Re: [qubes-users] Qubes 3.0 RC2 on Alienware M17XR3: What works and what not.

[Fabrizio Romano Genovese]

Nope, no problems whatsoever for me during install, but mine was R3 so
things may be different. I remember I had a lot of problems while using the
system though, as an instance the screen did not wake up after sleep.
Needless to say, I completely gave up on using the Nvidia card and relied
entirely on the intel one.

At the end of the day, I bought a linux 100% compatible laptop and now I'm
happier than ever. I installed Windows and a shitload of emulators on the
good old Alienware and I use it for what is meant for, gaming. There is no
personal data whatsoever on the PC now, so this approach does not spoil my
privacy and security.

I'm pretty sure you can make a lot of stuff work with a sufficient amount
of headaches and swearing, but in the end some things won't be fixable
(drivers issues, mainly). Also, you should consider that Qubes won't make
justice to such a beautiful machine, and that you may not be able to use
most of the nice features of the Alienware. I love Qubes but according to
my experience Alienware is not the kind of computer you want it installed
on. This is obviously just my personal opinion, so take it for what is
worth (nothing :P )

Cheers,
Fab

On Fri, Mar 17, 2017 at 11:23 PM,  wrote:

> How did you get it installed? Did you do anything special?
>
> Im currently trying to install on an Alienware 17 r4; GeForce GTX 1060;
> and the GUI Installations Screens fail and the text based install has bugs
> that wont let me get past partitioning due to LUKS not getting a password.
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "qubes-users" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/qubes-users/ogKupxioIAQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/qubes-users/07a22d4f-4fce-49cb-81ac-c92e48304100%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAAZqLaOR4YsdSHMSd7XsZNLSryg4VUMAWtEgxFw4xSeywNxf%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Qubes 3.0 RC2 on Alienware M17XR3: What works and what not.

[tafleming2016]

How did you get it installed? Did you do anything special? 

Im currently trying to install on an Alienware 17 r4; GeForce GTX 1060; and the 
GUI Installations Screens fail and the text based install has bugs that wont 
let me get past partitioning due to LUKS not getting a password. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/07a22d4f-4fce-49cb-81ac-c92e48304100%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Installing Qubes 3.2 on an Alienware

[Tristan Fleming]

Has anyone found a work around for Qubes on an Alienware 17 r4?

I just bought this laptop thinking that it would work with Qubes. So far, I
havent had any luck. It was a good excuse to buy a new laptop, though! ;)

I bought the Alienware 17 r4
Intel(R) Core(TM) i7-7700HQ
8gb ram DDR4
NVIDIA GeForce GTX 1060 with 6GB GDDR5 (problem numero uno)

So, to the point, I have two problems. One is the GFX card. And the other
is UEFI.

Oh, and lest we forget the Qubes bugs.

I booted in Legacy mode, initial graphics GUI starts, Boot into basic
graphics mode;

Basic Graphics Mode FAILS

Txt based install has common bugs: "LUKS was not provided a pw" Cannot
partition, cannot install!

On the Hardware Compatibility List, it says Alienware works but without
sound. So, how did that person get Alienware to work!?

Any help is appreciated. My problems are common, but someone figured this
out, right?

Thanks, crew!

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAMpFXTdfMZ-5rfwH%3DepQpC_rJDn9-%3Dd83n19dyRamKxq1MsFxg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Backup Error

[Todd Lasman]

On 2017-03-17 11:55, jimmy.dack...@gmail.com wrote:

I'm trying out the backup feature in Qubes but getting an error.

I'm trying to save VMs totaling 22.4GB in size on a USB stick with 63GB 
free.


At 19% progress is get:
"[Dom0] Backup error!
ERROR: Failed to write the backup, VM output: cat: write error: File 
too large."


Is there a maximum file size for backups? A RAM limitation (I have 8GB
RAM and when I do the backup about 6GB is free)? Something else I'm
not thinking of?

I am able to do a small backup, such as just Dom0 itself.

Also a general question about backups: if I do a backup and then
restore, will it add what I backed up to what is already on the
system? Or completely overwrite everything? For example, if I have 10
VMs and backup 3, then restore the 3, will it just overwrite those
three and leave the other 7 alone? Or will I only have those 3 and the
other 7 are wiped out?


Also, be sure you didn't make the mistake I made once. I (stupidly) 
mounted by backup USB stick in Dom0. Then, when backing up Dom0, it 
tried to back up all the data on the backup stick, which of course kept 
increasing in size as more stuff got backed up onto it. I've since 
learned to use a USBVM, and mount the stick in a dedicated BackupVM.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/10747aff541781e0d2738fb6c6ca7f97%40nowlas.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Backup Error

[Unman]

On Fri, Mar 17, 2017 at 03:31:24PM -0400, Chris Laprise wrote:
> On 03/17/2017 02:55 PM, jimmy.dack...@gmail.com wrote:
> >I'm trying out the backup feature in Qubes but getting an error.
> >
> >I'm trying to save VMs totaling 22.4GB in size on a USB stick with 63GB free.
> >
> >At 19% progress is get:
> >"[Dom0] Backup error!
> >ERROR: Failed to write the backup, VM output: cat: write error: File too 
> >large."
> >
> >Is there a maximum file size for backups? A RAM limitation (I have 8GB RAM 
> >and when I do the backup about 6GB is free)? Something else I'm not thinking 
> >of?
> >
> >I am able to do a small backup, such as just Dom0 itself.
> >
> >Also a general question about backups: if I do a backup and then restore, 
> >will it add what I backed up to what is already on the system? Or completely 
> >overwrite everything? For example, if I have 10 VMs and backup 3, then 
> >restore the 3, will it just overwrite those three and leave the other 7 
> >alone? Or will I only have those 3 and the other 7 are wiped out?
> >
> 
> Likely the filesystem (FAT?) on the destination cannot handle files over a
> certain size. You may want to reformat it with a native Linux fs like Ext4.
> 

To answer your general question, the restore operation will tell you
there is an existing qube with the same name and wont allow you to
overwrite it.
It certainly wont delete qubes not included in the restore.

