Re: [qubes-users] Setup NextCloud in Qubes
On 11/25/18 2:26 AM, pr0xy wrote: I was trying to install NextCloud into a Qubes R3.2 machine. Although I have it working it isn't persistent across reboots of the AppVM. Every time I restart the AppVM it asks me to setup my NextCloud again. How can I get NextCloud working in an AppVM? I put NextCloud into a Fedora template. I tried the full manual install and the Snap method. When I base the AppVM on that template I can startup NextCloud, create a MariaDB database, create an admin account and work with various settings, but a restart of the AppVM will lose all of those settings. How can I make my changes persistent so that I can use NextCloud normally? Why not use a StandaloneVM ? Or do you want to get a "clean/blank" nextcloud install each time you restart an AppVM based on the template where you installed nextcloud ? If so, you'll have to create the db/admin account/... in the templateVM, not in the AppVM, otherwise any changes you do to the root filesystem will be lost at the next restart. Note that it's usually not a good idea to install and run third party stuff in templates (or, don't base sensitive AppVMs on such templates). FYI the folders/files related to nextcloud are usually: - The folder where you extracted nextcloud (eg. /var/www/nextcloud) - The data dir you configured; could be a subdir of the folder above or another path. - Mysql db (/var/lib/mysql) and maybe /etc/my.cnf* - relevant httpd config (/etc/httpd/...) + php stuff, eg. /etc/php.ini if you modified it. You'll also have to enable the web server and mysql in the template (systemctl enable ...); or start it in the AppVM. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5f1f3df3-f65a-48de-535c-e76ec8abd7d1%40maa.bz. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Setup NextCloud in Qubes
On 2018-11-25 02:17, unman wrote: > On Sat, Nov 24, 2018 at 04:26:18PM -0800, pr0xy wrote: >> I was trying to install NextCloud into a Qubes R3.2 machine. Although I >> have it working it isn't persistent across reboots of the AppVM. Every >> time I restart the AppVM it asks me to setup my NextCloud again. >> >> How can I get NextCloud working in an AppVM? >> >> I put NextCloud into a Fedora template. I tried the full manual install >> and the Snap method. When I base the AppVM on that template I can >> startup NextCloud, create a MariaDB database, create an admin account >> and work with various settings, but a restart of the AppVM will lose all >> of those settings. How can I make my changes persistent so that I can >> use NextCloud normally? > > Have you looked at using bind-dirs? > https://www.qubes-os.org/doc/bind-dirs/ Thanks. That looks like it should work, but I guess I'm uncertain which directories I need to add to /rw/config/qubes-bind-dirs.d/50_user.conf I tried: binds+=( '/var/lib/mysql' ) binds+=( '/var/www' ) as those would appear to cover the MariaDB MySQL database and the web server for NextCloud. However, even with those settings any database or user created in MySQL of the AppVM doesn't persist after a restart. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/338ee10886347013c1edb677d4f52cf2%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Setup NextCloud in Qubes
On Sat, Nov 24, 2018 at 04:26:18PM -0800, pr0xy wrote: > I was trying to install NextCloud into a Qubes R3.2 machine. Although I > have it working it isn't persistent across reboots of the AppVM. Every > time I restart the AppVM it asks me to setup my NextCloud again. > > How can I get NextCloud working in an AppVM? > > I put NextCloud into a Fedora template. I tried the full manual install > and the Snap method. When I base the AppVM on that template I can > startup NextCloud, create a MariaDB database, create an admin account > and work with various settings, but a restart of the AppVM will lose all > of those settings. How can I make my changes persistent so that I can > use NextCloud normally? Have you looked at using bind-dirs? https://www.qubes-os.org/doc/bind-dirs/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20181125021733.4iz27t24lptru4fc%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Operating System Loader failed signature verification. WARNING: The file may have been tampered with
