Re: [qubes-users] Qubes OS and clonezilla
> > > > Hi, > > > > Has anyone had any luck with cloning a crypted Qubes installation using > > > > Clonezilla? > > > > Even using DD the clone just won't boot > > > > Thanks I had no problem cloning an encrypted Qubes (nvme to nvme). I used the advanced mode.Make sure you chose disk to disk. That's maybe the 2nd questions it asks. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CxmJ3NEmkX3fGarPY2LnXVLbYfARkXGqmrCgKZBTTUQb18c94-eKFVu4xVzSDivrzFe9MA3ScuETmz8vAg-gZsOcbfJwHnbq6Zce9MPHsrQ%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] How to split into two gateways
> Are you sure the second NIC works under Qubes, even by itself? Also, if > it's dual ports on a single card, try adding a separate physical NIC card. Great thinking! That was one of the first things I have tried. And just to clarify the first NIC is integrated on the mobo and the second one is was added later into a pci slot. Both are single port NICs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/VguPWyl0aKo3mFMqPu3FfUUWe7XL2zimAoKvpIt90grYDPB8Vmz3lfWtqw4pe7DAmv3hX0_0eANfvH1W1Lvw_e2ey5Tk-Jpqd4c9PUkOYzk%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
This worked (see below). Thank you so much. You rock! Only one question remained: How to safely raise it to the maximum size (1TB ) and not just an arbitrary number that's close enough? [@dom0 ~]$ sudo pvresize --setphysicalvolumesize 900g /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 WARNING: Device /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 has size of 1948924598 sectors which is smaller than corresponding PV size of 1949320573 sectors. Was device resized? One or more devices used as PVs in VG qubes_dom0 have changed sizes. Physical volume "/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576" changed 1 physical volume(s) resized / 0 physical volume(s) not resized [@dom0 ~]$ sudo pvresize /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 Physical volume "/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576" changed 1 physical volume(s) resized / 0 physical volume(s) not resized [@dom0 ~]$ sudo pvs PVVG Fmt Attr PSize PFree /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 qubes_dom0 lvm2 a-- 929.32g 556.51g [Abraham@dom0 ~]$ sudo vgs VG #PV #LV #SN Attr VSize VFree qubes_dom0 1 141 0 wz--n- 929.32g 556.51g [@dom0 ~]$ sudo lvresize -L +550G qubes_dom0/pool00 WARNING: Sum of all thin volume sizes (3.34 TiB) exceeds the size of thin pools and the size of whole volume group (929.32 GiB)! For thin pool auto extension activation/thin_pool_autoextend_threshold should be below 100. Size of logical volume qubes_dom0/pool00_tdata changed from 347.98 GiB (89083 extents) to 897.98 GiB (229883 extents). Logical volume qubes_dom0/pool00_tdata successfully resized. [@dom0 ~]$ sudo lvs qubes_dom0/pool00 LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert pool00 qubes_dom0 twi-aotz-- 897.98g 33.45 14.82 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/MkGm7nh38pBsMKc1EErmyFdomARbWOKze0yli6OOWpN2Y1L_U2iix57O2DN_Ue6IQkJiPuVtQdd83j1xToY4tnNd2AV3oYHR0AUJB8yT4W4%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
This is where I am at now (below). What would be the best course of action. What would you if this was your mess to clean up? :) [@dom0 ~]$ sudo pvs WARNING: Device /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 has size of 1948924598 sectors which is smaller than corresponding PV size of 1949320573 sectors. Was device resized? One or more devices used as PVs in VG qubes_dom0 have changed sizes. PVVG Fmt Attr PSize PFree /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 qubes_dom0 lvm2 a-- 929.51g 556.70g [@dom0 ~]$ sudo vgs WARNING: Device /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 has size of 1948924598 sectors which is smaller than corresponding PV size of 1949320573 sectors. Was device resized? One or more devices used as PVs