[qubes-users] Re: dd command to creat an .iso from the win7 cdrom please reference
I did qvm-start win7 --install-windows-tools --custom-config=/tmp/win7.conf then qvm-start win7worked fine , but . -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/db05e6236baae988e2f05a09a78601e7%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: dd command to creat an .iso from the win7 cdrom please reference
btw, what behaviour do I expect if windows-tools are probably installed? I've no idea, e.g. how does one increase the screen size or is there a plain english version of what windows-tool does ? probably another newb question -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/194c748075aad35e3c3b137c58e70339%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to deal with Yubikey ?
Le jeudi 1 février 2018 18:01:21 UTC+2, awokd a écrit : > On Thu, February 1, 2018 3:46 pm, ThierryIT wrote: > > What am I doing wrong ? > > > > > > I have a Yubikey4 U2F + CCID. > > Not detected with "qvm-block" > > Detected as sys-usb:4-2 by dom0 (qvm-usb). > > > > > > I have tried: > > > > > > - qvm-device usb attach vm_name sys-usb:4-2 (device attached failed) > > - qvm-device block attach vm_name sys-usb:4-2 (backend vm 'sys-usb' > > doesn't expose device 4-2) > > Another poster said these aren't block devices, so don't try to use those > commands on it. > > "qvm-device usb attach vm_name sys-usb:4-2" should work. What does > "qvm-usb attach vm_name sys-usb:4-2" do? > > If it's the same error, did you install qubes-usb-proxy in your templates? > See https://www.qubes-os.org/doc/usb/. I have installed "qubes-usb-proxy" on my StandaloneVM. -> qvm-usb l : sys-usb:4-2 Yubico_Yubikey_4_U2F+CCID -> qvm-device usb attach vm-name sys-usb:4-2 : Device attach failed: No device info received, connection failed, check backend side for details -> same things -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c68b7b91-d055-4baf-9a0f-0c86f98c5163%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: dd command to creat an .iso from the win7 cdrom please reference
nevermind . :) seems to be up and running with cirrus driver https://support.hidemyass.com/hc/en-us/articles/202723596-How-to-disable-Driver-Signing-check-on-Windows re:bcedit -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/99954a6502842b7ab7dfacd73d2e%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes R4.0rc4 - qvm-create's option --root-copy-from -> qubesd protocol error
Mea culpa and apologies to all: the properties for "--class" or "--c" are case sensitive. Substituting 'StandaloneVM' for 'standalonevm' fixed the problem. Thanks, Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/82af27d5-44fb-40f2-9e21-dee29b4f320b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Qubes R4.0rc4 - qvm-create's option --root-copy-from -> qubesd protocol error
Hi folks, Installed Qubes R4.0rc3, updated dom0/templates. Added the testing repository, updated dom0/templates so I am now at R4.0rc4 (qubes manager returns, huzzah!). The problem is that I am trying to import a raw root.img file (converted from vmdk using qemu tools) while creating a new StandaloneVM from microsoft's Edge on Win10 OVA file for browser testing. I am receiving an error in qubesd when calling qvm-create in dom0. I invoke (with or without the --property kernel='' option): sudo qvm-create win10 --class standalone --property kernel='' --root-copy-from /home/qubes-user/root.img --label green The error is: app: Error creating VM: Got empty response from qubesd. See journalctl in dom0 for details. I ran journalctl -r and this is the head (of the tail, so reverse order, looks like the important bit is 'protocol error'): Feb 02 00:39:45 dom0 kernel: audit: type=1104 audit(1517549985.662:245): pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostna me=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 kernel: audit: type=1106 audit(1517549985.661:244): pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam _systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 audit[28073]: CRED_DISP pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pt s/0 res=success' Feb 02 00:39:45 dom0 audit[28073]: USER_END pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 sudo[28073]: pam_unix(sudo:session): session closed for user root Feb 02 00:39:45 dom0 qubesd[11075]: protocol error for call b'admin.vm.Create.standalonevm'+b'' (b'dom0' → b'dom0') with payload of 22 bytes Feb 02 00:39:45 dom0 sudo[28073]: pam_unix(sudo:session): session opened for user root by (uid=0) Feb 02 00:39:45 dom0 kernel: audit: type=1105 audit(1517549985.520:243): pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_ systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 audit[28073]: USER_START pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root " exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 sudo[28073]: pam_systemd(sudo:session): Cannot create session: Already running in a session Feb 02 00:39:45 dom0 audit[28073]: CRED_REFR pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pt s/0 res=success' Feb 02 00:39:45 dom0 audit[28073]: USER_CMD pid=28073 uid=1000 auid=1000 ses=2 msg='cwd="/home/qubes-user" cmd=71766D2D6372656174652077696E3130202D2D636C617373207374616E64616C6F6E65766D202D 2D70726F7065727479206B65726E656C3D202D2D726F6F742D636F70792D66726F6D202F686F6D652F71756265732D757365722F726F6F742E696D67202D2D6C6162656C20677265656E terminal=pts/0 res=success' Feb 02 00:39:45 dom0 kernel: audit: type=1110 audit(1517549985.514:242): pid=28073 uid=0 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostna me=? addr=? terminal=/dev/pts/0 res=success' Feb 02 00:39:45 dom0 kernel: audit: type=1123 audit(1517549985.514:241): pid=28073 uid=1000 auid=1000 ses=2 msg='cwd="/home/qubes-user" cmd=71766D2D6372656174652077696E3130202D2D636C6173732 07374616E64616C6F6E65766D202D2D70726F7065727479206B65726E656C3D202D2D726F6F742D636F70792D66726F6D202F686F6D652F71756265732D757365722F726F6F742E696D67202D2D6C6162656C20677265656E terminal=pt s/0 res=success' Feb 02 00:39:45 dom0 sudo[28073]: qubes-user : TTY=pts/0 ; PWD=/home/qubes-user ; USER=root ; COMMAND=/bin/qvm-create win10 --class standalonevm --property kernel= --root-copy-from /home/qubes-user/root.img --label green Thanks, Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/66355c46-e136-4cc9-9914-6230b2487563%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes / Github bugs track ??
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2018-02-01 02:22, Nope wrote: > The problem, as Ivan pointed out, is that our issue tracker would > be cluttered with open reports in which the issue is probably > fixed, but we're waiting for the reporter to confirm that it's > fixed. > > -> cluttered with open reports: yes you are right, in this case, > can you through Github, to close automatically tickets after "3 > days" if no answer ? Possible, but harder to manage. AFAIK, there's no way to automatically close after three days, so we would have to remember to do this for every issue, which would be a lot of extra overhead. If we could automate this, though, it could be a nice system. > -> not true, my ticket has been closed before my "report". > By "report" I mean the original report when you first open the issue. In this sense, it's not possible for an issue to be closed before your report, because the issue doesn't exist before your report (and an issue that doesn't exist can't be closed). > Instead, if you find that your issue was closed without being > fixed, you should simply say so in a comment on that issue. You > could simply say, "This is still happening. Please re-open." > > -> ok for me > > Whatever you do, don't create a new issue when you know it's a > duplicate of the old one! That causes confusion and creates extra > work, which takes time away from working on the actual problem. > > -> agree > > I don't want to bother the team. Just my two pences. > > Thx > - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpz6g8ACgkQ203TvDlQ MDAPHQ//VdRGk7KsYNdW365UOtJxBWugwemuxZfRV/V0sjungv4iU0ws5PbHDo36 QH1FF3AE0TrLdWODxQxm0D3ckSlPPg1aY2wvPrJqM6Z7+TNIBK+eaLXtDa34HVI7 7o4dCMXKxnHleE1B4KC9hxi6bibV48Wa8piGyODWQbdWGT+dLal6mPPHDSRVywOZ PL5CgrM9lqX3w7tjbM9Ez5kpzqtRUifYwGJfnlfhXEM75ECuzAnG2heptL9huZAS 3o/yBoCGBOZj9yE3SEXzb5olPK1QRiN1He2EFTcPw94mOj+LTQzShOFGdSB1TTgh Qglccba9txHn1Oj/fJiH4w3cg7eXCjRhV7CHT7747pnc4lTqIuEzHtscjK4oB2va FcJ2QRTdtQgpp+JV+EEf/OZm47V9PPsw4jdBCkiQK+yj6smB3TfLznVaATXiAa7a qXyjb1HK7tGpQioLldEZo2A3IC1wv4y/zdVaPcf7lNduaSsHgmO0a+1StrVgHgS7 GgQS08qRD9RIuTT37V3+Oh5xGSPYIv5kYwHfExhC0HpfVpVo/Tmd1oreHyh44KRP Dyc32fwYI6062M7AFZ7WsFYPQ/6rq7A8ajYrGPfpwQmVoCvuYAmGN0eE90kvsgGd rr9tet4PdmFpQQ/ZZ1GQPaqbdV9MCJtKuS+ql8UquyKkaaCYb34= =f/OK -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/778d8609-ac15-60e3-829d-ea787c047783%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Install software inside dom0
did you try to prepend the command with 'sudo'? -- - IMPORTANT NOTICE: The information in this email is confidential and may also be privileged. If you are not the intended recipient, any use or dissemination of the information and any disclosure or copying of this email is unauthorised and strictly prohibited. If you have received this email in error, please promptly inform us by reply email or telephone. You should also delete this email and destroy any hard copies produced. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6e397045-1d30-4df8-9771-165ff30a3e0b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Install software inside dom0
