Re: [qubes-users] 4.2 issue with pam_sss.so

https://github.com/QubesOS/qubes-issues/issues/8595 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this

Re: [qubes-users] DNS -- good practice ?

Hi Bernhard, nice to see you're still around. :-) I hadn't seen you active for a long time, probably I just don't know your nick on the forum. And I ignore if TOR does use "cross checking requests" to detect manipulation? The question of " best practice " seems non-trivial to me. Setting up a

Re: [qubes-users] T530 vs T430

Yes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit

Re: [qubes-users] Qube-Firewall: How to handle changing IPs?

I mentioned DNS pinning in the very end and posted a working solution there as well. I personally use it since about back then. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it,

Re: [qubes-users] qubes update -- how to hold an old kernel ??

On 8/5/22 17:00, Peter Palensky wrote: Update: I can use newer kernels if I remove device "Realtek Semiconductor Co., Ltd. RTS525A PCI Express Card Reader" from sys-usb VM. If it _is_ attached to that VM, the entire computer crashes upon sys-usb start (when newer kernels are in use, it is fine

Re: [qubes-users] Qube-Firewall: How to handle changing IPs?

See [1]. It happens less often than one might think though. [1] https://github.com/QubesOS/qubes-issues/issues/5225 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email

Re: [qubes-users] dvm considerably slower on R4.1

You can see your pool driver by executing `qvm-pool`. And the latest version of my scripts will always be available at [1]. Btw somehow one gets used to the worse performance after a while... [1] https://github.com/3hhh/qubes-performance Mine currently looks like this: Qubes release 4.1

Re: [qubes-users] dvm considerably slower on R4.1

There can be multiple reasons for a slower 4.1 experience. Known ones are: 1. CPU runs at ~800 MHz or so [1] 2. You're a file pool user. File pools were serialized in 4.1, likely dropping their performance by ~30-50%. [2] 3. Possibly further issues in 4.1 [2]. [1]

Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates

You did not, perchance, find a way to run the darn `setupwfc` script without user interaction/using the defaults? No, I didn't salt the home install. However usually you can emulate user input via echo "y"$'\n'"n" | someprog. Otherwise there's also programs for that (I've never tried them).

Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates

A related question: howto transfer a binary file (like the citrix tarball) to dom0 for integration into the salt setup? the `qvm-run` and `cat`-based version in the docs does not work in this case. Just pack it into one *.tar.gz and then use the qvm-run cat commands to transfer it from the

Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates

And the last time I tried Citrix on Qubes, I just installed it to the home directory (there was a tarball for download IIRC). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send

Re: [qubes-users] Strategy Question: salt & installation of 3rd party software from web scraped URL - impossible in no-web templates

How would you go about this? Just manual downloading the rpm and installing it into the template does the trick, but I'd vastly prefer a salty solution. I tend to download it once, store it with my salt stuff and install it via salt. This also avoids untrusted download issues / limits them to

Re: [qubes-users] xrandr often coredumps

This usually is your screensaver failing to activate after an idle timeout. It was mentioned on the other forum a few times already. Not sure whether it's a Qubes bug, probably more a xrandr bug which affects the security of Qubes users. -- You received this message because you are subscribed

Re: [qubes-users] Default firewall configuration for dns/icmp of VMs with restricted access

Btw I still consider this hideous firewall GUI an anti-feature and would wholeheartedly support anyone complaining about it at qubes-issues. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving

Re: [qubes-users] sys-net dispVM forgetting wifi passwords

On 12/2/21 8:35 AM, 'Rune Philosof' via qubes-users wrote: I have installed 4.1rc2 and chose a disposable sys-net, because I could think of a reason not to. But now that I have to type in the wifi password again and again, I know a reason to not choose dispVM for sys-net. Use a dedicated

Re: [qubes-users] Disposable VMs starting with a QubesIncoming folder

On 5/1/21 11:13 AM, TheGardner wrote: Since several days all my disposable VMs starting with a QubesIncoming folder (w/a personal folder and three files inside). Guess I accidentially moved these files to whonix- ws-15-dvm during a previous Move-to-vm command. Question now is: how can someone

Re: [qubes-users] Recover data from 'private-cow.img'