On Sat, Nov 24, 2018 at 04:49:40AM -0800, humbleman...@gmail.com wrote: > On Saturday, November 24, 2018 at 1:52:52 PM UTC+2, unman wrote: > > On Fri, Nov 23, 2018 at 10:21:37PM -0800, humbleman...@gmail.com wrote: > > > On Saturday, November 24, 2018 at 2:54:03 AM UTC+2, unman wrote: > > > > On Fri, Nov 23, 2018 at 02:07:32PM -0800, Humble wrote: > > > > > Good day, > > > > > > > > > > I've got a brand new Dell Precision 7730 that I was planning to > > > > > install QubesOS on. > > > > > As soon as I attempt to start the boot sequence, I get this error: > > > > > > > > > > Operating System Loader failed signature verification. WARNING: The > > > > > file may have been tampered with > > > > > > > > > > I've tried several OS-es and Ubuntu and ESXi boot just fine, with Xen > > > > > and a couple more failing to do so. > > > > > Upgraded the bios and all that, still no go. > > > > > > > > > > Unfortunately from what I understand this generation of laptops no > > > > > longer accepts installations of OS-es in legacy mode. > > > > > > > > > > I am looking forward for your thougths. > > > > > > > > > > > > > You have TPM enabled: I think you can disable it: > > > > Go into the BIOS (F2 on boot?) > > > > Under Security, you can turn off TPM, which should allow you to boot > > > > other OS. > > > > You can also turn off Secure Boot. > > > > > > > > I dont think that you are prohibited from legacy boot. > > > > Have a look under the Advanced Boot options, and you may be able to > > > > enable legacy boot there. > > > > > > > > unman > > > > > > Legacy boot is not prohibited, but is allowed only for external devices > > > (USB, SD Card, PXE). > > > This is the KB article from Dell's official site and this appears to be > > > the norm from now on for any Enterprise-grade Dell laptop. > > > https://www.dell.com/support/article/us/en/04/sln309720/newer-dell-systems-unable-to-boot-to-internal-boot-device-in-legacy-boot-mode?lang=en > > > > > > Looking forward for any guidance. > > > > > > > I'm not sure what more you want. You have bought a laptop that cant boot > > legacy mode from internal disk. > > Try installing in UEFI mode. > > Which doesn't work and it gives the error in the original post > (Operating System Loader failed signature verification. WARNING: The file may > have been tampered with) indicating that there are integrity checks that the > current (and the 4.0.1-rc1) image are failing for the current generation of > UEFI-enabled BIOS-es. No, it indicates that you still havent disabled SecureBoot, as I suggested. > What is not clear in the above? UEFI doesn't work and Legacy isn't supported. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20181125021455.jquhxcnf4cvznk75%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes 3.2 i3 log in issue
On Wed, Nov 21, 2018 at 01:43:16PM -0800, dl...@msn.com wrote: > I've been using Qubes 3.2 for less than two months after installing on my > laptop. Today, I used terminal with apt-get install i3 and then after > downloading it from the repository, typed 'i3', which it then changed the > layout of the windows open to vertical. I shut down the laptop and attempted > to log in and have received incorrect password, this happens regardless of > xfce, i3, or i3 with log. I jumped the restart too soon, but not certain what > to do to fix this mistake. > It doesnt seem likely that the window manager has caused this. Depending on the password, have you check to make sure that the kboard is set as expected? (Language/key mappings) If you genuinely cant log in at all,, then you can reset the password using any live distro. (I'm assuming you are able to enter the encryption password correctly.) If you need help with this, there are many guides online. If you get stuck reply here. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20181125021051.j3fleekzvjwd2old%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Possible to use WindowsVM as a NetVM?
On Sat, Nov 24, 2018 at 02:41:07PM -0800, qubesuserma...@gmail.com wrote: > On Thursday, November 22, 2018 at 7:35:38 PM UTC-5, unman wrote: > > Attach Windows Vm to the new qube. > > Attach your NIC to the Windows VM. > > Now the WindowsVM has two network devices. > > Wow, I never thought that NIC can be attached to VM not on topmost, thanks > for the tip! > But, as I was setting up the network you described, the same weird weird > problem happened again which I've been dealing with for 2 days and still have > no clue... > > That is, it seems that a qube couldn't UNDERSTAND the packets coming through > its vif+ interface with source ip address not of the qube directly connected > to its vif+. By "understand" I mean the packet can be seen by tcpdump and > wireshark on the corresponding vif, but never reaches the application, as if > dropped by kernel. > > In your networking: > > i < i can't deliver packets generated from outside to C >/ \ > / \ > C W <---> outside > > i,W,C can ping each other OK > W pings outside: OK > i/C pings outside: ICMP reply seen by tcpdump on i's right side vif, but ping > failed. > > Same thing happens in this situation: > > a > | > | > b > | > | > c > > c/b pings a: OK > a pings c: reply seen by tcpdump, but ping fails > > Iptables are all empty and rp_filter is 0, so it kinda narrows it down to > kernel and XEN. But I don't see any packet-dropping in statistics. > This strange behavior strikes me as some kinds of security mechanism. Do you > have the same problem? > You havent looked at my other posts, I think. Have you checked the raw table? By default a netvm restricts traffic on a vif to the allocated IP: you need to remove that restriction. I made some notes on using an openBSD HVM as a netvm - https://github.com/unman/notes/blob/master/openBSD_as_netvm You should be able to adapt them to your own case. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20181125020459.f7wmzztpyjq2z6bn%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Setup NextCloud in Qubes
I was trying to install NextCloud into a Qubes R3.2 machine. Although I have it working it isn't persistent across reboots of the AppVM. Every time I restart the AppVM it asks me to setup my NextCloud again. How can I get NextCloud working in an AppVM? I put NextCloud into a Fedora template. I tried the full manual install and the Snap method. When I base the AppVM on that template I can startup NextCloud, create a MariaDB database, create an admin account and work with various settings, but a restart of the AppVM will lose all of those settings. How can I make my changes persistent so that I can use NextCloud normally? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/68902a6b167fad231b8f1b56bc4b074b%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Donation costs
Achim Patzner: > Patrick Schleizer wrote on Mon, 19 November 2018 08:33 >> I don't think crypto currencies add much carbon dioxide >> compared to >> legacy financial institutions. > > Answers like this make me wonder how people arrive at their > threat assessments. > > If you do not know the facts making assumptions based on > your wishes does not work. I strongly believe in finding > facts if I do not have precise data. Try taking a look at > some research: > https://www.nature.com/articles/s41893-018-0152-7.epdf (if > you do not want to pay for the article you will be able to > read it at sci-hub). The current equivalent of the creation > USD 1 in Bitcoin (at the time of writing the article when > Bitcoin was still more expensive than today) is about > 17MJoule (about 4.6kWh). Gold is currently at 5MJ. The > mining of the first 6 months of this year took 30TWh, > estimate for the year is 73TWh. If we're lucky this will > have led to less than 70Mt carbon dioxide. If not we will > have gained quite some nuclear waste we still don't know how > to deal with. > > And as you are making noises about banks: Please add in the > environmental cost of all the computers involved in Bitcoin > transactions. One Bitcoin transaction is currently costing > about as much energy as 40 credit card transactions. > > And yes, the reference section of the article is quite > interesting. > > > Achim Patzner > Good response to this flawed, ignorant study: https://twitter.com/nic__carter/status/1056976815032582144. -- qubenix CODE PGP: FE7454228594B4DDD034CE73A95D4D197E922B20 EMAIL PGP: 96096E4CA0870F1C5BAF7DD909D159E1241F9C54 IRC OTR: DFD1DA35 D74E775B 3E3DADB1 226282EE FB711765 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1dcfe60d-8c74-3f98-8e66-c5097d5e2dbe%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Donation costs
