Re: [qubes-users] Installing ssh / capturing dom0 output

[taii...@gmx.com]

On 09/12/2017 03:59 PM, Sven Semmler wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 09/06/2017 11:44 PM, taii...@gmx.com wrote:

Just use another distro to do it, don't go to all that effort.

Yeah, after 5+ hours of trying to get this to work, I'll have to cut my
loses. While it might theoretically be possible to diagnose and correct
whatever issues this computer has ... it's just not worth it.

So when the time comes to buy HW for Qubes 4.0 next year, I'll be sure
to pick an Intel processor and Intel integrated graphics. I don't need
better graphics and more than that I don't need the struggle.
I wouldn't buy a brand new x86 laptop due to not wanting to support 
further developments of anti-features such as ME/PSP (and they are 
generally cheap plastic crap anyways), so I recommend the following:


I would of course recommend an owner controlled Lenovo G505S (pre PSP 
AMD) which does work with with qubes out of the box (it is on the HCL) 
and also has open source init coreboot


But if you really are picky about this another good choice for you would 
be one of the intel ivy bridge thinkpads (and install the better 
previous generation t420 keyboard) such as the T430, W530, X230 etc. 
they work great with linux and they support open source init coreboot - 
you can also get a docking station or expanded battery for them - the 
only issue is ME (although one can me-clean to the degree that 
ivy/sandybridge allows more than the new intel stuff)

Thanks for offering to help though. I understand your position that
technically an AMD would be just as good. But out of the box it won't be
If you still want to troubleshoot I am interested in seeing what is 
going on.


I believe the reason it doesn't work is due to the fact that the 
graphics device is quite new in linux years and hardly any experts have 
one as it is pretty obscure. (btw fyi the AMD laptop you have right now 
has PSP, which is AMD's ME)


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7d9dffd9-5888-d907-08d2-8afd8e226e12%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Best options for a 4.x compatible Dell workstation

[Gaijin]

On 2017-09-12 22:57, taii...@gmx.com wrote:
> On 09/12/2017 06:50 PM, Gaijin wrote:
> 
>> On 2017-09-12 12:46, filtration wrote:
>>> Gaijin:
 On 2017-09-12 05:32, pixel fairy wrote:
> On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:
>> given that appvms cant use 3d acceleration anyway, your best bet is 
>> intel graphics. if your going to give a gpu to a vm, then it depends on 
>> the os of that vm.
>>
>> last i checked, nvidia is fine with virtualization of quadro cards.
>>
>> make sure the workstation doesnt have AMT (vpro etc) as bussiness lines 
>> tend to. you may be safer with what dell would otherwise sell as a 
>> consumer desktop or gaming rig, minus the fancy graphics card unless 
>> your going to use it. but, if thats a big part of your work, you may be 
>> better off with linux + kvm or something else instead of qubes.
> damn nonlinear editing. that last sentence was supposed to go at the
> end of the first paragraph.
 Well, the good news is that enabling vPro on a Dell is an extra option
 that you can select (costs $19), so I made sure that selection was off.
 Thanks for the heads up.

 The newer Xeon chips in the E5 Series no longer include on-board
 processor graphics, so Intel graphics isn't an option if I go this
 route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
 cores (10 vs. 4). There's generally a lot more I could do simultaneously
 with this chip it seems looking at the specs.

 Researching through these forums and even the Qubes Docs there seems to
 be a "stay away from nVidia" theme; That's why I was focusing on the AMD
 graphics card option. Is nVidia Quadro a viable option?

 Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
 I find that the very newest AMD FirePro graphics card I selected isn't
 compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
 23 in dom0) So I dropped down to the older W5100 card and that seemed to
 work for them.

 The graphics aren't really a big part of my work. I just want a box that
 will be ready to run Qubes v4.

>>> Gaijin: Intel GPU is recommended, AMD are second best.
>>>
>>> IIRC, Dom0 will be based on Fedora 25 in Qubes 4.0. Try checking AMD's
>>> site (https://support.amd.com/en-us/download) for compatibility reports,
>>> too.
>> Looking at the latest AMD FirePro drivers, they have versions that
>> support RHEL and CentOS, so in turn can I assume one of those might
>> support Fedora as well?
> Yes.
>>   They also seem to have a generic Linux driver
>> for older OS versions.
>>
>> I do see a few AMD FirePro cards in the HCL that seem to be working, but
>> not the specific one I'm looking at, so that's somewhat encouraging...
>>
> Adding your own driver to dom0 wouldn't be difficult if by chance you
> need to, I mod my kernels all the time.

Cheers for the advice!

The hope is that generic video drivers in dom0 will suffice, but good to
know that I could add a driver there, and that one would be available.
I'm feeling a lot better about this AMD card now.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/53f2408f7d0f65c44e0ec6389efc1da7%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: HCL - Lemur7

[pixel fairy]

reliably, as of today (with the recent xen upgrade to 4.6.6-30), disabling an 
external display hangs the system.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7abf7f3f-aa92-407b-83c7-c00d8b5c4a55%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Can't get disposable VMs to work

[Selton]

I guess this could be the problem.