On 4/17/21 11:03 PM, Stickstoff wrote: Hello everyone, I lost a somewhat important file from a software crash in an appvm. Within the VM, I couldn't find a way to recover it. I copied the appvm filesystem containers ('private.img', 'private-cow.img', 'private-cow.img.old'). As I understand it,

[qubes-users] Re: ANN: Qubes arbitrary network topology

On 3/16/21 5:26 PM, Manuel Amador (Rudd-O) wrote: Hello, folks!  I'm here to share this: https://github.com/Rudd-O/qubes-arbitrary-network-topology This software lets you turn your Qubes OS 4.0 machine into an arbitrary network

[qubes-users] Re: "Improvements in testing and building: GitLab CI and reproducible builds" by Marek Marczykowski-Górecki

This is good stuff. Thanks to you guys and to Mozilla for funding it! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com.

Re: [qubes-users] What is the latest version of Qubes (on 23 February 2021)

On 2/23/21 12:58 PM, load...@gmail.com wrote: *So could anybody tell me is this the latest version of Qubes OS or something happened with my update process?* The packages you mentioned are all pretty dated. Actually I had a similar issue a few months back when I noticed that Qubes OS wasn't

Re: [qubes-users] customizing Firefox in disp-vms

On 1/29/21 7:27 PM, Sven Semmler wrote: On 1/29/21 3:58 AM, Josefa Hays wrote: I use dispvm's all the time (both Fedora and Debian dispvms). Thus, I am quite annoyed to see varios "first run" issues every time i start Firefox in a disp-vm. I would like to perform the following changes in the

Re: [qubes-users] Re: wireguard anti leak

On 1/17/21 11:38 PM, evado...@gmail.com wrote: Seems it works with rules below. Is it enough to prevent all leaks? Openvpn has more rules or other rules only drop traffic from proxyvm? Should I worry about this traffic? Is it the way to block it like openvpn solution from docs do for wireguard?

Re: [qubes-users] Re: High dom0 CPU usage by qubesd

Hi Vit, * I have many VMs in my computer. * I use i3 with qubes-i3status * The script qubes-i3status calls command qvm-ls --no-spinner --raw-data --fields NAME,FLAGS quite frequently. * The command qvm-ls --no-spinner --raw-data --fields NAME,FLAGS seems to cause high CPU load. Unfortunately,

Re: [qubes-users] New qubes private storage not LVM anymore

On 1/11/21 3:40 PM, the2nd wrote: Hi all, for some reason my Qubes OS does create new qubes with private storage on pool "varlibqubes" instead of lvm. It was working before but i dont know the reason why the behaviour changed. Maybe you accidentally changed the default_pool setting? Check

Re: [qubes-users] Q: attaching a partition to a VM vs. attaching the whole disk

On 1/3/21 3:53 PM, unman wrote: On Sat, Jan 02, 2021 at 06:18:52PM +0100, Ulrich Windl wrote: Hi! I have an effect I'm wondering about: May USB stick has partitions on it, one being FAT having a KeePass DB in it. When I attach that partition to a VM (eg. vault) and try to access the partition,

Re: [qubes-users] wireless " intruder "

On 1/3/21 12:43 PM, haaber wrote: In particular: How can I log packets while scannning? If mirage died due to incoming packets, you should see the offensive payload with e.g. wireshark. The attack couldn't be on a lower layer as that is handled by your wifi driver in sys-net only. In

Re: [qubes-users] wireless " intruder "

On 1/3/21 12:43 PM, haaber wrote: Hello, I have a intriguing problem, partially qubes-related. I have a "intruder" in my wifi network. I have no idea how to physically localise that offensive antenna, but that is not a qubes subject (if you have any ideas, they are welcome!). Of course I can

Re: [qubes-users] Q: Kernel being used in VM

On 12/21/20 1:45 PM, Mike Keehan wrote: On 12/21/20 12:23 AM, Ulrich Windl wrote: Hi! I wonder: What sense is in updating the kernel in a VM (e.g. fedora-32) when that kernel isn't used when booting the VM? It's only for standalone VMs IIRC. Uninstalling them shouldn't hurt if you don't

Re: [qubes-users] Using Qubes base Salt pillar in user_salt?