On Tuesday, August 22, 2017 at 3:03:56 PM UTC-6, Gecko wrote: > It didn't let me do the gparted install. I have since given up. I have > decided to wipe the qubes os partition, go back to windows, connect another > computer using ethernet, backup my files, then wipe the hard drive, and maybe > try to install qubes again. > > There seems to be too many issues with qubes. I'm doubting whether it's worth > the effort. Maybe a live CD + Encrypted USB will perform just as good. A lot > easier to manage and copy files etc. > > Thank you for trying to help though. Maybe I should look for an OS that > doesn't use your graphics card as a paper weight. did you try to prepend the command with 'sudo'? -- - IMPORTANT NOTICE: The information in this email is confidential and may also be privileged. If you are not the intended recipient, any use or dissemination of the information and any disclosure or copying of this email is unauthorised and strictly prohibited. If you have received this email in error, please promptly inform us by reply email or telephone. You should also delete this email and destroy any hard copies produced. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d54caeb4-5492-4c01-8aa5-2674051b08d8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Slow network speed outside netvm
Can you try if you get better throughput between a proxy vm and an appvm using this kind of topology? sys-net <-> iperf-srv (proxyvm) <-> iperf-cli (appvm) I could push ~10Gbps with one flow and slightly more with more parallel flows between them. But between sys-net and iperf-srv vms I've a lower cap like you for some reason. I also tried to use similar parameter for the kernel too but 10Gbps result was still achievable. -- i. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/alpine.DEB.2.20.1802012359200.6266%40whs-18.cs.helsinki.fi. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes and Whonix now have next-generation Tor onion services!
On Thu, February 1, 2018 7:53 pm, alexclay...@gmail.com wrote: > I see on the Whonix website that's linked to it simply says: > > > "To access the v3 onion address, Whonix users must install the latest Tor > 3.2.9 client in Whonix-Gateway ( sys-whonix ) via the > stable-proposed-updates repository." > > Any idea the commands to do this from the terminal for the whonix-gw vm? > I've edited the Torrc file before but that's the extent of anything I've > ever done with Whonix. Seems to be out of proposed and in stable now, so all you should have to do is update your whonix-gw and whonix-ws templates as usual. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/37fe19c963ba44264684a822c9501e19.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes and Whonix now have next-generation Tor onion services!
I see on the Whonix website that's linked to it simply says: "To access the v3 onion address, Whonix users must install the latest Tor 3.2.9 client in Whonix-Gateway ( sys-whonix ) via the stable-proposed-updates repository." Any idea the commands to do this from the terminal for the whonix-gw vm? I've edited the Torrc file before but that's the extent of anything I've ever done with Whonix. Thanks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3c850507-d8cb-4f95-908c-705018dc30c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes OS 4.0-rc4 has been released!
On Thu, Feb 01, 2018 at 09:58:34AM -0800, alexclay...@gmail.com wrote: > Are there plans for the final 4.0 release to have a direct upgrade path from > 3.2? Or do we just backup all of our VMs, fresh install 4.0, then restore our > VMs? the latter. -- cheers, Holger -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180201182136.l7fapchpgkm6sfaj%40layer-acht.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature
Re: [qubes-users] Re: Qubes OS screensharing
On February 1, 2018 6:42:08 PM GMT+01:00, Dave Cwrote: >Indeed, I stand corrected. This point could apply to a restrictive >firewall, but the VM would need to network with the local VM running >vncserver. BTW, you could also pipe the network communication through qrexec. This could be more secure than restrictive firewall. >I can imagine opening a terminal in the VM running vncserver and the >window manager. Could attacker open a terminal in other vm that has >opened some application in that display? (Application that is not a >terminal, I mean. I do see how an attacker could use any application >shown in the display.) It depends on what application you mean. I can see how a webbrowser can be used as a gadget to open terminal and some other applications (e.g., Libreoffice) can be used to open webbrowser. (And maybe LibreOffice supports macros or something similar, so attacker does not need to browser/terminal. Also, a text editor like Geany can be abused for editing files like .bashrc. I am not sure about generic applications with no such option of saving files and opening them in some apps. I remember statements that X11 is not designed for isolation and some those statements look like this is possible generally by design. I was able to neither confirm nor deny it in a short time. Regards, Vít Šesták 'v6ak' Maybe top-posting is bad. However, quoting whole message (including quotes of quotes and quotes of quotes of quotes etc.) before your message is even worse. Please don't let others scroll extensively. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0254EE1B-EC02-453F-BC96-A9D7218CFBA9%40v6ak.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] after update no VM 'starts' apps anymore.
On Tue, January 30, 2018 1:51 am, awokd wrote: > On Tue, January 30, 2018 12:05 am, 'Tom Zander' via qubes-users wrote: > >> Is this a known issue? >> >> >> >> I can start a VM using qvm-start, but when I use qvm-run nothing >> happens, it hangs forever. Even commands that don't need a X server. For >> any qube of the various OSs I run. > > qvm-run works on both powered on and off VMs on my 4.0 on testing repo. > qvm-run works on powered on (only) VMs on my 3.2 stable. I ran into an odd issue trying to update today when dom0 was on testing but whonix-gw was on current. $releasever wasn't getting replaced with the version number so qubes-dom0-update was trying to pull from "%36releasever" subdirectory. Switching whonix-gw to testing and updating first resolved it. Were your templates and dom0 using the same repository or mixed? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9179a3664026a7d2bfa6958537c29b61.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes OS 4.0-rc4 has been released!
Are there plans for the final 4.0 release to have a direct upgrade path from 3.2? Or do we just backup all of our VMs, fresh install 4.0, then restore our VMs? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/baf66cf3-35fc-43fa-bc12-d9ceef09c9c3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes OS screensharing
On Sunday, January 28, 2018 at 12:24:08 PM UTC-8, Vít Šesták wrote: > On January 27, 2018 7:57:02 AM GMT+01:00, Dave C wrote: > >* VMs that can't access the conference site (i.e. bluejeans.com) or > >can't access the net at all > > How can a VM without network access open a window in the X11 accessible from > network? Indeed, I stand corrected. This point could apply to a restrictive firewall, but the VM would need to network with the local VM running vncserver. [snip] > > >My approach lowers security while screensharing. But the rest of the > >time, not screensharing, the VMs are running with normal firewall > >settings. > > It is likely that a VM can infect any other of the VMs (or the screensharing > VM). There are multiple potential ways to do so: > > a. Exploit some vulnerability in X11 protocol implementation. > b. Open a terminal (if not already opened) and type a command. This is > possible, because any client can inject any input events to other client. I can imagine opening a terminal in the VM running vncserver and the window manager. Could attacker open a terminal in other vm that has opened some application in that display? (Application that is not a terminal, I mean. I do see how an attacker could use any application shown in the display.) > c. Download some file using webbrowser and run/install it (e.g., using some > packaging system). > d. I remember I have read that X11 effectively provides no isolation between > apps and I had an impression that any app can by design even run some code in > another client. However, don't take this point as verified unless you verify > it from some other source. You make some great points. Thanks. I'm re-thinking my approach. -Dave > > Regards, > Vít Šesták 'v6ak' > > General note: Maybe top-posting is bad. However, quoting whole message > (including quotes of quotes and quotes of quotes of quotes etc.) before your > message is even worse. Please don't let others scroll extensively. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/777001bc-545b-419f-ab74-c1b160e1b48a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Is a legacy BIOS preferable to UEFI for a secure system?
Is legacy BIOs still preferred and likely compatible with 4.0 when final? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/40f6953b-3c11-42a7-914b-ac46970de69c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes update to fedora 26 but dnf still using fedora 23 repo
When you say upgraded did you install a fresh fedora 26 template? https://www.qubes-os.org/news/2018/01/06/fedora-26-upgrade/ I think the advice is not to "upgrade" from fedora 23 but to install a fresh template. Not sure thats your issue...if not I am not sure how to correct. Qubes rocks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/19548009-a582-49d6-9838-eb35fdcebeac%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] noscript xss warning on qubes os site
I got it in Fedora 26 appVM as well but the website was fedora.org. I am using 3.2... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ab192c78-be63-4109-9187-47af9c5a0eee%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to deal with Yubikey ?
On Thu, February 1, 2018 3:46 pm, ThierryIT wrote: > What am I doing wrong ? > > > I have a Yubikey4 U2F + CCID. > Not detected with "qvm-block" > Detected as sys-usb:4-2 by dom0 (qvm-usb). > > > I have tried: > > > - qvm-device usb attach vm_name sys-usb:4-2 (device attached failed) > - qvm-device block attach vm_name sys-usb:4-2 (backend vm 'sys-usb' > doesn't expose device 4-2) Another poster said these aren't block devices, so don't try to use those commands on it. "qvm-device usb attach vm_name sys-usb:4-2" should work. What does "qvm-usb attach vm_name sys-usb:4-2" do? If it's the same error, did you install qubes-usb-proxy in your templates? See https://www.qubes-os.org/doc/usb/. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c1c03258b0d8c328fff7a3550edb84fe.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to deal with Yubikey ?
What am I doing wrong ? I have a Yubikey4 U2F + CCID. Not detected with "qvm-block" Detected as sys-usb:4-2 by dom0 (qvm-usb). I have tried: - qvm-device usb attach vm_name sys-usb:4-2 (device attached failed) - qvm-device block attach vm_name sys-usb:4-2 (backend vm 'sys-usb' doesn't expose device 4-2) ... Lost I am :) Le jeudi 1 février 2018 13:28:59 UTC+2, awokd a écrit : > On Thu, February 1, 2018 8:58 am, ThierryIT wrote: > > If I did understood well, when using Qubes 4.0r3, there is no sys-usb ... > > If you chose not to set one up on install there wouldn't be, but usually > you should unless using a usb keyboard maybe. You can still add one now; > check the docs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a3023cda-4c12-4c74-9e2b-88c55e7d6bad%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Running Windows from Qubes VM ?
On Saturday, January 13, 2018 at 9:24:49 AM UTC+1, msg...@gmail.com wrote: > Maybe there is no bootloader on /dev/sdc1? Try to boot from livecd and fix > bootloader. This is very likely. Bootloader is usually installed on whole drive (e.g., /dev/sdc) rather than on its partition (e.g., /dev/sdc1). I am not even sure if BIOS could boot from bootloader installed on a partition. Maybe also Windows do not like the fact they have just a partition and not a partition table. Moreover, I do not recommend booting Windows this way. If they are on a partition accessible to dom0, the dom0 might try to parse its filesystem etc., which might expose some vulnerabilities. It seems to be more wise to convert the /dev/sdc1 to some image file (or a LVM volume, provided that you have carefully configured LVM, like Q4 has). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8ba05d29-c9b2-43c4-8598-06e3798748f3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] noscript xss warning on qubes os site
On Thursday, February 1, 2018 at 3:31:45 AM UTC-8, awokd wrote: > Not seeing this in Tor Browser 7.5 with Noscript 5.1.8.4 when I browse to > https://www.qubes-os.org. Where are you seeing it? firefox on fedora-26. install noscript, look at the qubes site. go to other sites. maybe restart the browser, and you get that. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cce8b631-04df-4560-bb62-301ae04df78a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Installing in UEFI (Ryzen 1800X, ASRock Fatal1ty X370 Professional Gaming)
On Thursday, 1 February 2018 13:40:24 UTC+2, awokd wrote: > On Thu, February 1, 2018 10:21 am, Willem D wrote: > > To workaround the problem, try using Refind. To actually debug it, I think > Qubes is using a modified version of Fedora 25's installer. Does that one > work on your system? Not aware of any log files that get generated that > early (especially if it can't find a file system interface). I just tried Fedora 25 Live x86_64 (workstation), to my surprise it worked. I had to add "nomodeset" to boot parameter. It turns out the GeForce GT 1030 does not have modesetting support yet. I will remove that card in future Qubes tests. Going to read up on Refind and leaving this here for reference: https://www.qubes-os.org/doc/uefi-troubleshooting/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4128473c-3112-4f46-a917-8dbebb817085%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] sudden reboot?!
On Thu, February 1, 2018 6:47 am, evo wrote: > Hi all! > > > I have sometimes big problem with Qubes 3.2. > Just now, by writing an email... suddenly my laptop rebooted. Without > any errors. Blackscreen and reboot. > > This was the second time, but after rather large period. > > > how can i manage it?? You can check journalctl to see if it had a chance to log anything before the reboot but if Xen is crashing you might need a serial console connection to debug it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e5ae47021dd443510449b70171a8f321.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Installing in UEFI (Ryzen 1800X, ASRock Fatal1ty X370 Professional Gaming)
On Thu, February 1, 2018 10:21 am, Willem D wrote: > I found the report on Github: > https://github.com/QubesOS/qubes-issues/issues/2838 which describes the > same issue as I have. I would like to debug the problem, but I require > assistance with that. To workaround the problem, try using Refind. To actually debug it, I think Qubes is using a modified version of Fedora 25's installer. Does that one work on your system? Not aware of any log files that get generated that early (especially if it can't find a file system interface). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/71bc6b64211aa9ce08655d4496263dce.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] noscript xss warning on qubes os site
On Thu, February 1, 2018 9:54 am, pixel fairy wrote: > noscript, the firefox extention, pops up the following about the qubes > site, > > NoScript detected a potential Cross-Site Scripting attack > > > from [...] to https://www.qubes-os.org. > > Suspicious data: > > > window.name Not seeing this in Tor Browser 7.5 with Noscript 5.1.8.4 when I browse to https://www.qubes-os.org. Where are you seeing it? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9d8d9781fd5379f7339482fb070d316f.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to deal with Yubikey ?
On Thu, February 1, 2018 8:58 am, ThierryIT wrote: > If I did understood well, when using Qubes 4.0r3, there is no sys-usb ... If you chose not to set one up on install there wouldn't be, but usually you should unless using a usb keyboard maybe. You can still add one now; check the docs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e1faa309e2e2704c82fbabcacb489fad.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Installing in UEFI (Ryzen 1800X, ASRock Fatal1ty X370 Professional Gaming)
Hi All, I tried installing Qubes 4.0-rc3 in UEFI mode using a USB drive. After POST I see 4 options* regardless of what option I choose the message "Couldn't obtain the File System Protocol Interface" flashes very quickly on my screen and the 4 options are displayed on the screen again. I found the report on Github: https://github.com/QubesOS/qubes-issues/issues/2838 which describes the same issue as I have. I would like to debug the problem, but I require assistance with that. I was able to test media and install Qubes when booting in legacy mode. I do however require my system to run in UEFI mode. It might be possible to force the OS to boot in UEFI mode after installing in legacy, however I would rather try to find the cause of the problem and improve the experience for others with the same issue. I am able to start Fedora 27's anaconda installer in UEFI mode using the same hardware. *options: "Test media and install Qubes R4.0-rc3" "Install Qubes R4.0-rc3" "Troubleshooting - verbose boot and Install Qubes R4.0-rc" "Rescue a Qubes system" Hardware: CPU: AMD Ryzen 7 1800X M/B: ASRock Fatal1ty X370 Professional Gaming RAM: 32GB G.SKill F4-3200C14D-32GTZ TridentZ Series GPU: 2GB GeForce GT 1030 GPU: 8GB Radeon RX 480 GDDR5 256bit PCI-E 3.0 SSD: 500GB Samsung 960 EVO NVMe M.2 PCI-E 3.0 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ae34f348-7f86-4fb3-a043-27f67b378e14%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Slow network speed outside netvm
Ilpo Järvinen: > I found this: > https://wiki.xenproject.org/wiki/Xen-netback_and_xen-netfront_multi-queue_performance_testing Thanks, I'll have a look. > It might be that roughly 4Gbps might be what you can get for cross-vm with > one flow (but those results are quite old). > > I guess that there are by default two queues per vif (based on the kernel > thread naming) which would explain why going beyond 2 VCPUs didn't help > any. ...Now we only just need to figure out how to configure the number of > queues to see if that has some impact on performance (ethtool seems to be > unable to do that). > > ...And of course you'll need to use more than one flow to utilize all > those queues anyway but I guess you tested also the inter-vm test with > more than one flow? Yes, using 2,4 or 6 flows gives the same result. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/89569c3c-70e4-41cf-9a1c-746333f16df0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] noscript xss warning on qubes os site
noscript, the firefox extention, pops up the following about the qubes site, NoScript detected a potential Cross-Site Scripting attack from [...] to https://www.qubes-os.org. Suspicious data: window.name -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/799216a9-386d-45e2-a05f-17b045a4645d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: [UPDATE] QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)
I have installed the patch from security-testing. On system resume, I sometimes notice effects like: * Time synced noticeably late. For example, when my laptop wakes up on morning, Thunderbird considers today's e-mails as e-mails from future day (so it displays date, not only time). * Some VMs don't get the time synced at all (or at least after a huge delay that looks like forever). I've repeatedly seen this at some VM with a background bot. * The same applies to Wi-Fi. It sometimes seems to be attached even after I type the password (which is not short). I have also seen one strange change (not sure about the timing, but it might be related to the update) that might affect security of those who use some pseudo-DVM for sys-usb. When I remove USB „mouse“* and attach it back, the mouse is automatically allowed. Maybe the connection has not been closed. The strange part is that this does not apply for USB keyboard, although the input proxy works virtually the same. So, before adding an untrusted device, it is not enough to disconnect USB keyboard/touchpad. I also have to reboot the sys-usb VM. Regards, Vít Šesták 'v6ak' *) I have two USB „mice“, none of them is actual traditional mouse. One of them is a touchpad that uses mouse USB protocol. The other one is a keyboard that has capability of clicking and looks like multiple input devices on the USB protocol. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3bec4ff9-5ca5-4951-bf88-8478138b1fec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Slow network speed outside netvm
On Thu, 1 Feb 2018, Jarle Thorsen wrote: > Ilpo Järvinen: > > I'd next try to tweak the txqueuelen (at the netvm side): > > sudo ifconfig vifxx.0 txqueuelen > > > > Appvm side (eth0) seems to have 1000 but the other side (vifxx.0) has > > only 64 by default that seems a bit small for high-performance transfers. > > Thanks a lot for your help so far! > > Unfortunately setting txqueuelen to 1000 did not make any difference... I found this: https://wiki.xenproject.org/wiki/Xen-netback_and_xen-netfront_multi-queue_performance_testing It might be that roughly 4Gbps might be what you can get for cross-vm with one flow (but those results are quite old). I guess that there are by default two queues per vif (based on the kernel thread naming) which would explain why going beyond 2 VCPUs didn't help any. ...Now we only just need to figure out how to configure the number of queues to see if that has some impact on performance (ethtool seems to be unable to do that). ...And of course you'll need to use more than one flow to utilize all those queues anyway but I guess you tested also the inter-vm test with more than one flow? -- i. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/alpine.DEB.2.20.1802011102270.18034%40whs-18.cs.helsinki.fi. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to deal with Yubikey ?
If I did understood well, when using Qubes 4.0r3, there is no sys-usb ... Le jeudi 1 février 2018 02:31:50 UTC+2, joev...@gmail.com a écrit : > qvm-usb command shows you how to attach USB devices to VMs. There is no GUI > method like there is for block devices. > > Remember, Yubikey is not a storage/block device. It is a USB that acts more > like a HID keyboard. > > Mine works on 3.2 just fine using sys-usb, then attaching to whatever VM > needs it. > > On Wednesday, 31 January 2018 09:14:36 UTC-5, ThierryIT wrote: > > How did you attached it ? I am trying without success ... I can attached it > > from dom0 using: qvm-block a vm_name dom0:sdd > > Is it correct under Qubes4.0r3 ? > > > > > > Le mardi 23 janvier 2018 09:51:17 UTC+2, Kushal Das a écrit : > > > On Tue, Jan 23, 2018 at 12:17 PM, ThierryIT wrote: > > > > Hello, > > > > > > > > I have today to deal with two problems: > > > > > > > > 1) I am using Yubikey to be authentified on some web site like Github > > > > ... > > > > 2) I am using Yubikey to stock my PGP keys and to use them with mainly > > > > my emails (Thinderbird+Enigmail) > > > > > > > > What to do under Qubes to make this possible ? > > > > I have already sys-usb running. > > > > > > On Qubes 4.0rc3, I just attach it to the vm as required, and use it. > > > No configuratino is required. > > > > > > Kushal > > > -- > > > Staff, Freedom of the Press Foundation > > > CPython Core Developer > > > Director, Python Software Foundation > > > https://kushaldas.in -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6e3c705d-361d-495f-8f3c-5b2785dc10b3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Slow network speed outside netvm
Ilpo Järvinen: > I'd next try to tweak the txqueuelen (at the netvm side): > sudo ifconfig vifxx.0 txqueuelen > > Appvm side (eth0) seems to have 1000 but the other side (vifxx.0) has > only 64 by default that seems a bit small for high-performance transfers. Thanks a lot for your help so far! Unfortunately setting txqueuelen to 1000 did not make any difference... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e413de61-d4b7-4714-86e7-0dee1672b379%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Slow network speed outside netvm
On Wed, 31 Jan 2018, Jarle Thorsen wrote: > Mike Keehan: > > > It sounds a bit ambitious to run 10gb per sec from one VM through > > another and onto the wire. I suspect you are memory speed limited > > if you are using a straightforward desktop pc. > > I'm not sure what is the limiting factor (memory speed, xen overhead?), > but I just did an iperf test between netvm and appvm only, and I still > maxed out at 4 Gbit/s. This test takes the network card out of the > equation and only tests the speed between the vms. Maybe somebody can do > similar tests on their system? > > > Do you know if anyone has achieved this? > > I don't know. I'd next try to tweak the txqueuelen (at the netvm side): sudo ifconfig vifxx.0 txqueuelen Appvm side (eth0) seems to have 1000 but the other side (vifxx.0) has only 64 by default that seems a bit small for high-performance transfers. -- i. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/alpine.DEB.2.20.1802011018110.18034%40whs-18.cs.helsinki.fi. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes / Github bugs track ??
The problem, as Ivan pointed out, is that our issue tracker would be cluttered with open reports in which the issue is probably fixed, but we're waiting for the reporter to confirm that it's fixed. -> cluttered with open reports: yes you are right, in this case, can you through Github, to close automatically tickets after "3 days" if no answer ? -> not true, my ticket has been closed before my "report". Instead, if you find that your issue was closed without being fixed, you should simply say so in a comment on that issue. You could simply say, "This is still happening. Please re-open." -> ok for me Whatever you do, don't create a new issue when you know it's a duplicate of the old one! That causes confusion and creates extra work, which takes time away from working on the actual problem. -> agree I don't want to bother the team. Just my two pences. Thx 2018-02-01 6:38 GMT+02:00 Andrew David Wong: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 2018-01-31 08:25, ThierryIT wrote: > > Le mardi 30 janvier 2018 10:05:57 UTC+2, Ivan Mitev a écrit : > >> On 01/30/18 09:36, ThierryIT wrote: > >>> Hi, > >>> > >>> Why are you closing a ticket before knowing if the modification you > have made, to correct the bug, is working ? I mean, why can't you wait for > the user to add the modification and see if it is working or not ? > >> > >> Once a dev or contributor provides a fix that he/she thinks solves an > >> issue there is usually no reason to keep the issue open, or else the > >> issue tracker would be cluttered with fixed but open issues waiting to > >> be confirmed/closed by their reporter. > > > > Do not agree at all with this ... > > If taking as example my ticket, what happen: > > > > 1) I open a ticket for a problem > > 2) The ticket is taken into account by the dev > > 3) Work on it, push the patch > > 4) close the ticket > > 5) I do the update as requested > > 6) result: not fully working > > 7) Cannot re-open my ticket, open a new ticket > > 8) The dev close my second ticket because it is duplicated ticket > > 9) re-open the first ticket > > > > And what about: > > > > 1) I open a ticket for a problem > > 2) The ticket is taken into account by the dev > > 3) Work on it, push the patch > > 4) Ask the user to update and give feedback > > 5) if working then close the ticket, if not then go ahead ... > > > > What do you think ? > > > > The problem, as Ivan pointed out, is that our issue tracker would be > cluttered with open reports in which the issue is probably fixed, but > we're waiting for the reporter to confirm that it's fixed. Many > reporters wouldn't respond at all. That would make our issue tracker > much less efficient for our developers, which would in turn make them > less efficient at fixing bugs and adding features. > > Instead, if you find that your issue was closed without being fixed, you > should simply say so in a comment on that issue. You could simply say, > "This is still happening. Please re-open." (However, it would be more > helpful if you could provide more detail than that. We understand that > it's not always possible, though.) > > Whatever you do, don't create a new issue when you know it's a duplicate > of the old one! That causes confusion and creates extra work, which > takes time away from working on the actual problem. > > >> > >>> As exemple: ticket #3501 is closed, but even if I have followed the > instruction, the problem is not solved, but the ticket is closed ... > >> Either you're now hitting a bug that has nothing to do with your > >> original issue or Marek thought he fixed the bug but made a mistake. If > >> it's the former simply open another issue. If it's the latter, I'd send > >> Marek a friendly email, or I would create a new issue pointing to the > >> wrongly solved older one. > >> > > Please don't send emails to individual developers or create issues you > know are duplicates! Both are distracting and actually make it harder > for them to help you with your problem. Instead, please just add a > comment on the existing closed issue, as I explained above. We'll > receive a notification when you do. > > I've updated the Reporting Bugs page to try to clarify all of this: > > https://www.qubes-os.org/doc/reporting-bugs/ > > >>> How to re-open it ? > >> > >> You can't, it looks like it's a github shortcoming. Had you taken 2 secs > >> to websearch it, you'd have found: > >> > >> https://stackoverflow.com/questions/21333654/how-to-re- > open-an-issue-in-github#21333938 > >> > >> first hit, no need to even click the link, the answer is at the top of > >> the search page: "you cannot re-open your own issues if a repo > >> collaborator closed them". > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > > -BEGIN PGP SIGNATURE- > > iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlpymZoACgkQ203TvDlQ > MDDgIxAAjtzKW1QtkK6HtYR+XcFpVR+sWAsT0xWzhk6eyTi5ob1yersq74h2sgzt >