/var/log/libvirt/libxl/libxl-driver.log produces the following 4 lines for each 
try to start a disposable VM:

xc: error: X86_PV_VCPU_MSRS record truncated: length 8, min 9: Internal error
xc: error: Restore failed (0 = Success): Internal error
libxl: error: libxl_stream_read.c:749:libxl__xc_domain_restore_done: restoring 
domain: Success
libxl: error: libxl_create.c:1145:domcreate_rebuild_done: cannot (re-)build 
domain: -3

So I guess this means I'm out of luck here and no workaround available? 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0858c1db-5924-4563-bc44-14ca824c38de%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] trying to setup VPN on NetVM, can't connect and no error

[Chris Laprise]

On 09/11/2017 12:45 PM, André Borud wrote:

I'm trying to setup a vpn in the NetVM by importing .ovpn settings. The import 
of settings is successful and adds the newly imported VPN to the list of 
possible VPNs to connect to. But when clicking on one to connect I get a little 
message saying its not possible to connect almost the same instance, like it 
actually didn't try to connect.

These are the settings I'm trying to use:

client
dev tun
proto udp
remote ***-a05.*.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.**.com.crt
verify-x509-name ***-a05.*.com name
auth-user-pass
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher 
TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA


and then I use a username and password.

Is there a way to see an error message or something atleast to fix whatever the 
problem is?

Using QubesOS 3.2 on an Intel NUC i7.



If you're trying to import an ovpn file into Network Manager, its 
error-prone and I've never gotten it to work. The other problem I see is 
putting the VPN connection in netvm, when it should be in a proxyvm for 
security.


The Qubes VPN doc provides two ways to setup a proxyvm for VPN: An easy 
way using Network Manager, and a script-based method that uses 
pre-existing ovpn files -- the latter has anti-leak protection:


https://www.qubes-os.org/doc/vpn/

I also have a project that uses the anti-leak features and is simpler to 
install:


https://github.com/tasket/Qubes-vpn-support


--

Chris Laprise, tas...@posteo.net
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e4d5c4c4-977a-db34-4c58-2c0404121615%40posteo.net.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Can't get disposable VMs to work

[Unman]

On Mon, Sep 11, 2017 at 07:54:22PM -0700, zach.gang...@gmail.com wrote:
> On Sunday, October 2, 2016 at 8:45:57 PM UTC-7, Chris Mays wrote:
> > I just installed Qubes OS for the first time today, and am having troubles 
> > getting a disposable VM to run.  The system menu for Firefox and XTerm just 
> > stall.  Is there something I am missing?
> > 
> > Regards
> 
> Bump for this, I have the same issue. Firefox and XTerm do not launch from 
> menu, or from CLI inside an AppVM
> 

Have a look at /var/log/libvirt/libxl.
If, as I suspect, you see "record truncated", it's a long standing bug
in Xen: , Qubes issue is still open.
If you dont see that post the relevant sections of the log

unman

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20170913014129.ipdp5vts6dhezvct%40thirdeyesecurity.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Best options for a 4.x compatible Dell workstation

[taii...@gmx.com]

On 09/12/2017 06:50 PM, Gaijin wrote:


On 2017-09-12 12:46, filtration wrote:

Gaijin:

On 2017-09-12 05:32, pixel fairy wrote:

On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:

given that appvms cant use 3d acceleration anyway, your best bet is intel 
graphics. if your going to give a gpu to a vm, then it depends on the os of 
that vm.

last i checked, nvidia is fine with virtualization of quadro cards.

make sure the workstation doesnt have AMT (vpro etc) as bussiness lines tend 
to. you may be safer with what dell would otherwise sell as a consumer desktop 
or gaming rig, minus the fancy graphics card unless your going to use it. but, 
if thats a big part of your work, you may be better off with linux + kvm or 
something else instead of qubes.

damn nonlinear editing. that last sentence was supposed to go at the
end of the first paragraph.

Well, the good news is that enabling vPro on a Dell is an extra option
that you can select (costs $19), so I made sure that selection was off.
Thanks for the heads up.

The newer Xeon chips in the E5 Series no longer include on-board
processor graphics, so Intel graphics isn't an option if I go this
route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
cores (10 vs. 4). There's generally a lot more I could do simultaneously
with this chip it seems looking at the specs.

Researching through these forums and even the Qubes Docs there seems to
be a "stay away from nVidia" theme; That's why I was focusing on the AMD
graphics card option. Is nVidia Quadro a viable option?

Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
I find that the very newest AMD FirePro graphics card I selected isn't
compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
23 in dom0) So I dropped down to the older W5100 card and that seemed to
work for them.

