Re: [qubes-users] Force a flatpaked application to open attachments, links etc. in a dismVM?
On Mon, 2022-05-30 at 14:11 -0400, Demi Marie Obenour wrote: > On Sat, May 28, 2022 at 12:56:42PM +0200, Johannes Graumann wrote: > > On Tue, 2022-05-24 at 12:35 -0400, Demi Marie Obenour wrote: > > > On Tue, May 24, 2022 at 10:37:18AM +0200, Qubes OS Users Mailing > > > List > > > wrote: > > > > https://www.qubes-os.org/doc/how-to-use-disposables/#making-a-particular-application-open-everything-in-a-disposable > > > > states: > > > > > To do this [make a particular application open everything in > > > > > a > > > > > disposable VM], enable a service named app-dispvm.X in that > > > > > qube, > > > > > where X is the application ID. > > > > > > > > and invokes `app-dispvm.thunderbird` as an example. > > > > > > > > How would you do that for an application installes and run > > > > through > > > > flatpak? > > > > > > Flatpak-installed applications still have an application ID, > > > which is > > > what gets passed to qubes.StartApp to launch the application. > > > > Thank you for your answer. Lengthy googling has dug up no answer to > > what an "application ID" actually is or how to look it up. Could > > you > > please help with that? Given a running program, how do I identify > > it? > > It is the name of the .desktop file the application has within the > VM. > For Flatpak apps, I believe it will always be the ID of the flatpak > (the > reverse-DNS name). Thank you. I did the following: 1) in `dom0`: > qvm-service task-privcom app-dispvm.org.gnome.Evolution on 2) restart task-privcom This does not work: neither *.pdf, nor *.jpeg, etc. get opened in a dispvm when opening (double clicking) from within Evolution ... Further pointers? Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/02d56795d145cff5cea6a9a495ef4241b4a51266.camel%40graumannschaft.org.
Re: [qubes-users] Force a flatpaked application to open attachments, links etc. in a dismVM?
On Tue, 2022-05-24 at 12:35 -0400, Demi Marie Obenour wrote: > On Tue, May 24, 2022 at 10:37:18AM +0200, Qubes OS Users Mailing List > wrote: > > https://www.qubes-os.org/doc/how-to-use-disposables/#making-a-particular-application-open-everything-in-a-disposable > > states: > > > To do this [make a particular application open everything in a > > > disposable VM], enable a service named app-dispvm.X in that > > > qube, > > > where X is the application ID. > > > > and invokes `app-dispvm.thunderbird` as an example. > > > > How would you do that for an application installes and run through > > flatpak? > > Flatpak-installed applications still have an application ID, which is > what gets passed to qubes.StartApp to launch the application. Thank you for your answer. Lengthy googling has dug up no answer to what an "application ID" actually is or how to look it up. Could you please help with that? Given a running program, how do I identify it? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/48af07c3fae3c96c5a012615641609946e29735e.camel%40graumannschaft.org.
Re: [qubes-users] Failing Salt code: out of ideas and wrong error
On Wed, 2022-05-25 at 15:08 +0100, 'unman' via qubes-users wrote:
> On Tue, May 24, 2022 at 11:54:27PM +0200, 'Johannes Graumann' via
> qubes-users wrote:
> > Can any one point me to why the following fails? I have been
> > banging my
> > head against this for a while ...
> >
> > --- SNIP ---
> > create bind dirs config file:
> > file.managed:
> > - name: /rw/config/qubes-bind-dirs.d/50_user.conf
> > - makedirs: True
> > - mode: 644
> > - dir_mode: 755
> >
> > {% set binddirs = ['/usr/local'] %}
> >
> > {% for binddir in binddirs %}
> > configure '{{ binddir }}' to be persistent:
> > file.replace:
> > - name: /rw/config/qubes-bind-dirs.d/50_user.conf
> > - pattern: "^binds+=( '{{ binddir }}' )$"
> > - repl: "binds+=( '{{ binddir }}' )"
> > - append_if_not_found: True
> > {% endfor %}
> > --- SNIP ---
> >
> > The corresponding error ("State 'create bind dirs config file' in
> > SLS
> > 'custom_dom0.sys-vpn-mpihlr_assert_vpn_setup' is not formed as a
> > list")
> > is a complete red herring, as the so called first part by itself
> > works
> > just fine and only fails when I add the latter (jinja) part ...
