[qubes-users] Help installing package in template VM via snap

2019-01-26 Thread 799
Hello, I am trying to update my multimedia howto for Qubes and would like to use a fedora-29--minimal template instead of debian. I try to install a package via snap but the template VM is not allowed to access the repository: snap install , results in: api.snapcraft.io ... read: connection

[qubes-users] ALL VMs are not working -- qmemman

2019-01-26 Thread Aly Abdellatif
When I rebooted Qubes OS after installing i3. All VMs are not working(xfce or i3) with the error :Domain t has failed to start :Failed to connect to qmemman:[Errno 2] No such file or directory with journalctl -xe ; I have this error : Failed to start Qubes memory management daemon

Re: [qubes-users] Qubes 4.0.x - Linux kernel 4.19.15 package available in testing repository

2019-01-26 Thread donoban
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 1/24/19 5:18 PM, Patrik Hagara wrote: > I get weird graphical artifacts with the new kernel after ~an hour > of usage. Windows from AppVMs turn all white sometimes when > switching workspaces in i3wm. Events like mousing over an > interactive

Re: [qubes-users] Re: looking for quickest way to copy text from dom0-Terminal to another VM

2019-01-26 Thread 799
Am Sa., 26. Jan. 2019, 04:33 hat Andrew David Wong geschrieben: > > Please take a look at this issue: > > https://github.com/QubesOS/qubes-issues/issues/3571 Happy to see that this topic (no clipboard from dom0) is at least known. I don't agree that copying from dom0 is dangerous because "The

[qubes-users] Re: QSB #46: APT update mechanism vulnerability

2019-01-26 Thread Aly Abdellatif
@John S redcap Go into the updateVM and delete unneeded rpms : /var/lib/qubes/dom0-updates/packages If you didnt change your updateVM, it will be in sys-firewall And then add - - clean in your qubes-dom0-update Command -- You received this message because you are subscribed to the Google

[qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-26 Thread goldsmith
Am I right in thinking that the recently discovered apt vulnerability (DSA 4371-1) in Debian based systems could and should have been mitigated against many years ago by downloading and activating an apt package; "apt-transport-https", which forces apt updates via https? The researcher (Max

Re: [qubes-users] looking for quickest way to copy text from dom0-Terminal to another VM

2019-01-26 Thread Stuart Perkins
On Sat, 26 Jan 2019 01:01:44 +0100 haaber wrote: >On 1/25/19 9:04 PM, gone wrote: >> 1st of all, I have read this: >> https://www.qubes-os.org/doc/copy-from-dom0/ >> >> Maybe I just draw a mental blank but I can't find a really >> quick way to copy text (not files) from dom0-Terminal to >>

Re: [qubes-users] How many gigabytes of memory is required for G505s?

2019-01-26 Thread qma ster
> and yes it is the best - remember to install coreboot with microcode > updates btw (check binary only repo + generate microcode from tree) "Generate microcode from tree" option does not work for G505S. Luckily these confusing options have been hidden at the latest coreboot from the boards

Re: [qubes-users] HCL - 20HRCTO1WW Lenovo Thinkpad X1 Carbon

2019-01-26 Thread berne . campbell
On Friday, 25 January 2019 20:38:03 UTC+11, Jean-Philippe Ouellet wrote: > On Wed, Jan 23, 2019 at 11:45 PM Berne Campbell > wrote: > > > > Lenovo Thinkpad X1 Carbon 20HRCTO1WW > > > > I had to disable secure-boot to boot of USB stick for installation (Used > > Rufus in Windows in DD mode, MBR

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-26 Thread Alexandre Belgrand
Le mercredi 23 janvier 2019 à 18:05 +0100, Marek Marczykowski-Górecki a écrit : > We have just published Qubes Security Bulletin (QSB) #46: > APT update mechanism vulnerability. Keep in mind that all PGP Debian/Ubuntu signing keys have been stolen and injection may occur during apt-get

[qubes-users] Re: Materials for BIOS flash procedure

2019-01-26 Thread qma ster
Sorry for such a late reply, hope you already know about "Flashing a BIOS chip" article at DangerousPrototypes forums which uses G505S as an example. And another "Flashing KB9012" article is optional and not urgent (since it's not replacing the proprietary KB9012 firmware, just removing the

[qubes-users] Re: Lenovo G505s A10-5750m / qubes 4.0rc5 / Unsupported Hardware Detected

2019-01-26 Thread qma ster
> I think to order this material for a future flash coreboot on G505s. can you > confirm that the material is OK? Sorry for late reply, these links are almost ok but it's better to get CH341A with a green PCB because there were a few bad black CH341A with 5V instead of 3.3V while we haven't

[qubes-users] Re: ALL VMs are not working -- qmemman

2019-01-26 Thread Nick Darren
On Saturday, January 26, 2019 at 9:49:54 PM UTC+8, Aly Abdellatif wrote: > When I rebooted Qubes OS after installing i3. All VMs are not working(xfce or > i3) with the error > > > :Domain t has failed to start :Failed to connect to qmemman:[Errno 2] No > such file or directory > > > with

Re: [qubes-users] g505s BIOS settings for installing 4.0.1

2019-01-26 Thread qma ster
Proprietary UEFI on this G505S laptop is a real piece of sheet and I really encourage you to "upgrade" it to coreboot opensource BIOS as soon as possible! There is a great "Flashing a BIOS chip" detailed step-by-step article at DangerousPrototypes site which uses this G505S laptop as an

[qubes-users] Re: ALL VMs are not working -- qmemman

2019-01-26 Thread Lorenzo Lamas
I also had this error after installing these packages from Dom0 Security-Testing repo. I posted about it in the QSB #46 thread, but havent got a reply there. Fortunately, with help of someone else I was able to fix it: https://groups.google.com/d/msg/qubes-users/5D8AxG3jtdw/CqyWjGEiGgAJ -- You

[qubes-users] Re: ALL VMs are not working -- qmemman

2019-01-26 Thread Aly Abdellatif
This also worked for me . Thanks a lot Lorenzo !! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-26 Thread Alexandre Belgrand
Le samedi 26 janvier 2019 à 04:39 -0800, goldsm...@riseup.net a écrit : > If "apt-transport-https" is the magic bullet, why in the past hasn't > it > been implemented by default? And, why for the future, is it not being > implemented immediately by Qubes, Debian et al? Furtermore, very few Debian

[qubes-users] Re: QSB #46: APT update mechanism vulnerability

2019-01-26 Thread Aly Abdellatif
@John S.Recdep 1. Go into sys-firewall and delete rpms available in /var/lib/qubes/dom0-updates/packages and then in dom0 use sudo qubes-dom0-update qubes-template-whonix-gw-14 --enablerepo=qubes*testing --clean -- You received this message because you are subscribed to the Google Groups

[qubes-users] Re: QSB #46: APT update mechanism vulnerability

2019-01-26 Thread John S.Recdep
On 1/26/19 9:30 AM, Aly Abdellatif wrote: > @John S redcap > > Go into the updateVM and delete unneeded rpms : > /var/lib/qubes/dom0-updates/packages > > If you didnt change your updateVM, it will be in sys-firewall > > And then add - - clean in your qubes-dom0-update > Command > hmm, this

[qubes-users] Re: QSB #46: APT update mechanism vulnerability

2019-01-26 Thread John S.Recdep
On 1/26/19 6:41 PM, Aly Abdellatif wrote: > @John S.cde > > 1. Go into sys-firewall and delete rpms available in > /var/lib/qubes/dom0-updates/packages > > and then in dom0 use sudo qubes-dom0-update qubes-template-whonix-gw-14 > --enablerepo=qubes*testing --clean > > there is nothing in

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-26 Thread Chris Laprise
On 01/26/2019 05:42 AM, Alexandre Belgrand wrote: Le mercredi 23 janvier 2019 à 18:05 +0100, Marek Marczykowski-Górecki a écrit : We have just published Qubes Security Bulletin (QSB) #46: APT update mechanism vulnerability. Keep in mind that all PGP Debian/Ubuntu signing keys have been stolen

[qubes-users] Re: looking for quickest way to copy text from dom0-Terminal to another VM

2019-01-26 Thread gone
Stuart Perkins wrote on Sat, 26 January 2019 13:32 > On Sat, 26 Jan 2019 01:01:44 +0100 > Since dom0 exists to do the sole job of managing the > other VM's, one must question why the text you wish to > insert into another domain is "in" dom0 to begin with. > -- That's completely right and also

[qubes-users] How to connect any qube to Updates Proxy

2019-01-26 Thread 19hundreds
I'm not sure I nailed this one but I've found a way to connect standaloneVM to the Updates Proxy in R4.0.  It looks to me that this not documented anywhere so I thought to share the solution. https://www.reddit.com/r/Qubes/comments/agyune/how_to_use_update_proxy_on_standalonevm/

[qubes-users] Re: ALL VMs are not working -- qmemman

2019-01-26 Thread Nick Darren
On Sunday, January 27, 2019 at 1:04:11 AM UTC+8, Lorenzo Lamas wrote: > I also had this error after installing these packages from Dom0 > Security-Testing repo. > I posted about it in the QSB #46 thread, but havent got a reply there. > Fortunately, with help of someone else I was able to fix it:

Re: [qubes-users] Re: looking for quickest way to copy text from dom0-Terminal to another VM

2019-01-26 Thread unman
On Sat, Jan 26, 2019 at 09:39:47AM +0100, 799 wrote: > Am Sa., 26. Jan. 2019, 04:33 hat Andrew David Wong > geschrieben: > > > > > Please take a look at this issue: > > > > https://github.com/QubesOS/qubes-issues/issues/3571 > > > > Happy to see that this topic (no clipboard from dom0) is at

[qubes-users] yubikey full disk encryption install help needed

2019-01-26 Thread imamushroom
Hello, I'm running Qubes 4.01 and on a Lenovo T430 and my root partition is encrypted. I want to install a yubikey challenge-response for the disk encryption password but having difficulty working out how to do it. I'm a qubes newbie. I've seen this https://github.com/eworm-de/mkinitcpio-ykfde

Re: [qubes-users] Help installing package in template VM via snap

2019-01-26 Thread unman
On Sat, Jan 26, 2019 at 01:33:15PM +0100, 799 wrote: > Hello, > > I am trying to update my multimedia howto for Qubes and would like to use > a fedora-29--minimal template instead of debian. > > I try to install a package via snap but the template VM is not allowed to > access the repository: >

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-26 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 26/01/2019 7.34 PM, unman wrote: > On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net > wrote: >> >> Am I right in thinking that the recently discovered apt >> vulnerability (DSA 4371-1) in Debian based systems could and >> should

[qubes-users] Re: looking for quickest way to copy text from dom0-Terminal to another VM

2019-01-26 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 26/01/2019 2.39 AM, 799 wrote: > Am Sa., 26. Jan. 2019, 04:33 hat Andrew David Wong > geschrieben: > >> >> Please take a look at this issue: >> >> https://github.com/QubesOS/qubes-issues/issues/3571 > > > > Happy to see that this topic

Re: [qubes-users] Debian Template APT Vulnerability - A ticking bomb?

2019-01-26 Thread unman
On Sat, Jan 26, 2019 at 04:39:45AM -0800, goldsm...@riseup.net wrote: > > Am I right in thinking that the recently discovered apt vulnerability > (DSA 4371-1) in Debian based systems could and should have been > mitigated against many years ago by downloading and activating an apt > package;

Re: [qubes-users] QSB #46: APT update mechanism vulnerability

2019-01-26 Thread unman
On Sat, Jan 26, 2019 at 11:42:27AM +0100, Alexandre Belgrand wrote: > Le mercredi 23 janvier 2019 ŕ 18:05 +0100, Marek Marczykowski-Górecki a > écrit : > > We have just published Qubes Security Bulletin (QSB) #46: > > APT update mechanism vulnerability. > > Keep in mind that all PGP Debian/Ubuntu