in VG qubes_dom0 have changed sizes. VG #PV #LV #SN Attr VSize VFree qubes_dom0 1 141 0 wz--n- 929.51g 556.70g [@dom0 ~]$ sudo lvs qubes_dom0/pool00 WARNING: Device /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 has size of 1948924598 sectors which is smaller than corresponding PV size of 1949320573 sectors. Was device resized? One or more devices used as PVs in VG qubes_dom0 have changed sizes. LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert pool00 qubes_dom0 twi-aotz-- 347.98g 86.33 14.67 [@dom0 ~]$ sudo lsblk -d /dev/mapper/qubes_dom0-root NAMEMAJ:MIN RM SIZE RO TYPE MOUNTPOINT qubes_dom0-root 253:40 1.1T 0 lvm / [@dom0 ~]$ sudo df -h / Filesystem Size Used Avail Use% Mounted on /dev/mapper/qubes_dom0-root 1.1T 9.7G 1.1T 1% / -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/lBEPHNJUXqgIorBVpRV55mrLeGAmBhZuD3U50kizqhdmxuBNhc7n9KEms0VTp6lrwhW8AYUfJW7TksEi6D-W4n6v4WoGhdY-GuB4tiXmRUU%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
> > [@dom0 ~]$ sudo lvs qubes_dom0/pool00 > > LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert > > pool00 qubes_dom0 twi-aotz-- 347.98g 87.01 58.34 > > if you want to enlarge logical volume qubes_dom0/pool00, you > should enlarge qubes_dom0/pool00, not random other devices. > > and it is important you enlarge the metadata volume first. > something like: > lvresize --poolmetadatasize +1G qubes_dom0/pool00 That makes total sense. Well, I'm glad I didn't screw everything up but now how do I reverse what I have done so I could achieve my goal? How can I "take away" the 100% free space I assigned to root and give it to the whole system? Thanks for all your help and your patience with me. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/XyY4ZVGeaKnYWLiUV-oxi_Lx4OcX-KKkgUT1fLFGB_U9N5Sz-QHGs_sADzyoaGqieV8A88459kMuvWceLKgDlqmTCeHngfGiz25Jx4oV-l4%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] How to split into two gateways
> Try just doing the passthrough first. If you can get the NICS to show up > in `lspci` in the two sys-nets and configure networking so you can ping > out. > > Command to attach the NIC: `qvm-pci attach sys-net2 dom0:`. > > PCI-address can be found in the output of `qvm-pci`. Those are the exact steps I tried but no luck. I have no problem passing the NIC to the gw and it shows up with lspci but it won't acquire an IP. The "funny" thing is that as soon as the sys-net starts the green light goes out on the the NIC. If I issue an `ip addr` command I cannot even see its MAC. I even tried connecting the second NIC to a completely different network and router but made no difference. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/JEL2UbOm3FnbcPLHorIHVP3vjTkyHGCmPE1H2Pm9lQEUVz2PPLKNrv3_1E7OStfcir2xiApqztw0YRcswVugy5RBcjKzqQTCyDvWkmHGc5w%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
sorry, I was a cottonheaded-ninnymuggins. I was supposed to run the lvextend against the /dev/mapper/qubes_dom0-root Now I did it but for some reason the lvs still won't see the full size [@dom0 ~]$ sudo lvextend -l +100%FREE /dev/mapper/qubes_dom0-root WARNING: Sum of all thin volume sizes (3.37 TiB) exceeds the size of thin pool qubes_dom0/pool00 and the size of whole volume group (929.51 GiB)! For thin pool auto extension activation/thin_pool_autoextend_threshold should be below 100. Size of logical volume qubes_dom0/root changed from 557.36 GiB (142683 extents) to 1.09 TiB (285455 extents). Logical volume qubes_dom0/root successfully resized. [@dom0 ~]$ sudo pvs /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of 512 at 998053052416: Input/output error /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of 512 at 998053171200: Input/output error PVVG Fmt Attr PSize PFree /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 qubes_dom0 lvm2 a-- 929.51g 557.70g [@dom0 ~]$ sudo vgs VG #PV #LV #SN Attr VSize VFree qubes_dom0 1 141 0 wz--n- 929.51g 557.70g [Abraham@dom0 ~]$ sudo lvs qubes_dom0/pool00 LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert pool00 qubes_dom0 twi-aotz-- 347.98g 87.05 58.35 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1HtHIEMjJnGhIhTvHWsZA0xr1a-xG6dguWhXLRnZWOsH7KcokFx3LRWkDY5HB57BpH4x96aXg2oU-3TqED_6Dw6r-huAER5_4TZm-prgaYw%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