The graphics aren't really a big part of my work. I just want a box that
will be ready to run Qubes v4.


Gaijin: Intel GPU is recommended, AMD are second best.

IIRC, Dom0 will be based on Fedora 25 in Qubes 4.0. Try checking AMD's
site (https://support.amd.com/en-us/download) for compatibility reports,
too.

Looking at the latest AMD FirePro drivers, they have versions that
support RHEL and CentOS, so in turn can I assume one of those might
support Fedora as well?

Yes.

  They also seem to have a generic Linux driver
for older OS versions.

I do see a few AMD FirePro cards in the HCL that seem to be working, but
not the specific one I'm looking at, so that's somewhat encouraging...

Adding your own driver to dom0 wouldn't be difficult if by chance you 
need to, I mod my kernels all the time.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/fd9ae321-1914-5b04-b7c1-233ae437ced2%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Best options for a 4.x compatible Dell workstation

[Gaijin]

On 2017-09-12 12:46, filtration wrote:
> Gaijin:
>> On 2017-09-12 05:32, pixel fairy wrote:
>>> On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:
 given that appvms cant use 3d acceleration anyway, your best bet is intel 
 graphics. if your going to give a gpu to a vm, then it depends on the os 
 of that vm.

 last i checked, nvidia is fine with virtualization of quadro cards.

 make sure the workstation doesnt have AMT (vpro etc) as bussiness lines 
 tend to. you may be safer with what dell would otherwise sell as a 
 consumer desktop or gaming rig, minus the fancy graphics card unless your 
 going to use it. but, if thats a big part of your work, you may be better 
 off with linux + kvm or something else instead of qubes.
>>>
>>> damn nonlinear editing. that last sentence was supposed to go at the
>>> end of the first paragraph.
>>
>> Well, the good news is that enabling vPro on a Dell is an extra option
>> that you can select (costs $19), so I made sure that selection was off.
>> Thanks for the heads up.
>>
>> The newer Xeon chips in the E5 Series no longer include on-board
>> processor graphics, so Intel graphics isn't an option if I go this
>> route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
>> cores (10 vs. 4). There's generally a lot more I could do simultaneously
>> with this chip it seems looking at the specs.
>>
>> Researching through these forums and even the Qubes Docs there seems to
>> be a "stay away from nVidia" theme; That's why I was focusing on the AMD
>> graphics card option. Is nVidia Quadro a viable option?
>>
>> Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
>> I find that the very newest AMD FirePro graphics card I selected isn't
>> compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
>> 23 in dom0) So I dropped down to the older W5100 card and that seemed to
>> work for them.
>>
>> The graphics aren't really a big part of my work. I just want a box that
>> will be ready to run Qubes v4.
>>
> 
> Gaijin: Intel GPU is recommended, AMD are second best.
> 
> IIRC, Dom0 will be based on Fedora 25 in Qubes 4.0. Try checking AMD's
> site (https://support.amd.com/en-us/download) for compatibility reports,
> too.

Looking at the latest AMD FirePro drivers, they have versions that
support RHEL and CentOS, so in turn can I assume one of those might
support Fedora as well? They also seem to have a generic Linux driver
for older OS versions.

I do see a few AMD FirePro cards in the HCL that seem to be working, but
not the specific one I'm looking at, so that's somewhat encouraging...

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cacab804e80cbae717b779f5dc99681f%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: [qubes-announce] QSB #33: Xen hypervisor (XSA-231 through XSA-234)

[qubester]

--
Therefore, all the bugs in this bulletin affect
Qubes 3.2, and users should patch immediately.



Compromise Recovery


Starting with Qubes 3.2, we offer Paranoid Backup Restore Mode, which
was designed specifically to aid in the recovery of a (potentially)
compromised Qubes OS system. Thus, if you believe your system might have
been compromised (perhaps because of the bugs discussed in this
bulletin), then you should read and follow the procedure described here:

https://www.qubes-os.org/news/2017/04/26/qubes-compromise-recovery/

Patching
=

The specific packages that resolve the problems discussed in this
bulletin are as follows:

  For Qubes 3.2:
  - Xen packages, version 4.6.6-30

  For Qubes 4.0:
  - Xen packages, version 4.8.2-2

The packages are to be installed in dom0 via the Qubes VM Manager or via
the qubes-dom0-update command, as follows:

  For updates from the stable repository (not immediately available):
  $ sudo qubes-dom0-update

  For updates from the security-testing repository:
  $ sudo qubes-dom0-update --enablerepo=qubes-dom0-security-testing

A system restart will be required afterwards.

These packages will migrate from the security-testing repository to the
current (stable) repository over the next two weeks after being tested
by the community.


1)

So, for discussion do most folks "patch immediately"   or  "wait for 
stable" ??


