Re: [qubes-users] Qubes and ram
I added another 8 GB so now I'm at 16 total and I've not run into any issues yet. knock on wood. I think the max I've had is 9 VMs including the sys-net, sys-firewall and sys-whonix. One being a Windows HVM. I plan to optimize my setup at some point but right now there's no rush. On Sat, Mar 4, 2017 at 2:50 PM,wrote: > On Wednesday, February 22, 2017 at 10:35:11 AM UTC-5, Laszlo Zrubecz wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > On 02/22/2017 04:09 PM, Ted Brenner wrote: > > > I have 8 GB of RAM and I feel like I can't have more than 3 AppVMs > > > open (with Chrome) before I hit a limit and can't open up anymore > > > appVMs. Could be my configuration in terms of what minimal amount > > > of memory I assign though I'm using everything as it comes right > > > out of the box. If someone can get 12, I must be doing something > > > wrong. > > > > Well that 12 online VM are distrbuted something like: > > > > sys-firewall > > WiFi > > Ethernet > > sys-usb > > 2 different VPN proxy VM > > > > those are with only 300Mb initial 512Mb max memory. > > > > the remaining ~6 AppVMs are starting with 512Mb to 2048Mb max. > > > > Of course all depend on what you are suing in those VM's. But I > > usually have at least 1 browser +terminals +mail clients open. > > > > > > - -- > > Zrubi > > -BEGIN PGP SIGNATURE- > > Version: GnuPG v2 > > > > iQIcBAEBCAAGBQJYra+gAAoJEH7adOMCkunmCkQQAI10dZeSNyrth4HpPYZFzOG0 > > zgqVBdzfb0hQuG9ZVe0djVmEmn3kDueDFNDZx3xB28KrM3vuHLnW9jz8We1tkuAx > > MqhUXjcxzkJRu2ZuWwRiXPa/TWI3h3vIALZosgvuKhQJ/QVFzvqIQKf4gqPzszkn > > nglHgdrZK8rH90bxbFko798Ti7gU74tEIK3N6xq6/5KIRAC/9JJpCBr0zzmSqUaK > > srsq1Sn2Ve5vtQmSSL/QC7E6Qr8FUkwsJYOYEMwHubr7QkNGIfmyc6UfI1YkLo6z > > RjTZzxuyv7TXHa0sdK72NoLMI9xpoBTmWDiFTu5AYXiDo+Nc2mhXYa1iuYr2bPLy > > TM049KFGqUBd+RD2FT1vDx3JjkVGtYCgBQEBesypOFUnyZYRuc+nbuUTqVqm4g4g > > E72C9eKO2dH0IqaTYiBJQGyQVIK3k5cg/01brPhDFyWOV7ws2zzKwKHmRMJY0COc > > dKiI2P+1w52Xo7XJ7OS/rB6M8A7h9d09dDw92fUGZdBl/vAYObnFAL8/+7pERZz7 > > YydSnTjY9k+OG05f4kd+PrCjV2BJSNkmNT2VyzIHKI5EaRwLsOcMWPvmp8TvjG3Y > > Xzzo7uUE0BDZ67iiH5D4NFDmWaqnDXLl7z486e1MqPosWozm1Kta+bma9TqHRaQt > > zYzHA79W2uCaBimT7eKU > > =xQ1o > > -END PGP SIGNATURE- > > ya just browsing can eat all 8gb of ram nowadays haha. -- Sent from my Desktop -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CANKZutwHrvW91NCMQkUjk9JSS-wSdtoOpcAmLfp90dLm1zmhyw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Assigning microphone to AppVM from terminal
On Sat, Mar 04, 2017 at 05:37:38PM -0800, Fabrizio Romano Genovese wrote: > As the title says. I've built a little toggle script to automatically > attach/detach my camera to an appvm. For the sake of completeness, I'd like > to do the same for the internal microphone. > > Since microphone can be attached/detached to/from an appvm using Qubes > manager, I suppose there is some kind of script in dom0 that is invoked to > perform this operation.The problem is that I don't know where I have to look > to find it. > > Can someone help me? > > Thanks for your Time, > Fab > I dont think there's a separate script - there's code in /usr/lib64/python/2.7/site-packages/qubesmanager you can adapt. Look in main.py -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170305033546.GC12046%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] install python(abi) in dom0
On Sat, Mar 04, 2017 at 07:30:52AM -0800, sofoob...@gmail.com wrote: > Trying to fix my borked Qubes install, would really appreciate a quick > pointer... > > Qubes packages in dom0 won't install because of missing dependency python(abi) > > Requires: python(abi) = 3.4 > > I've spent hours reading python and fedora and qubes mailing lists and I > cannot figure out what abi is or where to get it. > > No net access, only 3.2 install media in rescue > mode > > help? > > thanks > sf > look on the install disk under Packages/p You need to install python-2.7.11-10.fc23.x86-64.rpm It provides python(abi) rpmfind.net is a good resource to use in this sort of case. Good luck unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170305032309.GB12046%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: How to use a and which mailclient in QUBES (via TOR)?