As always the command line tool offers many more options and more
granular control - it still wont act on qubes not involved in the
restore operation, (unless you are doing something to their template
obviously.)

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317212124.GC1810%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Can't start my StandaloneVM anymore

[Unman]

On Fri, Mar 17, 2017 at 06:24:06PM +, faber wrote:
> unman:
> > If you start it using qvm-start what error do you see?
> > Once you have started it can you attah to the console from dom0 using
> > (as root) xl console  ?
> 
> When it gets at
> 
> "starting the qrexec daemon..."
> 
> and
> 
> "Waiting for VM's qrexec agent.."
> 
> it goes timeout and says
> 
> "Cannot connect to 'standaloneVM' qrexec agent for 60 seconds, giving up
> ERROR: Cannot execute qrexec-daemon!"
> 
> 
> If I try to do sudo xl console 'standaloneVM' I get what I think is the
> same output of the log that I posted before, but then it asks for login
> credential of the VM (which I have no idea what they are)

log in as root, no password.
Then follow the advice an look at your apt logs - almost certainly you
have chosen to delete essential Qubes packages. Look in the apt logs and
see exactly what you did. As you have root access you can  run any apt
tool to reinstall the missing packages.

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317211415.GB1810%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: is it better to have just standaloneVMs?

[evo]

Am 17.03.2017 um 21:55 schrieb Franz:
> 
> 
> On Fri, Mar 17, 2017 at 4:46 PM, evo  > wrote:
> 
> 
> 
> Am 17.03.2017 um 20:12 schrieb Franz:
> >
> >
> > On Fri, Mar 17, 2017 at 5:07 AM, evo  
> > >> wrote:
> >
> >
> >
> > Am 17.03.2017 um 01:19 schrieb Franz:
> > >
> > >
> > > On Thu, Mar 16, 2017 at 6:01 AM, evo  
> >
> > > 
>  > >
> > >
> > >
> > > Am 15.03.2017 um 23:45 schrieb Andrew David Wong:
> > > > On 2017-03-15 01:14, evo wrote:
> > > >> Am 15.03.2017 um 01:17 schrieb Unman:
> > > >>> On Tue, Mar 14, 2017 at 08:02:58PM -0400, Chris
> Laprise wrote:
> > >  On 03/14/2017 01:55 PM, evo wrote:
> > > > hmm.. this is also a good point, thanks! so if i
> do not use
> > > > openoffice in my bankingVM, there is no practical
> > > > vulnerability in it.
> > > >
> > > 
> > >  Yes and no. Off the top of my head, there are two
> things
> > to be
> > >   concerned about with the (regular, distro)
> software you
> > >  install:
> > > 
> > >  1. Does it cause an additional service to start
> accepting
> > >  connections?
> > > 
> > >  2. Does it have a MIMEtype or similar mapping, so that
> > clicking
> > >  on a mislabeled file could cause it to open in an
> > >  unwanted/risky app. Unfortunately, nautilus doesn't
> seem to
> > >  have a setting for always asking before starting an
> app. But
> > >  at least it defaults to double-click instead of
> single-click.
> > > 
> > > >>>
> > > >>> 3. Installing some programs, like libre/openoffice,
> brings
> > with
> > > >>> it numerous libraries and attendant programs which may
> > widen the
> > > >>>  attack surface of your qube considerably.
> > > >>>
> > > >
> > > >> so its better to have such VMs as banking or email in
> > > >> standalone-mode.
> > > >
> > > > No, that doesn't follow. See my previous message about
> > having multiple
> > > > TemplateVMs.
> > > >
> > > >> The thing is... as i understood, stanalone-machines (if
> > they are
> > > >> not HVM) have all software from the template they use. So
> > the only
> > > >> way is, to install new iso on HVM, isn't it?
> > > >
> > > >
> > > > This doesn't follow either. StandaloneVMs and HVMs are
> > completely
> > > > independent of one another. It's possible that there is
> > terminological
> > > > confusion here. Please consult the glossary:
> > > >
> > > > https://www.qubes-os.org/doc/glossary/
> 
> >  >
> > >  
> >  >>
> > > >
> > > >> in that case, i don't really understand the sense of
> standalone
> > > >> AppVMs.
> > > >
> > > >
> > > > StandaloneVMs can be useful for many different things, but
> > not every
> > > > user will have a need for them. For example, if you have a
> > piece of
> > > > software that installs parts of itself in both the
> root fs and
> > > user dirs
> > > > (and you don't want to work around this with
> bind-dirs), and
> > you need
> > > > the software in only one VM, then a StandaloneVM is
> probably
> > a perfect
> > > > solution.
> > > >
> > > >
> > >
> > > Evo, let me oversimplify it
> > >
> > > so is it better to have more template-VMs?
> > >
> > >
> > > yes
> > >
> > > But why not standalone as a copy of the existing
> template-VM?
> > >
> > >
> > > you do not need standalone VMs. StandaloneVMs are only for

Re: [qubes-users] Can't start my StandaloneVM anymore

[Unman]

On Fri, Mar 17, 2017 at 10:49:04AM -0700, cooloutac wrote:
> On Friday, March 17, 2017 at 1:48:27 PM UTC-4, cooloutac wrote:
> > On Friday, March 17, 2017 at 1:17:10 PM UTC-4, Unman wrote:
> > > On Fri, Mar 17, 2017 at 04:38:17PM +, faber wrote:
> > > > I have a Debian-9 StandaloneVM that I recently am unable to start it.
> > > > The only thing I've done, before getting stuck there, was removing
> > > > libreoffice (all packages), jack, mutt and icedove, nothing special.
> > > > 
> > > > logs from /var/log/xen/console/guest-dev.log:
> > > > 
> > > > https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g
> > > > 
> > > > 
> > > > If you need anything else, please let me know!
> > > 
> > > If you start it using qvm-start what error do you see?
> > > Once you have started it can you attah to the console from dom0 using
> > > (as root) xl console  ?
> > 
> > ya and if you can do that check apt log.  I kill my debian system all the 
> > time removing or installing packages.  I blindly click yes and don't 
> > realize its asking me if it can kill my system by removing desktop haha.
> > 
> > after reading about how when updating a template you could accidentally 
> > click yes to a not verified key I had to tell my family to make sure they 
> > read for that specific thing especially before hitting y. (this has nothing 
> > to do with your issue sorry)
> 
> and when that happens you just keep trying till it gets a valid key.
> 

I hope this was a joke.
I have no sense of humour - do NOT do this.
It's a common situation and you will find many answers with a simple
search.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317211038.GA1810%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Backup Error

[Chris Laprise]

On 03/17/2017 02:55 PM, jimmy.dack...@gmail.com wrote:

I'm trying out the backup feature in Qubes but getting an error.

