Re: [qubes-users] Re: Qubes 4.1 qrexec issue?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, Mar 16, 2022 at 10:02:41AM +, 'taran1s' via qubes-users wrote: > > > unman: > > On Wed, Mar 09, 2022 at 11:20:53AM +, 'taran1s' via qubes-users wrote: > > > > > > > > > taran1s: > > > > I have an issue with Split GPG as well as with opening files in the > > > > disposable VMs and with the qrexec in the guide How to use Monero > > > > CLI/daemon with Qubes + Whonix too. > > > > > > > > https://www.getmonero.org/resources/user-guides/cli_wallet_daemon_isolation_qubes_whonix.html > > > > > > > > > > > > Split GPG > > > > > > > > Opening Thunderbird, I get following errors in the notification popup: > > > > > > > > Denied: whonix.NewStatus > > > > Denied whonix.NewStatus+status from work-email to sys-whonix > > > > > > > > I have to as well make every gpg action confirm in the Dom0 Operation > > > > Execution with Target GPG backend. > > > > > > > > Using dispVMs from within AppVM > > > > > > > > When trying to convert file or open it in the disposable VM from within > > > > the normal AppVM, I get an error popuplike : > > > > > > > > Denied: qubes.PdfConvert > > > > Denied qubes.pdfConvert from work-email to @dispvm > > > > > > > > Any advice appreciated! > > > > > > Is this mailing list still active or one needs to better go to a different > > > place? > > > > > > > Still active, but the Forum has more traffic, although it's often low > > grade and noisy. > > > > On your questions, the first looks like a Whonix issue - Patrick has > > asked that Qubes-Whonix questions be put in the Whonix forums, where > > they will get better oversight. > > The second looks like permissions - look in the policy file at > > /etc/qubes-rpc/policy/qubes.PdfConvert > > The /etc/qubes-rpc/policy/qubes.PdfConvert has allowed anyvm to run > PdfConvert > $anyvm $dispvm allow What do the files under ā/etc/qubes/policy.dā contain? R4.1 has a new policy syntax and the files are located in a different directory. That could easily cause denials. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmI4jTgACgkQsoi1X/+c IsGQwBAA0qZzYydofkEOcKdahuyyRzlYAr+n/V07TQEtfURAsbdpJvdu8d7/G1je U5kcwLbjPyr+auHGZ1xqytwxyT+sRVD9YIXYoBscKyirf0uQzUuNxJI2IywxhOV4 Z8NDt6xsithbHL4ia3VWMNRv6MhDxmFOEI3Qrx4QcLwiBFp3WHm/G+1LYTSBSGjI VEHmeeyT3ZEDg16sNeAHQCLa+lgEawTvcf3i55B8W39wn/48zaQ22L/aCqRJ9Yc/ kUgV86LE1BanLX8w7fQN6qXth0++taG1tsoCyzeIL1iHCB2vax+x03Km6Q8lKxAT DJYxVC7qbmHsHsAIaU7JgOrEeIfj6xvjO2+1yCb124wx2eO1AmcyylbVApZXGzkV zOcWly1zQ04QjMiBaB8cOxnm18djomVoQpS+WQDtrcQ38VniDTI6d6tCfjknIbym Hfxot70Q6IE8Bz8GcfsGASFFVCM68FSMtXTTbV/UUp+FJN1csXTlJ2PNGbTFMjuW W7V3ucIdH4eyTBJo3VKYvO4JgPKACvS+zjzRxNQLN+r+SXQl7bV0rvl5LQHvQwxo uqmc7rff0iA1pXHv1Iv7ivC3HJG+oo+JcX25zY8m7U2UB+6txFuoxPOJbBrTf/+Z df3fXrLqHB23IeE99Yx8Y9B/Ccr8zsOcr50pQKw/bsPAKC11tg4= =GFsR -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/YjiNN9MjLND2gGNG%40itl-email.
[qubes-users] Qubes 4.1: How to set private storage max size using SALT?
Hi, Please see subject line ;) Thanks for any pointers. Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1457529299.342716.1647883304344%40office.mailbox.org.
Re: [qubes-users] what's the speciality of dvm template for sys-* in v4.1?
lik...@gmx.de: Hi! I'm using disposable sys-* on my v4.1 laptop. If choosing debian as default template a debian-11-dvm is created and used as a template dvm for sys-* Strange observations: 1. in the xfce-menu no "Disposable: debian-11-dvm" is created 2. if I create a new disposable template and assign it as a base for sys-usb, my touchpad stops working and I have to use an external USB-mouse (which is working) 1. Could be a regression. I remember seeing similar in earlier versions of 4.0. Check qubes-issues to see if it's being tracked somewhere, and possibly submit if not. 2. Double-check the rules in /etc/qubes-rpc and /etc/qubes-rpc/policy to see if they permit tablet input to dom0. Might have to tweak something if the template is named differently? -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/05ac000a-350f-36de-482d-e860d2378e11%40danwin1210.de.
Re: [qubes-users] Re: Qubes 4.1 qrexec issue?
Demi Marie Obenour: On Wed, Mar 16, 2022 at 10:02:41AM +, 'taran1s' via qubes-users wrote: unman: On Wed, Mar 09, 2022 at 11:20:53AM +, 'taran1s' via qubes-users wrote: taran1s: I have an issue with Split GPG as well as with opening files in the disposable VMs and with the qrexec in the guide How to use Monero CLI/daemon with Qubes + Whonix too. https://www.getmonero.org/resources/user-guides/cli_wallet_daemon_isolation_qubes_whonix.html Split GPG Opening Thunderbird, I get following errors in the notification popup: Denied: whonix.NewStatus Denied whonix.NewStatus+status from work-email to sys-whonix I have to as well make every gpg action confirm in the Dom0 Operation Execution with Target GPG backend. Using dispVMs from within AppVM When trying to convert file or open it in the disposable VM from within the normal AppVM, I get an error popuplike : Denied: qubes.PdfConvert Denied qubes.pdfConvert from work-email to @dispvm Any advice appreciated! Is this mailing list still active or one needs to better go to a different place? Still active, but the Forum has more traffic, although it's often low grade and noisy. On your questions, the first looks like a Whonix issue - Patrick has asked that Qubes-Whonix questions be put in the Whonix forums, where they will get better oversight. The second looks like permissions - look in the policy file at /etc/qubes-rpc/policy/qubes.PdfConvert The /etc/qubes-rpc/policy/qubes.PdfConvert has allowed anyvm to run PdfConvert $anyvm $dispvm allow What do the files under ā/etc/qubes/policy.dā contain? R4.1 has a new policy syntax and the files are located in a different directory. That could easily cause denials. Dear Demi-Marie, thank you for your reaction. Patrick on whonix forum mentioned that this is an issue (the communication in between qubes) with the Qubes qrexec rules, not whonix specific. To your question regarding, the files under /etc/qubes/policy.d. The Qubes 4.1 is a fresh installation and I didn't make any changes except the Split Gpg and the Monero guide here http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Monero_Wallet_Isolation I believe that there are no changes whatsoever in the files under /etc/qubes/policy.d and should be in default vanilla state. Thank you in advance for your support! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/53be1d3a-d510-ab04-8a58-11b4167cf70d%40mailbox.org.