On Sat, Mar 04, 2017 at 11:30:35PM -, pixr...@mail2tor.com wrote: > What needs to be done that IMAP goes over TOR? can this be done and if so > how should I set it up in Qubes? > Just put your mail qubes downstream from a TorVM, so that the traffic is routed through Tor. Or look at implementing this on a whonix workstation. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170305030914.GA12046%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Assigning microphone to AppVM from terminal
As the title says. I've built a little toggle script to automatically attach/detach my camera to an appvm. For the sake of completeness, I'd like to do the same for the internal microphone. Since microphone can be attached/detached to/from an appvm using Qubes manager, I suppose there is some kind of script in dom0 that is invoked to perform this operation.The problem is that I don't know where I have to look to find it. Can someone help me? Thanks for your Time, Fab -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d36dae6c-98ca-4d3b-9893-cd5a1d648820%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Attaching a single USB device to a qube (USB passthrough)
On Sat, Mar 4, 2017 at 5:14 PM,wrote: > On Saturday, March 4, 2017 at 10:18:18 AM UTC-5, Francesco wrote: > > Hello, > > for the first time I am trying this new feature of Qubes 3.2 with the > idea of using attaching a scanner to a scannerVM. > > > > Fist installed qubes-usb-proxy and simple-scan in the template from > which both sys-usb and scannerVM depend. > > > > Then connected the usb cable and the scanner appeared in sys-usb > terminal: > > user@sys-usb:~$ lsusb > > Bus 003 Device 005: ID 04a9:190f Canon, Inc. > > but > > it does not show in dom0 with > > qvm-usb > > as taught at the end of this document: > > https://www.qubes-os.org/doc/usb/ > > In fact only the webcam appears there. > > > > > > So which is the difference between webcam and scanner? Perhaps that the > webcam was already installed at boot, while the scanner was connected > after? But from a security point of view is it advisable to boot with the > scanner already connected? > > Best > > Fran > > did you install proxy in the usb vm too?> yes > not sure havent; tried with a scanner only printer. I still print and > scan over network with a raspberry pi that i set up on earlier version of > Qubes. That may be a cleaner way to do that > I;ve gotten android phone to work as single usb device though too. > maybe scanner use some diff protocol or port? > May be, but it seems strange that qvm-usb does not see it Best Fran > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/qubes-users/5fe54565-d6f7-4aa3-a61d-28ed0e0cefbb%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qDOsiUV2aqRSYOGZvEr%2B5xxNHNqi%3DxeGjO_uQ11PetxXQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: How to use a and which mailclient in QUBES (via TOR)?
Hi Tim, >On Thu, Feb 23, 2017, pix...@mail2tor.com wrote: >> [user@mail postfix]$ make >> Makefile:2: *** missing separator. Stop. >> >> Any idea where to start troubleshooting from this point on? >On Thu, Feb 24, 2017, timw...@gmail.com wrote: >This generally indicates that you have a syntax error in the Makefile. >Spaces not tabs would be an obvious error, particularly if you have >just done a cut and paste job. Try replacing indent spaces with tabs. exactly this was the problem (no spaces allowed). I followed all 3 howtos to install fetchmail + postfix + mutt. 1) Install a MRA (Mail Retrieval Agent) to receive Email via IMAP/POP => Fetchmail Install Howto: https://www.qubes-os.org/doc/fetchmail/ 2) Install a MTA (Mail Transfer Agent) to send Email via SMTP => Posfix Install Howto: https://www.qubes-os.org/doc/postfix/ 3) Install Textmail-Client => MUTT Install Howto: https://www.qubes-os.org/doc/mutt/ In the end I was unable to receive emails with this setup and honestly I didn't understand why I need to setup fetchmal+postfix to receive emails which can just be pulled via IMAP, which seems to work fine with mutt. >Incidentally, mutt itself does have support for pop and imap, and so >your use case may enable you to use a much more straightforward set up >than that described in the docs. reading some example configurations I was able to setup MUTT to connect to googlemail for a test. QUESTION: In case I have created a mail account somewhere via a WebGUI and I have used my anon-whonix App-VM nobody should know who this emails belongs to, as I am hidden behind tor. What do I need to do, so that all IMAP traffic is now also running via TOR as I want to keep my identity protected, even when I use IMAP to get my emails. What needs to be done that IMAP goes over TOR? can this be done and if so how should I set it up in Qubes? To complete the information within this topic, my /home/user/.mutt/muttrc looks like this (maybe helpfull for others searching the archives) # accounts # set from = "Name" # Setup to get emails from Googlemail per IMAP set imap_user = 'usern...@gmail.com' set imap_pass = 'SUPER-SECRET-PASSWORD' set folder = imaps://imap.gmail.com/ set spoolfile = +INBOX set record = "+[Gmail]/Sent Mail" set postponed = "+[Gmail]/Drafts" # IMAP Tweaks # https://gist.github.com/bnagy/8914f712f689cc01c267 #set imap_keepalive=60 #set imap_passive=no #set imap_check_subscribed=yes #set imap_idle=yes #set mail_check=60 #Setup a Sidebar # https://vigasdeep.com/2014/05/07/install-config-mutt-sidebar/ #change width accordingly set sidebar_width=30 #Visible at first, then change its value to yes set sidebar_visible=no #set sidebar_delim='|' #set sidebar_sort=yes mailboxes =inbox =ml bind index CP sidebar-prev bind index CN sidebar-next bind index CO sidebar-open bind pager CP sidebar-prev bind pager CN sidebar-next bind pager CO sidebar-open macro index b 'toggle sidebar_visible' macro pager b 'toggle sidebar_visible' bind index B bounce-message -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1868f414a66744a750e8314531121f2f.squirrel%40_. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: HCL - ASUS UX305FA
Hi! Could you please tell more about your experience with Qubes on UX305FA? I am considering ordering a notebook with M-5Y10c CPU for use with Qubes but I'd like to know more On Tuesday, February 14, 2017 at 9:49:59 AM UTC+3, CF wrote: > Works well. I was able to use a bluetooth external speaker in a > fedora-24 based VM: > sudo dnf install pavucontrol pulseaudio-module-bluetooth bluez blueman > sudo service bluetooth restart > pactl load-module module-bluetooth-driver > blueman-manager & > pavucontrol & -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/50698fa8-1cb9-450a-a78a-5c081115266a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: qubes wallpaper
W dniu sobota, 4 marca 2017 16:15:22 UTC+1 użytkownik haaber napisał: > Hello, > > I understand that importing a custom wallpaper may open a security > breach for exploits against the image decoder inside dom0. On the other > hand side, people (me inclusive) like to customize a little bit their > system. > > Nothing would be more natural as to 'sanitize' pictures that should go > to dom0. Since qubes trusts rgb format (at least to secure pdf's), this > seems a natural starting point. Helas! xfce wallpaper management cannot > read rgb files ... > > Did someone already think about a possible solution? Bernhard You know you could just view the picture in fullscreen and then take a screenshot of it right? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4a37017f-c8d9-4f09-9f94-c335bb10ed12%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes and ram
On Wednesday, February 22, 2017 at 10:35:11 AM UTC-5, Laszlo Zrubecz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 02/22/2017 04:09 PM, Ted Brenner wrote: > > I have 8 GB of RAM and I feel like I can't have more than 3 AppVMs > > open (with Chrome) before I hit a limit and can't open up anymore > > appVMs. Could be my configuration in terms of what minimal amount > > of memory I assign though I'm using everything as it comes right > > out of the box. If someone can get 12, I must be doing something > > wrong. > > Well that 12 online VM are distrbuted something like: > > sys-firewall > WiFi > Ethernet > sys-usb > 2 different VPN proxy VM > > those are with only 300Mb initial 512Mb max memory. > > the remaining ~6 AppVMs are starting with 512Mb to 2048Mb max. > > Of course all depend on what you are suing in those VM's. But I > usually have at least 1 browser +terminals +mail clients open. > > > - -- > Zrubi > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJYra+gAAoJEH7adOMCkunmCkQQAI10dZeSNyrth4HpPYZFzOG0 > zgqVBdzfb0hQuG9ZVe0djVmEmn3kDueDFNDZx3xB28KrM3vuHLnW9jz8We1tkuAx > MqhUXjcxzkJRu2ZuWwRiXPa/TWI3h3vIALZosgvuKhQJ/QVFzvqIQKf4gqPzszkn > nglHgdrZK8rH90bxbFko798Ti7gU74tEIK3N6xq6/5KIRAC/9JJpCBr0zzmSqUaK > srsq1Sn2Ve5vtQmSSL/QC7E6Qr8FUkwsJYOYEMwHubr7QkNGIfmyc6UfI1YkLo6z > RjTZzxuyv7TXHa0sdK72NoLMI9xpoBTmWDiFTu5AYXiDo+Nc2mhXYa1iuYr2bPLy > TM049KFGqUBd+RD2FT1vDx3JjkVGtYCgBQEBesypOFUnyZYRuc+nbuUTqVqm4g4g > E72C9eKO2dH0IqaTYiBJQGyQVIK3k5cg/01brPhDFyWOV7ws2zzKwKHmRMJY0COc > dKiI2P+1w52Xo7XJ7OS/rB6M8A7h9d09dDw92fUGZdBl/vAYObnFAL8/+7pERZz7 > YydSnTjY9k+OG05f4kd+PrCjV2BJSNkmNT2VyzIHKI5EaRwLsOcMWPvmp8TvjG3Y > Xzzo7uUE0BDZ67iiH5D4NFDmWaqnDXLl7z486e1MqPosWozm1Kta+bma9TqHRaQt > zYzHA79W2uCaBimT7eKU > =xQ1o > -END PGP SIGNATURE- ya just browsing can eat all 8gb of ram nowadays haha. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/82ae3fc5-f131-49a0-8790-9a8b9d6d2a1e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes and ram
On Wednesday, February 22, 2017 at 10:09:31 AM UTC-5, Ted Brenner wrote: > I have 8 GB of RAM and I feel like I can't have more than 3 AppVMs open (with > Chrome) before I hit a limit and can't open up anymore appVMs. Could be my > configuration in terms of what minimal amount of memory I assign though I'm > using everything as it comes right out of the box. If someone can get 12, I > must be doing something wrong. > > > On Wed, Feb 22, 2017 at 4:55 AM, Zrubiwrote: > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > On 02/22/2017 11:36 AM, sgshsjj...@gmail.com wrote: > > > How does Qubes uses memory? I use about 20VMs (AppVMs, NetVMs, > > > ProxyVMs, etc) and i don't see any difference between 8 and 16 gigs > > > on laptop, does it make sense to add more memory? > > > > there is no such thing as too much RAM. :) > > > > I'm using ~12 online VMs and usually hitting memory limits of my 8Gb. > > > > - -- > > Zrubi > > -BEGIN PGP SIGNATURE- > > Version: GnuPG v2 > > > > iQIcBAEBCAAGBQJYrW4gAAoJEH7adOMCkunmDooP/RVipZoCy6sIaYxMH83Cuz4V > > HLVZjYPRxss/GiXf59XA/0XmnXTEBt9KoZQEr4JQ3MwaJUzL3r4wsdb4IL0DdEgO > > NzcCGnLaOI4y2KXVOBRiKOyTYi0FujNorMGCpNdmW4BWmtPjq4jWiwcXLPnsWd35 > > ZrPKTCdmtBHQLRtZv4TLIfso1d2RKMtpBHKmlLDwGOlt4WC2mKnNdRFLGoSe4waM > > dCfiKjyiWHhPSwhR1o/PzvnMe0N5NgC8AvwVEd52NqZHfjDks3IS1qgLPhRQ5KPO > > QlWN+2cmQpYfpSPmJAM1g4eWheuh+6OcJLieFjDqdqYj3zFnclEQnGKlD0XRRfg6 > > T+tMI/akoIh5NcxTGdRLz5WdKI2VzF699GW0dJ5H5TWw4W7BQkhQrNUQRgeZNhp8 > > 6IpTrgBNaYiyg7pXXMv/0lq0QslV/0Onmg/dYc/g7wQHGVk6N8g40/J2r6uckZNu > > Py5nNDBEiLLkAk5KLuq9isXIo5BlcJvxNvOvvrcaMU32wgjDClr5in4Qo9ea3R/o > > 48zFzz2kbHtlS40STPE3FFI+pNxk9NiH7s2Oao2Jy9p/to6+8a7kCU2jl7KZC6Bs > > x36GToI6OUNZur5IiWvc8cHrC4H2yXl/ONlezR26VGxNjgBmeSxe+xDJZnlvw7uU > > cDb9JeORSf7zWpQGShVl > > =jySu > > -END PGP SIGNATURE- > > > > -- > > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users...@googlegroups.com. > > To post to this group, send email to qubes...@googlegroups.com. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/bae9891a-e216-dab9-4c30-3606ab69842a%40zrubi.hu. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > Sent from my Desktop haha no u doing it right, I saw 20 vms for 8gb and was like what!>! Depends on what you using your vms for. whats running on them etc... in other words you actually use your pc for more then just looking at it. on my 8g i can only have like 6 or 7 vms running, including sys-vms. on the 16 gb machine about double that. before I notice slowdown. or dom 0 ram going down. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7593856d-b7ec-4a78-8a5e-95fd71795442%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: shrink ntfs from qubes - what do use for this?