On 12/16/20 9:41 AM, Vasilis wrote: When using the Salt user configuration located in '/srv/user_salt' what is the best way to use the Qubes specific pillars located (for this example) in '/srv/salt/_pillar'? The below script should give you the idea how to do it: #!/bin/bash # # Run the

Re: [qubes-users] Unable to get VPN to ping out. Unable to set up ProxyVM as sys-vpn

On 11/29/20 12:09 PM, David Hobach wrote: On 11/28/20 9:26 PM, setemera...@posteo.net wrote: Documentation followed: http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-iptables-and-cli-scripts Someone please help me, I'm

Re: [qubes-users] Unable to get VPN to ping out. Unable to set up ProxyVM as sys-vpn

On 11/28/20 9:26 PM, setemera...@posteo.net wrote: Documentation followed: http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-iptables-and-cli-scripts Someone please help me, I'm fucking screaming here every time I try to

Re: [qubes-users] Qubes Awesome WM - Gaps not working

On 11/25/20 12:15 PM, Hayden Llowarch wrote: Hi All, Has anyone got gaps work on the awesome window manager? I have tried beautiful.useless_gaps = 5 In the rc.lua file And Themes.useless_gaps = 5 In the themes.lua file Everything I’ve read says this should work, but its not? It's probably

Re: [qubes-users] screenlock keycombinations

On 10/27/20 2:37 PM, evado...@gmail.com wrote: Qubes by default protected from this key combinations? Backdoor #1: Ctrl-Alt-Backspace. This keystroke kills the X server, and on some systems, leaves you at a text console. If the user launched X11 manually, that text console will still be

Re: [qubes-users] Re: saltstack: user specific pillars in qubes

On 10/20/20 9:06 PM, David Hobach wrote: Thank you very much! I also got this running, thanks! However when I run qubesctl --all --show-output state.highstate saltenv=user I get for my states: State 'qvm.present' was not found in SLS 'mysls' Reason: 'qvm.present' is not available. I guess

Re: [qubes-users] Re: saltstack: user specific pillars in qubes

On 10/20/20 6:22 PM, David Hobach wrote: On 9/13/20 6:57 PM, lik...@gmx.de wrote: OK, it might have been better if you had NOT modified my example, as you should then have been able to verify that user pillars can be referenced in this way. I always find it better to take one small step

Re: [qubes-users] Re: saltstack: user specific pillars in qubes

On 9/13/20 6:57 PM, lik...@gmx.de wrote: OK, it might have been better if you had NOT modified my example, as you should then have been able to verify that user pillars can be referenced in this way. I always find it better to take one small step at a time when troubleshooting or trying to

Re: [qubes-users] Re: attach encrypted usb drive as block?

On 8/24/20 7:34 PM, 'Ryan Tate' via qubes-users wrote: Ryan Tate writes: If I attach as a block device, first it doesn't show up in nautilus. Actually, I found that for some reason as a block device it shows up under "Other Locations" in the nautilus sidebar. Once I navigate there all

Re: [qubes-users] Can someone help me---again?

On 8/1/20 1:00 AM, bob ruff wrote: Someone helped me install Qubes a couple of years ago. I just started learning it when I was interrupted--for 2 years. Now dom0 is reporting update expired 455 days ago. Do I need to reinstall Qubes to do updates etc.? 2 years ago there was 3.2; the current

Re: [qubes-users] safely remove yum from debian tempate?

On 6/28/20 11:23 PM, Dave C wrote: I'd like to sudo apt remove yum because the yum files in /etc/bash_completion.d/ break things for fossil (autocomplete appends a space instead of slash after directories when running fossil). However, apt warns the following: The following packages will be

Re: [qubes-users] Re: Qubes OS & 3mdeb minisummit 2020

On 5/28/20 10:12 AM, Camille wrote: edit: all the recordings will be available on 3mdeb youtube channel :) Thanks for that, much appreciated! -- You received this message because you are subscribed to the Google Groups "qubes-users"

Re: [qubes-users] Qubes OS & 3mdeb minisummit 2020

On 5/27/20 5:25 PM, Camille wrote: Hi, Just short info about official *Qubes OS and 3mdeb minisummit 2020*, where qubes and coreboot core developers will discuss status fwupd/LVFS support for Qubes, SRTM and DTRM for Qubes, Anti Evil Maid for Intel coreboot-based platform, Anti-Evil-Maid