2)
Guess, I need to start  studying  the  PBRM(above)   as I imagine I'll 
be on 3.2  for some time, maybe  till  it's no longer updated  if there 
is going to be NO GUI VM Manager  ever ??


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/cb1cb021-2d6c-338f-22f3-456081d668dc%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: [qubes-announce] QSB #33: Xen hypervisor (XSA-231 through XSA-234)

[yreb-qusw]

maybe could consider removing
"Occasionally fuckups happen,"   ..unless one is going for the 
unprofesional vulgarity crowd IMHO


2cents ,

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e5705dc3-9942-6349-32a7-764c01e83a1f%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] unable to start dvm

[Sven Semmler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 09/06/2017 04:53 PM, Sven Semmler wrote:
> The computer does have iommu, however dmesg reports error
> initializing iommuv2. All other AppVMs start and work.

At this point I am giving up assuming that my particular AMD processor
lacks a feature needed for disposable VMs. I got Qubes OS R3.2 running
fine on a DELL/Intel computer and will wait for the Qubes project to
announce compatible HW for R4 ...
https://www.qubes-os.org/news/2017/07/08/toward-a-reasonably-secure-lapt
op/

/Sven
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJZuD5sAAoJENpuFnuPVB+2GYwP/jRK0S8fymCOSjAQ8cBXbqq+
FCysCTWj9wyMn5XHDw1vkHe1ftLbnzabnUNB/fsQ4dvfmd8ogdwp0OaH4m4uu20N
utoM9NXR98a9P3CrRUFOfxSWvnj61hXHnkT/k9p53TD9jpfrsNgyV6XnoPGCdze6
M1vmj3OU2o5j21J8hYXyifsBqSCgwA3E6foLEYJOkqkBFmar5J0JvDbur35YfjfY
qNoB1OafbdhL029aM9XIrJluDd4QSR0ZUpYGytMgGV31Ip4xI/orU29NyDQ/omI4
+IRLvrvTARHC/yYsmz8VLTOBqjdmUHvcHywGFtjjEAdK1HBc1AJcG4GxlwsyG97O
Rrhv22M18En+XoMdYT7IHFL9BS05pXZji8JlGkPOzqsB8MLKX7BT42nlD3YmEj9U
ybUgrsfJ48f8jFYZR7OqS7dvqdlKgwyljPNZtocTSwqfDHMg7xs90xL8nC6WVdXW
X0WkhIxSmAzFqf2CXppauhjTbF27c4aHNOas0LMa7Jw/7LmHo5JmGpp+pSe0WkRJ
hCA2U7UBl/JhwIYz6dPshAQBgcQP/B/MIYoSV7U6fP16BwJsXpOaJMYLWJn3pqlZ
Hb6O/R/DYtfQ8/6noszB3QBY6OwMKPQkVOpx0f/8s2Px3vqmUWj5YuUEjFSJ5YrW
D2RkFwTS0gkfc+AIeyDV
=5gon
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/914b20b6-91fb-516a-cd84-acf5f542a3a5%40SvenSemmler.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Installing ssh / capturing dom0 output

[Sven Semmler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 09/06/2017 11:44 PM, taii...@gmx.com wrote:
> Just use another distro to do it, don't go to all that effort.

Yeah, after 5+ hours of trying to get this to work, I'll have to cut my
loses. While it might theoretically be possible to diagnose and correct
whatever issues this computer has ... it's just not worth it.

So when the time comes to buy HW for Qubes 4.0 next year, I'll be sure
to pick an Intel processor and Intel integrated graphics. I don't need
better graphics and more than that I don't need the struggle.

Thanks for offering to help though. I understand your position that
technically an AMD would be just as good. But out of the box it won't be
.

/Sven
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJZuDy8AAoJENpuFnuPVB+2rEIQAM7cnyyMETCYwT9aUh6wYSmc
TPS6i7j6uhNdqTxCZQ58rmmIoyIW/1i4JBc8x8MJ/VTogbeqfDBZeBEvIbM1I8H3
S53TLhYxOkn5R7cq2OSyRrsScsKYUDcF5vNPbYT5nJ34ffXv5suj5GGhQshq1U8m
YH7TEbQDFdlPq3UfDb3dW0I/S61rXyd55bFHgnZwvvvQL0/ApjQtx8mEcRuEO8bX
jzaQIYSBEsnnMQ85KZaF6KjsmfipgM8exzYDcoBrMX6yiA7byxvhd+t3c/EYC4MM
63BY0Fr/1AhvITOkRVfew4LDY7TbnRNR6khian1di/27cakNVNUgGEVPvGKoRymx
VKRhrr1DTdqjEhWm+qgwUzc11H8p07mST5BGx8rfg9cHrGYfL2YQCkcwVPLERHKs
6UY/Adu6XnJUHJUeOt8/oN1NNn0FfxV68gzJ3ddd9VwTQ16rUbdwRqkO1nUqoCtN
29uR3KvS3PfZ8K7yaikRyTEoCcnNHmLF8PUR+yqz1FtvxfI5xmdDUKJmzUKw6QTE
UNmk0oNTZT1qEfSFaEGZClhGwLO+NSgxSS/SWAuXL4BlW98H0r1fjhdOEB+Rv4+a
1XAmO8s7gZ2qdeJxiQnGcKPFqn1JsNBgIfLuPcqEMpG0MSNKtqD69/nVKalNbAEl
kVVuaH7uy8R8i3lETCRZ
=cMt5
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/47832067-8de8-cce4-c393-3b016c5633f2%40SvenSemmler.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: QSB #33: Xen hypervisor (XSA-231 through XSA-234)