I'm trying to save VMs totaling 22.4GB in size on a USB stick with 63GB free.

At 19% progress is get:
"[Dom0] Backup error!
ERROR: Failed to write the backup, VM output: cat: write error: File too large."

Is there a maximum file size for backups? A RAM limitation (I have 8GB RAM and 
when I do the backup about 6GB is free)? Something else I'm not thinking of?

I am able to do a small backup, such as just Dom0 itself.

Also a general question about backups: if I do a backup and then restore, will 
it add what I backed up to what is already on the system? Or completely 
overwrite everything? For example, if I have 10 VMs and backup 3, then restore 
the 3, will it just overwrite those three and leave the other 7 alone? Or will 
I only have those 3 and the other 7 are wiped out?



Likely the filesystem (FAT?) on the destination cannot handle files over 
a certain size. You may want to reformat it with a native Linux fs like 
Ext4.


--

Chris Laprise, tas...@openmailbox.org
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/07c70ef9-0e9f-336b-1c04-2c2920d55e72%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: is it better to have just standaloneVMs?

[Franz]

On Fri, Mar 17, 2017 at 5:07 AM, evo  wrote:

>
>
> Am 17.03.2017 um 01:19 schrieb Franz:
> >
> >
> > On Thu, Mar 16, 2017 at 6:01 AM, evo  > > wrote:
> >
> >
> >
> > Am 15.03.2017 um 23:45 schrieb Andrew David Wong:
> > > On 2017-03-15 01:14, evo wrote:
> > >> Am 15.03.2017 um 01:17 schrieb Unman:
> > >>> On Tue, Mar 14, 2017 at 08:02:58PM -0400, Chris Laprise wrote:
> >  On 03/14/2017 01:55 PM, evo wrote:
> > > hmm.. this is also a good point, thanks! so if i do not use
> > > openoffice in my bankingVM, there is no practical
> > > vulnerability in it.
> > >
> > 
> >  Yes and no. Off the top of my head, there are two things to be
> >   concerned about with the (regular, distro) software you
> >  install:
> > 
> >  1. Does it cause an additional service to start accepting
> >  connections?
> > 
> >  2. Does it have a MIMEtype or similar mapping, so that clicking
> >  on a mislabeled file could cause it to open in an
> >  unwanted/risky app. Unfortunately, nautilus doesn't seem to
> >  have a setting for always asking before starting an app. But
> >  at least it defaults to double-click instead of single-click.
> > 
> > >>>
> > >>> 3. Installing some programs, like libre/openoffice, brings with
> > >>> it numerous libraries and attendant programs which may widen the
> > >>>  attack surface of your qube considerably.
> > >>>
> > >
> > >> so its better to have such VMs as banking or email in
> > >> standalone-mode.
> > >
> > > No, that doesn't follow. See my previous message about having
> multiple
> > > TemplateVMs.
> > >
> > >> The thing is... as i understood, stanalone-machines (if they are
> > >> not HVM) have all software from the template they use. So the only
> > >> way is, to install new iso on HVM, isn't it?
> > >
> > >
> > > This doesn't follow either. StandaloneVMs and HVMs are completely
> > > independent of one another. It's possible that there is
> terminological
> > > confusion here. Please consult the glossary:
> > >
> > > https://www.qubes-os.org/doc/glossary/
> > 
> > >
> > >> in that case, i don't really understand the sense of standalone
> > >> AppVMs.
> > >
> > >
> > > StandaloneVMs can be useful for many different things, but not
> every
> > > user will have a need for them. For example, if you have a piece of
> > > software that installs parts of itself in both the root fs and
> > user dirs
> > > (and you don't want to work around this with bind-dirs), and you
> need
> > > the software in only one VM, then a StandaloneVM is probably a
> perfect
> > > solution.
> > >
> > >
> >
> > Evo, let me oversimplify it
> >
> > so is it better to have more template-VMs?
> >
> >
> > yes
> >
> > But why not standalone as a copy of the existing template-VM?
> >
> >
> > you do not need standalone VMs. StandaloneVMs are only for special
> > cases/software, but since you do not mention any special case forget
> > them as well as HVMs.
> >
> >
> > After that i can delete all software i dont need on it and have
> rather
> > clean VM with just the software i need.
> >
> >
> > you can do the same with templates
> >
> >
> > the other thing is, on standalone-vm i can see existing updates just
> in
> > time... VM that works on general template dont show updates, for this
> > case i must start the template vm. So if i do not start template for
> a
> > long time, i will have insecure appvms. Or do i understand something
> > wrong?
> >
> >
> > Evo, just start the templates every time Qubes-manager show than an
> > update is available, with the green downward arrow, that is every few
> > days. Then reboot your computer. Updating only a couple of templates
> > you'll automatically update and somehow clean all of yours VMs, that in
> > my case are 38. You'll probably have only a few of them, but with time
> > you'll learn how convenient it is to create template depending light VMs
> > for special purposes. But imagine having a lot of standaloneVMs each one
> > needing an independent update.
> > best
> > Fran
> >
>
> hmmm, ok
> you won :)
>
> i just thought, its crude to create 3 different template-VMs for vault,
> e-mail and banking.
>
> after using Qubes for some time, i understand the possibility to have 38
> VMs
>
> so the appVM (based on template) will show me also the green arrow of
> update?


No, because the appVM does not need an update. Only the template does need
it.

> i thought, it is just visible, if you start the template-VM.
>

No, the green arrow is visible on the side of the template even if the
template is kept always closed

-- 
You received this message because you are subscribed to the

[qubes-users] Backup Error

[jimmy . dack . 68]

I'm trying out the backup feature in Qubes but getting an error.

I'm trying to save VMs totaling 22.4GB in size on a USB stick with 63GB free.

At 19% progress is get:
"[Dom0] Backup error!
ERROR: Failed to write the backup, VM output: cat: write error: File too large."

Is there a maximum file size for backups? A RAM limitation (I have 8GB RAM and 
when I do the backup about 6GB is free)? Something else I'm not thinking of?

I am able to do a small backup, such as just Dom0 itself.

Also a general question about backups: if I do a backup and then restore, will 
it add what I backed up to what is already on the system? Or completely 
overwrite everything? For example, if I have 10 VMs and backup 3, then restore 
the 3, will it just overwrite those three and leave the other 7 alone? Or will 
I only have those 3 and the other 7 are wiped out?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ec923dfc-2611-4523-a7f8-61470f64725c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: Can't start my StandaloneVM anymore

[faber]

unman:
> If you start it using qvm-start what error do you see?
> Once you have started it can you attah to the console from dom0 using
> (as root) xl console  ?

When it gets at

"starting the qrexec daemon..."

and

"Waiting for VM's qrexec agent.."

it goes timeout and says

"Cannot connect to 'standaloneVM' qrexec agent for 60 seconds, giving up
ERROR: Cannot execute qrexec-daemon!"


If I try to do sudo xl console 'standaloneVM' I get what I think is the
same output of the log that I posted before, but then it asks for login
credential of the VM (which I have no idea what they are)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/acd007d0-2cf7-79ea-ac2b-59a478982976%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] NTP Global alteration.

[cooloutac]

On Thursday, March 16, 2017 at 11:26:48 PM UTC-4, Drew White wrote:
> On Friday, 17 March 2017 11:36:25 UTC+11, Jean-Philippe Ouellet  wrote:
> > As for changing the NTP server used, feel free to submit patches.
> 
> If I was to submit patches, they wouldn't be in Python Code. So I can't 
> submit any changes because my applications aren't written in Python.

the amount of times qubes contacts the dns servers is same on baremetal 
systems.  I always eyeball etherape from sys-net.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9e26a5da-1c78-478f-a78b-cbc0052450e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: very frequent crashes (about every other hour)

[cooloutac]

On Thursday, March 16, 2017 at 11:34:12 PM UTC-4, Drew White wrote:
> On Monday, 13 March 2017 07:47:34 UTC+11, Steffen Hartmann  wrote:
> > Hello,
> > 
> > after installation and some weeks of using cubes 3.2 I'm still facing 
> > troubles with the system hanging comletly.
> > It starts with very delayed mouse and keyboard input - finally everything 
> > stops.
> > When looking with top in dom0 no obvious memory hungry tasks.
> > 
> > However I have to reboot or even stop the computer the hard way pulling the 
> > mains.
> > 
> > With my other OS's on the same computer no such troubles.
> > 
> > Where can I look into to trace down this problem?
> > 
> > I have a dell precision 5500 with 16 GB Ram an 3 VM running (sys-firewall, 
> > sys-net, fed23) and dom0 of course.
> > 
> > Everything is pretty much standard installation.
> > 
> > thank you
> 
> Hi Steffen,
> 
> You are using the almost EXACT SAME machine that I am. I have 24 GB RAM.
> I used to have the exact same problem before I reconfigured things to work 
> properly so that this did not happen.
> 
> FIRSTLY, upgrade to A16, there are bugs in A13 that should not be there.
> This fixes the frequent overloads and thus the lockups.
> 
> SECOND, disable screensaver, put it to blank screen.
> THIRD, whenever you are going away overnight, pause every guest that runs web 
> browsers, OR shut them down.
> 
> FOURTH, make sure you update the Qubes Manager to get rid of the Memory Leak 
> it has.
> 
> Currently I have been using most of my own things to replace the Qubes 
> Manager, thus utilising less RAM in Dom0, which also resolved numerous 
> locking issues.
> 
> I run Fedora 23 Templates, along with Debian 8, and numerous versions of 
> Windows along with other operating systems including Android.
> At times I have anywhere up to 20 Guests running at a time.
> 
> RARELY less than 8.

Drew when you gonna join Qubes team?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/29b61544-8d2f-402d-8c21-3949ee92745f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: very frequent crashes (about every other hour)

[cooloutac]

also might want to test power settings in bios and desktop settings. or shut 
them off.  wake and remote wake settings, cpu frequency settings, suspend power 
off settings especially for gpu monitor hdd or anything.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d160096a-9000-4e2a-8424-babd875bb435%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: Network Link Speed in VM?

[cooloutac]

On Friday, March 17, 2017 at 5:35:12 AM UTC-4, Jarle Thorsen wrote:
> My netVM has a 10Gb network card, and hence a 10Gb link speed on it's network 
> interface.
> 
> However I notice that my Windows HVM only has a 1 Gb link speed? (I'm unable 
> to list the link speed for my linux VMs for some reason?)
> 
> Is it possible to get the VMs to use 10Gb network? (or is the link speed just 
> a number, and not a speed limit for the VMs?)

is this Drew? hehe.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c766199c-0894-40bd-be69-7454e6d0cfd5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: S3 sleep on Thinkpad T460 issues

[cooloutac]

On Thursday, March 16, 2017 at 7:55:27 AM UTC-4, Martin L. Fällman wrote:
> Hi list! So, I have an issue with my Thinkpad T460. What seems like randomly, 
> it will not wake up from S3 sleep. Opening and closing the lid, hitting the 
> power button and doing a little jig on the keyboard does nothing.
>  The indicator light is however pulsating, and I can get the FnLock light to 
> light up by pressing Fn+Esc.
> 
>  
> 
> I’m fairly certain it happens when it’s slept for a long time, e.g. 
> overnight, and it may be related to putting it to sleep with an Ethernet 
> cable and/or power connected. I’ve set the TPM to the discrete chip and done
>  some other BIOS fixes that have gotten sleep and shutdown to work properly 
> most of the time, but this issue still eludes me, and it doesn’t seem like I 
> can find anything about it in the logs either.
> 
>  
> 
> Can’t find anything on the issue in the list archives, so I figured I should 
> bring it to the list to see if anyone has an idea of what could be going 
> wrong. I have logs from my attempt to suspend yesterday, which ended
>  with the computer not waking up this morning: http://pastebin.com/yny6QL4j
> 
>  
> 
> As you can see, first there’s some sort of i915 warning, then xfdesktop dumps 
> core, and then systemd merrily goes on its way suspending the system. I 
> suspect the issue is in there somewhere—could be i915, right?
> 
>  
> 
> I’m also running the stock BIOS revision but I’ve prepared an update USB that 
> hopefully will allow me to update to the latest version. Could maybe resolve 
> the issue, no?
> 
>  
> 
> Any input or ideas appreciated…
> 
>  
> 
> Cheers,
> 
>  
> 
> MARTIN L. FÄLLMAN
> 
> PROTECTION OFFICER
> 
> 
> 
> CIVIL RIGHTS DEFENDERS
> 
> Address: Sergels torg 12, floor 12, SE-111 57 Stockholm, Sweden
> 
> Tel: +46 8 120 744 03, Mobile: +46 70 484 96 75
> 
> martin.fall...@civilrightsdefenders.org
> 
> PGP: 0ECD 731D D578 6145 AB22 D213 5104 FC60 779A FD28
> 
> SIGNAL available on cell number 
> 
> 
> 
> We defend people’s civil and political rights and empower human rights 
> defenders worldwide.
> 
> Learn how to support us on www.crd.org
> 
>  

same thing happens to me on my desktop with qubes specifically man. after slept 
for a long time.  happens on another desktop with windows you can try bug 
reporting the kernel with xen.  might be a baremetal linux thing too since its 
so common.

My issue is system freezes when woke after hours of sleep. I think depending 
which vms open.  I assumed disposable but now not sure.

After it killed my qubes one time.  Qubes couldn;t boot.  I had to mount it i 
don't remember  from where and thank goodness fsck worked and bought it back to 
life.  a problem of using ssd.  but at least it don;t physically die.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2f532c1e-7b04-42b2-8e5b-37ff22f7ef54%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Can't start my StandaloneVM anymore

[cooloutac]

On Friday, March 17, 2017 at 1:17:10 PM UTC-4, Unman wrote:
> On Fri, Mar 17, 2017 at 04:38:17PM +, faber wrote:
> > I have a Debian-9 StandaloneVM that I recently am unable to start it.
> > The only thing I've done, before getting stuck there, was removing
> > libreoffice (all packages), jack, mutt and icedove, nothing special.
> > 
> > logs from /var/log/xen/console/guest-dev.log:
> > 
> > https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g
> > 
> > 
> > If you need anything else, please let me know!
> 
> If you start it using qvm-start what error do you see?
> Once you have started it can you attah to the console from dom0 using
> (as root) xl console  ?

ya and if you can do that check apt log.  I kill my debian system all the time 
removing or installing packages.  I blindly click yes and don't realize its 
asking me if it can kill my system by removing desktop haha.

after reading about how when updating a template you could accidentally click 
yes to a not verified key I had to tell my family to make sure they read for 
that specific thing especially before hitting y. (this has nothing to do with 
your issue sorry)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3d62f870-238a-42d4-93a1-ba0eb7ea640e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Can't start my StandaloneVM anymore

[cooloutac]

On Friday, March 17, 2017 at 1:48:27 PM UTC-4, cooloutac wrote:
> On Friday, March 17, 2017 at 1:17:10 PM UTC-4, Unman wrote:
> > On Fri, Mar 17, 2017 at 04:38:17PM +, faber wrote:
> > > I have a Debian-9 StandaloneVM that I recently am unable to start it.
> > > The only thing I've done, before getting stuck there, was removing
> > > libreoffice (all packages), jack, mutt and icedove, nothing special.
> > > 
> > > logs from /var/log/xen/console/guest-dev.log:
> > > 
> > > https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g
> > > 
> > > 
> > > If you need anything else, please let me know!
> > 
> > If you start it using qvm-start what error do you see?
> > Once you have started it can you attah to the console from dom0 using
> > (as root) xl console  ?
> 
> ya and if you can do that check apt log.  I kill my debian system all the 
> time removing or installing packages.  I blindly click yes and don't realize 
> its asking me if it can kill my system by removing desktop haha.
> 
> after reading about how when updating a template you could accidentally click 
> yes to a not verified key I had to tell my family to make sure they read for 
> that specific thing especially before hitting y. (this has nothing to do with 
> your issue sorry)

and when that happens you just keep trying till it gets a valid key.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/989ca76a-7ffa-4315-9aa5-16989833050c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Xenial Desktop Template VM Compiling

[Unman]

On Thu, Mar 16, 2017 at 07:21:23AM -0700, Basti Gibbons wrote:
> So I have been following this awesome guide for compiling a 16.04 compatible 
> TemplateVM here:
> https://www.reddit.com/r/Qubes/comments/5vzg04/idiots_guide_to_installing_qbuntu_ubuntu_1604/
> 
> Fantastic quide but obviously its not idiot proof enough as I am having 
> troubles. I have created the Ubuntu-builder template but whenever I try to 
> run the ./setup script to download sources for compiling I get this:
> 
> Makefile:186: target 'mgmt-salt.get-sources' given more than once in the same 
> rule 
> Makefile:188: target 'mgmt-salt.get-sources-extra' given more than once in 
> the same rule 
> Makefile:208: target 'mgmt-salt-vm' given more than once in the same rule 
> Makefile:220: target 'mgmt-salt-dom0' given more than once in the same rule 
> Makefile:373: target 'mgmt-salt.clean' given more than once in the same rule 
> Makefile:500: target 'mgmt-salt.grep' given more than once in the same rule 
> Makefile:186: target 'mgmt-salt.get-sources' given more than once in the same 
> rule 
> Makefile:188: target 'mgmt-salt.get-sources-extra' given more than once in 
> the same rule 
> Makefile:208: target 'mgmt-salt-vm' given more than once in the same rule 
> Makefile:220: target 'mgmt-salt-dom0' given more than once in the same rule 
> Makefile:373: target 'mgmt-salt.clean' given more than once in the same rule 
> Makefile:500: target 'mgmt-salt.grep' given more than once in the same rule
> 
> This seems a bit arbitrary from the sounds of it ( maybe the sources are 
> listed more than once in the make file) but I want to know if this is going 
> to affect my end compiled kernal. 
> 
> I originally dismissed these and completed the guide as written but I could 
> only get firefox and Xterm to work from my applications list, even after I 
> put the fix in for this specific issue ( tried the guides way and even just 
> hardcoded it without my if fi statements but still had no luck. )
> 
> As you'll see at the bottom of the post, someone suggested to run a debug 
> function but this is where my extreme noobishness kicks in. I declared a 
> debug function and thought I was outputting to a debug file but could not 
> find anything. Can anyone help with what seems to be a noob problem?
> 
> All help is greatly appreciated as I will be learning from it and I thank you 
> in advance!
> 

I don't see this behaviour - is it happening when you download sources
from within setup.sh? Is it only with Xenial, or does it occur if you
select other build targets?

It sounds as if some of the PRs haven't been merged in to release3.2. If
you can start xterm, (and you say you can), can you try manually
starting another program that you find wont run from the applications
list, and report back any error?

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317173031.GC585%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Is it really hard to autogenerate apropos data for all qubes utils ?

[Unman]

On Fri, Mar 17, 2017 at 12:05:45PM +0300, Oleg Artemiev wrote:
> The most annoying thing is not that I have to do some manual
> intervention to start my music
> VM for unknown to me reason.
> 
> This :
> 
> apropos qmemman
> qmemman: nothing appropriate.
> 
> is most annoying thing in Qubes project.
> 
> when something goes wrong I have to get out of my console and look
> into qubes documentation available on the web. Why things origanazed
> that bad? Damn, I've to - I will. But with this I need to memorize
> Qubes documentation index to get a clue where should I look.
> 
> Subj. Is it really hard to autogenerate apropos data for all qubes utils ?
> 
> 
> $ cat QubesIncoming/dom0/qubes-wtf.utf8.txt
> [olli@dom0 ~]$ qvm-ls grey-olli-music
> -+++---+--+---+---++
> name | on |  state | updbl | type |  template |
> netvm |  label |
> -+++---+--+---+---++
>  grey-olli-music || Halted |   |  | fedora-23 |
> *sys-firewall | yellow |
> [olli@dom0 ~]$ qvm-start grey-olli-music
> --> Creating volatile image:
> /var/lib/qubes/appvms/grey-olli-music/volatile.img...
> --> Loading the VM (type = AppVM)...
> ERROR: ERROR: Failed to connect to qmemman: [Errno 111] Connection refused
> [olli@dom0 ~]$ apropos qmemman
> qmemman: nothing appropriate.
> [olli@dom0 ~]$
> 
> 

qmemman is a service - as far as I'm aware man and apropos DO work for
qubes utils.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317171954.GB585%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Can't start my StandaloneVM anymore

[Unman]

On Fri, Mar 17, 2017 at 04:38:17PM +, faber wrote:
> I have a Debian-9 StandaloneVM that I recently am unable to start it.
> The only thing I've done, before getting stuck there, was removing
> libreoffice (all packages), jack, mutt and icedove, nothing special.
> 
> logs from /var/log/xen/console/guest-dev.log:
> 
> https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g
> 
> 
> If you need anything else, please let me know!

If you start it using qvm-start what error do you see?
Once you have started it can you attah to the console from dom0 using
(as root) xl console  ?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170317171706.GA585%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Can't start my StandaloneVM anymore

[faber]

I have a Debian-9 StandaloneVM that I recently am unable to start it.
The only thing I've done, before getting stuck there, was removing
libreoffice (all packages), jack, mutt and icedove, nothing special.

logs from /var/log/xen/console/guest-dev.log:

https://share.riseup.net/#jt9PHXk7pbpDkz0ZKmwy7g


If you need anything else, please let me know!

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8eda5cc1-e7ea-36ff-0679-f482b1ef3844%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Entroware.com orion laptop?

[Gaiko Kyofusho]

Has anyone tried Entroware's Orion (Ubuntu) laptop?

I saw an article
on
it earlier (not sure about the mac book pro alt part but still impressed)
and checked it out. I thought it was a pretty darn good deal (32gb mem/
skylake proc/500gb ssd/14") for less than $700 USD I think, problem is they
don't *seem* to ship to the US? Anyway, still wasn't sure about
compatibility, anyone tried them out?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAGpWZxPi0iO%3DCLiC6H45J-R2G5FXhOTvaNq2_3fFkqVvW1L3Gw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

RE: [qubes-users] S3 sleep on Thinkpad T460 issues

[Martin L . Fällman]

> -Original Message-
> From: qubes-users@googlegroups.com [mailto:qubes-
> us...@googlegroups.com] On Behalf Of Chris Laprise
> Sent: den 16 mars 2017 15:12
> To: Martin L. Fällman ; qubes-
> users 
> Subject: Re: [qubes-users] S3 sleep on Thinkpad T460 issues
> 
> On 03/16/2017 07:55 AM, Martin L. Fällman wrote:
> > Hi list! So, I have an issue with my Thinkpad T460. What seems like
> > randomly, it will not wake up from S3 sleep. Opening and closing the
> > lid, hitting the power button and doing a little jig on the keyboard
> > does nothing. The indicator light is however pulsating, and I can get
> > the FnLock light to light up by pressing Fn+Esc.
> >
> >
> >
> > I’m fairly certain it happens when it’s slept for a long time, e.g.
> > overnight, and it may be related to putting it to sleep with an
> > Ethernet cable and/or power connected. I’ve set the TPM to the
> > discrete chip and done some other BIOS fixes that have gotten sleep
> > and shutdown to work properly most of the time, but this issue still
> > eludes me, and it doesn’t seem like I can find anything about it in the logs
> either.
> >
> >
> >
> > Can’t find anything on the issue in the list archives, so I figured I
> > should bring it to the list to see if anyone has an idea of what could
> > be going wrong. I have logs from my attempt to suspend yesterday,
> > which ended with the computer not waking up this morning:
> > http://pastebin.com/yny6QL4j
> >
> >
> >
> > As you can see, first there’s some sort of i915 warning, then
> > xfdesktop dumps core, and then systemd merrily goes on its way
> > suspending the system. I suspect the issue is in there somewhere—could
> be i915, right?
> >
> >
> >
> > I’m also running the stock BIOS revision but I’ve prepared an update
> > USB that hopefully will allow me to update to the latest version.
> > Could maybe resolve the issue, no?
> 
> 
> Hi Martin,
> 
> Recent releases have a lot a problems with suspend, unfortunately. I have an
> older Thinkpad with a suspend issue.
> 
> Have you looked at this thread?
> https://groups.google.com/forum/#!topic/qubes-users/-xXKdAkIjxU
> 
> Upgrading the BIOS could help. So could trying a different kernel such as 4.8
> (this is found in qubes-dom0-unstable repository).
> 
> --
> 
> Chris Laprise, tas...@openmailbox.org
> https://twitter.com/ttaskett
> PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886
> 

Chris, thanks for the input. I'm attempting the BIOS update route today, if I 
can get the computer to boot from the upgrade drive... Lenovo claims there are 
security fixes in the latest BIOS version as well, so I figure it can't exactly 
hurt to try it.

Also Frank (not quoted above, sorry): thanks, I'll look into hibernate-to-disk 
settings. If that's turned on somewhere I definitely think that could be the 
culprit. Once upon a time I actually had a Gentoo laptop that could do it, but 
that took a lot of work and a custom initramfs.

Cheers all,
//MLF. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/32ad0cc1a80241e38e42aaf70062a1e3%40Exchange01.domain.local.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Network Link Speed in VM?

[Jarle Thorsen]

My netVM has a 10Gb network card, and hence a 10Gb link speed on it's network 
interface.

However I notice that my Windows HVM only has a 1 Gb link speed? (I'm unable to 
list the link speed for my linux VMs for some reason?)

Is it possible to get the VMs to use 10Gb network? (or is the link speed just a 
number, and not a speed limit for the VMs?)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/688f20a6-8897-4498-a4ca-313e1f44abf4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Is it really hard to autogenerate apropos data for all qubes utils ?

[Oleg Artemiev]

The most annoying thing is not that I have to do some manual
intervention to start my music
VM for unknown to me reason.

This :

apropos qmemman
qmemman: nothing appropriate.

is most annoying thing in Qubes project.

when something goes wrong I have to get out of my console and look
into qubes documentation available on the web. Why things origanazed
that bad? Damn, I've to - I will. But with this I need to memorize
Qubes documentation index to get a clue where should I look.

Subj. Is it really hard to autogenerate apropos data for all qubes utils ?


$ cat QubesIncoming/dom0/qubes-wtf.utf8.txt
[olli@dom0 ~]$ qvm-ls grey-olli-music
-+++---+--+---+---++
name | on |  state | updbl | type |  template |
netvm |  label |
-+++---+--+---+---++
 grey-olli-music || Halted |   |  | fedora-23 |
*sys-firewall | yellow |
[olli@dom0 ~]$ qvm-start grey-olli-music
--> Creating volatile image:
/var/lib/qubes/appvms/grey-olli-music/volatile.img...
--> Loading the VM (type = AppVM)...
ERROR: ERROR: Failed to connect to qmemman: [Errno 111] Connection refused
[olli@dom0 ~]$ apropos qmemman
qmemman: nothing appropriate.
[olli@dom0 ~]$




-- 
Bye.Olli.
gpg --search-keys grey_olli , use key w/ fingerprint below:
Key fingerprint = 9901 6808 768C 8B89 544C  9BE0 49F9 5A46 2B98 147E
Blog keys (the blog is mostly in Russian): http://grey-olli.livejournal.com/tag/

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CABunX6P79Ho7OExAU6hKGx0uM3izyM4ZD%2BGUxPzO_9eJ6n1t%3Dw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] other SSD for VM, not possible?

[evo]

Am 17.03.2017 um 04:21 schrieb Andrew David Wong:
> On 2017-03-16 02:10, evo wrote:
> 
> 
>> Am 15.03.2017 um 23:45 schrieb Andrew David Wong:
>>> On 2017-03-15 01:45, evo wrote:
 Hello!
>>>
 rather simple question: as i understood, its not possible to 
 install VM on other SSD as the Qubes, isn't it?
>>>
>>>
>>> Install? Not easily.
>>>
>>> Move? Easily:
>>>
>>> https://www.qubes-os.org/doc/secondary-storage/
>>>
>>>
> 
> 
>> thanks! i must mount the second drive every time to dom0 (its
>> almost on dom0, but not mounted, is greyed). Is there any way, to
>> mount it automatically in dom0 fstab or smth like that?
> 
>> the second thing is, the data on this VM (on the other SSD) will
>> not be encrypted. Is there a simple way to let it be encrypted, but
>> work with the VM?
> 
> 
> Yes, you can encrypt the whole secondary drive with LUKS, then add
> entries in crypttab and fstab to have it auto-decrypt and automount on
> dom0 startup.
> 
> These are general Linux things (not Qubes-specific), so we don't
> maintain documentation for them. There are a lot of good guides
> available on the Web.
> 
> 

are, ok.. sure.. thanks! i'll look for it.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20e22a00-0761-ccc6-6175-2cece8f8c771%40aliaks.de.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: is it better to have just standaloneVMs?

[evo]

Am 17.03.2017 um 01:19 schrieb Franz:
> 
> 
> On Thu, Mar 16, 2017 at 6:01 AM, evo  > wrote:
> 
> 
> 
> Am 15.03.2017 um 23:45 schrieb Andrew David Wong:
> > On 2017-03-15 01:14, evo wrote:
> >> Am 15.03.2017 um 01:17 schrieb Unman:
> >>> On Tue, Mar 14, 2017 at 08:02:58PM -0400, Chris Laprise wrote:
>  On 03/14/2017 01:55 PM, evo wrote:
> > hmm.. this is also a good point, thanks! so if i do not use
> > openoffice in my bankingVM, there is no practical
> > vulnerability in it.
> >
> 
>  Yes and no. Off the top of my head, there are two things to be
>   concerned about with the (regular, distro) software you
>  install:
> 
>  1. Does it cause an additional service to start accepting
>  connections?
> 
>  2. Does it have a MIMEtype or similar mapping, so that clicking
>  on a mislabeled file could cause it to open in an
>  unwanted/risky app. Unfortunately, nautilus doesn't seem to
>  have a setting for always asking before starting an app. But
>  at least it defaults to double-click instead of single-click.
> 
> >>>
> >>> 3. Installing some programs, like libre/openoffice, brings with
> >>> it numerous libraries and attendant programs which may widen the
> >>>  attack surface of your qube considerably.
> >>>
> >
> >> so its better to have such VMs as banking or email in
> >> standalone-mode.
> >
> > No, that doesn't follow. See my previous message about having multiple
> > TemplateVMs.
> >
> >> The thing is... as i understood, stanalone-machines (if they are
> >> not HVM) have all software from the template they use. So the only
> >> way is, to install new iso on HVM, isn't it?
> >
> >
> > This doesn't follow either. StandaloneVMs and HVMs are completely
> > independent of one another. It's possible that there is terminological
> > confusion here. Please consult the glossary:
> >
> > https://www.qubes-os.org/doc/glossary/
> 
> >
> >> in that case, i don't really understand the sense of standalone
> >> AppVMs.
> >
> >
> > StandaloneVMs can be useful for many different things, but not every
> > user will have a need for them. For example, if you have a piece of
> > software that installs parts of itself in both the root fs and
> user dirs
> > (and you don't want to work around this with bind-dirs), and you need
> > the software in only one VM, then a StandaloneVM is probably a perfect
> > solution.
> >
> >
> 
> Evo, let me oversimplify it
> 
> so is it better to have more template-VMs?
> 
> 
> yes
> 
> But why not standalone as a copy of the existing template-VM?
> 
> 
> you do not need standalone VMs. StandaloneVMs are only for special
> cases/software, but since you do not mention any special case forget
> them as well as HVMs.
>  
> 
> After that i can delete all software i dont need on it and have rather
> clean VM with just the software i need.
> 
> 
> you can do the same with templates
> 
> 
> the other thing is, on standalone-vm i can see existing updates just in
> time... VM that works on general template dont show updates, for this
> case i must start the template vm. So if i do not start template for a
> long time, i will have insecure appvms. Or do i understand something
> wrong?
> 
> 
> Evo, just start the templates every time Qubes-manager show than an
> update is available, with the green downward arrow, that is every few
> days. Then reboot your computer. Updating only a couple of templates
> you'll automatically update and somehow clean all of yours VMs, that in
> my case are 38. You'll probably have only a few of them, but with time
> you'll learn how convenient it is to create template depending light VMs
> for special purposes. But imagine having a lot of standaloneVMs each one
> needing an independent update.
> best
> Fran
> 

hmmm, ok
you won :)

i just thought, its crude to create 3 different template-VMs for vault,
e-mail and banking.

after using Qubes for some time, i understand the possibility to have 38 VMs

so the appVM (based on template) will show me also the green arrow of
update? i thought, it is just visible, if you start the template-VM.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5afe8005-5f22-c28e-d56e-6abd5667153b%40aliaks.de.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: is it better to have just standaloneVMs?

[Vít Šesták]

Sure, “not using the app” is somehow tricky condition. OTOH, there is usually 
some user cooperation. For educated users, it should be a potential way. But 
the line is not clear: For example, I used to have Adobe Flash on a separate 
VM, because I was not sure if I can manage to disable it by default in all 
cases.

On managing VM Templates: Actually, there is a mechanism that runs update 
checks and adds some notification to Qubes Manager. Well, it is not perfect in 
many ways. But you can always perform update checks from TemplateBasedVMs.

Well, you can even perform updates from TemplateBasedVMs, but the updates will 
be lost after reboot. Performing updates from TemplateBasedVMs can be useful if 
you don't want to reboot the VMs.

I don't see any significant disadvantage of TemplateVMs over StandaloneVMs. The 
signigicant advantage of TemplateVMs is manageability: You update all VMs at 
once. Those that are not running are updated immediately, those that are 
running are updated when rebooted. If you want o update some running VM 
immediately, you can. Maybe the description of update is a bit more complex for 
TemplateBasedVMs, but the execution is definitely easier. If you have dozens of 
VMs, some of which you run rarely, you would either have to take care of 
updates of those rarely-run VMs or you would get some VMs outdated (i.e. 
lacking of security updates), which is not good for security.

I have a rather clear line between VM templates and StandaloneVMs: Do I need to 
reuse it?

a. If yes, I create a TemplateVM.
b. If no, create a StandaloneVM.
c. If not sure, try to guess. ☺

Regards,
Vít Šesták 'v6ak'

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e0f71d76-7f71-4c45-9543-2e29e2e78125%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.