Re: [qubes-users] How to mount App-VMs from Outside qubes

On 5/1/20 6:53 PM, dhorf-hfref.4a288...@hashmail.org wrote: On Fri, May 01, 2020 at 06:18:10PM +0200, Dieter wrote: I tried accessing data on an old qubes (3.2) drive that doesnt boot However after decryption I only see the lvms "qubes_dom0-swap" and "qubes_dom0-root" reading from dom0 is

Re: [qubes-users] Constant firefox crashes because of Qubes shared memory

On 4/25/20 12:53 PM, David Hobach wrote: On 4/25/20 3:00 AM, Guerlan wrote: I started having constant firefox crashes on my debian9 Qube. I sent the crash reports to firefox and the said that the problem occurs because of the shared memory configuration of Qubes, but he don't know how it's

Re: [qubes-users] Constant firefox crashes because of Qubes shared memory

On 4/25/20 3:00 AM, Guerlan wrote: I started having constant firefox crashes on my debian9 Qube. I sent the crash reports to firefox and the said that the problem occurs because of the shared memory configuration of Qubes, but he don't know how it's configured. Can somebody help me fixing this?

Re: [qubes-users] Creating ones own Insurgo

On 4/15/20 6:05 PM, Catacombs wrote: I purchased a refurbished Lenovo X 230 Core I5, 4 GB RAM, and a spinning hard drive, Windows 7 Pro for $228.00. I ordered 16 GB RAM for about a hundred dollars. I thought the RAM would be less expensive. My first mistake was to raise the BIOS/EFI to 2.77.

Re: [qubes-users] CentOS Template: Run with native kernel

On 4/6/20 3:34 PM, donoban wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2020-03-13 13:37, David Hobach wrote: Dear all, I tried to run the CentOS template with its own kernel (qvm-prefs vm kernel '') in HVM mode, but so far it refuses to start and I always get the following error

Re: [qubes-users] Firefox discontinues addon sideloading

Fyi: It seems that even with Firefox 74 addon updating via sideloading still works. Initial installation probably doesn't. I don't get that latter point as the initial installation did generate a popup ("Do you want to activate the newly installed addon XYZ?") even before 74, but oh

[qubes-users] CentOS Template: Run with native kernel

Dear all, I tried to run the CentOS template with its own kernel (qvm-prefs vm kernel '') in HVM mode, but so far it refuses to start and I always get the following error: [ 11.073799] blkfront: xvdc: flush diskcache: enabled; persistent grants: enabled; indirect descriptors: enabled; [

Re: [qubes-users] Mounting directories across VMs (losetup/block device solution for directories)?

On 2/28/20 2:40 PM, Johannes Graumann wrote: On 2020-02-27 20:32, David Hobach wrote: On 2/26/20 10:23 PM, Johannes Graumann wrote: Hi, I'm experimenting with creating a sys-dropbox vm that syncs with my dropbox account. I would love to be able to then mount defined subdirectories

Re: [qubes-users] Mounting directories across VMs (losetup/block device solution for directories)?

On 2/26/20 10:23 PM, Johannes Graumann wrote: > Hi, > I'm experimenting with creating a sys-dropbox vm that syncs with my > dropbox account. I would love to be able to then mount defined > subdirectories of the synced path to other vms (losetop/qvm-block- > style, which only works for files). >

Re: [qubes-users] MAC Address Anonymization and NetworkManager Compatibility

On 2/26/20 7:12 AM, 'sf0IqXUyNLTP22nB3Lpt' via qubes-users wrote: I have recently set up a vpn gateway qube according to the instructions as listed [here](https://www.qubes-os.org/doc/vpn/). I have now gone to set up the MAC Anonymization and have a question and a problem both. Firstly the

Re: [qubes-users] Scary Systemd Security Report

On 2/14/20 4:01 AM, Chris Laprise wrote: That's odd. I use a regular debian-10 template for most things and exim4* removal only takes out 2 other exim packages. Yes, they apparently put some effort into removing useless dependencies between debian 9 and 10. E.g. gnome-keyring can also be

Re: [qubes-users] Using Single External Storage Device with Multiple VMs

On 2/3/20 7:12 PM, Chris Laprise wrote: BTW, have you thought about a threat model where the whole disk uses a single encryption key and partitions exist on top of that... and the possibility that a compromised sys-usb copies some of the blocks from other partitions into the partition of a

Re: [qubes-users] Using Single External Storage Device with Multiple VMs

On 2/2/20 12:40 AM, Chris Laprise wrote: On 2/1/20 4:12 PM, curiouscuri...@mailbox.org wrote: To remain secure, must one use a different external storage devices per VM / security domain? Can one use a single external storage devices to store files from multiple VMs securely, and if so, how?

Re: [qubes-users] Firefox discontinues addon sideloading

On 1/31/20 11:15 PM, Claudia wrote: > January 28, 2020 7:09 PM, "David Hobach" wrote: > >> Dear all, >> >> apparently Mozilla decided to discontinue that feature [1] without providing a lot of alternatives >> [2]. >> >> It was quite useful in

Re: [qubes-users] dom0 refusing to update

On 2/1/20 2:36 AM, tetrahedra via qubes-users wrote: > I could just create the cache directory, but there's probably something > more fundamentally wrong: > > $ sudo qubes-dom0-update > --> Running transaction check > ---> Package anaconda-core.x86_64 1000:25.20.9-17.fc25 will be installed > --->

[qubes-users] Firefox discontinues addon sideloading

Dear all, apparently Mozilla decided to discontinue that feature [1] without providing a lot of alternatives [2]. It was quite useful in the past to update addons inside Qubes OS template VMs by downloading them to another VM and pass them to the template VM without having to start firefox

Re: [qubes-users] Qubes OS 4.0.3-rc1 has been released!

On 1/15/20 12:59 PM, Andrew David Wong wrote: Shortly after the announcement of 4.0.2 [1], a bug [2] was discovered in the dom0 kernel included in that release. Since the bug would have presented installation problems for the majority of users. That bug has now been fixed, along with a few

Re: [qubes-users] How do vif-route-qubes and DNS forwarding work?

On 1/15/20 3:44 AM, tetrahedra via qubes-users wrote: On Tue, Jan 14, 2020 at 04:46:16PM +0100, David Hobach wrote: You'll find the explanations in the respective iptables and/or nftables rules of the next hop networking VM. What do you mean by "next hop networking VM"? Most

Re: [qubes-users] How do vif-route-qubes and DNS forwarding work?

On 1/14/20 2:01 PM, tetrahedra via qubes-users wrote: (originally sent to qubes-devel, but I guess failed moderation) I can't quite tell from the source code -- when / where / how does it run? Is it used to change routing on sys-net, or is it used to set routing in other VMs so they work with

Re: [qubes-users] Re: Qubes 4 boot stuck at: "[ OK ] Reached target Basic System. "

On 1/5/20 1:59 AM, cyber.citi...@tutanota.com wrote: I'm resurrecting this thread to report that I was affected by this problem. I hope a solution will be implemented soon because it takes me the better part of a day to restore my system, and that's a lot of time to lose to an unpredictable

Re: [qubes-users] Renesas uPD720202 uPD720201 usb controllers

On 1/10/20 10:27 AM, David Hobach wrote: On 1/9/20 3:27 PM, David Hobach wrote: https://mjott.de/blog/881-renesas-usb-3-0-controllers-vs-linux/ I tested that after passing the device to a VM via IOMMU. It did work and even survived a reboot (without power off though). Disadvantage here

Re: [qubes-users] Renesas uPD720202 uPD720201 usb controllers

On 1/9/20 3:27 PM, David Hobach wrote: https://mjott.de/blog/881-renesas-usb-3-0-controllers-vs-linux/ I tested that after passing the device to a VM via IOMMU. It did work and even survived a reboot (without power off though). I found the firmware inside an extractable executable (7z

Re: [qubes-users] Renesas uPD720202 uPD720201 usb controllers

On 1/7/20 11:58 PM, Steve Coleman wrote: A number of months ago I was happily backing up my system at home using my sys-usb with a dedicated USB controller that worked right out of the box. I didn't need any drivers or anything special. It just worked. Then something happened, likely during

Re: [qubes-users] No connection to qubes-guid

On 12/28/19 8:15 PM, David Hobach wrote: Dear all, I recently had a few boots where Qubes OS didn't start any /usr/bin/qubes-guid processes. All VMs did start as usual, but the GUI wasn't available. The logs didn't show anything (journalctl & VM log) except for the guid log which

[qubes-users] No connection to qubes-guid

Dear all, I recently had a few boots where Qubes OS didn't start any /usr/bin/qubes-guid processes. All VMs did start as usual, but the GUI wasn't available. The logs didn't show anything (journalctl & VM log) except for the guid log which said: "Failed to connect to gui-agent". Did

Re: [qubes-users] Re: How do I attach a hard drive to a VM on boot?

On 12/13/19 8:33 PM, billol...@gmail.com wrote: No, it's been consistent for a few weeks now, so I'm not going to worry about it. I did find another way to screw up, though. I attached the drive persistently to my "untrusted" VM, and then put the mount in /etc/fstab in the debian-10 template,

Re: [qubes-users] Mike's emails

On 12/13/19 3:34 AM, tetrahedra via qubes-users wrote: On Thu, Dec 12, 2019 at 05:23:47PM +, Mike Keehan wrote: Qubes won't help in this situation - see https://www.qubes-os.org/doc/disposablevm/#disposablevms-and-local-forensics They recommend using Tails for this type of situation.

Re: [qubes-users] Re: How do I attach a hard drive to a VM on boot?

On 12/12/19 8:46 PM, billol...@gmail.com wrote: Doh. I just noticed the "noauto" option. Sigh. Deleted it and it works fine. The only remaining problem here might be that /dev/sda3 doesn't reference the same drive on each dom0 boot process... So you'd have to write a udev rule for that.

Re: [qubes-users] Help sending multiple files using qrexec

On 12/5/19 3:28 AM, pr...@tutanota.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I should have mentioned that this was part of a bigger script, using qvm-copy would have required me to also pass along the qube name, so I could then cd to the correct QubesIncoming directory. Keeping

Re: [qubes-users] DNS propagation in Qubes

On 10/27/19 6:33 AM, gas...@gmail.com wrote: Is there a clear guide of how to set up a DNS VM in Qubes OS? I tried setting up dnsmasq in the VPN VM behind sys-firewall, both with NetworkManager and as a standalone service. It didn't work. I also tried on another VM behind the VPN VM. All I

Re: [qubes-users] Customizing Firefox in dispVMs

On 10/11/19 5:23 PM, unman wrote: On Fri, Oct 11, 2019 at 03:04:16PM +, 'Totally Zoid' via qubes-users wrote: Hello Is there a definite way to customize the default Firefox install in the DispVMs without launching it first in the TemplateVM (which I don't want to do for obvious

Re: [qubes-users] With 4K monitor, if screen goes blank, mouse clicks don't work in VMs

On 9/29/19 7:12 PM, 'Micah Lee' via qubes-users wrote: On 2019-09-24 18:21, Michael Siepmann wrote: I've read and followed the instructions on https://www.qubes-os.org/doc/gui-configuration/ but the problem I'm having is different. Here's what happens: 1. I'm using VMs on a 4K monitor

Re: [qubes-users] slightly off-topic: self-resetting OS idea

On 8/26/19 10:24 AM, panina wrote: Hi! This is not strictly Qubes-OS related, rather inspired by Qubes. I've been struggling with some parts of Qubes usage. Most of the time, it is overkill for me, and putting some strain on my computer. The bugginess is also quite annoying, whenever I just

Re: [qubes-users] Qubes does not recover from crashed X11 (related to shmoverride and GUID)

On 8/21/19 11:59 PM, Vít Šesták wrote: Hello, sometimes, Intel driver makes my X11 crash (see X11-crash.log). It happens usually when I rotate the screen, but also sometimes without any apparent reason. I can usually replicate in a minute by rotating the screen like crazy. Note that this

Re: [qubes-users] firewall rules by domainname

On 7/16/19 11:21 AM, haaber wrote: Hello, entering IP adresses in the firewall restriction list can be a a lengthy and unpleasant exercise. If your admin-VM should only be able access your bank, whose webpage loads various data over JS encapsulated subdomains, it can take a long while to make

Re: [qubes-users] Use different DVM templates from same AppVM

On 7/15/19 11:13 AM, mittend...@digitrace.de wrote: Hey, it is so nice to have different DVM-templates now! But: Is it possible to start a non-default DVM from within an AppVM? I have different DVMs for web browsing, intranet browsing and printing. It would be comfortable If I would not

Re: [qubes-users] Qubes OS 4.0.2-rc1 has been released!

On 7/10/19 3:52 AM, Andrew David Wong wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear Qubes Community, We're pleased to announce the first release candidate for Qubes 4.0.2! Features:   - All 4.0 dom0 updates to date   - Fedora 30 TemplateVM   - Debian 10 TemplateVM   - Whonix 15

Re: [qubes-users] VPN before sys-firewall ?

On 7/10/19 8:45 AM, Luc libaweb wrote: Le mardi 9 juillet 2019 23:22:23 UTC+2, Chris Laprise a écrit : On 7/9/19 4:49 PM, Luc libaweb wrote: Hello, I read lot of things about VPN in Qubes OS. I have mount a standalone VM with client VPN installed. This VPN VM connect to the network with

Re: [qubes-users] Convenient untrusted storage for Qubes OS: qcrypt & qcryptd

On 6/20/19 8:12 PM, Chris Laprise wrote: This could be an improvement over the scripts I use to mount backup volumes in dom0. One hope that popped into my mind as soon as I saw this post is for some kind of automatic teardown to address this: > but shutting down the mediator-vm during the

[qubes-users] Convenient untrusted storage for Qubes OS: qcrypt & qcryptd

Dear all, Qubes OS has always provided the basic tools to accomplish encrypted storage devices, namely qvm-block [1] and cryptsetup [2]. However the combination is neither self-explanatory nor convenient for users who come from Operating Systems which provide "plug & play" for most devices.

Re: [qubes-users] How to sync files from a file as block device attached to another qube?

On 6/2/19 6:03 PM, 'SideRealiq' via qubes-users wrote: If I create a loopback device in vm1 and attach it to vm2, any changes in vm1 device are not reflected in the attached vm2 device. Why is that and how can they be reflected/synced? Here is my test code: # in vm1 sudo losetup -f --show

Re: [qubes-users] How to automate cloud backups of trusted vault files?

On 5/27/19 3:05 PM, David Hobach wrote: On 5/27/19 12:52 PM, 'Side Realiq' via qubes-users wrote: How to automate backups of files from a very trusted vault to the cloud? What are some best practices for that? My current issue is that the files in the trusted vault do not have internet

Re: [qubes-users] How to tag a VM?

On 5/27/19 2:24 PM, 'Side Realiq' via qubes-users wrote: According to the RPC Policy https://www.qubes-os.org/doc/rpc-policy/ VMs can be "tagged". How? I cannot find tags in the Qube Manager. Please check `man qvm-tags` in dom0. -- You received this message because you are subscribed to

Re: [qubes-users] How to automate cloud backups of trusted vault files?

On 5/27/19 12:52 PM, 'Side Realiq' via qubes-users wrote: How to automate backups of files from a very trusted vault to the cloud? What are some best practices for that? My current issue is that the files in the trusted vault do not have internet connection, so the cloud backup software

Re: [qubes-users] Re: Qubes - Critique (long)

On 5/10/19 8:09 PM, Chris Laprise wrote: On 5/10/19 12:16 PM, Marc Griffiths wrote: My experience of installing on a Lenovo Yoga 720 was seamless, everything worked including the touch screen. However, I experienced a lot of random browser crashing. Chromium dead birds on a fairly regular

Re: [qubes-users] Spontaneous rebooting

On 4/18/19 12:52 AM, Michael Siepmann wrote: I dont see this on any machine, including long running desktops. Is it possible that you are suffering from over-heating? That would account for symptoms. I'm now monitoring temperatures with the "sensors" command in a dom0 terminal and although the

Re: [qubes-users] Spontaneous rebooting

On 4/13/19 8:29 PM, brendan.h...@gmail.com wrote: There are some discussions in qubes-issues on github about torbrowser causing 100% cpu while idle, yet appearing to mostly work ok. Running a couple VMs with that bug might cause an overheat reboot on some systems... No Intel AMT

Re: [qubes-users] Spontaneous rebooting

On 4/12/19 5:24 PM, Michael Siepmann wrote: On 8/10/18 12:37 PM, Kelly Dean wrote: Am I the only one having a problem with Qubes spontaneously rebooting on Intel hardware? Only other reports I see are about AMD problems, but I'm using an Intel Core i3. Happens every few weeks. Sometimes

Re: [qubes-users] Re: ThinkPad X270 USB C/Thunderbolt USB C type and docking station Qubes 4.0

You're doing all this, BTW, because rather than supporting Thunderbolt and PCIe hotplug (which are usually protected by that device authorization you have to disable), Qubes is trying to protect users with FireWire and ExpressCard that are fundamentally insecure. I hope those extra 4 times a

Re: [qubes-users] ThinkPad X270 USB C/Thunderbolt USB C type and docking station Qubes 4.0

On 3/20/19 1:33 PM, aaq via qubes-users wrote: Hello qubes users! I currently acquired this dock (https://www.dell.com/en-us/shop/dell-business-thunderbolt-dock-tb16-with-240w-adapter/apd/452-bcnu/pc-accessories), and tried to connect it with my laptop, but it does not seem to work. I have

Re: [qubes-users] Logging Drop Packets

On 3/9/19 2:58 AM, unman wrote: On Fri, Mar 08, 2019 at 08:07:46PM +0100, Zrubi wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 3/8/19 3:28 PM, cmsch...@gmail.com wrote: I'm trying to setup an appvm like this: appvm -> appvm_firewall -> vpn -> vpn_firewall -> sys-net I want to

Re: [qubes-users] where/how does dom0 gets its icons?

On 3/1/19 8:54 PM, Daniel Allcock wrote: Hello, I would like to understand what to do to customize the icons that appear in the Q menu for template and app vms. The only way I have found that works is to overwrite icon files in /usr/share/icons/Adwaita/* in the template vm. In dom0 it is easy:

Re: [qubes-users] [warn] last whonix-gw update, ipv6 and possible VPN leak!

On 2/15/19 10:14 PM, 'Evastar' via qubes-users wrote: Seems after last whonix update my old VPN VM begin leaking traffic. After investigation I found that it's because ipv6 primary connection to whonix-gw. I guess that whonix-gw now supporting ipv6. It leak traffic through ipv6 connection to

[qubes-users] ANN: blib - a bash library

Dear all, I recently released blib [1], a bash library which also aims to be useful for Qubes OS bash developers. The documentation can be found at [2], the Qubes specific part at [3]. A short example of what it can do: --- #!/bin/bash source blib b_import

Re: [qubes-users] old version of xscreensaver

On 1/4/19 9:24 AM, Frédéric Pierret wrote: On 1/4/19 1:51 AM, unman wrote: On Fri, Jan 04, 2019 at 12:03:49AM +0100, Frédéric Pierret wrote: We built the upstream package of xscreensaver in current-testing for both Qubes 3.2 and 4.0. Welcome back to XFCE Chris :D ! On 1/3/19 11:56 PM, Chris

Re: [qubes-users] Error when trying to add a lot of firewall rules

On 1/2/19 4:34 AM, qubes-users-list - wrote: Ah! I reread the docs, and it mentions a size limit 3k/~35-39 rules. So I suspect that I'm hitting this limit. I was getting the error right in that range. Thank you for pointing me at that. The docs point out rightly that I can just put rules in

Re: [qubes-users] Re: dom0 error

On 12/18/18 7:28 PM, cooloutac wrote: On Sunday, December 16, 2018 at 8:13:52 AM UTC-5, Roy Bernat wrote: while trying to update dom0 getting error sys-firewall command failed with code 1 Roy I'm getting the same thing. Updates go through but just wondering why the error and if it should

Re: [qubes-users] Re: R4.0: sys-net, sys-firewall and other network VM(s) forced to always be on

On 12/13/18 8:10 PM, mike wrote: On Thursday, December 13, 2018 at 2:52:06 AM UTC+2, reby wrote: IIRC sys-net sometimes can be stubborn if one is not patient enough so use qvm-kill if in a hurry . personally I don't see a downside of it autostarting, though I guess one might have reasons

Re: [qubes-users] My farewell to Qubes OS!

On 10/27/18 7:26 PM, taii...@gmx.com wrote: No!! comp-sci angel D: you are IMO the best computer security person on the planet and now you leave us :'[ I wasn't too happy neither to see the presumably main Qubes visionary leave. Anyway I look forward to hear about new interesting

  1   2   >