Re: [qubes-users] equivalent of grub kernel parameters on qubes?
I tried to locate that file on dom0 but I couldn't find. Was it supposed to be elsewhere? (yes, I installed with UEFI) On Sunday, October 27, 2019 at 11:59:05 AM UTC-3, unman wrote: > > On Fri, Oct 25, 2019 at 05:41:37PM -0700, Guerlan wrote: > > There's a quirk for laptop suspend problem that I want to try on Qubes > that > > is the following on Ubuntu: > > > > sudo nano /etc/default/grub > > GRUB_CMDLINE_LINUX_DEFAULT="button.lid_init_state=open" > > > > However dom0 does not have such file. How do I pass kernel parameters to > Qubes? > > > > I have that file but I use standard(legacy) boot. Did you install with > UEFI? > If you are using UEFI, I believe you can install a EFI shell and boot > into it to test change parameters. Or you can edit the file at > /boot/efi/EFI/qubes/xen.cfg to add your parameters. > > NB I dont like UEFI and dont use it, but I think that pointer is right. > As always, back up any system files before you start changing them. > > unman > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dc579d4e-ff18-49e4-ba3e-c55dd6d7fc36%40googlegroups.com.
[qubes-users] 4TB USB external disk - unable to attach to VM
Hi, I've recently bought a high volume external USB 3.0 HDD to serve as a backup storage. Unfortunately when trying to attach the device using 'Qubes Devices' applet the disk is initally attached folllowed by immediate message "removed()". I tried re-partitioning the volume from a single 4TB (3.7 TB) partition to a couple of smaller 1.7TB partitions, type 7 (under fdiks), formatted as NTFS. Unfortunately it didn't work. The only place it's showing up is directly withing sys-usb VM. I can access partitions there. But I want to be able to attach the disk / or one of the partitions/ directly to VM I need to copy data to/from. Any ideas? Suggestions? Advise how to connect my 4TB USB HDD into Qubes? Thanks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LsETa16--B-1%40tutamail.com.
Re: [qubes-users] Upgrading from R3.2 - R4.0.1 or 4.0.2-rc1?
Gaijin: > I've had issues after restoring my backups though. I can't seem to > upgrade my TemplateVMs without getting the dreaded “Failed to > synchronize cache for repo” errors > https://www.qubes-os.org/faq/#i-keep-getting-failed-to-synchronize-cache-for-repo-errors-when-trying-to-update-my-fedora-templates > Switching the NetVM for the templates between sys-whonix, sys-firewall > and sys-net hasn't resolved the error. I guess that is a Fedora issue > rather than Qubes though. > Forgot about that gotcha. Check https://github.com/Qubes-Community/Contents/blob/master/docs/system/restore-3.2.md. -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/da8a688e-4bcc-1951-5e0e-987b762c1442%40danwin1210.me.
Re: [qubes-users] Forwarding a port to a VM behind a VPN ProxyVM
On Fri, Oct 25, 2019 at 08:04:55PM -0500, Verifiable List wrote: > Hello All, > > I use Mullvad as my VPN provider. They allow you to forward a port through > the VPN. However, I'm having a hard time wrapping my head around how to get > this to work with Qubes OS. This is what the network chain in question looks > like: > > AppVM > ProxyVM (VPN Client Here) > sys-firewall > sys-net > Internet > > Because the port is being forwarded through the VPN tunnel, I expected it to > be accessible from the ProxyVM without altering the configurations on > sys-net or sys-firewall. However, after enabling the port forward on Mullvad > and testing as described in their documentation: > > - In a terminal window, run netcat -l -p > - In another terminal window, run curl > https://ipv4.am.i.mullvad.net/port/ > - If everything is working properly, the result will show "reachable:true". > > the result is always "reachable:false". (Note: I'm running this test on the > ProxyVM itself.) > > Any assistance would be appreciated. > > Thank you. > If you look at the firewall rules I suspect that you will find that the inbound rule only accepts connected traffic, whereas this would be NEW. Certainly on the appVM you will need a rule to allow inbound traffic to the target port. I don't know the detail of how Mullvad deals with port forwarding, but you should be able to identify the port that is accessed (this may not be the same as the target on the appVM). I assume that in the documentation you will find a reference to what firewall ports you need to open on the ProxyVM for inbound traffic. It's *possible* that you'll have to open inbound ports on sys-firewall AND sys-net in the forward chains,depending on the implementation. Check the Mullvad docs. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191027151008.GB11475%40thirdeyesecurity.org.
Re: [qubes-users] equivalent of grub kernel parameters on qubes?
On Fri, Oct 25, 2019 at 05:41:37PM -0700, Guerlan wrote: > There's a quirk for laptop suspend problem that I want to try on Qubes that > is the following on Ubuntu: > > sudo nano /etc/default/grub > GRUB_CMDLINE_LINUX_DEFAULT="button.lid_init_state=open" > > However dom0 does not have such file. How do I pass kernel parameters to > Qubes? > I have that file but I use standard(legacy) boot. Did you install with UEFI? If you are using UEFI, I believe you can install a EFI shell and boot into it to test change parameters. Or you can edit the file at /boot/efi/EFI/qubes/xen.cfg to add your parameters. NB I dont like UEFI and dont use it, but I think that pointer is right. As always, back up any system files before you start changing them. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20191027145900.GA11475%40thirdeyesecurity.org.
Re: [qubes-users] DNS propagation in Qubes
On 10/27/19 6:33 AM, gas...@gmail.com wrote: Is there a clear guide of how to set up a DNS VM in Qubes OS? I tried setting up dnsmasq in the VPN VM behind sys-firewall, both with NetworkManager and as a standalone service. It didn't work. I also tried on another VM behind the VPN VM. All I got working is making DNS requests to the specific VM. E.g. $ dig example.com @10.137.0.23 But I wasn't able to hijack the DNS requests with iptables for general requests without "@". tcpdump seems to indicate that the DNS queries don't even get routed through the VPN VM, which doesn't make sense to me, so I might be missing something. Any clear step-by-step guide anywhere? I randomly found https://blog.tufarolo.eu/how-to-configure-pihole-in-qubesos-proxyvm/ It looks reasonable, but I didn't test it. Use it at your own risk. Depending on your chain of VMs the Qubes firewall may or may not work for DNS - just test it if it matters to you. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4f7f6490-7d5c-3a08-ab56-1bf8060edc87%40hackingthe.net. smime.p7s Description: S/MIME Cryptographic Signature