I've got this far but got stuck (see last output): [@dom0 ~]$ sudo pvs /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of 512 at 998053052416: Input/output error /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of 512 at 998053171200: Input/output error PVVG Fmt Attr PSize PFree /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 qubes_dom0 lvm2 a-- 929.51g 557.70g [@dom0 ~]$ sudo vgs VG #PV #LV #SN Attr VSize VFree qubes_dom0 1 141 0 wz--n- 929.51g 557.70g [@dom0 ~]$ sudo lvs qubes_dom0/pool00 LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert pool00 qubes_dom0 twi-aotz-- 347.98g 87.01 58.34 [@dom0 ~]$ sudo lvextend -l +100%FREE /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 skip_dev_dir: Couldn't split up device name luks-55a20051-8c1a-435e-a1c8-862493f2d576. "/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576": Invalid path for Logical Volume. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2InIBuX0xMCpYIfsn-LBikp2wcacZEUuD6jt6ikbE1bQfTVBGRFfTBf8zEbFpTmqcldd6VY58I1GNfdzC48Gu0kDuBAvVZZHEJ9F1AVEAkM%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Move To a Larger Disk
> i dont fully understand that gparted screenshot, but it looks like > you resized the partition already. > > so whats missing is on one of the LVM layers of the stack. > > check with "pvs", it should list a /dev/mapper/luks-something. > does that PV have the right PSize of 900+ GB? > if not, google: pvresize > > next check with "vgs", it should list a qubes_dom0. > does that vg have the right VSize of 900+ GB? > if not, google: vgextend > > next check with "lvs qubes_dom0/pool00". > does that pool lv have the right LSize of 900+GB? > if not, google: resize lvm thin pool > Thank you for getting back to me. None of the three commands you gave showed 900+GB Now, do I have to do all 3 steps in that specific order to solve the problem? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/zBfdHu6Km0lp0TI23cGvC-7tYSWa6nHJFfL92yhtTU-BfcNv3PY-ase4sLpovR2RWnExl28J-de0A0lwXw8Jv2YaiYgcy5WcmBS4oPAA98U%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] How to split into two gateways
Hey guys, I'm working on my 2nd qubes machine but this task I could never figure out on the first one to begin with. Can someone please tell me if you were able to achieve the following? - Have two NICs handling two separate sys-net - Behind each sys-net their own firewall - behind the firewalls their own set of VMs. I was able to handle the firewall rules and everything else but I cannot make it work to have 2 sys-net each handling a NIC separately. Can someone please tell me step by step how you achieved that? Thanks a bunch Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/Eu0jDbf7v-N2lymh-uLget7fmUNSrq9tiI9Z_KRLVt0ROmb306D9dQefNzg8L21Jbmq-t6XC6SuktToMOs1iPP1Z-7Op2xAqyF1L_lYWjBQ%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] Debian10 - Reading From Proxy Failed
Hey guys, I'm working on my 2nd Qubes machine and this one is giving me a hell of a ride. My debian based templates no longer updating. It did work after the fresh install but during setting things up at some point it stopped. I'm not sure at what step so I couldn't backtrack. Fedora 31 still works but not debian. I tried reinstalling it (`sudo qubes-dom0-update --action=reinstall qubes-template-package-name)`but that made no difference. I tried adding all the Services under settings that had 'proxy' in their name but that didn't work either. Any ideas how to fix it? Please, see outputs below user@debian-10:~$ sudo apt update Err:1 https://deb.qubes-os.org/r4.0/vm buster InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] Err:2 https://deb.debian.org/debian buster InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] Err:3 https://deb.debian.org/debian-security buster/updates InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. W: Failed to fetch https://deb.debian.org/debian/dists/buster/InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] W: Failed to fetch https://deb.debian.org/debian-security/dists/buster/updates/InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] W: Failed to fetch https://deb.qubes-os.org/r4.0/vm/dists/buster/InRelease Reading from proxy failed - read (104: Connection reset by peer) [IP: 127.0.0.1 8082] W: Some index files failed to download. They have been ignored, or old ones used instead. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/oc62lm7GAsIDTbNVTPhIByH3Zz4PWZZCrzxHBnwX7z6Z1cc315hjfupXdDt3OEvHFrFQL9aX_VsRZfjaVTIIY7bDRW5LXKVA6eoQ0dVlYLw%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Weird Windows Install Error
> It's not an uncommon error. > Try the obvious - go in to the qube settings, and change VCPU to Thanks. That helped to install it but I'd like to run it with more than one core. Do you have a solution for that? It's still a BSOD after install if I try to give more than one core. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/MgPdZMXIw1SZfV5Mh2-KfRr1IPWcE6KVQ3v-u5DFLERBmdB8RM0Uz7DdlpHCRmna4tqFoN6eHDDO1NK1OzsWY887usQg80KR1qWwb5Ny2wM%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] Weird Windows Install Error
Hey guys, I've been using Qubes for quite a while now and I'm stoked. I just finished building a second computer for Qubes. (This times it's AMD in case it matters). Everything went perfect but when I tried installing a Windows 10 and a Server 2019 VM both died with BSOD. The error message was: "stop code: windows multiprocessor configuration not supported" Any idea what in the world could cause this? None of the other VMs caused any headache, not even the ones I installed from ISO. Thanks for the help Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CjrSEpagwgTZGW1zGedDtWccsvOR_jnc7Fngem3ofTHGFsCwhQdHDq2xMJDJZYxh9IJyVar9fm0WuRp6SY6LanJrHFtA4mUULOHQGD75TZY%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] Blame Firewall
Hey guys, I ran: `sudo systemd-analyze blame` on my firewall. and this came up: 3min 307ms qubes-firewall.service 3.834s dev-xvda3.device 763ms systemd-logind.service 598ms systemd-udevd.service 399ms qubes-sysinit.service Any idea why the firewall would take 3.5 minutes to load? Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/DOZ-7xjGuBABwCzT9_TA7ugsWhlgul1LhToDQB0ZFCeudWAY8-daOJhLmbwQMhxHoTYd4gFPuhSKFCCz9f-Zy8cLixQFdP9-K5QFoGKaFRA%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Re: Some VMs Stopped Opening Terminal
I don't really understand why but installing `dbus-x11` fixed it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/nX0yuKdi0nSTD3FQCggz8HIKWin3sPoVGT5qGYfgKNUwRzLPevNTi1sDvxVOsauiBcAg1mpFt0bPRqTxv63Nb_KtuIFxiv9GnW_zxFQiM9g%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Re: Some VMs Stopped Opening Terminal
> check the output by adding a -p: > qvm-run -p gnome-terminal > > it might actualy tell you why it does not want to start! > (or it may even work if the reason for not starting is it wanting > to say something...) I hope this means something to you :) # posix_spawn avoided (fd close requested) # Error constructing proxy for org.gnome.Terminal:/org/gnome/Terminal/Factory0: Failed to execute child process ___dbus-launch___ (No such file or directory) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CdAhOTaaT86lrmSygrcy6VNkXdpj1k23DrFa5-CZvGite1zceLKhAF8u0cnGYOEKn8mfImg-C39xQzRbhtsGajKb7ba024ILkoHcHbUQREU%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Re: Some VMs Stopped Opening Terminal
> try either: > `qvm-run xterm` As I mentioned earlier that is working > or > `qvm-run gnome-terminal` that did not work, but this one had a different error code: `Command failed with code: 1` I really don't understand this. There is no rhyme or reason behind what kind of VMs don't work. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/QXtJF3C6taGE1iFDeq3Bv62Xqmr9AoYMsAebBzH0e_AG6_dbq-ZYWsHap5AUv8R8s717Osb7tx1PqOVsE0Q8pbJiQ1HuAGnC-CwpfjTfhBw%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Some VMs Stopped Opening Terminal
> Check your remaining disk space. 9/10 times when I have issues running an > application, it is caused by running out of space. I have plenty of space. > The crucial piece of informatio missing is which VM, and what > templates are they based on? > Do all qubes based on those templates act like this? > If so, most likely the template doesnt know what "Terminal" and "Files" > mean - This will be the case for Debian minimal templates for sure. As of right now two are acting up. One is a standlone VM based on Fedora 31 and the other on is an app VM also Fedora 31. Both worked up until yesterday. There was no updates, no new installs on them. I have other HVMs and app VMs based on Fedora 31 that are still working to make it even more odd -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/hFDtfUuR4ZvGOFDgh_Mch7Wo58L_OwkfI7kxczxdqyWiUGUXPyLBbXO7Fxuw11lAYr-yPaajGe4P-kIjizYn8wy2gChK0KBiPSu3zjgawPw%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] Some VMs Stopped Opening Terminal
Hey guys, Some of my VMs won't open "Terminal", and "Files". If I go to the dom0 terminal and try to run `qvm-run terminal` then I get a `command failed with code: 127` I can still run xterm though. Any ideas as to why and how to fix it? Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fJuKT_hptCBl25HvSijR1SVYAjEx8Y5wvObOFcR_3GfZ91ryXYN8sCqZx3MA2cNoW4B9bpGtb9F4ha66iQwtVCM1msX4CUExOhPn7Gxt55Q%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] QUBES Friendly Version
You use systems if you use almost any flavor of Linux. The systemd is a process that controls so many things on a system that some people joke about it being a second operating system on top of the Linux kernel. The "security hazard" part comes from the sheer complexity of that code, because it is hard to verify and audit the a system. > Just like the old init scripts used to do, systemd basically controls the > startup, initialization, and then manages many daemons behind the scenes. You > have to just trust that it is going to do the right thing under any > particular circumstance. > > If a rogue actor changed your configuration it could be difficult to detect > in some cases. Gaining a persistent foothold on your system would be a common > goal for an adversary and system gives them several ways to do that. > > Qubes however uses a read-only system volume so simply adding extra processes > to your system is rather difficult to do by using systemd. They really need > either dom0 or template access to do this. Steve, Though this topic did not pertain to me but I just wanted to command you for your thoughtful response. Some IT folks can be absolute jerks many times. When someone has a question they respond with a crude, abrupt, uncalled for attitude. Like: "google it", or "use the man pages", or emphasizing that this it just a "basic linux" question. I see that here also sometimes and it really gets under my skin. There is one specific user doing it often but I won't call out names. All that does it makes the person not to want to ask questions and feel like a complete idiot. I just honestly want to thank you for taking the time and responding to this question in such a postive manner! Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/M9NcjR-bHKkS2vRFowGZdPlUgQXYD5TvBOMUhNN4XLX5kWX5eIn-EMUgWb9o5n7Yvj-DMHL2ioEIzy26kbmrdoEaNXiVho5uVyCPzY46qBg%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Dividing Qubes Into Separate Networks (FAILED)
> > Hello. I have a similar setup but without a VLAN - never been a fan. I have a > 4-port pfsense router (community edition on a Protectli appliance), a couple > of small unmanaged switches and a couple of ubiquiti APs. I cloned sys-net & > sys-firewall to, say, sys-net-play & sys-firewall-play. > > My Qubes box has 2 wired NICs - one is assigned the default network, the > other play. I added a new DHCP scope to the pfsense for play (typical > consumer class c), tossed a couple of firewall rules on the pfsense box for > both subnets to prevent traffic between them. Each LAN has its own switch and > AP. > > From my Qubes box, I can assign either network to any VM. In fact, I do just > that to remote control some hobby gear I have on the play net. > > I am wondering it you might need to use two wired NICs. > > DG > I also have an almost identical setup. I wanted to do what you were attempting (Zsolt) but had the same outcome so I quit trying . I thought it's not possible. I tried following this old article but the commands did no longer work the same way https://blog.invisiblethings.org/2011/09/28/playing-with-qubes-networking-for-fun.html I am not sure if your goal is feasible at all. It didn't work for me but I am fairly new to Linux so actually don't listen to me lol :) I have the quad port commercial pfsense netgate appliance but I only use an unmanaged switch unlike your unifi. I could not make the VLAN work. I ended up just having 1 sys-net and separate everything with two firewalls and can chose on each VM which route to take similar to what DG was saying. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/vJaU6dX1Zkc3SjX0EDCoe7QltXRINfCPUqlmF-IdTMqmLhUaDME2QbK1uoXbAxb-JehfXTpoLt3LJGzPAdv0M6bl3JWD8X0nZAgm-qTOv50%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] How to bridge a subnet ot the firewall
> > > you are simply sniffing the wrong side of the SPS. > > > sniff the downstream interface(s) instead of upstream. > > > wouldn't a tcpdump -i eth0 sniff rx tx? > > You will get the NAT'd addresses with this. You want to listen on the > vif* addresses. Thank you. That worked. I appreciate your help. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/zWkkDrKlwinjQ-vObRkpVx7zUm01UJqkHE7Noj3qo3SSWj8kyILl4riZfGONdiCjHW6Z-5pOnAVgNLqbNQkTwZ5oPNAkGtItutNIUkUrRq8%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] How to bridge a subnet ot the firewall
> you are simply sniffing the wrong side of the SPS. > sniff the downstream interface(s) instead of upstream. wouldn't a tcpdump -i eth0 sniff rx tx? I see all external IPs it is reaching out but any hosts below the SPS shows as if the traffic is coming from the SPS. > this is basic linux networking. > read some primer on "linux as a router" or so. It's very educational to know that this is basic networking. Thakn you for that. If it is so trivial it must a few easy commands. Could you please provide them? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/yRKeotRCLxEP-r1CkyDBkzEvGT9t237s4a0WLrB3Ylq5WDUnPwf7lUfhD3KP457g5b-ijN57BoroKwm4PswZvjp9UDeiBkrGhH7PcU3hawY%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
[qubes-users] How to bridge a subnet ot the firewall
Hey guys, My setup is sys-net <--> firewall <--> Special Purpose Server (SPS) <--> open subnet of qubes I setup the SPS to capture and analyze traffic. When I created the VM I marked "provides networking" so any other VM behind can connect to it and can get out to the internet. My problem is that I don't see their individual IP addresses in the capture just a NAT'd address of SPS's eth0. I supposed I have to create a bridge somehow but that's way beyond my skills. Could one of you geniuses please help me with a detailed walk through? Thanks a bunch, Matt -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ArJPlYWgVU0GpW8nQXnb3bRuJjJlWMV0bamRYWrqGNqCJeFizTUL4NrDlEQGbGD2Tc5KbL1I99vUSK3x1DyJvE1Ome2zZUXYxN1DFnKVjL8%3D%40pm.me. publickey - mattdrez@pm.me - 0x8196D0F4.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature