[qubes-users] Re: FYI: Experimental Qubes coldkernel support now available

2016-12-14 Thread rtiangha 
On Wednesday, December 14, 2016 at 2:22:57 PM UTC-7, Foppe de Haan wrote:

> Thanks. When building this in d9-t, I get 'recipe failed' "Error 2" pretty 
> soon after starting the build process. No idea why, as there is no log, and I 
> don't see an option to provide one (or to provide verbose output).

Hmm, I haven't had time to try it under Debian 9 yet and might not for a while.

In the meantime, peeking at their build script, what you can try to do (haven't 
tried it myself though) is to comment out the spinner code around the 
build_kernel part and the '> /dev/null 2>&1' part in the build.sh file and 
perhaps that would throw the verbose compile output to the terminal to give 
some hints on where or why it fails.

So find this section in build.sh:

 start_spinner "Building coldkernel..."
 build_kernel > /dev/null 2>&1
 stop_spinner $?

And change it to be

 build_kernel

and try to compile (make qubes-guest) again. If the output isn't enough to give 
any hints, you may need to run 'make clean' to get rid of anything that was 
pre-compiled and to start again from scratch.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/02907625-5c0d-4380-b5d5-db5a0f50e2e3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: HCL - Razer Blade Stealth (Late 2016 Model)

2016-12-14 Thread rtiangha 
On Wednesday, December 14, 2016 at 3:03:48 PM UTC-7, Krasi wrote:
> 
> Trackpad:
> Its working but you cannot mouse click without physically pressing the pad. I 
> am guessing gestures are not working.
> 


Make sure to double-check the Mouse and Trackpad system settings. I don't know 
about gesture support, but there was a box I had to enable under the Touchpad 
section labeled "Tap touchpad to click" before tapping to click worked.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b080fab7-3dd3-4509-8aa2-d50848fc0184%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[qubes-users] Re: Question to Mirage OS firewall users

2016-12-10 Thread rtiangha 
On Saturday, December 10, 2016 at 6:03:17 AM UTC-7, jkitt wrote:
> What's it like to update - is it relatively simple? Would you say it's more 
> secure than Debian or Fedora?

It's easy. Shut down your Mirage OS Firewall VMs, copy over the new kernel 
files to the relevant directory in /var/lib/qubes/vm-kernels in dom0, and then 
restart the Mirage firewalls.

However, I don't know if it's more secure than using a Debian or Fedora based 
sys-firewall; it *might* help guard against a 0 day cascade though.

That said, because the Mirage firewall doesn't seem to work with a dispVM (at 
least for me, even running the latest code off of github), I still have 
sys-firewall running in the background anyways. So what I do is run my 
mirage-firewall behind sys-firewall (which in turn is behind sys-net). I don't 
know if that's best practice or even has any effect in guarding against a 0-day 
cascade, but things still work normally for the machines where I don't do any 
custom vm iptables filter rules and the ram hit isn't too much (I use 32MB).

Note that if you're trying to compile the latest mirage firewall code from 
github (which isn't reflected on the Release pages yet; there have been some 
minor changes since the last one), it might be a bit tricky since if you follow 
the default github instructions, the compilation will eventually fail as 
mirage-nat tries to pull in older versions of its package dependencies by 
default.

What I had to do was follow the github instructions until it failed, run 'opam
upgrade' to update what mirage-nat pulled in, then manually install the latest 
version of the tcpip package by running 'opam install tcpip' and then finally 
run 'opam install mirage-nat.' After that, following the rest of the github 
instructions should be fine. That'll work with both the 4.02.3 OCAML compiler, 
and the 4.03.0+flambda compiler. Compiling mirage-firewall won't work yet with 
the 4.04 series compilers because the version of mirage-xen in the repository 
only works with up to version 4.03. The code on mirage-xen's github page has 
been updated to work with 4.04 a while back, but a release roll up hasn't been 
pushed out to the repositories yet; not sure when that'll happen.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/811bb4e9-0f2a-46fa-96b8-7e8d1f6d190a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.