diskpart on a windows boot disc? or make ur own boot media. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2d09c94f-bc98-49b4-a2c5-f9365dce5190%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL - Asus H97M-E
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/687aa73d-887c-2ba9-213c-bb08dbbd9146%40neomailbox.net. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-ASUS-All_Series-20170304-205543.yml Description: application/yaml signature.asc Description: OpenPGP digital signature
[qubes-users] Re: Mssing WiFi capabilities Qubes OS R3.2
On Saturday, March 4, 2017 at 11:35:12 AM UTC-5, hela...@gmail.com wrote: > It loads the module R8723AU for the WiFi and that seems ok. On Lenovo the > WiFi card is listed under lsusb as an usb device. Do I then have to add the > whole USB controller to sys-net to be able to manage it ? ya -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e945af59-628b-4242-a974-eaf5687e8e4e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Fedora-24 Template Corrupted?
On Saturday, March 4, 2017 at 7:48:27 AM UTC-5, qub...@tutanota.com wrote: > -- > > > Securely sent with Tutanota. Claim your encrypted mailbox today! > > > https://tutanota.com > > 3. Mar 2017 23:35 by raah...@gmail.com: > > On Friday, March 3, 2017 at 10:56:26 AM UTC-5, qub...@tutanota.com > wrote:Fedora-24 template shows updates available. However updates terminal > returns error [cannot copy/past results]. I then open gnome terminal and get > the following: > [user@fedora-24 ~]$ sudo dnf update > Last metadata expiration check: 2:23:51 ago on Fri Mar 3 2017. > Dependencies resolved. > > Package Arch Version Repository > Size > > Skipping packages with broken dependencies: > gnome-software x86_64 3.22.5-1.fc24 updates 9.3 > M > > Transaction Summary > > Skip 1 Package > > Nothing to do. > Sending application list and icons to dom0 > The above output from gnome terminal is completely different from the updates > terminal - which refers to skipping "flatpak" package. > To resolve I reloaded Qubes OS 3.2 but got same errors. > Any thoughts? > > > -- > > > Securely sent with Tutanota. Claim your encrypted mailbox today! > > > https://tutanota.com > I had the same exact issue. And yes you only get the message when running the > update from the qubes-manager, which halts the update. > If updating manually from a terminal it will just skip that package and > proceed with rest of the updates. > > What I did was sudo dnf autoremove and then sudo dnf remove flatpak and just > hit y to remove dependencies that were listed. I haven't noticed any > problems running my vms after doing so, but I also wonder what it is. > > > This issue has been fixed for me - Today, New template updates are available > from Fedora; - this installed 6 new packages associated with "flatpak" well i;ve already removed them all lol. hopefully that didn;t hurt my security. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a3853530-b278-49af-ac08-c98da390dd4d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Attaching a single USB device to a qube (USB passthrough)
On Saturday, March 4, 2017 at 10:18:18 AM UTC-5, Francesco wrote: > Hello, > for the first time I am trying this new feature of Qubes 3.2 with the idea of > using attaching a scanner to a scannerVM. > > Fist installed qubes-usb-proxy and simple-scan in the template from which > both sys-usb and scannerVM depend. > > Then connected the usb cable and the scanner appeared in sys-usb terminal: > user@sys-usb:~$ lsusb > Bus 003 Device 005: ID 04a9:190f Canon, Inc. > but > it does not show in dom0 with > qvm-usb > as taught at the end of this document: > https://www.qubes-os.org/doc/usb/ > In fact only the webcam appears there. > > > So which is the difference between webcam and scanner? Perhaps that the > webcam was already installed at boot, while the scanner was connected after? > But from a security point of view is it advisable to boot with the scanner > already connected? > Best > Fran did you install proxy in the usb vm too?> not sure havent; tried with a scanner only printer. I still print and scan over network with a raspberry pi that i set up on earlier version of Qubes. I;ve gotten android phone to work as single usb device though too. maybe scanner use some diff protocol or port? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5fe54565-d6f7-4aa3-a61d-28ed0e0cefbb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] flexlm license manager in AppVM
On 04/03/2017 16:05, Unman wrote: On Fri, Mar 03, 2017 at 05:30:30PM +0100, Stephan Marwedel wrote: Hi Steve, thank you for the information. Your approach probably won't work in my case, as the license served by flexlm software is tied to MAC address and hostname. If I install it in the TemplateVM the license will be created with MAC address and hostname of that TemplateVM. If I later start the software from the AppVM like you suggested, it will provide a different MAC address and hostname which will invalidate the license. So there seems to be no alternative other than to create a standalone VM and install the commercial package in that VM. Regards, Stephan On 02/28/2017 04:15 PM, Steve Coleman wrote: On 02/25/2017 04:07 PM, Stephan Marwedel wrote: Hi, I use a commercial simulation environment running on Debian. I installed the software in the Debian TemplateVM and it is running fine. However, when starting an AppVM based on that template I cannot use the simulation software because of the flexlm license manager failing. This is most likely caused by the AppVM getting both a hostname and MAC address being different from those of the corresponding TemplateVM. What options do I have, if any, to work with such a commercial software in an AppVM, as I don't want to work in the TemplateVM? What I have done is install the COTS software base in the template VM. I generally choose /opt for COTS products to keep them separate. Then I install a service to start the license manager in the one client VM and create a desktop file pointing to that installed application location. Install the desktop file in the template /usr/share/applications but assign it in the start menu of just that one VM. Look at qvm-service for how to assign the license manager service to just that one VM instance. Any VM may see the software on disk, but as long as you don't actually run from the software template or other VMs then you should be good with the license server seeing only the one install instance. Things can get a bit trickier if the service/software demands to be able to write to the system area of the template provided ro file system. Then you may need some fixups performed prior to starting the license service. Other options might be to install in /usr/local in the client VM itself, t> or even in your home directory if that is possible. The service is likely required as before unless you write a script to launch the license manager, wait for it, and then launch the application when the license manager is ready. My worst case situation would be a standalone VM, but I haven't found anything quite that stubborn just yet. Steve Stephen, You can use macchanger to change your MAC address to match the flexlm expectation. Similarly, changing the hostname is straightforward, Depending on what the software is, you may be able to choose the installation point: if so, you can install in a TemplateBasedVM in /home or /usr/local, rather than in a Template. I did have one issue where I was able to show the vendor that the license issued with appropriate MAC/hostname/user details didn't work on the qube. They provided me with effectively an open license, so it's definitely worth talking to them if you have issues. You haven't said what the software is - knowing that may help. unman Hi Unman, I intend to use the simulation software package MLDesigner (http://www.mldesigner.com) which is supported on RHEL/CentOS and Debian. I already tried macchanger and that works. As I did not install the software in /usr/local, but in /opt, it didn't help. I will try to reinstall in in the AppVM in /usr/local and then use macchanger to adjust MAC address and hostname. Regards, Stephan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b8e2e531-7c63-ded0-d945-3ef2d101e58d%40tu-ilmenau.de. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Feedback request: Incremental file-based backup PoC
Holger, restore is already implemented in some basic form. (I havre mentioned it here on Mar 1.) Both backup and restore are equally important: Without backup you have nothing to restore from. Feel free to try it, but remember, this is early stage of development and you should read limitations. I have decided to publish it in such early stage in order to get feedback. (And I already got some valuable feedback.) On testing: Some basic manual test passed, but I should create automated tests. (Maybe integration tests are more important than unit tests here – after ali, it mostly integrates existing products together.) You can test restore scenario (at some level) now: 1. Backup. 2. Create new BackupStorageVM and new config directory for restore testing. 3. Run restore (./backup --action=restore other-args…) with specified config directory and VM name template. For example, you specify template “restore-testing-%” in order to add prefix “restore-testing-”. 4. Verify that restored VMs contain the desired data. If you forget to specify VM name template, it will try to restore it under the original name. However, if the VM still exists, it will fail at creating the VM and will not continue. This is intentional: It will never overwrite existing VM by default. (In future, --force will probably overwrite the existing VM.) Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c750fffc-57ee-473d-9d82-2a030929b5a3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Samsung RV510
Seems to work well overall. I haven't pushed it to the limit, but then I don't have a need to try, either. I have submitted 1 bug report on GitHub, too. If you have any questions please feel free to ask and I will attempt to assist in any way possible. Thank you for all your work, Todd Kleinpaste -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f3552f2e-7e12-02b0-ef44-ba6aa1341e05%40gmail.com. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-SAMSUNG_ELECTRONICS_CO___LTD_-RV410_RV510_S3510_E3510_-20170304-113851.yml Description: application/yaml 0x01B1F9BF.asc Description: application/pgp-keys
[qubes-users] Samsung RV510
Seems to work well overall. I haven't pushed it to the limit, but then I don't have a need to try, either. I have submitted 1 bug report on GitHub, too. If you have any questions please feel free to ask and I will attempt to assist in any way possible. Thank you for all your work, Todd Kleinpaste -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/08d4481c-5cf3-e0e0-5b53-a099c3270f36%40gmail.com. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-SAMSUNG_ELECTRONICS_CO___LTD_-RV410_RV510_S3510_E3510_-20170304-113851.yml Description: application/yaml 0x01B1F9BF.asc Description: application/pgp-keys
[qubes-users] Re: Mssing WiFi capabilities Qubes OS R3.2
It loads the module R8723AU for the WiFi and that seems ok. On Lenovo the WiFi card is listed under lsusb as an usb device. Do I then have to add the whole USB controller to sys-net to be able to manage it ? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1d1cf1b2-1fc9-49a7-a0c5-dc3eb3507b0d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: qubes wallpaper
On Sat, Mar 04, 2017 at 07:37:49AM -0800, loke...@gmail.com wrote: > On Saturday, 4 March 2017 23:15:22 UTC+8, haaber wrote: > > > Nothing would be more natural as to 'sanitize' pictures that should go > > to dom0. Since qubes trusts rgb format (at least to secure pdf's), this > > seems a natural starting point. Helas! xfce wallpaper management cannot > > read rgb files ... > > You can always convert the image from its original source into PNM (or some > equally simple format) and then convert it to something that Xfce can read > (like PNG). > > If you want to be as safe as possible, you should do the initial conversion > in a dispvm, and then use a different VM to convert to PNG. This is because > you should assume that the dispvm has been compromised after the conversion. > Have you looked at the qvm-convert-img tool? I think it is what you're looking for. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170304161452.GA9328%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] install python(abi) in dom0
Trying to fix my borked Qubes install, would really appreciate a quick pointer... Qubes packages in dom0 won't install because of missing dependency python(abi) Requires: python(abi) = 3.4 I've spent hours reading python and fedora and qubes mailing lists and I cannot figure out what abi is or where to get it. No net access, only 3.2 install media in rescue mode help? thanks sf -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/78eb9ecb-84b4-40dc-b938-426f1a43146f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Programmatically performing software update
On Thursday, 2 March 2017 03:59:39 UTC+8, Jimmy Axenhus wrote: > I got a Python script for that. Put in dom0 and run it. Unlike Andrews > script this one will update all VMs in parallel and is interactive > rather than non-interactive. Thanks a lot to both you and David for helping out with this. I have no managed to do what I want. By the way, is there a way to access this Qubes management API without using Python? (I specifically want to use Lisp, but I can hook into anything that isn't language-specific). Regards, Elias -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/de5c80dd-2ef5-41c1-a5d8-ef264733114b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Attaching a single USB device to a qube (USB passthrough)
Hello, for the first time I am trying this new feature of Qubes 3.2 with the idea of using attaching a scanner to a scannerVM. Fist installed qubes-usb-proxy and simple-scan in the template from which both sys-usb and scannerVM depend. Then connected the usb cable and the scanner appeared in sys-usb terminal: user@sys-usb:~$ lsusb Bus 003 Device 005: ID 04a9:190f Canon, Inc. but it does not show in dom0 with qvm-usb as taught at the end of this document: https://www.qubes-os.org/doc/usb/ In fact only the webcam appears there. So which is the difference between webcam and scanner? Perhaps that the webcam was already installed at boot, while the scanner was connected after? But from a security point of view is it advisable to boot with the scanner already connected? Best Fran -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qAAohxRo6CL5JjJS5srrYz2KfLoh9w%2ByYzaJTobKvNqzQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Compositing in AppVMs
On Sat, Mar 04, 2017 at 09:06:14AM +0100, Alex wrote: > On 03/04/2017 04:54 AM, jimmy.dack...@gmail.com wrote: > > I really like transparent Terminal windows and would like to use them > > in AppVMs. They work on the dom0 Terminal, no sweat. But when I try > > to set the Background to transparent in the Terminal Preferences in > > any Fedora-24 AppVM I get: "Sorry, your Window Manager does not > > support compositing: Opacity setting is not available." > AFAIR, having transparent/semitransparent windows from AppVMs is a > potential security problem: rogue software may overlay hard-to-spot > windows on top of legitimate software to get confirmations/other actions > performed by an unsuspecting user. > > So if something like this gets ever implemented in the GUI daemon (maybe > when wayland is supported?), I hope that I can disable the > functionality; it would be even better if that was disabled by default, > and had to be turned on by the user. > > -- > Alex Also, all the window effects you see are implemented in the GUI domain, currently dom0, and there are a number of effects that aren't supported there. (e.g flashing alerts are not propagated to dom0 as another suer has pointed out.) I think that window opacity is one of these, and as Alex suggests, that's a good thing. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170304151831.GB8838%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] qubes wallpaper
Hello, I understand that importing a custom wallpaper may open a security breach for exploits against the image decoder inside dom0. On the other hand side, people (me inclusive) like to customize a little bit their system. Nothing would be more natural as to 'sanitize' pictures that should go to dom0. Since qubes trusts rgb format (at least to secure pdf's), this seems a natural starting point. Helas! xfce wallpaper management cannot read rgb files ... Did someone already think about a possible solution? Bernhard -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2c4aae7e-9a9c-8c08-d09c-b070e9d78a44%40web.de. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] flexlm license manager in AppVM
On Fri, Mar 03, 2017 at 05:30:30PM +0100, Stephan Marwedel wrote: > Hi Steve, > > thank you for the information. > > Your approach probably won't work in my case, as the license served by > flexlm software is tied to MAC address and hostname. If I install it in the > TemplateVM the license will be created with MAC address and hostname of that > TemplateVM. If I later start the software from the AppVM like you suggested, > it will provide a different MAC address and hostname which will invalidate > the license. So there seems to be no alternative other than to create a > standalone VM and install the commercial package in that VM. > > Regards, > Stephan > > On 02/28/2017 04:15 PM, Steve Coleman wrote: > >On 02/25/2017 04:07 PM, Stephan Marwedel wrote: > >>Hi, > >>I use a commercial simulation environment running on Debian. I installed > >>the software in the Debian TemplateVM and it is running fine. However, > >>when starting an AppVM based on that template I cannot use the > >>simulation software because of the flexlm license manager failing. This > >>is most likely caused by the AppVM getting both a hostname and MAC > >>address being different from those of the corresponding TemplateVM. > >> > >>What options do I have, if any, to work with such a commercial software > >>in an AppVM, as I don't want to work in the TemplateVM? > >> > > > >What I have done is install the COTS software base in the template VM. I > >generally choose /opt for COTS products to keep them separate. > > > >Then I install a service to start the license manager in the one client > >VM and create a desktop file pointing to that installed application > >location. Install the desktop file in the template > >/usr/share/applications but assign it in the start menu of just that one > >VM. Look at qvm-service for how to assign the license manager service to > >just that one VM instance. > > > >Any VM may see the software on disk, but as long as you don't actually > >run from the software template or other VMs then you should be good with > >the license server seeing only the one install instance. > > > >Things can get a bit trickier if the service/software demands to be able > >to write to the system area of the template provided ro file system. > >Then you may need some fixups performed prior to starting the license > >service. > > > >Other options might be to install in /usr/local in the client VM itself, > t> or even in your home directory if that is possible. The service is > >likely required as before unless you write a script to launch the > >license manager, wait for it, and then launch the application when the > >license manager is ready. > > > >My worst case situation would be a standalone VM, but I haven't found > >anything quite that stubborn just yet. > > > >Steve > > Stephen, You can use macchanger to change your MAC address to match the flexlm expectation. Similarly, changing the hostname is straightforward, Depending on what the software is, you may be able to choose the installation point: if so, you can install in a TemplateBasedVM in /home or /usr/local, rather than in a Template. I did have one issue where I was able to show the vendor that the license issued with appropriate MAC/hostname/user details didn't work on the qube. They provided me with effectively an open license, so it's definitely worth talking to them if you have issues. You haven't said what the software is - knowing that may help. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170304150558.GA8838%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] First time user: initial issues and thoughts
Hi, I just installed Qubes yesterday and wanted to share my thoughts and some issues I ran into. Table of Contents 1. Use Case / Thanks 2. Minor issues with manual partitioning and assigning mountpoints 3. First-boot dialog 4. NetworkManager applet didn't start the first time 5. Modifying /etc files in template-inherited VMs persistently 6. Screensaver blacks screen but doesn't turn off the backlight 7. sys-firewall uses much more RAM than it should have to 8. Encrypted /boot partition support First, I want to thank the developers. I've used Xen with QEMU and GTK+ on other Linuxes before, so I'm familiar with some of the concepts. I was trying to accomplish basically what Qubes did, but it was a real pain to manage, the actual security of the whole system was questionable, and even simple tasks like pasting text or transferring files were a pain. You guys did a great job with Qubes. It's the OS I've been waiting for. I learned about it a long time ago, probably around the time it first came out, but I didn't think about trying it until it was featured on the Tor blog and I learned about some new features. (For anyone who's interested, I had a thoughtful, though theoretical, debate with another reader about the some of the design choices around Qubes: https://blog.torproject.org/blog/tor-heart-qubes-os#comment-229452) The installation was pretty easy, but I ran into somewhat of an edge case that held me up a little. I did my partitioning manually, and kept the same GPT (and protective MBR) that was already installed. BIOS Boot Partition (1007K) - out-of-alignment filesystemless partition that allows GRUB to embed itself EFI System Partition /boot partition encrypted main partition with LVM root swap All good. Here's the issue. I thought I would "help" the installer by creating a BTRFS LV for the root filesystem. It showed up in the installer with a weird name like "btrfs.XXX" (where X is a digit that changed on each reboot), and it didn't have the logical volume name in the subtext like my swap LV did. I was typing "/" into the mountpoint field, but instead of moving the partition up to the to-be-assigned-a-mount-point group (above the list of available partitions) when I clicked away like /boot and /boot/efi, the "/" disappeared and the partition stayed put. I didn't think anything of pre-formatting the LV with BTRFS because it was okay for all of the other partitions. I worked around it by removing the filesystem from the LV (zeroing it out), and then the installer finally allowed me to have a new BTRFS filesystem created on the LV and a mountpoint assigned. I think at some point I read in the documentation that the root filesystem MUST be newly created, but it would have saved me a lot of time if the installer had just told me that. Overall I'd say it did alright for an LVM-on-LUKS with BTRFS installation though. The first-boot options dialog could have explained the options a little better, or they should be explained in the documentation. For example, the option to proxy all applications and upgrades through Tor, I selected it because it sounded like what I wanted, but I didn't really understand how it would affect the networking VM hierarchy or whether I could still create unproxied VMs. I left the USB VM (sys-usb) option unselected because I wasn't sure how reliable it would be, I don't have an IOMMU anyway, and I don't connect a lot of random USB devices to my computer, but I would like to try the feature in the future. All along I was thinking "Can I change my mind later? Am I stuck with these decisions for the rest of my life?" Next, and this is the biggest one, the NetworkManager applet in sys-net didn't start the first time, so I spent an a lot of extra time tinkering with it and researching the problem until I found a bug report that described the exact problem I was having. All I had to do was restart sys-net, but it would have saved me a lot of time if it had started on its own the first time. I wanted to setup MAC address spoofing on my wireless interface too, so I modified /etc/NetworkManager/NetworkManager.conf in sys-net, but when I restarted it my changes were gone. I read that I have to make changes in the TemplateVM itself (fedora-23) for them to be persistent, but the problem is that I don't necessarily need all VMs to have this change. I'm still not sure of the correct way to make changes to a single VM that inherits from a TemplateVM. Also, the screen saver doesn't turn off the display backlight like it did on my old OS on this machine. Rather, the screen goes black but the backlight is still on. I've seen other machines do the same thing, but I know the hardware and drivers support turning off the backlight on this machine if I can figure out how to configure it. I'm really hoping it doesn't involve recompiling the kernel or anything like that. When the Qubes VM Manager came up, my first thought (after noticing how nice it looked) was "1400MB of RAM
[qubes-users] Re: Mssing WiFi capabilities Qubes OS R3.2
On Saturday, 4 March 2017 00:44:22 UTC+1, cooloutac wrote: > On Friday, March 3, 2017 at 12:25:25 AM UTC-5, hela...@gmail.com wrote: > > Hi, > > > > I just installed Qubes R3.2 on a Lenovo Ideapad Yoga i7 with a Realtek > > RTL8732 NIC. I can't see the NIC under sys-netvm and hence can't change it > > to a managed device. dmesg shows that it finds it, but the kernel module > > for the NIC does not seem loaded. In the menu I can only see 'Device not > > managed' for networking as would be expected. > > > > I have read a few posts about Realtek cards being troublesome to use under > > Qubes. > > > > Unfortunately I'm not by my Qubes laptop writing this so I cant' post any > > outputs from the machine. > > > > Anyone have any ideas how to proceed ? > > > > Thanks > > Might want to check what driver module needed for fedora. or Maybe you need > to use a diff kernel Thanks. It worked fine on a previous Fedora 24 install on the same computer though, but I can check. I just assumed since it worked there there would be no problems with Qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cec9a874-503d-4d0e-90d1-d110c0078c36%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Fedora-24 Template Corrupted?
-- Securely sent with Tutanota. Claim your encrypted mailbox today! https://tutanota.com 3. Mar 2017 23:35 by raahe...@gmail.com: > On Friday, March 3, 2017 at 10:56:26 AM UTC-5, > qub...@tutanota.com> wrote: >> Fedora-24 template shows updates available. However updates terminal returns >> error [cannot copy/past results]. I then open gnome terminal and get the >> following: >> [user@fedora-24 ~]$ sudo dnf update >> Last metadata expiration check: 2:23:51 ago on Fri Mar 3 2017. >> Dependencies resolved. >> >> Package Arch Version Repository >> Size >> >> Skipping packages with broken dependencies: >> gnome-software x86_64 3.22.5-1.fc24 updates >> 9.3 M >> >> Transaction Summary >> >> Skip 1 Package >> >> Nothing to do. >> Sending application list and icons to dom0 >> The above output from gnome terminal is completely different from the >> updates terminal - which refers to skipping "flatpak" package. >> To resolve I reloaded Qubes OS 3.2 but got same errors. >> Any thoughts? >> >> >> -- >> >> >> Securely sent with Tutanota. Claim your encrypted mailbox today! >> >> >> https://tutanota.com > > I had the same exact issue. And yes you only get the message when running the > update from the qubes-manager, which halts the update. > If updating manually from a terminal it will just skip that package and > proceed with rest of the updates. > > What I did was sudo dnf autoremove and then sudo dnf remove flatpak and just > hit y to remove dependencies that were listed. I haven't noticed any > problems running my vms after doing so, but I also wonder what it is. This issue has been fixed for me - Today, New template updates are available from Fedora; - this installed 6 new packages associated with "flatpak" -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/KeOMHHF--3-0%40tutanota.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Compositing in AppVMs
On 03/04/2017 04:54 AM, jimmy.dack...@gmail.com wrote: > I really like transparent Terminal windows and would like to use them > in AppVMs. They work on the dom0 Terminal, no sweat. But when I try > to set the Background to transparent in the Terminal Preferences in > any Fedora-24 AppVM I get: "Sorry, your Window Manager does not > support compositing: Opacity setting is not available." AFAIR, having transparent/semitransparent windows from AppVMs is a potential security problem: rogue software may overlay hard-to-spot windows on top of legitimate software to get confirmations/other actions performed by an unsuspecting user. So if something like this gets ever implemented in the GUI daemon (maybe when wayland is supported?), I hope that I can disable the functionality; it would be even better if that was disabled by default, and had to be turned on by the user. -- Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fe2908c8-1078-ddd5-07a4-6ae9141cfd20%40gmx.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature