Re: [qubes-users] debian 10 minimal ... issue with update proxy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 3/29/19 8:58 PM, unman wrote: > There's another issue in that the service file refers to > /usr/sbin/tinyproxy but the exec is in /usr/bin Fix this by > editing /lib/systemd/system/qubes-updates-proxy.service to refer to > the correct path. That was it! Thank you unman! /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlyfAxoACgkQ2m4We49U H7ZSkg/+Iyoz+eoRcadcmi7dsutf6B5vg7sz2Knzjvy/Yd3Q9sSI6Ubm8cNVAdHf bkwCd0iKZQoRQ6lmRl+J8QSZ2g7HqIRLMzdO+bhBWsSEMv0r5iIxhoUikTSFlDM1 WzPULpkfV68rHT0J+Y+t3mq6zCSqeTbh0QSqJSg58hdYYfjumXmz9eUKtzPZcSB7 2UFtXSfHkOCQsj1k5dkColJt3miZIoBM2W/f4TwTMC15UV3P1YepOt3IrxBZx8cD pHONnaUTcV/sknEYRl7XP/BdqOZ1drl15S8n8eRHTFv2I7cIhiPzZ6+/ooS2WDaj l/p9DUyj44uEevt4Y+VSYku/umkrPxyZj3O84A72P9LRpSdXyIrv3CeVr0v/2n8+ p/w/NJx1hYipT4JbjSFcnwaIkfs6GECyLLczJdLPnxIgwIkAUvH8V5l2F76zyXkf 4Y51tPzzj1tZgFrQohM79sIQtffLHm06C7MUq7hW1+UzB7aAcQFG/qokopUtTGJu Apn0ZpyXsV9yrruOhta3zuOofP4R/z5Cu8i6+gFYwqQmf+S2oIxzlaNShN3WBg2D uzOHIy3/NQ5B562rTdruZJ0xqcaNOfbxPZ6fGdV4pCJks2KxPA6dv/sLudNHMVRj /CROESxtmUE73TG0FxnOcig4YbAEfVYjpoAMYSasmtKCDWiP1QA= =QONy -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20b02de8-08e7-324f-9071-5e05fb6b5194%40SvenSemmler.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Using http_proxy environment variable in Templates with qubes Updates Proxy
On Thu, Mar 28, 2019 at 08:52:57AM -0700, Matthew Finkel wrote: > On Sunday, March 10, 2019 at 3:24:08 PM UTC, farrilis wrote: > > Using Qubes 4.0 in Whonix 14 template > > > > > > When using curl, the -x (or --proxy) parameter accepts the address > > (127.0.0.1:8082) that redirects to Qubes Updates proxy over RPC, and > > returns what you would expect. > > > > But with wget (which I think is a better choice than curl), setting the > > http_proxy environment variable is needed (according to 'man wget' and > > web resources) > > > > > > Using the following commands: > > > > 'export use_proxy=on' > > 'export http_proxy=http://127.0.0.1:8082' > > 'wget https://gitlab.com/repo/filename' > > > > produces this output: > > > > " Resolving gitlab.com (gitlab.com)... failed: Non-recoverable failure > > in name resolution. > > wget: unable to resolve host address 'gitlab.com' " > > > > > > Then try a domain name that does not exist: > > > > " Connecting to 127.0.0.1:8082... connected. > > Proxy request sent, awaiting response... 500 Unable to connect > > 2019-03-10 15:17:23 ERROR 500: Unable to connect. " > > > > > > What could the problem be? curl can use 127.0.0.1:8082, why not wget? > > > wget leaks dns - by this I mean wget tries resolving the domain name locally > and then uses the result from that as the destination of the proxied > connection. If the DNS resolution query fails, then wget gives you that > error. Curl, in comparison, (correctly) asks the proxy to handle the entire > connection including the hostname resolution. > This isnt the case in buster, where (from my testing) wget honours the proxy variable and does not attempt local dns lookups. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190330030200.mah7sjzyltqgvcmf%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] resize of private volume: dvm vs. named dvm
On Fri, Mar 29, 2019 at 08:13:38PM +, lik...@gmx.de wrote: > Hi, > > there seem to be a difference between a dvm and a named dvm. > By named dvm a mean a dvm created like explained here: > https://github.com/Qubes-Community/Contents/blob/master/docs/common-tasks/opening-urls-in-vms.md#using-named-dispvms > e.g. qvm-create -C DispVM -t fedora-28-dvm -l red dstVM > > By dvm I mean a vm which was created like explained here: > https://www.qubes-os.org/doc/disposablevm-customization/#creating-a-new-dvm-template > e.g. > [user@dom0 ~]$ qvm-create --template debian-9 --label red custom-dvm > [user@dom0 ~]$ qvm-prefs custom-dvm template_for_dispvms True > [user@dom0 ~]$ qvm-features custom-dvm appmenus-dispvm 1 > > When I try to resize the private volume it works with a dvm but not in a > named dvm. Resizing is ignored in a named dvm. Resizing is done by > qvm-volume resize dvm:private XGB > > What am I doing wrong? > > Thanks in advance, Pete In the first case you are creating a disposableVM, based on a a DVM Template, fedora-28-dvm In the second case you are creating a DVM Template, which will be used as the basis for disposableVMs. That is the difference, and it's why you cant resize the named dvm - the named dvm takes its properties from the underlying DVM Template. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190330025609.2mmxh5sbmmdmdmvy%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] coreboot on modern hardware?
On 3/29/19 7:18 PM, jrsmi...@gmail.com wrote: https://github.com/system76/coreboot Clearly they think they can handle modern hardware. Makes me wonder why the coreboot folks have thrown up Thierry hands and declared defeat. Maybe they see something they can no longer stomach. I bought my first AMD system this week. -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/59ec64e1-4a2a-e601-5bc7-f3971b736f41%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: debian 10 [SOLVED]
On 3/29/19 10:02 PM, Jon deps wrote: On 3/28/19 7:45 PM, haaber wrote: On 3/28/19 11:55 PM, unman wrote: On Thu, Mar 28, 2019 at 10:00:22PM +1100, haaber wrote: I dont want to be *that* person, but this upgrade works flawlessly for me. Can you check you have upgraded debian-9 prior to clone, and then changed the Qubes repos to use buster, as well as the Debian, before running apt update? Dear Unman, stupid me! It was up-to-date, but in qubes.r4-list was lurking an overlooked stretch. Next time sed rather than vi :)) Since this broke the update receiver I could not repair it by downloading missing packages, and I decided to restart once more from scratch ... I presume things will work now. Thank you. what is the suggested method to trim the template in 4.0 now ? as Compacting the Upgraded Template Section has no reference for 4.0 In 4.0 its supposed to be automatic. However, there is some flaw with Linux discard mount option and it may still leave some fraction of blocks un-trimmed. The good news is now you only need to run 'fstrim -a' in the template. Auto trimming is also imperfect for appVM private volumes, so trimming there occasionally can free gigabytes of disk space. https://www.qubes-os.org/doc/template/debian/upgrade-8-to-9/ I just upgraded from 9 to 10 using these instructions -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ff1f3961-1992-525a-4b2f-8ca632155a3c%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] running application without packages ?