[Lorenzo Lamas]

Is it necessary to install corresponding Xen packages in TemplateVM's from the 
security-testing repository for VM's?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/91f0b86a-eb1d-4a5f-ab89-750d03d4d0df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] HCL - Dell Optiplex 990

[Steve Coleman]

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/040877a1-0135-74ef-87d9-267a4eafd031%40jhuapl.edu.
For more options, visit https://groups.google.com/d/optout.


Qubes-HCL-Dell_Inc_-OptiPlex_990-20170912-120207.cpio.gz
Description: application/gzip


Qubes-HCL-Dell_Inc_-OptiPlex_990-20170912-120207.yml
Description: application/yaml

Re: [qubes-users] Using UNISON between VMs... Is that possible?

[Sven Semmler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 09/12/2017 02:15 AM, segu.sa...@gmail.com wrote:
> I have a script that uses UNISON [...] The idea is to sync files 
> between two virtual machines that have no visibility between them.

Can you be more specific? Will those two VMs have network connections?
Are you planning to continue using UNISON? Must the script run fully
automatically or is some limited user interaction ok? (scheduled or
manual run)

> Has anyone faced this problem or imagined a solution for this?

* you can use qvm-copy-to-vm to copy file(s) from one VM to another,
whoever it won't give you synchronization ... if the sender had
visibility of the file system of the receiver, it would defeat the
entire purpose of Qubes OS (compartmentalization).

* you can mount a USB block device to VM 1 and run your script to sync
between VM 1 and a folder structure on the USB block device, then you
could unmount and mount the same to VM 2 and now run your script again
to sync with VM 2

* you could allow network for both VMs via sys-firewall and setup
firewall rules that would ensure that the only connection between the to
VMs is the one for UNISON (e.g. unison -socket 1234). You can lookup the
internal IP addresses of the VMs in the Qubes Manager.

Finally, I would recommend to take a step back and question your setup.
How much thought have you put into your domain compartmentalization? Is
it really necessary to sync between the two VMs? What is the purpose of
having the same files in two VMs that are isolated from each other?

/Sven
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJZuA6YAAoJENpuFnuPVB+2VkwP/0mWxWFlBKQtsfUp25rw7a9y
eiNsgIzzmWUgMAkFY6yFryVFUtmwCMOW48w9unx9FIUpOpboHSDrGW84N2yaqjyV
KzwFPhhaJbV/i7/1CyHzHzkhctgpipHfz5c0G4PFdpchSbgepaOfEjTQv5sv0p5X
swFxx3f7OA162rZRZqjSJ3KKvrkHzVLJuU2moRJvwg/+LMAtjtlsRGmG1wBsyBDy
LF94GMlKD+mMbGB5TQmAU2Svxq3ym0yKzjvwzzFbNc3RSASJROlFOvEtqSVwWioH
t6RicdD2DW0WnohVrbYLrj55oIhwDvRFfvBVqYr+Bbw9uD+lh16GHX6eALEm0yww
wZP4Xtk2id+giDkj9agSv+aLCoAQpxp0lg2Vrtj9LT/3rJWMRP2GPIirqVFLXONX
HmEC0iozlvG/OltQnuD+VQvX2yYdT84FgxKqGEtNhnRNs45RwDhkVqIXwifzSbIu
KRYRap6W9FNbpcEBoq4jBmotnOkECOdqi7qSCvzjlrBQNAHrSXZyY2SZaD731hir
UApJnm4Bo8yJE7O12P6IvA0335ins0eNk6IuWVTlYuN+ymIqwfitYqOd7HWE/Zzu
WXBwT3QzI9Br2R3D0dJR6+LoEQLmt/OXAhqG5wsFhKF6kd/SGTFpWseCoypjsZKB
bk3DM/YPjTAvWOLtkfOp
=L7c+
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/edab4168-df00-5037-7741-7f9879303e2b%40SvenSemmler.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Best options for a 4.x compatible Dell workstation

[filtrationisuseless]

taii...@gmx.com:
> On 09/12/2017 08:46 AM, filtration wrote:
> 
>> Gaijin: Intel GPU is recommended, AMD are second best.
> Why do you state that?

Intel is the best supported. This is documented all over Qubes' docs.
AMD does a pretty good job offering drivers. Nvidia has a bad reputation
among Linux users.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e4a57a39-59ac-5e6f-32fd-bd15c5dfdc04%40posteo.de.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] QSB #33: Xen hypervisor (XSA-231 through XSA-234)

[Andrew David Wong]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear Qubes Community,

We have just published Qubes Security Bulletin (QSB) #33: Xen hypervisor
(XSA-231 through XSA-234). The text of this QSB is reproduced below.
This QSB and its accompanying signatures will always be available in the
Qubes Security Pack (qubes-secpack).

View QSB #33 in the qubes-secpack:



Learn about the qubes-secpack, including how to obtain, verify, and read it:



View all past QSBs:



View XSA-231 through XSA-234 in the XSA Tracker:



```


 ---===[ Qubes Security Bulletin #33 ]===---

 September 12, 2017


   Xen hypervisor (XSA-231 through XSA-234)

Summary


The Xen Security Team released several Xen Security Advisories today
(XSA-231 through XSA-234). The impact of these advisories ranges from
system crashes to privilege escalations. See our commentary below for
details.

Technical details
==

Xen Security Advisory 231 [1]:

| The function `alloc_heap_pages` allows callers to specify the first
| NUMA node that should be used for allocations through the `memflags`
| parameter; the node is extracted using the `MEMF_get_node` macro.
| 
| While the function checks to see if the special constant
| `NUMA_NO_NODE` is specified, it otherwise does not handle the case
| where `node >= MAX_NUMNODES`.  This allows an out-of-bounds access
| to an internal array.
| 
| An attacker using crafted hypercalls can execute arbitrary code within
| Xen.

Xen Security Advisory 232 [2]:

| The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant
| table operations. It checks to see if the calling domain is the owner
| of the page that is to be operated on. If it is not, the owner's grant
| table is checked to see if a grant mapping to the calling domain
| exists for the page in question.
| 
| However, the function does not check to see if the owning domain
| actually has a grant table or not. Some special domains, such as
| `DOMID_XEN`, `DOMID_IO` and `DOMID_COW` are created without grant
| tables. Hence, if __gnttab_cache_flush operates on a page owned by
| these special domains, it will attempt to dereference a null pointer
| in the domain struct.
| 
| The guest can get Xen to dereference a NULL pointer.
| 
| For ARM guests, and x86 HVM guests, and x86 PV guests on systems with
| SMAP enabled, this will cause a host crash (denial-of-service).
| 
| For x86 PV guests on systems without SMAP enabled, an attacker can map
| a crafted grant structure at virtual address 0.  This can be leveraged
| to increment an arbitrary virtual address, which can then probably be
| leveraged into a full privilege escalation.

Xen Security Advisory 234 [4]:

| When removing or replacing a grant mapping, the x86 PV specific path
| needs to make sure page table entries remain in sync with other
| accounting done.  Although the identity of the page frame was
| validated correctly, neither the presence of the mapping nor page
| writability were taken into account.
| 
| A malicious or buggy x86 PV guest could escalate its privileges or
| crash the hypervisor.

The Xen Security Team also released Xen Security Advisory 233 [3], with
only DoS impact:

| When shutting down a VM with a stubdomain, a race in cxenstored may
| cause a double-free.
| 
| The xenstored daemon may crash, resulting in a DoS of any parts of the
| system relying on it (including domain creation / destruction,
| ballooning, device changes, etc).


Commentary from the Qubes Security Team


This batch of Xen security advisories reassures us in our decision to
abandon default para-virtualization (PV) in Qubes 4.0. Indeed, only
one of the potential privilege-escalation bugs discussed in this
advisory affects non-PV virtualization: XSA-231. This bug is a prime
example of the common problems associated with expanding the codebase
in order to implement "exotic" functionality (in this case, NUMA
support). While the Xen Project has made some progress recently in
allowing extra features to be disabled at compile time, the code for
NUMA support could not easily be deactivated, which is the reason for
the inclusion of this bug in today's advisory.

While the departure from para-virtualization (PV) in Qubes 4.0 will
obviate many such vulnerabilities in the future, please note that
Qubes 3.2 (the current, stable version of Qubes) still uses PV mode
for most of the VMs. Therefore, all the bugs in this bulletin affect
Qubes 3.2, and users should patch immediately.

Compromise Recovery


Starting with Qubes 3.2, we offer Paranoid Backup Restore Mode, which
was designed specifically to aid in the recovery of a (potentially)
compromised Qubes OS system. Thus, if you believe your 

[qubes-users] Complete translation of Qubes OS

['Axel Schwoerer' via qubes-users]

Hello all.
Yesterday, I've switch the language of Qubes OS in french, and it almost 
works.In fact, for Fedora, default application, and application that I 
downloaded are in french, and when I create a new VM with Fedora template, it's 
translated in french so no problem, it's ok.
But it doesn't work for Debian template.
When I download an application in Debian template, it's in french but default 
application are still in english, same for folders name.So now, what should I 
do?
To switch the language, I downloaded gnome-control-center and I put french as 
default language.I hope I was understandable.
Cordially.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/58332006.670807.1505222921334%40mail.yahoo.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Best options for a 4.x compatible Dell workstation

[taii...@gmx.com]

On 09/12/2017 01:31 AM, pixel fairy wrote:


last i checked, nvidia is fine with virtualization of quadro cards.
You shouldn't support a company that artificially hobbles their 
"consumer" drivers, not only refuses to develop open source drivers but 
puts in the extra effort to slow down the nouveau project and adds 
hardware enforced code signing to prevent firmware modifications.

make sure the workstation doesnt have AMT (vpro etc) as bussiness lines tend 
to. you may be safer with what dell would otherwise sell as a consumer desktop 
or gaming rig, minus the fancy graphics card unless your going to use it. but, 
if thats a big part of your work, you may be better off with linux + kvm or 
something else instead of qubes.

AMT/vPro is simply an addon to ME - setting it to disabled or not 
configuring it is the same as not having it at all - either way you have 
ME and all it's wonderful security problems.


A certain company has brainwashed people in to believing a system 
without a vPro license is secure from ME attacks, it isn't - there 
literally isn't any difference at all.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/53c86f69-6261-17d4-1990-d5c473f25cb6%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Best options for a 4.x compatible Dell workstation

[taii...@gmx.com]

On 09/12/2017 08:46 AM, filtration wrote:


Gaijin: Intel GPU is recommended, AMD are second best.

Why do you state that?

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7a4926fb-2aed-a499-82bd-b9cd455440b6%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: Best options for a 4.x compatible Dell workstation

[filtration]

Gaijin:
> On 2017-09-12 05:32, pixel fairy wrote:
>> On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:
>>> given that appvms cant use 3d acceleration anyway, your best bet is intel 
>>> graphics. if your going to give a gpu to a vm, then it depends on the os of 
>>> that vm.
>>>
>>> last i checked, nvidia is fine with virtualization of quadro cards.
>>>
>>> make sure the workstation doesnt have AMT (vpro etc) as bussiness lines 
>>> tend to. you may be safer with what dell would otherwise sell as a consumer 
>>> desktop or gaming rig, minus the fancy graphics card unless your going to 
>>> use it. but, if thats a big part of your work, you may be better off with 
>>> linux + kvm or something else instead of qubes.
>>
>> damn nonlinear editing. that last sentence was supposed to go at the
>> end of the first paragraph.
> 
> Well, the good news is that enabling vPro on a Dell is an extra option
> that you can select (costs $19), so I made sure that selection was off.
> Thanks for the heads up.
> 
> The newer Xeon chips in the E5 Series no longer include on-board
> processor graphics, so Intel graphics isn't an option if I go this
> route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
> cores (10 vs. 4). There's generally a lot more I could do simultaneously
> with this chip it seems looking at the specs.
> 
> Researching through these forums and even the Qubes Docs there seems to
> be a "stay away from nVidia" theme; That's why I was focusing on the AMD
> graphics card option. Is nVidia Quadro a viable option?
> 
> Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
> I find that the very newest AMD FirePro graphics card I selected isn't
> compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
> 23 in dom0) So I dropped down to the older W5100 card and that seemed to
> work for them.
> 
> The graphics aren't really a big part of my work. I just want a box that
> will be ready to run Qubes v4. 
> 
Gaijin: Intel GPU is recommended, AMD are second best.

IIRC, Dom0 will be based on Fedora 25 in Qubes 4.0. Try checking AMD's
site (https://support.amd.com/en-us/download) for compatibility reports,
too.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/op8l2q%24nh%242%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: Best options for a 4.x compatible Dell workstation

[filtration]

Gaijin:
> On 2017-09-12 05:32, pixel fairy wrote:
>> On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:
>>> given that appvms cant use 3d acceleration anyway, your best bet is intel 
>>> graphics. if your going to give a gpu to a vm, then it depends on the os of 
>>> that vm.
>>>
>>> last i checked, nvidia is fine with virtualization of quadro cards.
>>>
>>> make sure the workstation doesnt have AMT (vpro etc) as bussiness lines 
>>> tend to. you may be safer with what dell would otherwise sell as a consumer 
>>> desktop or gaming rig, minus the fancy graphics card unless your going to 
>>> use it. but, if thats a big part of your work, you may be better off with 
>>> linux + kvm or something else instead of qubes.
>>
>> damn nonlinear editing. that last sentence was supposed to go at the
>> end of the first paragraph.
> 
> Well, the good news is that enabling vPro on a Dell is an extra option
> that you can select (costs $19), so I made sure that selection was off.
> Thanks for the heads up.
> 
> The newer Xeon chips in the E5 Series no longer include on-board
> processor graphics, so Intel graphics isn't an option if I go this
> route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
> cores (10 vs. 4). There's generally a lot more I could do simultaneously
> with this chip it seems looking at the specs.
> 
> Researching through these forums and even the Qubes Docs there seems to
> be a "stay away from nVidia" theme; That's why I was focusing on the AMD
> graphics card option. Is nVidia Quadro a viable option?
> 
> Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
> I find that the very newest AMD FirePro graphics card I selected isn't
> compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
> 23 in dom0) So I dropped down to the older W5100 card and that seemed to
> work for them.
> 
> The graphics aren't really a big part of my work. I just want a box that
> will be ready to run Qubes v4. 
> 

Gaijin: Intel GPU is recommended, AMD are second best.

IIRC, Dom0 will be based on Fedora 25 in Qubes 4.0. Try checking AMD's
site (https://support.amd.com/en-us/download) for compatibility reports,
too.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/550fc8e6-c049-132e-758e-4e403d3d697b%40posteo.de.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: VM Languages

[Franz]

On Tue, Sep 12, 2017 at 9:02 AM, Axel Schwoerer  wrote:

> I don't understand, I just send a mail at you.
> Well I made some tests.
> It's just with the Debian 8 template the problem.
> When I create an other VM with a Fedora template, I got the applications
> that I downloaded in french, and the pre installed app in french too.
> But with the Debian 8 template, I just had the installed app in french,
> but not the pre installed app in french.
> Do you have an other solution?
>
> Reguards
>
>
This is not a personal relation. It is a mailing list. You should "reply to
all" to keep informed alla participants.

Also you should not start new emails, you should add new content at the
bottom of previous emails. So a third party that reads it can read it in
order. Understand?

Try to remove the preinstalled applications and install them again
Best

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAPzH-qB_L%3DKERDr0ieaTfHoS1Psdj%3DvoL0FJXWmOvmJw3q_K3w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Best options for a 4.x compatible Dell workstation

[Gaijin]

On 2017-09-12 05:32, pixel fairy wrote:
> On Monday, September 11, 2017 at 10:31:56 PM UTC-7, pixel fairy wrote:
>> given that appvms cant use 3d acceleration anyway, your best bet is intel 
>> graphics. if your going to give a gpu to a vm, then it depends on the os of 
>> that vm.
>>
>> last i checked, nvidia is fine with virtualization of quadro cards.
>>
>> make sure the workstation doesnt have AMT (vpro etc) as bussiness lines tend 
>> to. you may be safer with what dell would otherwise sell as a consumer 
>> desktop or gaming rig, minus the fancy graphics card unless your going to 
>> use it. but, if thats a big part of your work, you may be better off with 
>> linux + kvm or something else instead of qubes.
> 
> damn nonlinear editing. that last sentence was supposed to go at the
> end of the first paragraph.

Well, the good news is that enabling vPro on a Dell is an extra option
that you can select (costs $19), so I made sure that selection was off.
Thanks for the heads up.

The newer Xeon chips in the E5 Series no longer include on-board
processor graphics, so Intel graphics isn't an option if I go this
route. They can handle a lot more RAM (1.2TB vs. 64GB) and have more
cores (10 vs. 4). There's generally a lot more I could do simultaneously
with this chip it seems looking at the specs.

Researching through these forums and even the Qubes Docs there seems to
be a "stay away from nVidia" theme; That's why I was focusing on the AMD
graphics card option. Is nVidia Quadro a viable option?

Using the Dell configurator, and plugging in RedHat Linux 7.2 as the OS
I find that the very newest AMD FirePro graphics card I selected isn't
compatible. (I'm assuming RHEL 7.2 is a roughly equivalent to the Fedora
23 in dom0) So I dropped down to the older W5100 card and that seemed to
work for them.

The graphics aren't really a big part of my work. I just want a box that
will be ready to run Qubes v4. 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/47474469fc53f6c87fec3a43c44b9863%40riseup.net.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Using UNISON between VMs... Is that possible?

[segu . santi]

Hi!

I have a script that uses UNISON software on Linux to sync files between 
folders in a secure way running clamav antivirus every time there's a file 
change that needs to be synced. Obviously, this script works like a charm on 
standard Linux OS's, but I can't come up with a solution on Qubes. The idea is 
to sync files between two virtual machines that have no visibility between 
them. I've searched the Qubes OS docs and the most similar things I have seen 
are these two commands:

1) https://www.qubes-os.org/doc/copying-files/

2) https://www.qubes-os.org/doc/copy-from-dom0/

I can't manage to integrate those commands into my script. Has anyone faced 
this problem or imagined a solution for this?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/005f5c9a-b4ab-459d-b07f-7653fd21e975%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.