> >
> > How do I properly deal with the single quotes in `pattern` and
> > `repl`?
> >
> > Thanks for any pointers.
> >
> > Sincerely, Joh
> >
> >
>
> Hi Joh
>
> Change the closing tag on the for statement to "-%}"
> This is, I think, salt specific - according to the jinja specs it
> will remove whitespace
> Your use of single quotes in pattern and repl will be fine.
>
> A simpler (and lazier) formulation would use file.append:
>
> {% for binddir in binddirs %}
> configure '{{ binddir }}' to be persistent:
> file.append:
> - name: /rw/config/qubes-bind-dirs.d/50_user.conf
> - text: "binds+=( '{{ binddir }}' )"
> - makedirs: True
> {% endfor %}
>
> You can drop the explicit file.managed in this case.
>
> unman
Thank you so much! Addition of the darn `-` made my problem disappear
... this one really had me pulling my hear out!
Sincerely, Joh
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/63be168de19dca02f1e7760a318f6caff6fdf2ca.camel%40graumannschaft.org.
[qubes-users] Failing Salt code: out of ideas and wrong error
Can any one point me to why the following fails? I have been banging my
head against this for a while ...
--- SNIP ---
create bind dirs config file:
file.managed:
- name: /rw/config/qubes-bind-dirs.d/50_user.conf
- makedirs: True
- mode: 644
- dir_mode: 755
{% set binddirs = ['/usr/local'] %}
{% for binddir in binddirs %}
configure '{{ binddir }}' to be persistent:
file.replace:
- name: /rw/config/qubes-bind-dirs.d/50_user.conf
- pattern: "^binds+=( '{{ binddir }}' )$"
- repl: "binds+=( '{{ binddir }}' )"
- append_if_not_found: True
{% endfor %}
--- SNIP ---
The corresponding error ("State 'create bind dirs config file' in SLS
'custom_dom0.sys-vpn-mpihlr_assert_vpn_setup' is not formed as a list")
is a complete red herring, as the so called first part by itself works
just fine and only fails when I add the latter (jinja) part ...
How do I properly deal with the single quotes in `pattern` and `repl`?
Thanks for any pointers.
Sincerely, Joh
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/eb5ea5103d373739332790182caa3cec24049cdf.camel%40graumannschaft.org.
[qubes-users] Force a flatpaked application to open attachments, links etc. in a dismVM?
https://www.qubes-os.org/doc/how-to-use-disposables/#making-a-particular-application-open-everything-in-a-disposable states: > To do this [make a particular application open everything in a > disposable VM], enable a service named app-dispvm.X in that qube, > where X is the application ID. and invokes `app-dispvm.thunderbird` as an example. How would you do that for an application installes and run through flatpak? Thanks for any pointers. Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2a5cb7e4937d4dc24f095a9fa263c773e8f0e447.camel%40graumannschaft.org.
Re: [qubes-users] Circumventing autostart of apps when updating the appVM by `salt`?
On Thu, 2022-05-12 at 06:27 -0400, Demi Marie Obenour wrote: > On Thu, May 12, 2022 at 11:26:53AM +0200, Qubes OS Users Mailing List > wrote: > > I have a setup with appVMs that are configured to autostart a > > subset of > > apps when they get fired up - one example is `app-privcom` that > > runs > > `evolution`, `signal-desktop` (from a user level installed flatpak > > just > > in that VM) and `liferea` (also a flatpak) when coming online. > > > > Given the user-level flatpaked nature of some of the apps, the > > appVMs > > themselves have to be maintained (`flatpak update` etc.), which I > > do > > using `salt`. > > > > As a side effect of the convenient autostarting this results in > > apps > > popping up left and right when my fleet of appVMs is being updated > > by > > `salt` - which is a nuisance. > > > > Can anyone think of a way to circumvent app autostart in the > > context of > > firing up the the appVMs via `salt`? > > I don’t think this is possible right now. This would require that > the > VM know that it is being started via Salt, which it currently does > not. > Feel free to submit an enhancement request on GitHub. > Just thinking out loud here: traditional run level trickery in the context of starting a VM is that something feasible? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4416e16d2482f9871a05b00ffab0fa91e1c286ee.camel%40graumannschaft.org.
[qubes-users] Circumventing autostart of apps when updating the appVM by `salt`?
I have a setup with appVMs that are configured to autostart a subset of apps when they get fired up - one example is `app-privcom` that runs `evolution`, `signal-desktop` (from a user level installed flatpak just in that VM) and `liferea` (also a flatpak) when coming online. Given the user-level flatpaked nature of some of the apps, the appVMs themselves have to be maintained (`flatpak update` etc.), which I do using `salt`. As a side effect of the convenient autostarting this results in apps popping up left and right when my fleet of appVMs is being updated by `salt` - which is a nuisance. Can anyone think of a way to circumvent app autostart in the context of firing up the the appVMs via `salt`? Thank you for any pointers. Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6acf1992de8c3c6028b8d39fa205d34b5c859558.camel%40graumannschaft.org.
Re: [qubes-users] Salt: Jinja Error in templates but NOT dom0!?
> On 03.05.2022 11:32 Frédéric Pierret wrote:
>
>
> Hello,
>
> Just writing what I'm thinking (not Salt expert at all!), you are probably
> missing default value in the .get(): .get('kernelrelease', SOMETHING_DEFAULT)
>
> Le 5/3/22 à 11:01, 'Johannes Graumann' via qubes-users a écrit :
> > I have the following `*.sls` in my `salt`setup:
> >
> > {% if salt['pkg.version_cmp'](salt['grains'].get('kernelrealease'), '5.12')
> > < 0 %}
> > move broken AX260 wifi blob out of the way:
> > file.rename:
> > - name: /usr/lib/firmware/iwlwifi-ty-a0-gf-ao.pnvm.xz.bak
> > - source: /usr/lib/firmware/iwlwifi-ty-a0-gf-ao.pnvm.xz
> > - force: True
> > - runas: root
> > {% endif %}
> >
> > This is supposed to automate moving `linux` firmware out of the way that
> > interferes with my wifi card's operation under certain non-cutting edge
> > kernel versions (as present in `QubesOS`).
> >
> > I can run this `*.sls`fine on `dom0` (where it doesn't make much sense,
> > respectively the change isn't necessary), but if I target the templates
> > (and particularly the one `sys-net` is based on), `salt` balks on the first
> > line. There's a lot of traceback, but the most readable message appears to
> > be along the lines of
> >
> > `Jinja error: get() missing 1 required positional argument: 'default'`
> >
> > Does anyone have any pointers as to what may be going on here, how to
> > better debug (error output from `dom0`--> Email VM?) and how to fix?
Hm. But why does it then work in `dom0`?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/1628232447.48155.1651585502717%40office.mailbox.org.
[qubes-users] Salt: Jinja Error in templates but NOT dom0!?
I have the following `*.sls` in my `salt`setup:
{% if salt['pkg.version_cmp'](salt['grains'].get('kernelrealease'),
'5.12') < 0 %}
move broken AX260 wifi blob out of the way:
file.rename:
- name: /usr/lib/firmware/iwlwifi-ty-a0-gf-ao.pnvm.xz.bak
- source: /usr/lib/firmware/iwlwifi-ty-a0-gf-ao.pnvm.xz
- force: True
- runas: root
{% endif %}
This is supposed to automate moving `linux` firmware out of the way
that interferes with my wifi card's operation under certain non-cutting
edge kernel versions (as present in `QubesOS`).
I can run this `*.sls`fine on `dom0` (where it doesn't make much sense,
respectively the change isn't necessary), but if I target the templates
(and particularly the one `sys-net` is based on), `salt` balks on the
first line. There's a lot of traceback, but the most readable message
appears to be along the lines of
`Jinja error: get() missing 1 required positional argument: 'default'`
Does anyone have any pointers as to what may be going on here, how to
better debug (error output from `dom0`--> Email VM?) and how to fix?
Thanks in advance.
Joh
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/bacd7404b94bcdc63fddb4ac8193ecc4f6ab76a2.camel%40graumannschaft.org.
Re: [qubes-users] Where to configure target dir of `qvm-move`/`qvm-copy` (`/home/user/QubesIncomming`)?
On Tue, 2022-04-12 at 15:10 +0200, Johannes Graumann wrote: > On Fri, 2022-04-08 at 04:45 +0200, airelemental via qubes-users > wrote: > > > > > > > See subject line - I'd like to remap the `/home/user` bit to > > > `/tmp` > > > to > > > enforce cleanup ... > > > > > > Thanks for any pointers. > > > > > > Joh > > > > > In /rw/config/rc.local, you can create /tmp/QubesIncoming. Then > > replace ~/QubesIncoming with a symlink to /tmp/QubesIncoming > > > > Good strategy, I'll try that. Thank you. This *.sls works nicely: ``` configure `rc.local` to remove any present `QubesIncoming`: file.replace: - name: /rw/config/rc.local - pattern: '^rm -rf /home/user/QubesIncoming$' - repl: 'rm -rf /home/user/QubesIncoming' - append_if_not_found: True configure `rc.local` to create `/tmp/QubesIncoming`: file.replace: - name: /rw/config/rc.local - pattern: '^install -d -o user -g user -m 770 /tmp/QubesIncoming$' - repl: 'install -d -o user -g user -m 770 /tmp/QubesIncoming' - append_if_not_found: True configure `rc.local` to link `/tmp/QubesIncoming` to $HOME: file.replace: - name: /rw/config/rc.local - pattern: '^ln -s /tmp/QubesIncoming /home/user/QubesIncoming$' - repl: 'ln -s /tmp/QubesIncoming /home/user/QubesIncoming' - append_if_not_found: True configure `rc.local` to properly chown the link: file.replace: - name: /rw/config/rc.local - pattern: '^chown -h user:user /home/user/QubesIncoming$' - repl: 'chown -h user:user /home/user/QubesIncoming' - append_if_not_found: True ``` It generates this code block in `/rw/config/rc.local`: ``` rm -rf /home/user/QubesIncoming install -d -o user -g user -m 770 /tmp/QubesIncoming ln -s /tmp/QubesIncoming /home/user/QubesIncoming chown -h user:user /home/user/QubesIncoming ``` -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5eb5fde15cdb7b2923dcf6012a356ad7024db543.camel%40graumannschaft.org.
Re: [qubes-users] Where to configure target dir of `qvm-move`/`qvm-copy` (`/home/user/QubesIncomming`)?
On Fri, 2022-04-08 at 04:45 +0200, airelemental via qubes-users wrote: > > > > See subject line - I'd like to remap the `/home/user` bit to `/tmp` > > to > > enforce cleanup ... > > > > Thanks for any pointers. > > > > Joh > > > In /rw/config/rc.local, you can create /tmp/QubesIncoming. Then > replace ~/QubesIncoming with a symlink to /tmp/QubesIncoming > Good strategy, I'll try that. Thank you. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f9a1951f3f43b1025f8ba99b703a4b5d37caecf7.camel%40graumannschaft.org.
Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates
On Tue, 2022-04-05 at 19:39 +0200, 'Johannes Graumann' via qubes-users wrote: > On Tue, 2022-04-05 at 19:37 +0200, David Hobach wrote: > > And the last time I tried Citrix on Qubes, I just installed it to > > the > > home directory (there was a tarball for download IIRC). > This is really exciting ... will try this ... the rpm puts it into > `/opt` ... would remove the need for a dedicated template. > > Thanks! > You did not, perchance, find a way to run the darn `setupwfc` script without user interaction/using the defaults? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c2d0adadd0599f82845c8ede6a0da7a43562125d.camel%40graumannschaft.org.
Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates
On Tue, 2022-04-05 at 20:16 +0200, David Hobach wrote: > > A related question: howto transfer a binary file (like the citrix > > tarball) to dom0 for integration into the salt setup? > > > > the `qvm-run` and `cat`-based version in the docs does not work in > > this > > case. > > Just pack it into one *.tar.gz and then use the qvm-run cat commands > to transfer it from the source VM to dom0. It works with any file, > just not with directories - so you need to pack those. > Was trying that but forgetting the VM of origin ... PEBKAC. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43889dac8ab05e84701c2a533d63d8af5db66229.camel%40graumannschaft.org.
Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates
On Tue, 2022-04-05 at 19:39 +0200, 'Johannes Graumann' via qubes-users wrote: > On Tue, 2022-04-05 at 19:37 +0200, David Hobach wrote: > > And the last time I tried Citrix on Qubes, I just installed it to > > the > > home directory (there was a tarball for download IIRC). > This is really exciting ... will try this ... the rpm puts it into > `/opt` ... would remove the need for a dedicated template. > > Thanks! > A related question: howto transfer a binary file (like the citrix tarball) to dom0 for integration into the salt setup? the `qvm-run` and `cat`-based version in the docs does not work in this case. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/71aab136097a3ff78d7af4752048c3aee2189826.camel%40graumannschaft.org.
Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates
On Tue, 2022-04-05 at 19:37 +0200, David Hobach wrote: > And the last time I tried Citrix on Qubes, I just installed it to the > home directory (there was a tarball for download IIRC). This is really exciting ... will try this ... the rpm puts it into `/opt` ... would remove the need for a dedicated template. Thanks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ae33da48ab6b07da4b4a68c3583704f2b13a3c76.camel%40graumannschaft.org.
[qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates
Hi, I'm maintaining my setup using salt. For work I need to use proprietary software (citrix client) - a picture perfect use case for a dedicated template/app vm combo (sadly there isn't a flatpak, which via user space-installation would allow me to bypass the dedicated template). Citrix now is playing nasty: https://www.citrix.com/de-de/downloads/workspace-app/linux/workspace-app-for-linux-latest.html has *.debs, *.rpms and tarballs ready for download, but some java script magic adds individualized tokens to the download links, to prevent straight linking to the resources. Some nice person has figured out how to circumvent that using bash scripting in the AUR of ArchLinux (https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=icaclient) and I used that to build a shell script that will deliver a currently valid download link, which I was thinking to use via `cmd.script` in salt. However, I now realize that a proper Qubes template does not have standard internet access even when being updated, so that route is barred. How would you go about this? Just manual downloading the rpm and installing it into the template does the trick, but I'd vastly prefer a salty solution. Thanks for reading this far and thank you for any hints. Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0c26f3d6fc7c11cf84606d8d8a3d6c0bb2f98ea2.camel%40graumannschaft.org.
[qubes-users] Where to configure target dir of `qvm-move`/`qvm-copy` (`/home/user/QubesIncomming`)?
See subject line - I'd like to remap the `/home/user` bit to `/tmp` to enforce cleanup ... Thanks for any pointers. Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8187b18a7546f77083fa3ff0f1938d872288c169.camel%40graumannschaft.org.
Re: [qubes-users] Qubes 4.1 on ThinkPad P15 Gen 2: Does not see ThinkPad USB-C Dock Gen. 2
> On 28.03.2022 15:06 'Johannes Graumann' via qubes-users > wrote: > > > > Please see subject line. The corresponding port on the ThnikPad and the cable > used are OK, as I can use them to hook up a USB keyboard, which is recognized > by my `sys-usb` VM and usable upon attaching it to a VM. > It's also not the dock itself, as I have tried with an identical model that > works for a colleague. > > Any advise is highly appreciated. Howto remedy? How to debug? > > Thanks for any insight. Please forget about this. PEBKAC. I was using the > wrong USB-C Port on the dock ... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1432683097.2356.1648476646118%40office.mailbox.org.
[qubes-users] Qubes 4.1 on ThinkPad P15 Gen 2: Does not see ThinkPad USB-C Dock Gen. 2
Please see subject line. The corresponding port on the ThnikPad and the cable used are OK, as I can use them to hook up a USB keyboard, which is recognized by my `sys-usb` VM and usable upon attaching it to a VM. It's also not the dock itself, as I have tried with an identical model that works for a colleague. Any advise is highly appreciated. Howto remedy? How to debug? Thanks for any insight. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2020826114.951546.1648472813699%40office.mailbox.org.
Re: [qubes-users] gnome flatpaks in VMs incompatible with nvidia/nouveau in dom0?
> On 26.03.2022 22:09 'Johannes Graumann' via qubes-users > wrote: > > > Hello, > > I recently switched my laptop/dom0 installation from the intel to the > nvidia/nouveau graphics card included. > > I have been running task/app dedicated VMs without having to install all > software into the corresponding minimal templates by augmenting them with > user-level flatpaks. > > For gnome apps (evolution from flathub in particular) this has broken through > the switch to nvidia/nouveau - see this: > https://discourse.flathub.org/t/after-transition-to-nvidia-card-nouveau-fedora-34-flatpak-evolution-fails-to-display-messages-with-webkit-error/2375 > > All I can find online is how to fix such problems by installing the > org.freedesktop.GL.mvidia* package that correspond to the driver running on > the host system, but I find NOTHING on how to deal with this when using > nouveau drivers. > > Does anybody have any insight into this? > The evolution/flathub folks sent me on to Webkit itself (https://bugs.webkit.org/show_bug.cgi?id=238445), but THANKS to QubesOS' infrastructure I solved the problem for now: moved from `fedora-34` to `debian-11` as the base distribution for the underlying template/image et voila - problem magically goes away. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/569513822.936906.1648466422819%40office.mailbox.org.
[qubes-users] gnome flatpaks in VMs incompatible with nvidia/nouveau in dom0?
Hello, I recently switched my laptop/dom0 installation from the intel to the nvidia/nouveau graphics card included. I have been running task/app dedicated VMs without having to install all software into the corresponding minimal templates by augmenting them with user-level flatpaks. For gnome apps (evolution from flathub in particular) this has broken through the switch to nvidia/nouveau - see this: https://discourse.flathub.org/t/after-transition-to-nvidia-card-nouveau-fedora-34-flatpak-evolution-fails-to-display-messages-with-webkit-error/2375 All I can find online is how to fix such problems by installing the org.freedesktop.GL.mvidia* package that correspond to the driver running on the host system, but I find NOTHING on how to deal with this when using nouveau drivers. Does anybody have any insight into this? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1730316272.793845.1648328970885%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1 & ThinkPad P15 Gen 2 (type 20YQ): Help in Remedying Reduced Functionality?
> On Thu, Mar 24, 2022 at 02:38:16PM +0100, 'Johannes Graumann' via qubes-users > wrote: > > > On 24.03.2022 13:39 'Johannes Graumann' via qubes-users > > > wrote: > > > > > > > > > > > > > > > > On 24.03.2022 12:16 'Johannes Graumann' via qubes-users > > > > wrote: > > > > ... > > > > As the laptop's HDMI port also does not work (likely due to being > > > > hardwired to the NVDIA card), I currently have no means of setting up > > > > multiple screens. > > > > > > > > I want to use Qubes and this machine as my daily driver and non > > > > functioning dock as well as the lack of a multiple screen options are > > > > show stoppers for this. > > > > The latter is possibly fixable through NVIDIA support in `dom0` and > > > > that's what I'm working on next, but I would highly appreciate any hint > > > > on how to get the dock working. > > > > > > > Installing `kernel-latest` in `dom0` (which currently brings in 5.16) and > > > setting graphics to `discrete` in the BIOS renders the on board HDMI port > > > active. `Hybrid` graphics settings results in a black screen when the > > > display manager comes up. > > > > > > Still having issues with the screens only being shown mirrored, but I'm > > > getting somewhere. > > > > > To get the multiscreen setup to behave properly, I had to switch of the > > compositor: > > > > ` Q → System Tools → Window Manager Tweaks → Compositor → uncheck “Enable > > display compositing” ` > > Does unchecking the “Mirror displays” option (in Q → System Tools → > Display) also work? If not, that’s a bug; please report it. If so, > that’s a user experience problem and should also be reported. No it doesn't. See https://github.com/QubesOS/qubes-issues/issues/7373. Does this serve? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1572862280.699361.1648134085804%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1 & ThinkPad P15 Gen 2 (type 20YQ): Help in Remedying Reduced Functionality?
> On 24.03.2022 13:39 'Johannes Graumann' via qubes-users > wrote: > > > > > > On 24.03.2022 12:16 'Johannes Graumann' via qubes-users > > wrote: > > ... > > As the laptop's HDMI port also does not work (likely due to being hardwired > > to the NVDIA card), I currently have no means of setting up multiple > > screens. > > > > I want to use Qubes and this machine as my daily driver and non functioning > > dock as well as the lack of a multiple screen options are show stoppers for > > this. > > The latter is possibly fixable through NVIDIA support in `dom0` and that's > > what I'm working on next, but I would highly appreciate any hint on how to > > get the dock working. > > > Installing `kernel-latest` in `dom0` (which currently brings in 5.16) and > setting graphics to `discrete` in the BIOS renders the on board HDMI port > active. `Hybrid` graphics settings results in a black screen when the display > manager comes up. > > Still having issues with the screens only being shown mirrored, but I'm > getting somewhere. > To get the multiscreen setup to behave properly, I had to switch of the compositor: ` Q → System Tools → Window Manager Tweaks → Compositor → uncheck “Enable display compositing” ` -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1225995367.688364.1648129096849%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1 & ThinkPad P15 Gen 2 (type 20YQ): Help in Remedying Reduced Functionality?
> On 24.03.2022 12:16 'Johannes Graumann' via qubes-users > wrote: > ... > As the laptop's HDMI port also does not work (likely due to being hardwired > to the NVDIA card), I currently have no means of setting up multiple screens. > > I want to use Qubes and this machine as my daily driver and non functioning > dock as well as the lack of a multiple screen options are show stoppers for > this. > The latter is possibly fixable through NVIDIA support in `dom0` and that's > what I'm working on next, but I would highly appreciate any hint on how to > get the dock working. > Installing `kernel-latest` in `dom0` (which currently brings in 5.16) and setting graphics to `discrete` in the BIOS renders the on board HDMI port active. `Hybrid` graphics settings results in a black screen when the display manager comes up. Still having issues with the screens only being shown mirrored, but I'm getting somewhere. No luck whatsoever with the USB-C dock. Pointers highly appreciated. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1060685086.680565.1648125567239%40office.mailbox.org.
[qubes-users] Qubes 4.1 & ThinkPad P15 Gen 2 (type 20YQ): Help in Remedying Reduced Functionality?
Hi, I got a new ThinkPad P15 Gen 2: 1x 11th Generation Intel® Core™ i7-11800H Processor(Core™ i7-11800H) 1x Bluetooth® 5.0 or above; Intel® Wi-Fi 6E AX210 2x2 AX 1x Ethernet; Combo audio/microphone jack; HDMI 2.0; 1 Power button; 2x TBT (DP 1.4 USB 3.2 Gen2); 2 USB 3.2 Gen 2 (Type A); SIM Card (Nano SIM) 1x 720P HD with Dual Array Microphone & ThinkShutter 1x NVIDIA RTX A2000 4GB As with a similar (even beefier) model https://www.qubes-os.org/hcl/#lenovo_thinkpad-p15-gen2-20yq004fus_i9-11950h_tiger-lake_integrated-graphics-uhd-rtx-a4000-mobile most things appear to work. I had to disable Bluetooth in the BIOS, the system will only boot with hybrid and not discrete graphics, and WiFi required the fixed mentioned in above HCL entry. Various reports seem to indicated, that USB-C docking stations have been found working (with reduced speed?) but I do not seem to be able to get the ThinkPad USB-C Dock Gen2 to jive with the system: neither web nor external screens work. Plugging it in does not do anything to `udevadmin` in either `dom0` nor `sys-usb`. As the laptop's HDMI port also does not work (likely due to being hardwired to the NVDIA card), I currently have no means of setting up multiple screens. I want to use Qubes and this machine as my daily driver and non functioning dock as well as the lack of a multiple screen options are show stoppers for this. The latter is possibly fixable through NVIDIA support in `dom0` and that's what I'm working on next, but I would highly appreciate any hint on how to get the dock working. Thank you for your consideration and any hints. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/373103948.669794.1648120563141%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1: How to set private storage max size using SALT?
> On 24.03.2022 10:42 'Johannes Graumann' via qubes-users > wrote: > > > > On 24.03.2022 09:53 'Johannes Graumann' via qubes-users > > wrote: > > > > > > > On 22.03.2022 17:22 unman wrote: > > > > > > > > > You have to include a call to qvm-volume in your state file. > > > > > > 'qvm-volume extend QUBE:private 50G': > > > cmd.run > > > > Super! Thank you! > > Turns out, this does not generally work. The first time the command runs (and > , the target storage size is really bigger than what is set) > everything is fine, but as the shorthands like `G` do not reflect what's > really set (in bytes) under the hood such a statement fails on every further > run, as `qvm-volume` returns an error: `For your own safety, shrinking of > private is disabled ...` For me this works: set size manually for one VM, check the "real" byte level size using `qvm-volume i QUBE:private` and use the "real" full number rather than the `G`-shorthand ... inconvenient. If `qvm-volume` allows to set using shorthands, it also should take care of using that info when checking. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/920091549.657939.1648115740297%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1: How to set private storage max size using SALT?
> On 24.03.2022 09:53 'Johannes Graumann' via qubes-users > wrote: > > > > On 22.03.2022 17:22 unman wrote: > > > > > > You have to include a call to qvm-volume in your state file. > > > > 'qvm-volume extend QUBE:private 50G': > > cmd.run > > Super! Thank you! Turns out, this does not generally work. The first time the command runs (and , the target storage size is really bigger than what is set) everything is fine, but as the shorthands like `G` do not reflect what's really set (in bytes) under the hood such a statement fails on every further run, as `qvm-volume` returns an error: `For your own safety, shrinking of private is disabled ...` -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/484006612.655686.1648114922617%40office.mailbox.org.
Re: [qubes-users] How to properly and entirely revert the GUI VM setup?
> On 19.03.2022 17:30 'awokd' via qubes-users > wrote: > > > 'Johannes Graumann' via qubes-users: > > Hello, > > > > I have been playing around with the GUI VM setup and it works on my machine > > (didn't manage to have network, but didn't look into that, see next), but > > the necessity to set a new password for user every time it is fired up > > renders it's use so impractical, I will refrain for now. > > > > The question then arises on how to roll its Deployment back. Do I just set > > the `salt` recipe to disable and delete the xfce template/vm? Or is there > > more to revert? > > Check out the bottom of > https://github.com/fepitre/qubes-doc/blob/guivm/user/advanced-topics/guivm.md > . Haven't done it myself, though. Thank you. Done. And all corresponding VMs/images deleted. BUT: The GUI vm remains as an option on the login screen (along with xfce) ... I'm now wondering whether that's the only stale remnant on the system ... Thanks for further hints. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1163699031.649392.1648112191852%40office.mailbox.org.
Re: [qubes-users] Qubes 4.1: How to set private storage max size using SALT?
> On 22.03.2022 17:22 unman wrote: > > > You have to include a call to qvm-volume in your state file. > > 'qvm-volume extend QUBE:private 50G': > cmd.run Super! Thank you! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/100043.648953.1648112003518%40office.mailbox.org.
[qubes-users] Qubes 4.1: How to set private storage max size using SALT?
Hi, Please see subject line ;) Thanks for any pointers. Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1457529299.342716.1647883304344%40office.mailbox.org.
[qubes-users] How to properly and entirely revert the GUI VM setup?
Hello, I have been playing around with the GUI VM setup and it works on my machine (didn't manage to have network, but didn't look into that, see next), but the necessity to set a new password for user every time it is fired up renders it's use so impractical, I will refrain for now. The question then arises on how to roll its Deployment back. Do I just set the `salt` recipe to disable and delete the xfce template/vm? Or is there more to revert? Thank you for any pointers. Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1327208772.353669.1647343392596%40office.mailbox.org.
[qubes-users] modeles & firmware packages for the kernel-latest packages?
Hi, The wireless card in my new machine (AX260) is reported to only start working with kernel 5.12, which means the stable kernel is not enough, but the kernel-latest package (now 5.16 in security-testing) should be fine. I am wondering though where to get the appropriate firmware and modules packages from ... they appear to be only available for 5.11 in security-testing. When I tried kernel-latest yesterday (it was still 5.15), booting worked just fine until the login manager GUI was supposed to come up and than the machine blacked out, which I assum to mean missing modules? Thank you for any advise in this matter. Sincerely, Joh -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/642484360.96161.1647017866427%40office.mailbox.org.
