Re: [qubes-users] Query on upgrade process - what next after downloading the fedora23 template?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-15 20:10, Emma Baillie wrote: > No, you misunderstand me. I already did all the things in that document. Sorry for the misunderstanding. You do not have to (and, indeed, cannot) update your TemplateBasedVMs from Fedora 21 to Fedora 23, since they're Template-based. This means that they don't have a root filesystem (where the OS and programs are stored) of their own. Instead, they get their root filesystem from the TemplateVM on which they're based. As long as your TemplateVMs have been upgraded correctly, your TemplateBasedVMs should work with the upgraded TemplateVMs normally. This page contains more information about how TemplateVMs work: https://www.qubes-os.org/doc/templates/ > I'm asking what to do _next_. Just shut down all my VMs one by one > including sys_net and sys_firewall and tell them in VM-manager to be > fedora-23 not fedora-21 VMs? Or is there a better way? > Hm. Your questions here suggest that you may not have followed the instructions correctly. The procedure, in outline, is this: 1. Upgrade all TemplateVMs and StandaloneVMs. 2. Upgrade dom0. 3. Reboot dom0. (The details of how to perform each step are in the linked documentation page.) The fact that you're now asking whether you should shut down all of your VMs one by one suggests that you may not have followed the above procedure, since rebooting dom0 entails shutting down all of those VMs (but it's also possible that this is just a miscommunication). It's also not clear to me what you mean by "tell them in VM-manager to be fedora-23 not fedora-21 VMs." There isn't really any way to "tell" a TemplateBasedVM to "be" a fedora-21 or fedora-23 VM. The closest thing would be to set a TemplateBasedVM's template to either a fedora-21 or fedora-23 template. If you've just performed an in-place upgrade on a template (from Fedora 21 to Fedora 23) with the intention of using it, then it would indeed make sense to base your AppVM on this newly upgraded template (if it wasn't already). Again, as long as the upgrade has been done correctly, everything should work normally. P.S. - Please keep the list CCed, and please don't top-post. > On Tue, Aug 16, 2016 at 12:56 PM, Andrew David Wong> wrote: On 2016-08-15 19:33, eobail...@gmail.com wrote: Hi qubes people, I have just completed the Qubes 3.0 to 3.1 upgrade process, ending up, as suggested in the upgrade doc, with getting the new Fedora 23 template. However, I'm not sure where to go from here. All my existing VMs (which is just the standard out-of-the-box set) are still using fedora 21, obviously - what is the next step meant to be? Can I update my TemplateBasedVMs from 21 to 23 without losing my files? Thanks Emma > > Yes, you can upgrade your existing templates using this procedure: > > https://www.qubes-os.org/doc/upgrade-to-r3.1/ > > As always, please make sure to back everything up before attempting this. > - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsozCAAoJENtN07w5UDAwXBkQALAnAOtJHJ1e1oH+oLAHjZl2 srv0HoyXF5t25qhKCGBNa3xfFhZgyCbskXhjsr1SFqnLOe1i26DXvk/EgQRr4rsT Csz6SHjl47pkYrHWEBfoHrA7G1FWqVjGnJ4ZdDtgFeBN/1hMRENAFW8UHvHOudlb lHFdzBSshTu7exByIk/zshW8WJFPESAAtDVZsc88GWsvPCcqaZsoTVQibb7tJuCt 2bgzGMmH2i1f1vJBoy25wFXw9rxxEBRyma09hH5e9mh9a1Ve8psHQQw9Lo825KZE M770oUYIhTR06SuhfBkziOHqOsHmULoyZooYoBF1dp6hb6aIPzTX6RujZLUpyCuU gWv6RyAa1QdkINLUEdA5WLbELlVAquUHCRH86IBfvqhSBStt/0KhjR5Cz41ljc/H OYDKUbJL583kiZxz9ayb8xg8wSuXkeSZEufEOiOB2dccSoHzXX5GC+xqRpTlVhM4 0DTsfn+5seYU0Zk4SrwN/xk6o3fYIiEpQeoXK41LwQr3O0ww2symuH/x+YEoFvK4 XPNK5TaOj1fQDO7j1Iu1jNhftx/2lWn4VZH96bE7KjLKJnv8lQGYAiQmKk+c/N5V GrPRE4r/pB9sZyww6pt6XHGgDLrh+A2KMH0LmwPn7HrBavRpyGUCWLM8S9jZt22c HPJEP3AfMNbgOJQ1rED1 =+28m -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/29aeceb6-a726-d504-dfca-1fa2835dd436%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Query on upgrade process - what next after downloading the fedora23 template?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-15 19:33, eobail...@gmail.com wrote: > Hi qubes people, > > I have just completed the Qubes 3.0 to 3.1 upgrade process, ending up, as > suggested in the upgrade doc, with getting the new Fedora 23 template. > > However, I'm not sure where to go from here. All my existing VMs (which is > just the standard out-of-the-box set) are still using fedora 21, obviously > - what is the next step meant to be? Can I update my TemplateBasedVMs from > 21 to 23 without losing my files? > > Thanks > > Emma > Yes, you can upgrade your existing templates using this procedure: https://www.qubes-os.org/doc/upgrade-to-r3.1/ As always, please make sure to back everything up before attempting this. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsoDjAAoJENtN07w5UDAwWvYP+QEu6OwMm+aqDvsmujHCtdzW kKGkxTRi/6hjPSr9kz5ijAzwvcQAROEtIBaxMncfpsn0Lr/+iScIyNYKNEARcz+L SwfuB/crbar0yJNdU+RP8ZeaD03yQOfjvk7QwaC9odgnNG7KIGPjyMWwYCN55+fc p7RPetRJsEyHXas51ZF11ENpFtgGORcasOSwHwKn0QE9V+eLNjPSc8DnklQWiKvv eomSLTjp1j5f+lba5m7ZD+2G44Brvc+hH8zaZKnPH4KsLmYUNGcq4QHsAi8jsJJA XJ9EVXrERjVXK3jA0+Z2n8MEBFw0pyAezZAJb8OLnVlV1cduUMYACtbmPaERdK6l teQS3yyEIaShulIotxZHL8L3dZjkRCLQW8dp+hBMQXnoZ3SmQW1zfe/KhZgxbDkg hoEBP+IdFX+5mkJ5UCDdsbsZssuAXEJceN1TJxFvHZmVklfqbFjWpACcPstNfjyR 0Fb0L+5WOjjUjupXKv0om3HHAHW8mnTxJwPrp9duW/mubDwnkTUgqOeCqkRz75/L Vq6Htys/oNlTSHEYoPeJh3n+kuWEZbRCjlA7tfcvZ1hiPsDhTsvOZOZ92sCsZvpL JDPjbmIBQ3pMg66jCkJaf7h6KihiYrkrpLTqbkRbojbUNi7ZnoXK+Dgyd0nxUmpl X51K+RESghLQbut4iRLl =70x1 -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/eecf1975-24bc-bc42-a26d-b07aca7abfbe%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Query on upgrade process - what next after downloading the fedora23 template?
Hi qubes people, I have just completed the Qubes 3.0 to 3.1 upgrade process, ending up, as suggested in the upgrade doc, with getting the new Fedora 23 template. However, I'm not sure where to go from here. All my existing VMs (which is just the standard out-of-the-box set) are still using fedora 21, obviously - what is the next step meant to be? Can I update my TemplateBasedVMs from 21 to 23 without losing my files? Thanks Emma -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c8594035-1622-45c2-a039-c6415ebc9e47%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Network printer: Printing test page - unable to locate printer
Background: I am testing Qubes OS 3.1 on my desktop machine (CompuLabs Intense PC) with a view to migrating my laptop (HP Spectre X360) from Linux Mint 18 (Xfce). My network printer is functioning under Linux Mint (based on Debian). I appeared to have successfully added the printer (Epson WorkForce 360) to the default debian-8 template VM following the instructions (https://www.qubes-os.org/doc/network-printer/). I then shutdown the template VM and started a qube based on it. Attempts to print failed, so I back-tracked to the template VM, starting it up, setting "Allow full access for" (20 min), starting Printer settings (which I had added to the menu) and attempting to print a test page. This was looking like it was working but after getting to "Processing - Print page 1: 26%", the message changes to "Processing - Unable to locate printer." I've read all the seemingly relevant posts (did a search for "network printer") and none of them seem to apply. When setting up the printer (in Qubes), there didn't appear to be a "Find network printer", other than a dialogue box that asks for a "Host:). I was not sure what would happen, but I plugged-in the URI (checking the settings on my laptop). That appeared to work as the dialog filled in the "Make and Model:". Looking at the properties on my laptop (LM) and the debian-8 template, the only difference appears to be in the version of Gutenprint (v5.2.11 on the laptop; v5.2.10 on the desktop) -- complete properties listed at the bottom. The only other difference (other than OSes!) is that the laptop is connected using WiFi and the desktop with ethernet (but when it was running Linux Mint, I had no printing problems). Networking doesn't "appear" to be a problem (I have a qube based on the debian-8 template that I am using for web surfing and listening to streaming radio). __ Settings: (see note about Gutenprint above) Description: Epson WorkForce 630 Location: Study Device URI: dnssd://EPSON5A0FBB%20(WorkForce%20630)._printer._tcp.local/ Make and Model: Epson WorkForce 630 - CUPS+Gutenprint v5.2.10 __ Any suggestions for further steps in resolving this issue would be greatly appreciated. John St. John's, NL Canada -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7fdfaed4-6281-5e45-790c-3730bb647841%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Current Windows instructions?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-15 16:23, IX4 Svs wrote: > Hello > > The instructions over at https://www.qubes-os.org/doc/hvm/ still say: > > == Using Template-based HVM domains > > TODO (Coming in Qubes R2 beta 3). == > > What is the current authoritative source for instructions on building > template-based Windows VMs? > > Thanks, > > Alex > Here it is: https://www.qubes-os.org/doc/windows-appvms/ I'll update that other page. Thanks! - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsm8VAAoJENtN07w5UDAw+fwP+gKt7DpzIWoAPgHcp9j7BJku +c6pLyshzEoSedI3OrStbViS4P8SxK1fGeTbY2LUCS2DTqkFo/Mb5x1AJNWcDrRa 3XPnC2NEfnKWgSgMmmWS0685qSBTiHTejHh+/8zf8OMOsrejPdcn6KhMZEzbLSq0 +4v88JcuM1XLhTy2H1W4/i39yxD8T0spIF+emMS47a/c9wKztC8cA87TktSTytpI Hg/ODC2XMjvsxsTMybd6VKTeXgF4MFFAcp7Elbq5u53eFzWyEG1Yg1xoFtXCMROv We2mVe4mJhzACVuBCPPNMD4k4PHn/lBiG4AX/wCNBucvLe//oLfHNhOjXE2gLK1M /BdurHQVigXG8+FZsehOdjgHEot1ae48H71In50K+3aMHQpTEEYG6GqGq1T9tHzk QGKC79p9XXvB/YgkhzVnA4csJ2ksjOBh4R68dICfXvJ2zT8z22kRpokvthDl8WjP /6qjtvdrF2DwSnHhBQfzEya2pZtZy5Mv1VC/h84GuHxOPtRSC4JEBXh/JmQTYysw CxQn+24cb+3S0rQhLm68V7c7f6Uv6xS24xzAK/dOVSxKkhu1itgBM3ySZrh8a3mx P/HBIabCcb6XUsumfuQ4M7Tvaqos3tvJT6AUkDgG3AQQ500u1Mmsuj0MRpXz5ApQ KSiMwrPVvJfQ/d+wYdZK =M7Jo -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/abe1ad3e-aa40-7307-6f9c-6e695516f66b%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] VPN ProxyVM rc.local
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-15 08:42, Paf LeGeek wrote: >> >> The vpn doc was written for both Fedora and Debian templates. The >> /rw/config/rc.local script is a Qubes feature that works on both. The doc >> uses that location so users do not have to dedicate a whole template to >> their vpn... /rw/config was designed for per-vm customizations such as >> this. >> >> Chris > > Oh ok. My mistake. I did not understand the purpose of the /rw/ folder > until now. Thanks a lot for this very valuable information. > You can read more about this and other Qubes-specific config files here: https://www.qubes-os.org/doc/config-files/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsmqeAAoJENtN07w5UDAwcpkQAIQnAxDF9v/yT6nH+PXQSfd2 9vQe2Zg/0xtoLRYrkCyACUVnUujDHo0TOivK/Y9LR8QLYyNxr/jpMjdf1HoVZy7V 23CeEjwmu2FvQ88qvnvQjaxe3747ZgR7ssJ38VyfCZizz8oi1AyRK+0YQ8cWX11p MgTxB/pSkKer6XQHZqs2Cst75koYQ0jZkzxGQuE64C1+IiZ1UpGvAVG5qURaCvO3 lSzgALqoj3DVxhIzEGyMw7aBjDsXqa9bFy3D3lCARzLKP0FoC8VVv1+OFJILGzxl jxPXP4gEHotjnnZThS0UWHCPMq3JyvK5xGGBTV7FWVTALOTYCNhuvnY9SvJkgKh9 W+fXv6g8QLFHoTkoxLeQ1mZN6FvKm4DimudHujvx4h1VQ64V/0GMYKNHO1WntJjF ZgHAhDlq+ov6xM1EOwc7yeCwxi6XvQdeEwX0mqtB34qqpIKOP1WAGbnVW+2CNRhp rRqCP0hQQMrZQmrAQEP1pQFgbvr1Lsp1E3s+9bfPA7z1f60kGYFPUqJKR2su5gaI TXr5gSr7TfEWTvjfNfbSv06t2iHCz68H12vUEZrmcp4KmWgrhmZ2GiAsBDUi8lxt 27578qzRZF+fwZmO+qJfjdqKnQbGmb878fGaVWVtPWgcNYEc+iTXQjrL3xcwvSgR AznB/b2dB7K3Qe9bdVnf =mKD/ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/70f08e80-ec63-a738-1316-acf0acea7643%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] metadata between vms
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-15 02:31, adicarli...@gmail.com wrote: > Writing OS being where i dd from my old, potentially at risk OS > I think that depends entirely on the OS and tools you used to create the bootable USB drive. In principle, the Qubes ISO should be the same as any ISO in that respect. In other words: Whether your OS or tools keep metadata about ISOs after you dd them somewhere is beyond the control of the ISO being copied. The ISO is just a file, a blob of data. It can't control whether the OS or tools manipulating it leave traces of it behind. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsmltAAoJENtN07w5UDAw/kAQAIUYrpSK4ReTC9c1zOWN6DRk OuC1/D5dERTq1oD0nt/a7Ab6AEpkI4H29dT8U8F+wDF8RFm4OQyAR+gws83LHA4q dgOPvoLjrXFY7BRwvqyuSvd8sc+Q3Diuajxla8mm8PUbT2IwhS77fPh1CjebYq7/ qhJ0DJhUq6AJqBUXJb8O425ipkWKDoCJOztq+cAbjfPaB290XoSTQWArfwtgTida 4xWlsCA0wBfB7hekWkPPSMwYZCxZpeHJyXKIuwycZQSiNdzn3lXRhhd5B8d5rGaM D9y/By6XFdBhemsufauKSD2+fazn/nkCOea9PgdRsSbvk2r8JUsVU23hRUKgdvJV 1oWYMuFhKxp99euXnAQIqRg3lsuDeZ5r9XT47pB9tMHE75QszZ9GASWElZjMrzUr sQjRnIxOCJhDuAgDRuJwMPUGzKtxat5GtXnWIgtcw01T49jC6cjbWzEqWb5LyEUO 8uw4GUXbG+PlrF/na0JR7I9tWICCUnAJg/hq6BguKi5IKP8wL0Hdzkg7TE684JJj SL0Jr3kSp2UZgSc7p1fXdYARHwXuR+Htxi0KODU0QJP4bTd/pmqN2bYcteZ99lHR 3/RglJ7qinyGEYv/P9DlzO8eRAKwLZvNJ86O6lEvIV4id3mIajCCWzRIOCKBo5zp 3GU3SUzqMYV864M6DmhS =Gt5S -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dddc5e07-bebc-dc24-fb7b-0a4afbb8723d%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Unable to install R3.1 / media check failure
Worth noting that, even though I had the same issue with Rufus, I could still install Qubes-OS from the USB when I bypass the media check. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/daf8ea8a-aaa4-447c-879b-bfca68fc6537%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Tuesday, 16 August 2016 07:55:08 UTC+10, Alex wrote: > On Mon, Aug 15, 2016 at 11:43 AM, pixel fairywrote: > On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: > > ... > > > 1. Install the Chromium browser in your appvm template - skip if you were > > already using it. Shut down the template VM. > > > > I keep wondering how safe chromium browser is. do redhat or debian track > updates in time with google-chrome? > > > > > For this specific use case (Signal), there is currently no other option - > Chromium is the only way of getting Signal to work on Qubes. I only use > Chromium to host the Signal app and Firefox as my mainstream browser for > everything else. > > > If you're wondering in general how well distributions track the Chromium OSS > project, I suspect the answer is "very well", but refer to distro-specific > release notes to check for yourself. Note that Google Chrome is the > Google-branded "stable" release of the Chromium OSS project, so asking > whether distributions track updates "in time with Chrome" doesn't make much > sense. See https://en.wikipedia.org/wiki/Chromium_(web_browser) for more. Is F-Droid's Silence any better than Signal given it can run without Google Play Store? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/39f692f7-414b-4f9b-b51d-ec3200d0fc6d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] No DNS with ProxyVM + OpenVPN
On 08/15/2016 01:05 PM, kotot...@gmail.com wrote: Thank you very much for your help. The DNS are transmitted but the rules in the firewall seems to be missing: Chain PR-QBS (1 references) pkts bytes target prot opt in out source destination 0 0 DNAT udp -- anyany anywhere 10.137.5.1 udp dpt:domain to:10.137.2.1 0 0 DNAT tcp -- anyany anywhere 10.137.5.1 tcp dpt:domain to:10.137.2.1 0 0 DNAT udp -- anyany anywhere 10.137.5.254 udp dpt:domain to:10.137.2.254 0 0 DNAT tcp -- anyany anywhere 10.137.5.254 tcp dpt:domain to:10.137.2.254 The qubes script is nonetheless correctly started because I see the notification "VPN is up". Something else may be running a dnat script when you connect, because that is the only thing that would be re-populating PR-QBS with the Qubes internal IPs. To test this theory, you could put a 7sec delay in qubes-vpn-handler.sh right before the line 'iptables -t nat -F PR-QBS'. Then the right IPs should appear in PR-QBS. Alternative theory is that somehow openvpn is passing the internal IPs to the script, but I think that's unlikely. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a1010675-628e-206e-979a-3cf2d49f7671%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] qubes-manager not showing on KDE
On 08/15/2016 11:22 AM, angelo "angico" costa wrote: Hi, guys! Still slowly progressing through Qubes. I changed from XFCE to KDE and qubes-manager simply disappeared! I invoke it through the menu link as well as through CLI, but it just doesn't show up. It shows normally on XFCE, though. Also, 'ps aux | grep qubes-manager' lists it as running: /usr/bin/python2 /usr/bin/qubes-manager -session ... What am I possibly doing wrong? Any hint? Thanks in advance, angico. Hi, What version of Qubes is it? Did you try rebooting to switch to KDE, instead of logout/login? Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e6260346-116c-b934-595d-543e3118983d%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Mon, Aug 15, 2016 at 11:43 AM, pixel fairywrote: > On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: > ... > > 1. Install the Chromium browser in your appvm template - skip if you > were already using it. Shut down the template VM. > > I keep wondering how safe chromium browser is. do redhat or debian track > updates in time with google-chrome? > For this specific use case (Signal), there is currently no other option - Chromium is the only way of getting Signal to work on Qubes. I only use Chromium to host the Signal app and Firefox as my mainstream browser for everything else. If you're wondering in general how well distributions track the Chromium OSS project, I suspect the answer is "very well", but refer to distro-specific release notes to check for yourself. Note that Google Chrome is the Google-branded "stable" release of the Chromium OSS project, so asking whether distributions track updates "in time with Chrome" doesn't make much sense. See https://en.wikipedia.org/wiki/Chromium_(web_browser) for more. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAEe-%3DTfaLZ8%2BG0sDT8FFLsvY4d8smXAUsyOC6y4Wd8ux3yKsFw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] installing Signal on Qubes mini-HOWTO
On Mon, Aug 15, 2016 at 10:19 AM, Andrew David Wongwrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2016-08-14 15:22, IX4 Svs wrote: > > Just spent a few minutes to figure this out so I thought I'd share. > > > > Thanks, Alex! Would you mind if we added this to the docs at some point? > > Not at all - especially if you improve my clumsy way of creating the custom shortcut (steps 7-12) and use the proper Qubes way that Nicklaus linked to. Cheers, Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAEe-%3DTctf_hjWZx_CbP_1EshFfk7J9FZ%3DWZgwQ3ks0TK5tV03A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Windows7 issue with Dom0 GUI Daemon
On Monday, August 15, 2016 at 4:51:13 PM UTC, 3n7r...@gmail.com wrote: > On Monday, August 15, 2016 at 2:35:45 PM UTC, 3n7r...@gmail.com wrote: > > On Monday, August 15, 2016 at 1:33:35 PM UTC, 3n7r...@gmail.com wrote: > > > Qubes 3.1 > > > Windows7 Pro x64 > > > Windows Tools 3.0.4-1 > > > > > > Without Debug mode, VM does not produce any windows and ends in an > > > unresponsive Yellow state. > > > > > > With Debug mode, VM appears to hang after Windows logo boot screen. In F8 > > > Low-Resolution Mode, VM boots to desktop and is fully functional. > > > > > > Increasing resolution while in Low-Resolution Mode sends VM into > > > unresponsive Yellow state. > > > > > > Any workarounds? Existing threads seem to have been patched. > > > > * Multi-monitor setup > > > > * This error presented itself on one boot but has gone away. > > [Dom0] Sorry - KDialog: The Dom0 GUI daemon do not support protocol version > > 107:0, requested by the VM 'win7'. > > Disabled all additional monitors. > Everything works great - including Seamless GUI. Duplicate of Unresolved Issue: https://groups.google.com/forum/#!searchin/qubes-users/windows$20multi$20monitor/qubes-users/lG6ynmOkIgY/1Nu4sT9XCwAJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cf36a4c4-90d9-4f7b-adf3-4186524af13f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Windows7 issue with Dom0 GUI Daemon
On Monday, August 15, 2016 at 2:35:45 PM UTC, 3n7r...@gmail.com wrote: > On Monday, August 15, 2016 at 1:33:35 PM UTC, 3n7r...@gmail.com wrote: > > Qubes 3.1 > > Windows7 Pro x64 > > Windows Tools 3.0.4-1 > > > > Without Debug mode, VM does not produce any windows and ends in an > > unresponsive Yellow state. > > > > With Debug mode, VM appears to hang after Windows logo boot screen. In F8 > > Low-Resolution Mode, VM boots to desktop and is fully functional. > > > > Increasing resolution while in Low-Resolution Mode sends VM into > > unresponsive Yellow state. > > > > Any workarounds? Existing threads seem to have been patched. > > * Multi-monitor setup > > * This error presented itself on one boot but has gone away. > [Dom0] Sorry - KDialog: The Dom0 GUI daemon do not support protocol version > 107:0, requested by the VM 'win7'. Disabled all additional monitors. Everything works great - including Seamless GUI. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a300bf78-56e8-4097-9914-705553e58638%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] No DNS with ProxyVM + OpenVPN
On 08/15/2016 03:33 AM, kotot...@gmail.com wrote: Hi, I set up a proxyVM with openvpn following the instructions from https://www.qubes-os.org/doc/vpn/. I cannot do DNS query over the VPN, for example this command executed from a VM connected to the Proxy: [user@fedora-23-dvm ~]$ dig www.google.com ; <<>> DiG 9.10.3-P4-RedHat-9.10.3-13.P4.fc23 <<>> www.google.com ;; global options: +cmd ;; connection timed out; no servers could be reached Executing 'dig @8.8.8.8 www.google.com' works well. What am I doing wrong? Hi, Its possible that your vpn service isn't supplying dns server info upon connection. You can check what openvpn is getting from your service by upping the verbosity to 3 while running openvpn manually like this: $ sudo groupadd -rf qvpn $ sudo sg qvpn -c 'openvpn --cd /rw/config/openvpn/ --config openvpn-client.ovpn --verb 3' You should see a message like this from openvpn, though the dns numbers will probably be different: PUSH: Received control message: PUSH_REPLY,dhcp-option DNS 1.2.3.4,dhcp-option DNS 1.2.3.5 ...etc. This indicates that openvpn has received dns server info from the vpn provider. Another thing to check is whether those dns numbers got into the firewall: $ sudo iptables -v -L -t nat The chain PR-QBS should have two entries per dns address. OTOH, if you want to bypass dhcp and use hard-coded dns numbers instead, add them to your openvpn config file like this: setenv vpn_dns '1.2.3.4 1.2.3.5' Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6c455e5c-50a2-a5dd-770a-96a7ed681e7e%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] VPN ProxyVM rc.local
On 08/15/2016 10:49 AM, Paf LeGeek wrote: I use the Debian 8 Template so the rc.local file is in the /etc/ folder not in the /rw/ folder. As I said, the script works find if i launch it manually in my ProxyVM terminal. This is the content of my rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. groupadd -rf qvpn ; sleep 2s sg qvpn -c 'openvpn --cd /etc/openvpn/ --config myopenvpnfile.ovpn \ --daemon --writepid /var/run/openvpn/openvpn-client.pid' exit 0 The vpn doc was written for both Fedora and Debian templates. The /rw/config/rc.local script is a Qubes feature that works on both. The doc uses that location so users do not have to dedicate a whole template to their vpn... /rw/config was designed for per-vm customizations such as this. Chris -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/55e32991-6f09-702c-b048-08360a2b6de2%40openmailbox.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] VPN ProxyVM rc.local
I use the Debian 8 Template so the rc.local file is in the /etc/ folder not in the /rw/ folder. As I said, the script works find if i launch it manually in my ProxyVM terminal. This is the content of my rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. groupadd -rf qvpn ; sleep 2s sg qvpn -c 'openvpn --cd /etc/openvpn/ --config myopenvpnfile.ovpn \ --daemon --writepid /var/run/openvpn/openvpn-client.pid' exit 0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1ed419ed-3713-420b-9c8e-7a5f76a3429e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Windows7 issue with Dom0 GUI Daemon
Qubes 3.1 Windows7 Pro x64 Windows Tools 3.0.4-1 Without Debug mode, VM does not produce any windows and ends in an unresponsive Yellow state. With Debug mode, VM appears to hang after Windows logo boot screen. In F8 Low-Resolution Mode, VM boots to desktop and is fully functional. Increasing resolution while in Low-Resolution Mode sends VM into unresponsive Yellow state. Any workarounds? Existing threads seem to have been patched. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d4f7b66d-ca9a-4cba-9be5-fd864800013f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Screen corruption on nvidia
I realize that nVidia's aren't the preferred video card, but (being divorce-poor) one sometimes has to make do with what one has. :) With my on-board nVidia (GeForce7100) and the nouveau driver (on both Tails and Qubes), things work okay, then suddenly at some random point the screen gets filled with diagonal line garbage, and things are unresponsive. (The system seems to still be running, but the screen is pooched and keyboard seems unresponsive, and no Alt-F1'ing or whatever will get it back. Processes still seem to be running though, and the ethernet light is blinking normally as traffic goes in an out, etc.) So I put in a PCI card, nVidia Geforce 7300, which seems solid, works perfectly under Tails. However, under Qubes, I experience random screen corruption. See: https://i.imgur.com/ovEFgYO.png It's usually fewer horizontal lines than in that snap, but I thought I'd include an extreme example to show the problem. It usually happens when the system is a bit busier CPU-wise/memory-wise, but otherwise functioning fine. Moving the window, or switching to another window and back, clears up the corruption. Screen corruption like that could be a sign of some wild pointer or other memory management bug, so I thought I'd bring it up. The paranoid half of me (okay, okay, I'll admit, it's more than half) worries it might be some attempted DMA attack. (I've been, and continue to be, the subject of some rather high-end professional hacking over the years, which adds to the concern.) I've read about attacks where screen memory is used to stuff code and run it to escalate privileges. And the nature of the garbage doesn't look like mis-placed screen stuff, but code or other binary data. Thankfully, if this is the case, the corruption seems contained to the AppVM. The garbage never spills outside an AppVm's window. It happens in both Redhat-23 and Debian-8 based AppVMs. I've never seen evidence of it in dom0/Qubes Manager and such. It realize it's *probably* not an attack, but I'd like to track down the nature of the problem whether it's a bug or an attack. I've read in another thread about video corruption caused by accessing memory who page has moved, and "echo 0 >/proc/sys/vm/compact_unevictable_allowed" supposedly helps. At first, I thought that made a difference, but ultimately, the problem is still there. Any ideas on what I can try, short of giving up and hunting down an ATI card or the like? (I might try the proprietary nVidia drivers when I get a chance to compile them. Not comfortable with grabbing binary versions for obvious reasons.) Thanks. You guys rock! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d571d11b44eaab879857416904323581.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: ... > 1. Install the Chromium browser in your appvm template - skip if you were > already using it. Shut down the template VM. I keep wondering how safe chromium browser is. do redhat or debian track updates in time with google-chrome? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6c7c5591-0b0b-4172-bb3a-90bf6bdf30bc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] metadata between vms
Writing OS being where i dd from my old, potentially at risk OS -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5fb61ad8-5e2d-40c1-9d1a-e83d2e3af3c3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] metadata between vms
Can someone answer or point to me a place in the docs for this. I want to know about the level of metadata sharing between the writing OS, the disk, aswell as between new vms and the OS itself. When i dd my verified OS to my usb i assume some amount of identifiable info is on the disk. This isnt neccesarily about attack risk, more about anonymity. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7b31fc51-176c-403b-9219-f1518090a2c6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Thinkpwn?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mon, Aug 15, 2016 at 11:06:32AM +0200, Joanna Rutkowska wrote: > On Sun, Aug 14, 2016 at 12:55:10PM -0700, el...@tutanota.com wrote: > > Just to clarify, that means that even if the UEFI is exploited, it does not > > matter with Qubes? > > Yes. Oh, I noticed you wrote 'exploited', while I originally understood 'exploitable'. So, if it is 'exploited', which I assume you meant 'already compromised', then it's likely a game over, no matter what OS on the host. joanna. -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJXsYnHAAoJEDOT2L8N3GcYUR0P/i5goJ9TH09QbFRFysHMJKyz 4cm4xPI4IsskXWQJHbwD62332iGZ2UpYqK/NBixfj2q+UbwruF5BOVSTkdpsaJe/ Lu8qmqEHxBOqqmX+utnyJtvjob8Ranuj3IzCw0zcC03riUEuUz/YyvUEBoyPDyWb KTbw1NJc3DrPGty8NW1hNbsGHNMNrvKwGA7rCl1kHdyZQ0WB4T2Ury2QpXeMYoD+ Jz9R3GXAH0ZhPOiqy4+5laWnl/kQ7MK5h1cUTvkFYUmX8j9kDuvpjmZ2sG5/tkC3 KH4uVXzRcHlj/Wa/ihKFPSgReRLDeQop/zPraMF0upZH/fcawfJSXdpD5YWDu5JN sn6JDzYRO/tWOgTnWRYRgMFn/ILuyb56XO7F8DnFQOmo32smRJwUlhE+W5VnhEhf ibYYsDEV7+GCIjxLuDL28o2/flPYdmed8YEpf6ilPidSHn/OahlRACx8DhP7acXV e6an11/3GnQ5cUDp7jM0J+gx0rJ58jOgfS6KQ1WTLHpLQuPKV3OooG6qdYJav1NC h2hEhDMrDU198wyB5KjnP8UzFZXZKj4P44+5ATIv2XoU7wmuTiaRe7Vg+jHdxg96 vpJ9Vwv+iY5jN1cB5Eh6MWS9j2Qlud/voDgxnwMqen33wp3w0nmC6VDL/1bD+KbN wTBGjE0Im3VaXM57we/9 =w+Ko -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160815092214.GF2484%40work-mutt. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] installing Signal on Qubes mini-HOWTO
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2016-08-14 15:22, IX4 Svs wrote: > Just spent a few minutes to figure this out so I thought I'd share. > Thanks, Alex! Would you mind if we added this to the docs at some point? - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJXsYknAAoJENtN07w5UDAwg68P/i48OPoy6eAJBbRkMdY+9zn6 Ygr/7WoMp7ZXdl5T7o4Wlyx8fFgDYqZJs22nY+tKf+6l//3YzAp1FAtrbRG8Ju8S z6A6SowrEuvt3T+XQfkDbYIyKGW7TG7rJmBNMacC+afp2iiMlXrIXLVG7/Pg6icF ZJg7FSChl3bKWlhQocAUqK/XTgiFnMZcozwiN1uoEBv1Mi7AwUOhqUMuVE54XGKW atmN3Ix9b/EORTusHvBUzgqqFk52Iz/EsieJIgDNb7aaUxC8gN1qsn0LYpBHStqm oYKG2LFM6zmQ4APkWY87j8bx2Zn6mHCimabamnCtAItkSgSDif/HcSW2YoTitAhJ h9BXEpc7U2qT5vxD0folocpevhVfwvTVV6F/inP+ipio5X8WdOt9aT+mDqYafWpN jYXgFob1SCdoi/kJ3Ct85NIzsj2vCoeaTE/SEX/51dLglySEKGXYFAiRlGcbAUKn eCTdpu3zZtMu5zmel2pUuE8ZyRqHEjBYfSyZFmga7Zl6bPo/cfjZEjzXpKEUPROk poU2E+NsqT4/O8Z3c8Da9V5YIyXbf8j7dhkMSMefms1xrPefg8PqhceaM6UKb8HD OwPOB/mUTI0SmghJQaXR8fYzfgltPQTqQ8aKARUwVzyeBOLjUzNWg3KNyQYHsIJy +qvMFHRr0uG/wxEmTzx4 =NJTS -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2ace446e-a1c7-a64d-cd94-706616b1ac51%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Thinkpwn?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sun, Aug 14, 2016 at 12:55:10PM -0700, el...@tutanota.com wrote: > Just to clarify, that means that even if the UEFI is exploited, it does not > matter with Qubes? Yes. Unless the isolation-provider that Qubes happens to be using -- currently Xen -- is terribly buggy and fails at providing this isolation. Sadly, this was the case with XSA 148 (last year[1]) and XSA 182 (just recently [2]) :( We hope the move to SLAT-based memory virtualization in Qubes 4 would minimize likelihood for similar bugs in the future (see [2] again). I shall point out, however, that majority of other "critical Xen bugs" have not affected Qubes to date, either because of various architecture decisions we made (e.g. getting rid of qemu from Dom0, most backends treated as untrusted, running in other-than-Dom0 domains, etc), or by a combination of luck and gut feeling (e.g. not using 32-bit VMs, etc). Thanks, joanna. [1] https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-022-2015.txt [2] https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-024-2016.txt -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJXsYYZAAoJEDOT2L8N3GcYFnEQANlqIJWhFHXvAIljGjZQwtl0 vgzkV0ZHA69OzPl5M4TvZhcUWgtTiOTTGjeHdUmkblCZEBLOCqakKQv1h4h+7I+6 oLtR5mKR4a6H7Mt9L5Ux5ciyRzx2oqDQpe7dehha/pOVMd3jj6niqJRTdhOSrVlB GJD2BGNvoFa1hfSKEMBBs1SP7vgGCz2YWI/MoX7fpcM6g2XwvSYTQKpPnRbG/AUa D6j6Gku0Rj+jDaiBDG4Iy6ymDbr7yW/7oYxOKXLpI8nj3UjZ0QIA2ym5dGb/hWjl pmqDv5yKesCFedIUr/8SQzdwkhfQCbb8OYvXQBNoQNeAJxiT0eJFvD+9rohuVTdZ KwLYKuUlCIrcxv+ULYSqPLm3GuzQAnJGi9eSw3N8t2UeHCDB2//fcihKzssZQeON 3h/U5Gj/IcXAITAq52/Euy1VinMwghC09HHR2lMJ8ZDuBAMaYOnLlOM8KGqMYUO0 5Q+iGxejjSnexVhMzBYIjm5m20e1cvDHEkTcoTfJ0r4CIGZyaLdJjjkKvpwm8tdN 0q5mippj+Sf4UlXFIQbrCE1jHVGL+KUUFilpMx8E4nFzhjIeN8EeBPzm861efNS6 qD2RowN6wVPa88v+kVGSRHgNxpZDDuSH5215+2MxUKrcx3oxdNPXKQ6RbCNKTk+n wwNrXWQXiDy0koRjPVRQ =CC3q -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20160815090632.GB2484%40work-mutt. For more options, visit https://groups.google.com/d/optout.
[qubes-users] No DNS with ProxyVM + OpenVPN
Hi, I set up a proxyVM with openvpn following the instructions from https://www.qubes-os.org/doc/vpn/. I cannot do DNS query over the VPN, for example this command executed from a VM connected to the Proxy: [user@fedora-23-dvm ~]$ dig www.google.com ; <<>> DiG 9.10.3-P4-RedHat-9.10.3-13.P4.fc23 <<>> www.google.com ;; global options: +cmd ;; connection timed out; no servers could be reached Executing 'dig @8.8.8.8 www.google.com' works well. What am I doing wrong? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/343a725e-e386-4f54-8745-0ad8b9e4c1ea%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.