Patrick Schleizer wrote on Mon, 19 November 2018 08:33 > I don't think crypto currencies add much carbon dioxide > compared to > legacy financial institutions. Answers like this make me wonder how people arrive at their threat assessments. If you do not know the facts making assumptions based on your wishes does not work. I strongly believe in finding facts if I do not have precise data. Try taking a look at some research: https://www.nature.com/articles/s41893-018-0152-7.epdf (if you do not want to pay for the article you will be able to read it at sci-hub). The current equivalent of the creation USD 1 in Bitcoin (at the time of writing the article when Bitcoin was still more expensive than today) is about 17MJoule (about 4.6kWh). Gold is currently at 5MJ. The mining of the first 6 months of this year took 30TWh, estimate for the year is 73TWh. If we're lucky this will have led to less than 70Mt carbon dioxide. If not we will have gained quite some nuclear waste we still don't know how to deal with. And as you are making noises about banks: Please add in the environmental cost of all the computers involved in Bitcoin transactions. One Bitcoin transaction is currently costing about as much energy as 40 credit card transactions. And yes, the reference section of the article is quite interesting. Achim Patzner -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/358.5bf9d7a7%40qubes-os.info. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Possible to use WindowsVM as a NetVM?
On Thursday, November 22, 2018 at 7:35:38 PM UTC-5, unman wrote: > Attach Windows Vm to the new qube. > Attach your NIC to the Windows VM. > Now the WindowsVM has two network devices. Wow, I never thought that NIC can be attached to VM not on topmost, thanks for the tip! But, as I was setting up the network you described, the same weird weird problem happened again which I've been dealing with for 2 days and still have no clue... That is, it seems that a qube couldn't UNDERSTAND the packets coming through its vif+ interface with source ip address not of the qube directly connected to its vif+. By "understand" I mean the packet can be seen by tcpdump and wireshark on the corresponding vif, but never reaches the application, as if dropped by kernel. In your networking: i < i can't deliver packets generated from outside to C / \ / \ C W <---> outside i,W,C can ping each other OK W pings outside: OK i/C pings outside: ICMP reply seen by tcpdump on i's right side vif, but ping failed. Same thing happens in this situation: a | | b | | c c/b pings a: OK a pings c: reply seen by tcpdump, but ping fails Iptables are all empty and rp_filter is 0, so it kinda narrows it down to kernel and XEN. But I don't see any packet-dropping in statistics. This strange behavior strikes me as some kinds of security mechanism. Do you have the same problem? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b497b53b-c058-423b-949b-6d56484d1625%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Problems of Installation on macOS 10.14 Mojave
Thanks do you have a Link to the merged PR.. then you mean mounting the installer usb in macOS cd to /Volumes and then cd into stick? Or mount macOS EFI and cd into the EFI ? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/25e9e101-5c53-4fbb-a948-3f188f168f40%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: B450 Pro4 + Ryzen 5 2400G installation issue
> afterwards, if you install kernel-latest in dom0, the APU should work as well. i installed stable release Qubes-R4.0-x86_64.iso and updated dom0 with VM Manger. Is this sufficient? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/44a772da-edee-42c0-8cf7-194bc637a401%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Possible to use WindowsVM as a NetVM?
On Friday, November 23, 2018 at 1:19:13 PM UTC-5, Sven Semmler wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On 11/23/18 11:52 AM, Zrubi wrote: > > I just wonder why would you do this? > > I suppose a Windows-only proprietary VPN client ... am I right? > > /Sven Correct, good guess. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b979f691-bff4-470d-817c-937c049878ec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] QJackctl starting on Qubes 4.0
Hi all. I've put enough time into this one where I'm finally willing to reach out for some help. I wanted to see if I could create an AppVm dedicated to music creation, using QJackCtl and other open source software. However, I'm having a terrible time at even getting Jack Audio off of the floor. System: Base Qubes 4.0 installation, Fedora 28 template, Thinkpad T480 w/32Gb RAM. Expected results: Pressing "Start" on the QJackCtl GUI starts the server, per the online manuals and Fedora's Musician documentation. Actual results: Receive the "Could not connect to JACK server as client. - Overall operation failed. - Unable to connect to server." error. Tried so far: Following online documentation (treating the AppVM as a standard Fedora installation), assigning the Audio PCI of the computer to that VM via the Qubes Manager. I'm totally willing to have this be something simple and embarrassing as I learn the OS. Any help that you can provide would be much appreciated! - Max -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bc403d32-cae3-4283-8b7a-32bbc6b79ddc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Problems of Installation on macOS 10.14 Mojave
Oh, one other thing to note in the PR that was merged... I added an 00-README.txt to the /boot/EFI partition of Qubes. Here's a trick to tweak Qubes settings over and over, especially on Macs... You can boot into macOS normally. You should seen the EFI boot partition mounted under /Volumes/. It is a fat32 partition. As soon as you browse into this location, you'll see the 00-README.txt where I explain how to open the xen.cfg file and tweak the parameters of your boot kernel and xen.efi options. So if you are having problems booting Xen.efi on a device, you should be able to boot with another OS (e.g. a Ubuntu Live USB stick, or Arch Linux Installer stick, or even macOS if installed on the same machine, etc) and edit the fat32 boot partition manually to tweak the configuration. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/390fd1d2-ddf0-466c-8bf3-9c9f90bb00c8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Problems of Installation on macOS 10.14 Mojave
On Tuesday, November 20, 2018 at 2:23:13 PM UTC-5, Koma Kurt wrote: > > Hi there im new to Qubes OS and i want to install it on external ssd... > Btw, this is exactly how I install Qubes R4 (and RCs) for all the testing I did. I installed Qubes OS on an M.2 USB3.0 adapter that uses the ASM1153E chipset, so it acts as an external HDD. Though a lot of my devices don't support SSD HDD booting, my Macbook Pro 2014 does and works fine with it. https://www.newegg.com/Product/Product.aspx?Item=9SIA2RP5G19609 What I did is simply down the ISO and used Etcher to write to a USB3.0 stick. Then I rebooted with that stick, holding down OPTION key and select "EFI Boot" to boot the stick. I then immediately insert the USB SSD enclosure AFTER it starts to boot. I do this because if you have it in any sooner, than the OPTION boot process sees it and doesn't allow the USB stick to boot. > rEFInd 0.11.4 is already installed and macOS is updated to macOS 10.14 Mojave. > > ... > > there are now 3 options to boot from: > > -->legacy mode (doesnt work) > > -->vmlinuz (doesnt work -->freeze install progress @ dracut..with 4 > penguins > > -->fallback...it works installer starts but then where i have to > choose language ..i cant choose cause the keyboard and trackpad are > frozen :-/ > > the xen.efi is also missing or broken... > @eduncan911 > > you write above Apple hardware has been fixed: > QubesOS/qubes-installer-qubes-os#20 ... > > can you please tell me (step-by-step) > Do not use rEFInd. Or rather, Qubes doesn't support it nor have I even touched it. None of my macs (I have 3) has any boot manager installed. Just plan macOS and my USB boot stick I carry round. In short, when using a true UEFI BIOS to boot Qubes OS, Qubes R4 will only configure the boot partition to boot the Xen.efi file directly - no EFI boot manager is installed nor used. Xen supplies an xen.efi wrapper binary that will handle the boot sequence. The downside to this approach is that you can't pass any parameters to the Xen EFI process - you can only tweak the efi.cfg file for boot params and kernel options. Depending on your mac, you sometimes have to disable nomodeset or intel i915s to get things to boot. > for what is the qubes-installer-qubes-os used for (to build iso?) > how to Compile/ build / use qubes-installer-qubes-os ?? > > i couldnt figure out how to use this repo cause there is no README file ?? > > Do i have to make it like the qubes builder? does it output an ISO ? > I started with R4 rc3, and went to rc4 and rc5 and now R4 RTM ISOs directly from the downloads. No special builds. Note, I have had several corrupt downloads and corrupt USB writes to USB sticks. Please always verify the ISO after downloading with at least md5sum. Etcher has built in "Verify" support - but sometimes it still corrupts. I end up writing to 2 or 3 USB sticks until one works. > @marmarek > > is there a way how i could build my own iso with all the fixes inside which > works on my macbook? > > i read in the issues that the problems where fixed but i didnt know how to > fix it .. > So about that... That's been the biggest PITA for me. I am surrounded by no less 8 different PCs and laptops and tablets - and none of them helped me get the Broadcom drivers installed for my Macbook Pro 2014 Retina (15"). It is super annoying, no matter the dozen blog pops you follow online for Fedora kernels and all... I can't recall on exactly which combination I did before... But I know my USB SSD enclosure worked on my late-2015 iMac 27" Retina 5k - with nomodeset if I recall. The GUI was painfully slow at that resolution (like 0.25 FPS!!!), but I was able to change the resolution and get a partially using system. I think that is where I installed the dkms drivers manually for the Fedora kernel in dom0 for the broadcom drivers. Truth be told though, since my Mid-2015 Macbook Pro 15" retina uses an "Nvidia" GPU, not an AMD like the 2015, it's been a real PITA since I can't control the optimus easily. Battery life sucks as the GPU is always on and no matter how I configure the vendor for backlights, I can't control the retina-eyeball-burning brightness. You may have better luck with the AMD card in the 2015 edition you have I believe. In the end, after tinkering with it off and on for 8 months, Ive given up and just ordered a Thinkpad P1 over the Blackfriday weekend. They had a special of 20% off for Thanksgiving (expired last night). You can still call them and tell them about the website problems over the last several days of "Under maintenance" and they will give it to you over the phone. The trick is to add it to your cart first, then "Save for later" so when on the phone, add it back to cart and given them the cart number. They will credit it over the phone. I digress though... I still may have serious issues with Optimus and the Thinkpad P1 graphics, reading that the dGPU can'
Re: [qubes-users] Operating System Loader failed signature verification. WARNING: The file may have been tampered with
On Saturday, November 24, 2018 at 1:52:52 PM UTC+2, unman wrote: > On Fri, Nov 23, 2018 at 10:21:37PM -0800, humbleman...@gmail.com wrote: > > On Saturday, November 24, 2018 at 2:54:03 AM UTC+2, unman wrote: > > > On Fri, Nov 23, 2018 at 02:07:32PM -0800, Humble wrote: > > > > Good day, > > > > > > > > I've got a brand new Dell Precision 7730 that I was planning to install > > > > QubesOS on. > > > > As soon as I attempt to start the boot sequence, I get this error: > > > > > > > > Operating System Loader failed signature verification. WARNING: The > > > > file may have been tampered with > > > > > > > > I've tried several OS-es and Ubuntu and ESXi boot just fine, with Xen > > > > and a couple more failing to do so. > > > > Upgraded the bios and all that, still no go. > > > > > > > > Unfortunately from what I understand this generation of laptops no > > > > longer accepts installations of OS-es in legacy mode. > > > > > > > > I am looking forward for your thougths. > > > > > > > > > > You have TPM enabled: I think you can disable it: > > > Go into the BIOS (F2 on boot?) > > > Under Security, you can turn off TPM, which should allow you to boot > > > other OS. > > > You can also turn off Secure Boot. > > > > > > I dont think that you are prohibited from legacy boot. > > > Have a look under the Advanced Boot options, and you may be able to > > > enable legacy boot there. > > > > > > unman > > > > Legacy boot is not prohibited, but is allowed only for external devices > > (USB, SD Card, PXE). > > This is the KB article from Dell's official site and this appears to be the > > norm from now on for any Enterprise-grade Dell laptop. > > https://www.dell.com/support/article/us/en/04/sln309720/newer-dell-systems-unable-to-boot-to-internal-boot-device-in-legacy-boot-mode?lang=en > > > > Looking forward for any guidance. > > > > I'm not sure what more you want. You have bought a laptop that cant boot > legacy mode from internal disk. > Try installing in UEFI mode. Which doesn't work and it gives the error in the original post (Operating System Loader failed signature verification. WARNING: The file may have been tampered with) indicating that there are integrity checks that the current (and the 4.0.1-rc1) image are failing for the current generation of UEFI-enabled BIOS-es. What is not clear in the above? UEFI doesn't work and Legacy isn't supported. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8bad5de0-402a-4c85-b075-dfb44d58d50b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes 3.2 i3 log in issue
Hi, dl...@msn.com: > I've been using Qubes 3.2 for less than two months after installing on my > laptop. Today, I used terminal with apt-get install i3 and then after > downloading it from the repository, typed 'i3', which it then changed the > layout of the windows open to vertical. i3 is a tiling window manager [1] and it should not be used by "typing" i3, please read the i3 Qubes documentation [2] for more information. [1] https://www.i3wm.org [2] https://www.qubes-os.org/doc/i3/ Cheers, ~Vasilis -- Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162 Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/59299acb-24e7-4026-941d-017319f65f11%40torproject.org. For more options, visit https://groups.google.com/d/optout. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Operating System Loader failed signature verification. WARNING: The file may have been tampered with
On Fri, Nov 23, 2018 at 10:21:37PM -0800, humbleman...@gmail.com wrote: > On Saturday, November 24, 2018 at 2:54:03 AM UTC+2, unman wrote: > > On Fri, Nov 23, 2018 at 02:07:32PM -0800, Humble wrote: > > > Good day, > > > > > > I've got a brand new Dell Precision 7730 that I was planning to install > > > QubesOS on. > > > As soon as I attempt to start the boot sequence, I get this error: > > > > > > Operating System Loader failed signature verification. WARNING: The file > > > may have been tampered with > > > > > > I've tried several OS-es and Ubuntu and ESXi boot just fine, with Xen and > > > a couple more failing to do so. > > > Upgraded the bios and all that, still no go. > > > > > > Unfortunately from what I understand this generation of laptops no longer > > > accepts installations of OS-es in legacy mode. > > > > > > I am looking forward for your thougths. > > > > > > > You have TPM enabled: I think you can disable it: > > Go into the BIOS (F2 on boot?) > > Under Security, you can turn off TPM, which should allow you to boot > > other OS. > > You can also turn off Secure Boot. > > > > I dont think that you are prohibited from legacy boot. > > Have a look under the Advanced Boot options, and you may be able to > > enable legacy boot there. > > > > unman > > Legacy boot is not prohibited, but is allowed only for external devices (USB, > SD Card, PXE). > This is the KB article from Dell's official site and this appears to be the > norm from now on for any Enterprise-grade Dell laptop. > https://www.dell.com/support/article/us/en/04/sln309720/newer-dell-systems-unable-to-boot-to-internal-boot-device-in-legacy-boot-mode?lang=en > > Looking forward for any guidance. > I'm not sure what more you want. You have bought a laptop that cant boot legacy mode from internal disk. Try installing in UEFI mode. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20181124115247.lua7zn4tdrvx2zrn%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] gtk fonts in kde
Hello, Does anyone know how to set the font for GTK applications in KDE? On my laptop Qubes Manager, for example, is barely readable. I've found a tab called "Widget Style of GNOME/GTK Applications" in KDE Settings under "Application Style" where I can set a GTK font, but it doesn't appear to change anything. I'm using Qubes 4.0 Thanks in advance. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1543048815.8476.9.camel%40gmail.com. For more options, visit https://groups.google.com/d/optout.