On Sat, Mar 30, 2019 at 12:31:56AM +, john s. wrote: > So, if I have a .tar.gz which I unzip and inside there is a executable. > > there is nothing to install in a template, and when I close the AppVM that > contains the executable, should I expect that when I open that AppVM again, > > that I should still be able to use the executable? Yes > > > or is Qubes designed so that only executables installed in the Templates > should persist to be executable No > > and hence, if there is no package, then I can't use the software except > temporarily > This depends where you put the executable. /home/user is persistent in a Templatebased qube, so an executable there will be fine. /usr/local is persistent in a Templatebased qube, so an executable placed in bin there will be fine (It's actually at /rw/usrlocal ) Other directories like /bin /sbin are template based and will not persist. If you put the executable there it will not persist. (Unless you use bind-dirs, but what's the point for a single executable when there are valid sensible alternatives. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190330020439.sylwscp6fpbjizwk%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: debian 10 [SOLVED]
On 3/28/19 7:45 PM, haaber wrote: On 3/28/19 11:55 PM, unman wrote: On Thu, Mar 28, 2019 at 10:00:22PM +1100, haaber wrote: I dont want to be *that* person, but this upgrade works flawlessly for me. Can you check you have upgraded debian-9 prior to clone, and then changed the Qubes repos to use buster, as well as the Debian, before running apt update? Dear Unman, stupid me! It was up-to-date, but in qubes.r4-list was lurking an overlooked stretch. Next time sed rather than vi :)) Since this broke the update receiver I could not repair it by downloading missing packages, and I decided to restart once more from scratch ... I presume things will work now. Thank you. what is the suggested method to trim the template in 4.0 now ? as Compacting the Upgraded Template Section has no reference for 4.0 https://www.qubes-os.org/doc/template/debian/upgrade-8-to-9/ I just upgraded from 9 to 10 using these instructions -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/150c4b62-3684-d578-cbf2-564b03e5c836%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] debian 10 minimal ... issue with update proxy
On Fri, Mar 29, 2019 at 07:26:13PM -0500, Sven Semmler wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 3/29/19 2:34 PM, Sven Semmler wrote: > > What did I mess up? > > user@tpl-deb-10:~$ sudo service qubes-updates-proxy status > ● qubes-updates-proxy.service - Qubes updates proxy (tinyproxy) >Loaded: loaded (/lib/systemd/system/qubes-updates-proxy.service; > enabled; vendor preset: enabled) >Active: inactive (dead) > Condition: start condition failed at Fri 2019-03-29 19:22:56 CDT; 1s ago >├─ > ConditionPathExists=|/var/run/qubes-service/qubes-yum-proxy was not met >└─ > ConditionPathExists=|/var/run/qubes-service/qubes-updates-proxy was > not met > > > ...hm. I'll go back to debian-9 and debian-9-minimal to see if it goes > away. Maybe something broke when upgrading to buster? > > -BEGIN PGP SIGNATURE- > > iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlyet6YACgkQ2m4We49U > H7Zfvg/6AyzivDu3JhizO0yg3KpblPJceBIOBaxR+wSwpCDHe/7N3y2v0QIqcvK8 > ENGGkKP+LJ6ZCvl9M77dECGK12+d3CBCvVH7PviBAUq5lMwZ669jLRofYlI/ulgG > sQAhQjzvahe7tg+6bNTKiyUo11eF6zk6eqkNil6UOupi2DbzydRgB1vjZFcU7vMR > 1/+tIw2fGqLUVqF/Iok+IVpaCOU0RSyeRn9clnGTfGIUpkR2Yj5rMCksVQ+dU+UG > nufrF3VOd/lUfhJ7HPb7/+BUkQTSKDX53ZWlGpeFsLDMy0toZ/k5pJbiXJNqLQen > i7WKjKQbCXnJSDS2rFSs+xjooosjUrT2neJ8tjxmp4/ZGj4/RvxCVhZ1Xj8ydIqI > iIutofkDiOG8oItFQ0x/0IFEiSm2wpO6xJWqJTTzsrhqGGobCOokkEcSZf3DLiyV > i4JXYcxwr91WjAFAiOuylw/jcMfONrU3HX6mcpUyNVWWQieB7F5uCcJ8ieC1Wr2g > +YlBr0RboctBS2IYN5Fe3mqbGixaddTO7Mf3obNfD4vaJDI6ZMbqqv6NygcCySEh > kKTkuiNPYFzhbHFbJpza42PAwQW7+ker3c13nuWN5Cr2qDvdIvV94gwFiUBwvbro > RtVV4hbKC8l1Sq+bro4DIBctu+1wrSfninRUbZ/JaY8OEzsI3HE= > =m8PK > -END PGP SIGNATURE- You need to enable the qubes-update-proxy service - this creates the necessary file at /var/run/qubes-service/qubes-updates-proxy There's another issue in that the service file refers to /usr/sbin/tinyproxy but the exec is in /usr/bin Fix this by editing /lib/systemd/system/qubes-updates-proxy.service to refer to the correct path. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190330015822.jko3rr5qh3vgansq%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Tails
I totally get the cert.issue, not sure any military wants to simply trust DigiCert or any body else but they do provide keys to verify the .iso. I got TENS running(surf the web) on Qubes but struggled to get USB, Ctrl+Shift+C, etc... to work. I suspect Tails would be similar. Depending on your threat model, I am intrigued by TENS...they didn't get back to me though:) Do the Australian's have a version, maybe they are more responsive? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/35f2196a-9e60-4afa-b784-3e6de44032dd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] running application without packages ?
So, if I have a .tar.gz which I unzip and inside there is a executable. there is nothing to install in a template, and when I close the AppVM that contains the executable, should I expect that when I open that AppVM again, that I should still be able to use the executable? or is Qubes designed so that only executables installed in the Templates should persist to be executable and hence, if there is no package, then I can't use the software except temporarily -- A895 0C7C A244 8E2E FD77 A3DB 180B 7D4D D158 F8B6 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9b86fa20-6905-7ff1-126a-421247036c73%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] debian 10 minimal ... issue with update proxy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 3/29/19 2:34 PM, Sven Semmler wrote: > What did I mess up? user@tpl-deb-10:~$ sudo service qubes-updates-proxy status ● qubes-updates-proxy.service - Qubes updates proxy (tinyproxy) Loaded: loaded (/lib/systemd/system/qubes-updates-proxy.service; enabled; vendor preset: enabled) Active: inactive (dead) Condition: start condition failed at Fri 2019-03-29 19:22:56 CDT; 1s ago ├─ ConditionPathExists=|/var/run/qubes-service/qubes-yum-proxy was not met └─ ConditionPathExists=|/var/run/qubes-service/qubes-updates-proxy was not met ...hm. I'll go back to debian-9 and debian-9-minimal to see if it goes away. Maybe something broke when upgrading to buster? -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlyet6YACgkQ2m4We49U H7Zfvg/6AyzivDu3JhizO0yg3KpblPJceBIOBaxR+wSwpCDHe/7N3y2v0QIqcvK8 ENGGkKP+LJ6ZCvl9M77dECGK12+d3CBCvVH7PviBAUq5lMwZ669jLRofYlI/ulgG sQAhQjzvahe7tg+6bNTKiyUo11eF6zk6eqkNil6UOupi2DbzydRgB1vjZFcU7vMR 1/+tIw2fGqLUVqF/Iok+IVpaCOU0RSyeRn9clnGTfGIUpkR2Yj5rMCksVQ+dU+UG nufrF3VOd/lUfhJ7HPb7/+BUkQTSKDX53ZWlGpeFsLDMy0toZ/k5pJbiXJNqLQen i7WKjKQbCXnJSDS2rFSs+xjooosjUrT2neJ8tjxmp4/ZGj4/RvxCVhZ1Xj8ydIqI iIutofkDiOG8oItFQ0x/0IFEiSm2wpO6xJWqJTTzsrhqGGobCOokkEcSZf3DLiyV i4JXYcxwr91WjAFAiOuylw/jcMfONrU3HX6mcpUyNVWWQieB7F5uCcJ8ieC1Wr2g +YlBr0RboctBS2IYN5Fe3mqbGixaddTO7Mf3obNfD4vaJDI6ZMbqqv6NygcCySEh kKTkuiNPYFzhbHFbJpza42PAwQW7+ker3c13nuWN5Cr2qDvdIvV94gwFiUBwvbro RtVV4hbKC8l1Sq+bro4DIBctu+1wrSfninRUbZ/JaY8OEzsI3HE= =m8PK -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4bd4110a-66e4-7439-9b9d-3173ada9b58f%40SvenSemmler.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] coreboot on modern hardware?
https://github.com/system76/coreboot Clearly they think they can handle modern hardware. Makes me wonder why the coreboot folks have thrown up Thierry hands and declared defeat. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/81b8ad67-48ab-400b-9bba-9a22280baa4e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] X events going to wrong VM?
Argh, I meant mouse events, not keyboard. On Fri, 29 Mar 2019 21:41:33 + Mike Keehan wrote: > On Fri, 29 Mar 2019 11:42:39 -0500 > Daniel Allcock wrote: > > > Thanks Mike, > > > > Your experience sounds even stranger than my own. I'm not sure > > whether it is more worrying---it's not so bad if the panel can read > > VM's events, since dom0 already reads all of them. But unexpected > > events being sent to dom0 sounds like a way to make dom0 do things > > possibly against user intent. > > > > btw, you wouldn't be the Mike Keehan that I worked for in Summer > > 1991 at Shell? > > > > Daniel > > > > Hi Daniel, > > I don't think it is events being sent to to dom0, but keyboard events > going to the VM. And then the app in the VM just displays the popup > as usual. So I do not think there is any security issue, but just a > bug somewhere in the event handling code. > > Mike. > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190329214317.6abb73b7.mike%40keehan.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] X events going to wrong VM?
On Fri, 29 Mar 2019 11:42:39 -0500 Daniel Allcock wrote: > Thanks Mike, > > Your experience sounds even stranger than my own. I'm not sure > whether it is more worrying---it's not so bad if the panel can read > VM's events, since dom0 already reads all of them. But unexpected > events being sent to dom0 sounds like a way to make dom0 do things > possibly against user intent. > > btw, you wouldn't be the Mike Keehan that I worked for in Summer 1991 > at Shell? > > Daniel > Hi Daniel, I don't think it is events being sent to to dom0, but keyboard events going to the VM. And then the app in the VM just displays the popup as usual. So I do not think there is any security issue, but just a bug somewhere in the event handling code. Mike. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190329214133.7a6da2aa.mike%40keehan.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Updated HCL report - Dell Precision 5520
On Monday, March 25, 2019 at 1:40:28 AM UTC-7, smvi...@invisson.com wrote: > El sábado, 23 de marzo de 2019, 3:28:31 (UTC+1), Nicklas Williams escribió: > > I Bought a new precision 5530 recently for Qubes but I have been unable to > > get the Qubes install to work. I find that I am forced to use UEFI because > > the 5530 doesnt allow legacy boot from internal HDs. I'm trying to make > > the edits to the cfg files on a linux system now to try again. I was > > wondering if you had any tips? > > > > On Monday, December 17, 2018 at 8:43:31 AM UTC-8, smvi...@invisson.com > > wrote: > > > So I have a Precision 5530, and after some similar tweaks to those > > > described here, I managed to install Qubes 4.0. Everything seem to be > > > working perfectly fine (Including Wi-Fi) except for the Ethernet adapter > > > that I need to connect to the USB-C (Thunderbolt) port. The adapter is > > > detected and I can use other connectors (DP, USBs) but the ethernet > > > adapter is not listed. I've tried assigning devices, connecting it to > > > sys-net, etc but no luck... > > > > > > Asking this here because in the Precision 5520 you also need a similar > > > adapter if you want to use Ethernet... so hopefully you have figured it > > > out already? > > > > > > Thank you in advance. > > Hi Nicklas! > > So besides following the steps described here under "Installation freezes > before getting to Anaconda": > https://www.qubes-os.org/doc/uefi-troubleshooting/ > > I blacklisted Nouveau adding the following line as kernel option: > "nouveau.modeset=0 rd.driver.blacklist=nouveau video=vesa:off" > > With that you should be able to install Qubes. During the installation > process the mousepad wasn't working for me, but you can do it anyway just > using the keyboard or attaching an external one. After the installation it > was working again though. > > And finally, after the installation, in order to fix suspend, I had to add > the following also as kernel option: "mem_sleep_default=deep" > > And I think that's it. Hope this helps! Thanks for your assistance. I have attempted these options but I am not able to get it installed on UEFI. I cannot install it on legacy mode because the system does not permit booting from internal drives on legacy mode. My system will not even get to the installer because i cannot edit the xen.cfg or boot.cfg files unless i burn to USB as an ISO. When I burn with DD (rufus) it wont let me edit those files at all because theyre "read only" -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/36d3589a-8af9-4bee-8ae6-12e8f3fceff8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] resize of private volume: dvm vs. named dvm
Hi, there seem to be a difference between a dvm and a named dvm. By named dvm a mean a dvm created like explained here: https://github.com/Qubes-Community/Contents/blob/master/docs/common-tasks/opening-urls-in-vms.md#using-named-dispvms e.g. qvm-create -C DispVM -t fedora-28-dvm -l red dstVM By dvm I mean a vm which was created like explained here: https://www.qubes-os.org/doc/disposablevm-customization/#creating-a-new-dvm-template e.g. [user@dom0 ~]$ qvm-create --template debian-9 --label red custom-dvm [user@dom0 ~]$ qvm-prefs custom-dvm template_for_dispvms True [user@dom0 ~]$ qvm-features custom-dvm appmenus-dispvm 1 When I try to resize the private volume it works with a dvm but not in a named dvm. Resizing is ignored in a named dvm. Resizing is done by qvm-volume resize dvm:private XGB What am I doing wrong? Thanks in advance, Pete -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/05fba7e5-0651-7842-87a5-3e8f432018b2%40gmx.de. For more options, visit https://groups.google.com/d/optout.
[qubes-users] debian 10 minimal ... issue with update proxy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 My template tpl-deb-10-min was created by installing the debian-9-minimal from itl-testing then cloning and updating it and finally upgrading to it to buster. The template is the basis of an AppVM dvm-min, which in turn is a template for dispvms: sys-net, sys-firewall and sys-usb. The sys qubes work (network, firewall and usb proxy), however my update proxy seems to be broken. Running qubes-dom0-update seems to work ... although I have no updates currently. At least I don't see any error messages. But when I run "sudo apt-get update" in the template I get this... user@tpl-deb-10:~$ sudo apt-get update Err:1 https://deb.debian.org/debian buster InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] Err:2 https://deb.qubes-os.org/r4.0/vm buster InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] Err:3 https://updates.signal.org/desktop/apt xenial InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] Err:4 https://deb.debian.org/debian-security buster/updates InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] Reading package lists... Done W: Failed to fetch https://deb.debian.org/debian/dists/buster/InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] W: Failed to fetch https://deb.debian.org/debian-security/dists/buster/updates/InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] W: Failed to fetch https://deb.qubes-os.org/r4.0/vm/dists/buster/InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] W: Failed to fetch https://updates.signal.org/desktop/apt/dists/xenial/InRelease Reading from proxy failed - read (11: Resource temporarily unavailable) [IP: 127.0.0.1 8082] W: Some index files failed to download. They have been ignored, or old ones used instead. What did I mess up? /Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlyec1wACgkQ2m4We49U H7a9Rg//cqn6Mm+Njrbq/z0nN/3ags354RWxZf9luuSrT5ALh99VzA5YTRTPk7rG VUhPlqWuqLbsy0e0YT7mw+45rzJOadpXKbYHAvon+fbfsfNPiqDwO+DhMo0KBXV/ C/4L56hzYPtibZpWEdvfO9E7dPZH0WWvL5kYS5Gkbu4ygukUHn40NweiblparR7e QxMYIJgTJMjnwivHrTwMH2hHmKDtq8hgQ3j4xpS7/4xLjyF/jNU4nG9HR+zCJkZr 1PBrg6fY2jyK9CqNbbQNk50KsBN/2PouDqZactH0tiMNP/JVb7bkOac4pweszO+M n9nkBcKY/Su8Zo+m/PZ5o0E+Gra2Stwq72KaE2Fw6wlQ+D9mviL9uFSRJ2AwZ98O 0pY+9rYDiqjyH5H1hFpwtIWaTbYkXMnl6TkqY9XuWjN1m1/a/PDaDBHHRSh/w073 MXY+C4su+xmfSK7Fkly65vz+z5GpvKvNudQk63PXh3wvx7TEdGG5biICbNto8HGG iVFuh/REynaIJNKoD6qdPaNDgRnc/wyMeCSIsM9XYHAjR0yToQCx/VUuIq6VCOPa 0r24oHNnk6RvpcyLR5FiTa/OMWhteioBYbqMDze2dqZNRGxXfMYHdl8AdL6Esvw3 tFiJNTU9qq8Yvmw6rvYfY25lw8c8X0+Mv6VtyuiJKAxuE9y2flI= =9LwK -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4b026a79-cb20-d178-8069-6d5e146dbf9a%40SvenSemmler.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] X events going to wrong VM?
Thanks Mike, Your experience sounds even stranger than my own. I'm not sure whether it is more worrying---it's not so bad if the panel can read VM's events, since dom0 already reads all of them. But unexpected events being sent to dom0 sounds like a way to make dom0 do things possibly against user intent. btw, you wouldn't be the Mike Keehan that I worked for in Summer 1991 at Shell? Daniel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190329114239.12b120cf%40allcock.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Tails
> Interesting, but I tried TENS once (Open source OS similar to TAILS > developed by the US Air Force Research Labratory): > www.spi.dod.mil/index.htm > > There tech support was not very good:) and since it is a .mil domain > the https certificates are not trusted on their website... To be fair, this certificate situation is explained in the FAQ. You need the DoD root certificate. It's actually a good thing that the DoD uses its own root cert, rather than letting Some Random Company(TM) vouch for the validity of DoD connections. And thanks for the reference to TENS. I never knew it existed. Makes it kind of funny that the NSA etc listed TAILS as one of their top targets. Daniel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190329112201.6790be69%40allcock.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] RE: WindRiver Software users Q3 2017
Good Day, I'm following up with you to make sure that you have received my previous email. kindly confirm and let me know if you're interested. I'm looking forward for your positive response. Thanks, Eric From: Eric Smith Sent: Monday, September 11, 2017 4:37 PM To: qubes-users@googlegroups.com Subject: WindRiver Software users Q3 2017 Hi, Hope you're doing great. We are a global database provider and preferred partners for Enterprise, Media and Small size companies. I am writing to you in regards to our recent list release, and check if you would be interested in acquiring our recently verified WindRiver Users list and other related Software users database. WindRiver Users Include: * Intelligent Device Platform * Simics * Titanium Cloud * Tools * Virtualization * VxWorks * VxWorks 653 * Wind River Helix CarSync * Wind River Helix Cockpit * Wind River Helix Device Cloud * Wind River Helix Drive * Wind River Linux * Wind River Pulsar Linux * Wind River Rocket Market/Industry * Aerospace & Defense * Automotive * Industrial * Medical * Networking Please let me know your thoughts, thanks for your time and we hope to hear from you soon. -- Regards, Eric Smith Sr. Business Development Disclaimer: We have clearly mentioned the source email id, also clearly mentioned the subject line and there is no misleading information of any form. We have found your email address through our marketing efforts on the web, if you are not interested, Please reply with "Remove" in the subject line and we will ensure that you do not receive any further promotional email from our end. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/MWHPR22MB0878AF405FA4B43BC2A04ED7E85A0%40MWHPR22MB0878.namprd22.prod.outlook.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] X events going to wrong VM?
On Thu, 28 Mar 2019 13:13:17 -0500 Daniel Allcock wrote: > Hello, > > Something peculiar happens occasionally on my qubes 4.0 system. I run > claws-mail in one VM, and mousing over the message list shows tooltips > as intended (not very useful; they just repeat the text that is under > the mouse). As I mouse up or down, the old tooltip disappears and a > new one appears, as you would expect. > > But sometimes this happens when another VM's window (say firefox) > is on top of the claws window, and all the mouse movement takes place > inside the window on top. Somehow claws seems > to be receiving X mouse-motion events meant for the other VM. > Obviously this looks like a violation of qube isolation. > > The tooltip windows are properly colored. > So as I move the mouse, yellow-bordered tooltip windows appear and > disappear on top of a (say) red-bordered window that is on top of > a yellow-bordered claws window. Visually this is very strange. > > I wish I knew how to reproduce this. It just seems to happen by > itself every few days. I have a vague memory of something similar > happening *once* with some app other than claws. But I forget the > details. Anyone else have this experience? Or thoughts about > what to try to maybe reproduce it more reliably? > > Thanks, > Daniel > Hi Daniel, I have the same problem on my system. Not only with Claws mailer, but also with Firefox occasionally, and most often with an xfce panel that runs in sys-net and shows me the weather and the network load. The odd part is that the panel widgets display their popups even though I never hover the mouse over them deliberately. The popups display when I use the scrollwheel to switch desktops. As you say, it is not easily reproducible, so debugging it will be hard I expect. Mike. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190329161106.13bc1ed2.mike%40keehan.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] coreboot on modern hardware?
>From a recent System76 announcement: “In firmware news, our engineer Jeremy has made a lot of progress in porting Coreboot to the Darter Pro and multiple versions of Galago Pro. It can now run both BIOS and UEFI implementations. However, certain bugs need to be worked out before we can officially release Coreboot on any of our laptops, such as a bug that causes the computer to open from suspend in airplane mode, or another that prevents the user from activating the webcam via keyboard functions. These and other bugs are being worked out in testing, and many of us across different departments are testing Coreboot on our own computers.” -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2bd19eb5-94c6-4890-93e8-737b45a5b42c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Announcement: Qubes OS 3.2 has reached EOL
Thank you 3.2! You were a good OS... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fee69204-d1bb-42e5-a082-9b0b0d1a2c94%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Tails
I haven't tried Tails on my Qubes but the default "-DVM" is close to TAILS but the DVM does apparently keep some information... Interesting, but I tried TENS once (Open source OS similar to TAILS developed by the US Air Force Research Labratory): www.spi.dod.mil/index.htm There tech support was not very good:) and since it is a .mil domain the https certificates are not trusted on their website... I haven't used it in a while but I have copied my old notes below, in case it helps: Create TENS: Create App VM(No network access) → Download TENs OS → Verify signatures Create Template-HVM In Advance → Increase memory to +2000 check add additional drives Choose HVMiso template for Backend domain → Pick TENS.iso file in Path -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0c145bb4-4ff3-42ba-a34a-fbcd4c6fc669%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes cannot install on Asus x79 Sabertooth and 2 AMD GPUs. Need advice.
Hello again! I have Qubes up and running and I am quite excited about the possibilities. Linux is not my native system but I am doing a lot of reading on the Qubes docs website and also through google, so I am slowly making progress. I have a couple consistent problems. 1) IMG_20190328_004611.jpg is still happening every time I load my computer, but it does not seem to affect Qubes functionality. It just takes a while longer to boot up. 2) My motherboard doesn't support NVME but I do have a PCI-e adapter for a NVME SSD I bought, and I have that plugged in. The SSD is recognized by Qubes, and now I want to pass that through to my Windows 10 HVM and install the Win10 on it, for maximum speed. I don't know how to discover the backend for it, though. I am looking through the list of PCI devices in the qubes settings gui, and I don't see anything which resembles it. 3) Another problem I have is that I cannot discover my hardware specs in gui mode, and I also do not know the terminal commands to discover it. I am looking for something like a "system properties" or "computer management" in Windows. 4) Lastly, I think I made a mistake on which drive I installed Qubes on. I put it on a 2tb Firecuda drive instead of a 1TB Sata SSD. I would like to change that, by cloning the Firecuda partitions to the SSD drive. I don't know if that will work, but I cannot discover that unless I manage to find out how to shrink the partition to beneath 1TB so my Acronis 2019 boot disk can clone the partitions. How do I do this? Thanks for reading! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6f650eb4-576a-421f-bb7c-c4984f219d72%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.