewall.ml to allow specifying subnets, not
just hosts. That's a bit more work, though.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/8c2ffafe-4893-44ec-bb6a-38501449dbbe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[qubes-users] how to reinstall whonix-14 templates
Hi, I've broken my whonix-gw-14 when trying to upgrade to whonix-15 and ended up removing both gw and ws templates for version 14. I'me trying to reinstall following instructions from https://www.qubes-os.org/doc/templates/ but it does not work. Anyone can help with instructions to download whonix-14 from scratch? Thanks in advance, Claudio -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3fd648f8-6dcb-441e-8a1e-48d386f3ce23%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Exciting day for Debian! Watching the twitter feed
On Sunday, July 7, 2019 at 6:52:10 PM UTC+3, unman wrote: > Or, to check testing, use: > sudo qubes-dom0-update --action=search > --enable-repo=qubes-templates-itl-testing qubes-template > sudo qubes-dom0-update --action=search --enablerepo=qubes-templates-itl-testing qubes-template -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e7f305c1-27f3-4d3c-b664-cfde14941125%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
