Re: [qubes-users] Problems connecting usb flash drive to any vm
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/25/16 23:26, zxe...@gmail.com wrote: >> Have you changed the devices assigned to sys-usb? If so, it's possible >> you're running into a pci_strictreset issue here? Try running this in dom0 >> (but before you do, make sure you understand the risks [1]): >> >> $ qvm-prefs -s sys-usb pci_strictreset false >> >> Then try starting sys-usb again: >> >> $ qvm-start sys-usb >> >> Let us know if there are any useful error messages. > I ran both and got: > Traceback (most recent call last): >File "/usr/bin/qvm-start", line 136, in > main() >File "/usr/bin/qvm-start", line 120 in main > xid = vm.start(verbose=options.verbose, > preparing_dvm=options.preparing_dvm, start_guid=not options.noguid, > notify_function=tray_notify_generic if options.tray else None) >File "/usr/lib64/python2.7/site-packages/qubes/modules/005QubesNetVm.py", > line 122 in start > xid=super(QubesNetVm, self),start(**kwargs) >File "/user/lib64/python2.7/site-packages/qubes/moduels/000QubesVm.py", > line 1958, in start nd.detach() >File "/usr/lib64lpython2.7/site-packages/libvert.py", line 5249, in detach > in ret == -1: raise libvertError ('verNodeDevicesDetach() failed') > libvert.libvertError: Requested operation is not valid: PCI device > :00:10.0 is in use by driver xenlight, domain sys-net > (Note I typed this, so there may be errors in the transcription) > Thanks. For future reference, you can copy text out of dom0 like this: https://www.qubes-os.org/doc/copy-from-dom0/#copying-from-dom0 > If I shutdown the sys-net VM then sys-usb boots. Of course this also means > that sys-net fails to boot with the same error message. Now when I attach a > flash drive it automatically connects to sys-usb, instead of sys-net. How do > I stop sys-net from trying to request driver access? As long as sys-usb is > active, I am not able to boot any other VM. Everything fails silently. > >> Did you mean "sys-usb" instead of "sys-net"? (If not, the description you've >> provided of your overall setup is inconsistent. Please clarify it.) > > I did mean sys-net. When the sys-usb VM is not booted and I have attach a usb > flash drive, I get a notification in the upper right hand corner saying > "Attached new device to sys-net /dev/sda". If I exit all VM's and boot the > sys-usb VM then it attaches to the sys-usb VM. > Ah, it sounds like you have your USB controller assigned to both sys-net and sys-usb. In retrospect, this makes sense, since you described manually creating a USB qube even after the installer manually created one for you. I'm not sure exactly what you're trying to achieve, but my recommendation would be to assign your USB controller to only one qube. Let's suppose you want it assigned to sys-usb. (This assumes that you're not using a USB Wi-Fi device, in which case you'll want to have a single sys-net that also functions as a USB qube, rather than having separate sys-net and sys-usb qubes.) 1. Shut down sys-net. (This will probably require shutting down most of your other VMs first.) 2. In Qubes Manager, right click on sys-net, then click "VM settings." Then, click the "Devices" tab. 3. On the right-hand side, select your USB controller(s), then click the "<" button, leaving only your network devices. 4. Reboot the whole system. You should no longer run into the problem you described above. > qvm-block -l gives: > sys-usb:sda Flash_Dis () 7 GiB > sys-usb:sda1 Flash_Disk (CHINA) 7 GiB. > > I was mounting wrong... "sudo mount -t vfat /dev/sda1 /mnt/removable/" works > (sda1 not sda). However, the folder is empty. I checked on my other laptop > and the flash drive is neither empty nor broken. > /mnt/removable is empty? Are you sure anything is actually mounted there? - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOT0jAAoJENtN07w5UDAw70oP/A7Yu4kngpk6aoWx9b7NEzHq xazY5K/aQIXIT9M5uMNvb7ui1md9Z90y7S9P9LSM4Tp8QVCcRFJ82sxpsbQej9Ib eLZ+0YuejomX6RDk+1prlQxjn+HouvbTsJrBOfCdA9O1SZd1UuS4bc/dm3/cWO+l qgUtxZGLMH/RoTK+z75OdBZjv6s5jCfAc1tw0Ynt6yrKR94O5aGRQhdjWdOF9Pbn 7CH2C1o4OEEWCbRX9PlsBZtv0Y4wPmbKvMhs6925PBmrcV1ZWar7JT9mWGXuf2Dz 1BmVw4RiFmOU7M1dFKaRVer5Y8jGhI43klr/B/ca3fzCf0BByc1610Rw50rhYwMS 0w1opl25DyjrAWT2r5SNUiddMIjExAZTT7cbwzmT55j9LPkUEy5Cy1uzvDxdrMeC xsDRttgGDIsEdY6De1o0Y6YiZpoIeDWE/ZBTyr7apr2N3/ZJ1qI3G8GhFEW+60Hq c/v9SOhce6oJygCRhUCQdB2YrMp4hgHlz600C1v3+v8m0Lh/rrx0UofdpOwnaoo2 5UoiW2j7+9Ob9Js1lElAQLjeTW23VE+dHNIbELt0sP1ZvyyYecvFTrUw7NuHICxs pG0RAGHBvqM+HU/Sz0KrrOfDXjHshSOK3R8X1rIsMcIZdVJvCpGBGXaZj23NOKoi FKcRRagPBt0XW2vqokPK =FWdR -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to
[qubes-users] Davmail and QubesOS for Exchange Mail
I have the misfortune of having an employer who uses Microsoft Exchange. To help with that I have installed Davmail. "DavMail is a POP/IMAP/SMTP/Caldav/Carddav/LDAP exchange gateway allowing users to use any mail/calendar client (e.g. Thunderbird with Lightning or Apple iCal) with an Exchange server, even from the internet or behind a firewall through Outlook Web Access. DavMail now includes an LDAP gateway to Exchange global address book and user personal contacts to allow recipient address completion in mail compose window and full calendar support with attendees free/busy display." http://davmail.sourceforge.net/ I plan to setup up mbsync (isync in Fedora) to use with mu4e. In the Work domain I need to use Davmail. In the Personal domain with Gmail I can just run mbsync the normal way. This approach could work for Mutt users who deal with Exchange as well. I was able to install Davmail using this repo. http://software.opensuse.org/download.html?project=home%3Ajetchko%3Afedora=davmail When I try to run Davmail in the Work domain I get the following error: # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x7f1f3a334314, pid=1128, tid=0x7f1f7be70700 # # JRE version: OpenJDK Runtime Environment (8.0_111-b16) (build 1.8.0_111-b16) # Java VM: OpenJDK 64-Bit Server VM (25.111-b16 mixed mode linux-amd64 compressed oops) # Problematic frame: # C [libgdk-3.so.0+0x2d314] gdk_error_trap_push+0x14 # # Core dump written. Default location: /home/user/core or core.1128 # # An error report file with more information is saved as: # /home/user/hs_err_pid1128.log # # If you would like to submit a bug report, please visit: # http://bugreport.java.com/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # Aborted (core dumped) I am unsure if this is a permissions problem from QubesOS or something else? I am attaching the error report as well. What do I need to do to get Davmail working with QubesOS in my WorkVM? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b484409c--4220-a4e1-6efb0477e8ae%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x7f1f3a334314, pid=1128, tid=0x7f1f7be70700 # # JRE version: OpenJDK Runtime Environment (8.0_111-b16) (build 1.8.0_111-b16) # Java VM: OpenJDK 64-Bit Server VM (25.111-b16 mixed mode linux-amd64 compressed oops) # Problematic frame: # C [libgdk-3.so.0+0x2d314] gdk_error_trap_push+0x14 # # Core dump written. Default location: /home/user/core or core.1128 # # If you would like to submit a bug report, please visit: # http://bugreport.java.com/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # --- T H R E A D --- Current thread (0x7f1f74009800): JavaThread "main" [_thread_in_native, id=1129, stack(0x7f1f7bd7,0x7f1f7be71000)] siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x Registers: RAX=0x, RBX=0x7f1f74404000, RCX=0x, RDX=0x7f1f743fb4e0 RSP=0x7f1f7be6f7d0, RBP=0x7f1f7be6f848, RSI=0x0001, RDI=0x7f1f74404000 R8 =0x7f1f743ea820, R9 =0x0008, R10=0x0010, R11=0x0033 R12=0x, R13=0x7f1f78884af8, R14=0x7f1f7be6f860, R15=0x7f1f74009800 RIP=0x7f1f3a334314, EFLAGS=0x00010202, CSGSFS=0xe033, ERR=0x0004 TRAPNO=0x000e Top of Stack: (sp=0x7f1f7be6f7d0) 0x7f1f7be6f7d0: 7f1f78884af8 7f1f7be6f848 0x7f1f7be6f7e0: 7f1f3af424dc 0x7f1f7be6f7f0: 7f1f7be6f848 7f1f650171b4 0x7f1f7be6f800: 7f1f65016f02 7f1f7be6f808 0x7f1f7be6f810: 7f1f78884af8 7f1f7be6f860 0x7f1f7be6f820: 7f1f788ec6f0 0x7f1f7be6f830: 7f1f78884af8 0x7f1f7be6f840: 7f1f7be6f868 7f1f7be6f8a8 0x7f1f7be6f850: 7f1f65007ffd e061f5b0 0x7f1f7be6f860: 7f1f65011278 7f1f7be6f868 0x7f1f7be6f870: 7f1f78884b97 7f1f7be6f8b8 0x7f1f7be6f880: 7f1f788ec6f0 0x7f1f7be6f890: 7f1f78884bc8 7f1f7be6f868 0x7f1f7be6f8a0: 7f1f7be6f8c0 7f1f7be6f900 0x7f1f7be6f8b0: 7f1f65007ffd 0x7f1f7be6f8c0:
Re: [qubes-users] Problems connecting usb flash drive to any vm
> Have you changed the devices assigned to sys-usb? If so, it's possible you're > running into a pci_strictreset issue here? Try running this in dom0 (but > before you do, make sure you understand the risks [1]): > > $ qvm-prefs -s sys-usb pci_strictreset false > > Then try starting sys-usb again: > > $ qvm-start sys-usb > > Let us know if there are any useful error messages. I ran both and got: Traceback (most recent call last): File "/usr/bin/qvm-start", line 136, in main() File "/usr/bin/qvm-start", line 120 in main xid = vm.start(verbose=options.verbose, preparing_dvm=options.preparing_dvm, start_guid=not options.noguid, notify_function=tray_notify_generic if options.tray else None) File "/usr/lib64/python2.7/site-packages/qubes/modules/005QubesNetVm.py", line 122 in start xid=super(QubesNetVm, self),start(**kwargs) File "/user/lib64/python2.7/site-packages/qubes/moduels/000QubesVm.py", line 1958, in start nd.detach() File "/usr/lib64lpython2.7/site-packages/libvert.py", line 5249, in detach in ret == -1: raise libvertError ('verNodeDevicesDetach() failed') libvert.libvertError: Requested operation is not valid: PCI device :00:10.0 is in use by driver xenlight, domain sys-net (Note I typed this, so there may be errors in the transcription) If I shutdown the sys-net VM then sys-usb boots. Of course this also means that sys-net fails to boot with the same error message. Now when I attach a flash drive it automatically connects to sys-usb, instead of sys-net. How do I stop sys-net from trying to request driver access? As long as sys-usb is active, I am not able to boot any other VM. Everything fails silently. > Did you mean "sys-usb" instead of "sys-net"? (If not, the description you've > provided of your overall setup is inconsistent. Please clarify it.) I did mean sys-net. When the sys-usb VM is not booted and I have attach a usb flash drive, I get a notification in the upper right hand corner saying "Attached new device to sys-net /dev/sda". If I exit all VM's and boot the sys-usb VM then it attaches to the sys-usb VM. qvm-block -l gives: sys-usb:sda Flash_Dis () 7 GiB sys-usb:sda1 Flash_Disk (CHINA) 7 GiB. I was mounting wrong... "sudo mount -t vfat /dev/sda1 /mnt/removable/" works (sda1 not sda). However, the folder is empty. I checked on my other laptop and the flash drive is neither empty nor broken. Thanks for your help! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8e9d7748-6fd0-4ca7-95b0-76b69b9ff061%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Problems connecting usb flash drive to any vm
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/25/16 21:56, zxe...@gmail.com wrote: > When I first installed Qubes (3.2), I could attach and detach block devices > without errors and mount flash drives in VM's. I wanted to use my external > keyboard with my laptop so followed the steps in the guide > (https://www.qubes-os.org/doc/usb/) for "Creating and Using a USB qube" > (using the management stack) and "How to use a USB keyboard". > > However, the generated sys-usb Qube fails to boot Have you changed the devices assigned to sys-usb? If so, it's possible you're running into a pci_strictreset issue here? Try running this in dom0 (but before you do, make sure you understand the risks [1]): $ qvm-prefs -s sys-usb pci_strictreset false Then try starting sys-usb again: $ qvm-start sys-usb Let us know if there are any useful error messages. > and detaching a USB flash drive using the VM Manager always give me a blank > window with the text "Houston, we have a problem..." and freezes the VM > Manager. After a few seconds of trying to close the blank window I get "This > window might be busy and is not responding. Do you want to terminate the > application?". After I restart the VM Manager the USB device is still shows > as attached. Try detaching it from the command-line instead: $ qvm-block -d : Or just: $ qvm-block -d And let us know if there are any useful error messages. > If I restart the VM with the attached USB device it gives me another error > "AssertionError: This is most likely a bug in the Qubes Manager" and the VM > is killed. (Note I did this with a DisposableVM). Errors are to be expected when restarting a VM with USB devices still attached. They should be detached first. > The above happens even if I attach and then immediately detach the USB block > device. > > After plugging in the USB flash drive to my laptop, but not attaching it to > any VM the USB flash drive is visible to sys-net with "fdisk -l", Did you mean "sys-usb" instead of "sys-net"? (If not, the description you've provided of your overall setup is inconsistent. Please clarify it.) > but mounting fails with "wrong fs type" even though I mount it with "-t vfat" > and fdisk shows the USB flash drive is FAT32. Are you sure the drive is formatted correctly? If you have a backup of the data already, try reformatting it. If your VM is based on an unusual template, that could also be a clue. > If I attache the USB flash drive to any other VM "fdisk -l" does not show any > attached flash drive. If you attach the drive to another VM, what is the output of this command? $ qvm-block -l If the drive is really attached, it should indicate that in the output of the above command. > I am currently in China, so I cannot reach google with the laptop running > Qubes until I get a socks proxy set up and tor is block in China (any bridges > I have tried are quickly blocked). > > Any help would be helpful. Let me know what logs would be useful to post (I > am still very new to Qubes). > [1] https://www.qubes-os.org/doc/user-faq/#i-created-a-usbvm-and-assigned-usb-controllers-to-it-now-the-usbvm-wont-boot - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOSdBAAoJENtN07w5UDAwHl0P/2fisY9AfoPnDKWTb0QnGfjE EIBjlLWgTiN5fBAfZ7A+aPLadqOXn3PXuytsP/FCaswLzuu/Y09hYzqmssKPSnnj 7tXmb3DbOqJNn/oY2T2FtS1BoAlnEYrSxt1pGdO22ZV6NyvpytqUu+jeZ0fAfNK1 /wI1CsPaRHSbI+slqTexGtggJ3kM2Oh0I2O4HIZeRPL/gyN71zGbek5JpkeUjdju +AbJ2+OteFXIMEXbP+1t6oJ5kwP4QkAnidgvImDAmV0fL21DXtn25rhoq338egB6 7Oh0YfK1s8bk2VTBFOMUj1gI8u3unrUUswegr0J0IlT/b8jF8c8G9+1EiQi2KM3Z swqWRLWGWO5wi5PfWYIpb6Lsg5Z9rr3i5MYtkhXpzsaFWk1HHS6lr9frQCZJLpE6 vKuZpvXBnp3yv70TyOcWurfA+dkE/W/WRgkSskUutfqZNUO4mDzPw+dnzUWAbMEY 76tLEKhU2DBxkKnzVobL2hEG7d5XKIFIau+NV3Xq1kcSWWrpY8M/sKf54jr/DPP9 6hju7DyyP/CUeo+ekFq2Z0CECQ3vQh7vRwENhF2YFQn8hOKnXdsDE0ep16OGRy6C RiGpeCM8fXkj37mlVe1+eJoy/IR6LbXf44vvHh8UbJAM5KIyL8xOfjTldVL3kqFw kcyOP1BU/M8jO7Z5WO5v =7/Or -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f179407d-da5d-ab91-a76d-d6762a9f31a2%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Problems connecting usb flash drive to any vm
When I first installed Qubes (3.2), I could attach and detach block devices without errors and mount flash drives in VM's. I wanted to use my external keyboard with my laptop so followed the steps in the guide (https://www.qubes-os.org/doc/usb/) for "Creating and Using a USB qube" (using the management stack) and "How to use a USB keyboard". However, the generated sys-usb Qube fails to boot and detaching a USB flash drive using the VM Manager always give me a blank window with the text "Houston, we have a problem..." and freezes the VM Manager. After a few seconds of trying to close the blank window I get "This window might be busy and is not responding. Do you want to terminate the application?". After I restart the VM Manager the USB device is still shows as attached. If I restart the VM with the attached USB device it gives me another error "AssertionError: This is most likely a bug in the Qubes Manager" and the VM is killed. (Note I did this with a DisposableVM). The above happens even if I attach and then immediately detach the USB block device. After plugging in the USB flash drive to my laptop, but not attaching it to any VM the USB flash drive is visible to sys-net with "fdisk -l", but mounting fails with "wrong fs type" even though I mount it with "-t vfat" and fdisk shows the USB flash drive is FAT32. If I attache the USB flash drive to any other VM "fdisk -l" does not show any attached flash drive. I am currently in China, so I cannot reach google with the laptop running Qubes until I get a socks proxy set up and tor is block in China (any bridges I have tried are quickly blocked). Any help would be helpful. Let me know what logs would be useful to post (I am still very new to Qubes). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/feca37ec-61db-4b4d-a66c-30aada27994d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes 4.x and Librem 13
It seems that Purism has failed to follow through on its promise to provide open firmware (i.e coreboot) and overstated it's capability to provide a completely free firmware (i.e. libreboot). As a result, they have left many unhappy customers and/or prospective customers. I doubt that we will ever have libreboot on current/new Intel hardware. Optimistically speaking, a truly open hardware ecosystem (i.e. Risc-V, OpenPower) will likely take ~3-10 years to become commercially viable. Considering the pragmatic approach that Qubes OS is taking, it would seem ideal to get the most secure and privacy-protecting hardware in the short-term until such time that we can have "truly" secure and privacy-protecting hardware in the long-term. As Marek pointed out, the Librem 13 would work with Qubes OS 4.x and "may be somehow more secure with Coreboot (less places to hide some backdoor), but may be also less stable - depending how mature is Librem 13 support in Coreboot." As Grzesiek pointed out, waiting until 4.x to be released makes sense since "a better option might present itself". In addition, it would give Purism an opportunity to right a wrong. That said, besides the Librem 13, I haven't seen nor heard of another laptop that provides hardware switches to disable camera/audio/wifi and components that do not require blobs (CPU excepted of course). Besides my Google Pixel LS Chromebook running linux, I'm unsure whether there is a better option at this point. Thanks, Roberto -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/aa5e330c-f624-4f7d-8a9c-1fcecd6941b4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [SOLVED Realtek 8111/8168] was Re: [qubes-users] R2rc1 networking issue
Okay. I guess solving these issues help with to accelerate learning curve. Thanks again. Vincent Vincent "Kim" Elliott ITC Consultant Kingston, Jamaica 876-381-0661 On Fri, Nov 25, 2016 at 6:39 PM, Marek Marczykowski-Górecki < marma...@invisiblethingslab.com> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > On Fri, Nov 25, 2016 at 11:59:26AM -0500, Vincent Elliott wrote: > > Marek, > > > > Thanks a mil. > > > > I doubled the size, restarted the VM and the interface came right up. > > > > I spent many days trying to find a fix... perhaps the default size should > > be doubled to accomodate any other noobs with the same hardware? > > No, because the bigger the value is, the greater chance you won't be > able to start the VM at all. This amount of memory needs to be > continuous (in terms of physical memory pages) and its hard to get one, > especially after some time of running a lot of VMs... > > - -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJYOMvKAAoJENuP0xzK19csB5QH/234khPD8UrXqy02/c7uneye > lR+TvWh8sUA86VetrOQT//IIVHEaw4EygMS6ezI3ipM7wz3WoXga8CO1brMkD9Zt > 8bJpl+3COqR4DYBV/AHhbYmRshzz5F5pyBRgzPSV6ifqze4kfHnkrSpC+z0PH5pg > nR9qMKp6uMBW9Udea+oA72IRkZeszGzFcEDBGGCoSXQzSLJLi6oRD1eUF/drDfBL > oOwamQQkTJV+THpEGvvmFSdA/W3yONgQix7QUpFIYGaAp83MnwzZBTzCjxjHqpMG > IkHNK+l37FnU9RXQhIANFIlrE2CuhwIeTH6YU2ffuO+unH81AtK4WejUbL7jkdU= > =gIsV > -END PGP SIGNATURE- > > -- > You received this message because you are subscribed to a topic in the > Google Groups "qubes-users" group. > To unsubscribe from this topic, visit https://groups.google.com/d/ > topic/qubes-users/6hhO7SCFzM8/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/qubes-users/20161125233952.GH1145%40mail-itl. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CANNetsPOuPEwPzGOP5GW%2B-DgLXBfgwVa47zqgbmPXWPbKZWkCA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't update dom0?
when I use gui, before it updates anything I have to select them all and then hit apply. It doesn't do that for you guys? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d75e6656-14b9-4b4a-a683-a6113607f790%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Booting Xen directly from GRUB2 command line
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sat, Nov 26, 2016 at 12:37:23AM +, Duncan Guthrie wrote: > Hej folks, > I have installed Grub2 as my Coreboot payload, and now I want to boot Qubes > from a USB drive. > Since I haven't made any changes to Grub2's default config, I am trying to > boot Qubes from the command line Grub provides. > I do the following: > set root=(usb0) > linux /isolinux/vmlinuz > initrd /isolinux/initrd.img > This is clearly wrong though as it boots without Xen, so when Qubes loads, > the little bar only gets to halfway then it crashes into a rescue shell. > What I want to know is how I can boot Qubes from the Grub2 CLI then I can > install it. I don't know the right commands. Something like this (adjust exact filenames and kernel parameters): multiboot /isolinux/xen.gz (xen options here) module /isolinux/vmlinuz (kernel options here) module /isolinux/initrd.img - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYONqpAAoJENuP0xzK19cstgUH/0o/nXuS733HOaY8k6iOd+Eg J5ShB7rSeqXtjVfCuFfVsMwr6nOVIpmp9Lyny/It2s6ro+Bzphuyld4egJ4So+XC I6+5yupKSv5p9kPT7sEG8DSqOmMPFSP2hUg8RsRoaJQ+fs8GmJaZUwKLc+4Spu8i Y+jx3uEy28Bt2W5za50K3Ox2IVyVV0vf8Vqj+0KEXBw3YzlESQtT2+Sh61Kbl2PJ IpJJ4s1ij5+JzEvB4M3AZ3ic8uCBUF8/a0FDTemh67Zb4oFIC+K37uPmxR4W91cD 2DO8FVgfs5UhrT+kKEJxYXXK4Cz1Ggc1k0rFenDyP4H1WQEGitZMEuyTSrI89RI= =O5cr -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161126004319.GI1145%40mail-itl. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Booting Xen directly from GRUB2 command line
Hej folks, I have installed Grub2 as my Coreboot payload, and now I want to boot Qubes from a USB drive. Since I haven't made any changes to Grub2's default config, I am trying to boot Qubes from the command line Grub provides. I do the following: set root=(usb0) linux /isolinux/vmlinuz initrd /isolinux/initrd.img This is clearly wrong though as it boots without Xen, so when Qubes loads, the little bar only gets to halfway then it crashes into a rescue shell. What I want to know is how I can boot Qubes from the Grub2 CLI then I can install it. I don't know the right commands. D -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/248AAE60-BF4B-4188-82ED-8123F382FC7F%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [SOLVED Realtek 8111/8168] was Re: [qubes-users] R2rc1 networking issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Nov 25, 2016 at 11:59:26AM -0500, Vincent Elliott wrote: > Marek, > > Thanks a mil. > > I doubled the size, restarted the VM and the interface came right up. > > I spent many days trying to find a fix... perhaps the default size should > be doubled to accomodate any other noobs with the same hardware? No, because the bigger the value is, the greater chance you won't be able to start the VM at all. This amount of memory needs to be continuous (in terms of physical memory pages) and its hard to get one, especially after some time of running a lot of VMs... - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYOMvKAAoJENuP0xzK19csB5QH/234khPD8UrXqy02/c7uneye lR+TvWh8sUA86VetrOQT//IIVHEaw4EygMS6ezI3ipM7wz3WoXga8CO1brMkD9Zt 8bJpl+3COqR4DYBV/AHhbYmRshzz5F5pyBRgzPSV6ifqze4kfHnkrSpC+z0PH5pg nR9qMKp6uMBW9Udea+oA72IRkZeszGzFcEDBGGCoSXQzSLJLi6oRD1eUF/drDfBL oOwamQQkTJV+THpEGvvmFSdA/W3yONgQix7QUpFIYGaAp83MnwzZBTzCjxjHqpMG IkHNK+l37FnU9RXQhIANFIlrE2CuhwIeTH6YU2ffuO+unH81AtK4WejUbL7jkdU= =gIsV -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20161125233952.GH1145%40mail-itl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes 4 with Grsec could make a big splash
https://github.com/coldhakca/coldkernel/issues/35#issuecomment-262175541 https://www.coldhak.ca -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43cd9fbd-2b1a-1212-3e07-d78de81500fa%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Friday, November 25, 2016 at 8:52:01 AM UTC-5, jkitt wrote: > On Friday, 25 November 2016 11:38:21 UTC, raah...@gmail.com wrote: > > can you just tell us the options so we can compile it ourselves? paste the > > cfg or something. > > https://wiki.gentoo.org/wiki/Hardened/FAQ#Do_I_need_to_pass_any_flags_to_LDFLAGS.2FCFLAGS_in_order_to_turn_on_hardened_building.3F > > Also: > > > Can I add -fstack-protector-all or -fstack-protector in the make.conf > > CFLAGS? > > > No, they will likely break the building of many packages, amongst others > > glibc. > > in other words these options will break some packages - particularly glibc; > ulibc is more flexible in that regards. > > There's also: https://wiki.gentoo.org/wiki/Hardened/Toolchain > > It's not as straightforward as you think. Perhaps you can build selected > applications as statically linked with PIE, and place it in a grsec chroot > instead - it would be a lot simpler. > > I'd really like to see Gentoo (hardened) support, that and OpenBSD. I've always used a grsec kernel with baremetal debian. I just slete the default security over performance option. But I'm assuming some pax settings conflict with xen? So wanted to see your working .config file. Or maybe i'm wrong and should just try it myself... I just kind of figure that since I'm using qubes whats the point is it really worth all the effort... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e61ade92-fb40-4bdd-b9de-fd6110d8047a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Friday, November 25, 2016 at 8:52:01 AM UTC-5, jkitt wrote: > On Friday, 25 November 2016 11:38:21 UTC, raah...@gmail.com wrote: > > can you just tell us the options so we can compile it ourselves? paste the > > cfg or something. > > https://wiki.gentoo.org/wiki/Hardened/FAQ#Do_I_need_to_pass_any_flags_to_LDFLAGS.2FCFLAGS_in_order_to_turn_on_hardened_building.3F > > Also: > > > Can I add -fstack-protector-all or -fstack-protector in the make.conf > > CFLAGS? > > > No, they will likely break the building of many packages, amongst others > > glibc. > > in other words these options will break some packages - particularly glibc; > ulibc is more flexible in that regards. > > There's also: https://wiki.gentoo.org/wiki/Hardened/Toolchain > > It's not as straightforward as you think. Perhaps you can build selected > applications as statically linked with PIE, and place it in a grsec chroot > instead - it would be a lot simpler. > > I'd really like to see Gentoo (hardened) support, that and OpenBSD. I meant if you were able to fpaste the .config file of your grsec kernel. I don't know anything about hardened building of the kernel. Is that nescessary? lol -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/825a7df7-1577-4e19-a96b-c460b3f42115%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Is the Gigabyte Aero 14 laptop well supported?
First of all, for the developers of Qubes reading this: **massive props**. Your work is amazing, very much needed, and I appreciate it to the extreme. I cannot help with development, but will do my best to help in other ways. On to the topic: I'm new to Qubes -I've only been using it for the last two weeks-. It's just what I was waiting for and I've been using it daily. I want to use it daily for everything, but this will require a laptop. I've looked at the recommended LibreM, but the price/value ratio seems way off, and listed battery duration is too short. The one I'm considering is the *Gigabyte Aero 14*. How well will it work? (specs pasted below). Any issues envisioned? CPU 6th Generation Intel® Core™ i7-6700HQ (2.6GHz-3.5GHz) Display 14" QHD 2560x1440 IPS Wide Viewing Angle Anti-Glare Display LCD System Memory 16GB DDR4 2133, 2 slots (Max 32GB) Chipset Mobile Intel® HM170 Express Chipset Video Graphics Intel® HD Graphics 530 NVIDIA® GeForce® GTX 965M GDDR5 2GB Supports NVIDIA® Optimus™ Technology Storage *Support Dual-Storage System 256GB SSD (2 x M.2 SSD slots (Type 2280, supports NVMe PCIe X4 & SATA)) I/O Port USB 3.0 (Type-A)*3, USB 3.1(Type-C)*1, HDMI 2.0, mini-DP, Headphone-out jack (Audio-in Combo), SD Card Reader, DC-in Jack Optional: USB-to-LAN Converter Audio 1.5 Watt Speaker*2, Microphone, Dolby® Digital Plus™ Home Theater Communications Wireless LAN: 802.11 ac (a/b/g/n compatible) Bluetooth: Bluetooth V4.1+ LE Webcam HD Camera Security Kensington Lock Battery Li Polymer 94.24Wh Adapter 150W Dimensions 335(W) x 250(D) x 19.9(H) mm Weight ~1.89kg (w/Battery) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/KXRNFzl--3-0%40tutanota.com. For more options, visit https://groups.google.com/d/optout.
Re: [SOLVED Realtek 8111/8168] was Re: [qubes-users] R2rc1 networking issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Nov 25, 2016 at 07:57:59AM -0800, Vincent Elliott wrote: > On Thursday, 15 May 2014 01:27:56 UTC-5, inf...@gmail.com wrote: > > On Monday, 12 May 2014 09:58:30 UTC+2, Marek Marczykowski-Górecki wrote:On > > 12.05.2014 00:43, inf...@gmail.com wrote: > > > > > On 12/05/14 00:38, Marek Marczykowski-Górecki wrote: > > > > >> > > > > >> .. > > > > >> Looks more like some missing package (linux-firmware?). On my fc20 > > > > >> template > > > > >> there is /lib/firmware/rtl_nic... > > > > >> > > > > >>> Aha, indeed > > > > >>> > > > > >>> when I do a "sudo yum install linux-firmware" it begins to install but > > > > >>> fails with: > > > > >>> > > > > >>> Error unpacking rpm package > > >>> linux-firmware-20140317-37.gitdec41bce.fc2noarch > > > > >>> error: unpacking of archive failed on file /usr/lib/firmware/updates: > > >>> cpio: > > > > >>> chmod > > > > >>> > > > > >>> ? > > > > >> Ah, I see... That symlink is leftover from times where firmwares were > > >> provided > > > > >> by dom0. Now you can simply remove it and retry package installation. > > > > >> The next qubes-core-vm package will also remove that link. > > > > > > > > > > Sorry, am still Linux doofus, what exactly should I do? > > > > > > > > sudo rm /usr/lib/firmware/updates > > > > > > > > So that worked :-) :-) > > > > For anyone with an 8168 chip (until the update kicks in), best procedure > > (assuming have WiFi as well).. > > > > 1) disable 8168 network adapters in BIOS (necessary - it interferes with > > WiFi), get the WiFi connection going > > 2) in the Template VM, remove the symlink as above > > 3) sudo yum install linux-firmware > > 4) update Template VM, and dom0 > > 5) reboot, re-enable 8168 network adapter in BIOS > > > > The wired network should now settle immediately, and seems to run fine on > > standard r8169 (sic) > > > > CB > > All, > > Am having the following issues on R3.2 and just cannot get the Ethernet > connection working (8188CE WiFi is fine!): > > [user@sys-net ~]$ sudo journalctl | grep r8169 > Nov 25 08:46:17 sys-net kernel: r8169 Gigabit Ethernet driver 2.3LK-NAPI > loaded > Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0: Xen PCI mapped GSI16 to > IRQ22 > Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0 eth0: RTL8168e/8111e at > 0xc92f4000, 28:92:4a:2a:8d:16, XID 0c20 IRQ 23 > Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0 eth0: jumbo features > [frames: 9200 bytes, tx checksumming: ko] > Nov 25 08:46:18 sys-net kernel: r8169 :00:00.0 enp0s0: renamed from eth0 > Nov 25 08:46:28 sys-net NetworkManager[543]: (enp0s0): new Ethernet > device (carrier: OFF, driver: 'r8169', ifindex: 2) > Nov 25 08:46:28 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 08:46:28 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > Nov 25 10:25:17 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 10:25:17 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > Nov 25 10:26:13 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 10:26:13 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > Nov 25 10:47:16 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full > (sz: 16383 bytes) > Nov 25 10:47:16 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX > DMA! > [user@sys-net ~]$ Try increasing swiotlb parameter on sys-net kernel cmdline. See here: https://www.qubes-os.org/doc/assigning-devices/#possible-issues - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJYOGJpAAoJENuP0xzK19cs4QoH/2jDyzwgrtN06LNzva4xoXer oYwySJ65m5uZAvw5e6EbD4fQqrppva8dnjqWIxFN9gZYm/DTGLUXOxoO86+Tv8BS CVdNJD4yPYWePBdeNZxQug2MZmMM5ad3+5gsvSlr+6Gza7mgKc8/g7G9JRItBGc1 EFLX9GbfFFTGhd9wrKqO+L54s+FbgwSjEiUTwmPeWQx0OZE/rPueZaYACAoZgUZe QL2PSvEVPulpv+Fy2JpAA05BmLwlgdNqnaE/wS0iurky3SIxY8JvZYwPyzdHVamC OKEiiByiu25YTn/wJPHEKwJmNggJVSeWozYYQVdiItausLFRg1YYdCEo0CGzGCc= =GJ7m -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web
Re: [SOLVED Realtek 8111/8168] was Re: [qubes-users] R2rc1 networking issue
On Thursday, 15 May 2014 01:27:56 UTC-5, inf...@gmail.com wrote: > On Monday, 12 May 2014 09:58:30 UTC+2, Marek Marczykowski-Górecki wrote:On > 12.05.2014 00:43, inf...@gmail.com wrote: > > > On 12/05/14 00:38, Marek Marczykowski-Górecki wrote: > > >> > > >> .. > > >> Looks more like some missing package (linux-firmware?). On my fc20 > > >> template > > >> there is /lib/firmware/rtl_nic... > > >> > > >>> Aha, indeed > > >>> > > >>> when I do a "sudo yum install linux-firmware" it begins to install but > > >>> fails with: > > >>> > > >>> Error unpacking rpm package > >>> linux-firmware-20140317-37.gitdec41bce.fc2noarch > > >>> error: unpacking of archive failed on file /usr/lib/firmware/updates: > >>> cpio: > > >>> chmod > > >>> > > >>> ? > > >> Ah, I see... That symlink is leftover from times where firmwares were > >> provided > > >> by dom0. Now you can simply remove it and retry package installation. > > >> The next qubes-core-vm package will also remove that link. > > > > > > Sorry, am still Linux doofus, what exactly should I do? > > > > sudo rm /usr/lib/firmware/updates > > > > So that worked :-) :-) > > For anyone with an 8168 chip (until the update kicks in), best procedure > (assuming have WiFi as well).. > > 1) disable 8168 network adapters in BIOS (necessary - it interferes with > WiFi), get the WiFi connection going > 2) in the Template VM, remove the symlink as above > 3) sudo yum install linux-firmware > 4) update Template VM, and dom0 > 5) reboot, re-enable 8168 network adapter in BIOS > > The wired network should now settle immediately, and seems to run fine on > standard r8169 (sic) > > CB All, Am having the following issues on R3.2 and just cannot get the Ethernet connection working (8188CE WiFi is fine!): [user@sys-net ~]$ sudo journalctl | grep r8169 Nov 25 08:46:17 sys-net kernel: r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0: Xen PCI mapped GSI16 to IRQ22 Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0 eth0: RTL8168e/8111e at 0xc92f4000, 28:92:4a:2a:8d:16, XID 0c20 IRQ 23 Nov 25 08:46:17 sys-net kernel: r8169 :00:00.0 eth0: jumbo features [frames: 9200 bytes, tx checksumming: ko] Nov 25 08:46:18 sys-net kernel: r8169 :00:00.0 enp0s0: renamed from eth0 Nov 25 08:46:28 sys-net NetworkManager[543]: (enp0s0): new Ethernet device (carrier: OFF, driver: 'r8169', ifindex: 2) Nov 25 08:46:28 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 08:46:28 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 09:27:32 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! Nov 25 10:25:17 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 10:25:17 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! Nov 25 10:26:13 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 10:26:13 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! Nov 25 10:47:16 sys-net kernel: r8169 :00:00.0: swiotlb buffer is full (sz: 16383 bytes) Nov 25 10:47:16 sys-net kernel: r8169 :00:00.0 enp0s0: Failed to map RX DMA! [user@sys-net ~]$ Vincent -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/aa1107e7-dcf8-445c-b6cd-499699ea18f6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Restore after suspend on Dell XPS 13 (9360)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! Just bought the Dell XPS 13 (9360) and installed Qubes. Most things work but it won't wake after suspend. Keyboard lights up but the screen doesn't wake. It is not possible to switch to tty (Ctrl+F2). How can I debug this on Qubes? /David -BEGIN PGP SIGNATURE- iQIcBAEBAgAGBQJYOFeYAAoJEPGkLSV5Ugp+cv4P+wbYThZtMF1mtksnWPqMmcY3 X6Ll3hIVYJ2a4XpyYfqBgPAs5uGH13DlU0fP3hUsWx9apaY1wR5l+vaF/mH3wwpw yWpD/V3JGE2MCSQHVv8tTFN0unGk0HkfNsJ+PXGW1lzIA1vgRtHpfjXBt20A3/AN Bl5xBWbnjniOXbaFynSath0Xnps7DDsMzIic4vvhNhA7OyWbbl6UIUH6nTmjhrXy OCkoouTK3v1Rcm2fPmqqiuTCKlNuFqemyDnYrrtVE5c5Uaoj2kO1zmVoAODqrdaQ SvHtBLhLiZ584ePHFoWJYcXc5i1EWDgOI8lIc2hFV2ccb+0WkON+box2JSgXNZU2 Tj2uxMVBMPmUiEJFiU5rvH0xCuCjxuIIt2OCmZuNz0UGcZ7e8rgUPIMizW4c7a8C YRHOOPGK4QeLDGGb91gKOyBhZaZye+4X4oRIfbzC63nK+hQbGo1p4JpsWgOotWVk MgChkBy37NJO5AKryePP6X4BAUByQoKAORJM9a7v34CAvqruqnZa/31P4Krr+MkO hzSDDwXvxByjmZpQWChXEo/PA/vugaciWvWZkIBsnrEwOYVwhxvyENYQyNbMYoON PFpq+njXPlUWfHM8HepQdHSjWaKYfalNKBi7SGwYq2rVUG0tm+LOPyx7kG9bqLnT sL2AXKZm4HP/JFyhlJNS =Txwl -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2e0cdfa9-b822-4c67-8fae-519e3decd700%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes Questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/24/16 07:29, rspeiglv...@gmail.com wrote: > * Finally, I am interested in the Purism Librem 13 laptop and noticed that it > was supported for Qubes R3.x but not R4.x. Is this because of some hardware > issues or because R4.x hasn't been released yet? > Short answer: Hardware issues. If you want a laptop that's certified for 4.x, it is unlikely to be from Purism. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOFCzAAoJENtN07w5UDAwuYkP/13VBRDJMJKnm4gaYQub2cpN qCQPYLd/SzuCWME61XcwXpSfEfVKexHUMkA8cHhe/02n094FMUcP1bNA5REtOJoI PjzCcNjxqT9jcPO9F2/T6hN2wMNrzczShtJdy3VIJn9PQA2NFXDKEyNSjsTH6IP0 S6NJyOVhaD5yLsRGh5GeDCFNOJQN6z6MawBe5wiehT5Hl8d/jwzGU94QpeyjG4xI IPU6i6Ngl3W7ghwXX3knITDViqPOzcXj8pcrlmGUiho9JJA3c5YXjO9r127gwtPG 2Wp6P987x7yq2ZxnNNg5YiYYVoWFdHoB9GkXOXrwJmUqCIDag4bpSNzKbMuw/TqJ LHaBmRegB8fofQfwIb58IyBkKTNFR1CQDn5ig1h1jwSELN8lmrZAmXhjIgoqm1vK uwrc3OGA9ESKJjnkONSNbFuwLD4m0QQeqj+1b0xyOYNyr/dlDMucT/3ydlaVHNgO 8ScH/ofbXbA2O252BD3GNrFOQ9R4MFA5byCpLuTzC6qkKactR+33/OZvWBqhr5V4 t1VzfKABX+Tagy7B7CtW1KoUw+Iu0OdvETlojZht/pg/gogazR9zv/udEWxaeDHQ Tvi/d5YmcjJanALUVSiJGwgSct8JAz0ITe6HpTNPwH/cbl6wYXQYQKuFdd+OhIWl JV+Sf7CPRr0TaqrbBB0r =62HS -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3c8e3c3c-78c1-ecfc-cd3b-7cbbfdb4d159%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Fedora 24 Network Manager icon is missing (and other small issues).
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/24/16 02:35, Fabrizio Romano Genovese wrote: > As the title says: I've cloned my fedora 23 templates and followed the > procedure to upgrade them to fedora 24. Everything is splendid, the only two > disappointing things are: > > a) Network manager applet icon is missing. May this be related to the fact > that my netvm runs on a minimal template? > You should be able to get a working NetworkManager applet if you install all the packages in the "NetVM" use case listed here: https://www.qubes-os.org/doc/templates/fedora-minimal/#customization > b) Fonts look a bit changed. Again, not that much of a problem, it's just > unexpected. > That's probably because you don't have the same fonts installed as in the standard Fedora 24 template. (I'm not sure what they are, but I find DejaVu Sans works well enough for my purposes.) - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOE9mAAoJENtN07w5UDAwWxgQALUXEDLLPx8W2QEsgsmqi7eD QZMhgEmQUmk9QD5dlg4xKphl88KE2pBv5eakD/NC/JhnOI1Fo0Mevw1B99Vu5dEZ lETBFOO9TfnwJPG5HaFajBrpbziCxizPXhHvRKX+ayKb3tMECxbvq3sd4TgdnaiN xtn03AH+RcBhO+qI6vk+pHvbuAkzuH/nAgXESuI0weUZPuokJBBO8Mak7q88/rdQ qthyYley1cc7j6ogY9zfCYVIarFhAMd8NeoLSnXvgAUT1a4C5RAlhj1amjSz/JHZ PmBsaygM2au2B0MOSe7vBY9Naobmoblu57IyT/mkwJ4uGMZuvNXPwarPoISxg0T1 IaCU1oeaTYQ+1FBXT1+ZVU/wTUBeUEu5mkxRvJcBl84dH57Vv3hnl/bbJitPCKkM 4+NYVZwVt9XdT++z/oPe+IEpzahtrcSEGq4UGhf01P5zLcTNqeqR9AZSJLfrpCzf 5EbhnokJU1U3Ex3u5XBpstW9Ygi0fjoFpMfMl69S3ISxsyJclcTv6xaIVjjablcz ksL61DyqABceaBILW5i97NSzGUURXbP+dCUXSddlEBgqHuRcUgEuOOSMxDX3f35u PXrq4o1vINlbhTRgMIcTDGDe52Tvzg+41PYTmc6Pd3vTNvOztLw0cwsCbAG4UDs4 5ION0JU+3981xicM2I1S =kTpw -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3b5a4377-112b-32ae-381c-1fd351d55311%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Replacing Dolphin on Whonix-ws
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/21/16 20:19, Patrick Schleizer wrote: > Nautilus previews are still enabled unfortunately. TODO: > > https://github.com/QubesOS/qubes-issues/issues/1108 > > Dolphin [and Nautilus] previews are disabled in Qubes-Whonix, but not in > other Qubes VMs. TODO: > > https://github.com/QubesOS/qubes-issues/issues/1885 > > Help welcome! > > Cheers, > Patrick > Those issues are for Debian and Whonix. File previews in the Fedora templates have been disabled for a long time now. - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOE0hAAoJENtN07w5UDAwByUP/05cP1OgCMoU3BxBCtmGYiGH QQOj4et9FPIsVCuuzmL2M3hTA1dV8pbpCyXCyFuuUvVzvD8lJavuJ4jCthkPU9uN FeP/YjKKR8OXktBlXkvTbrhlEpBuw08s8bnWk9PnYizDIxTrj4XSOB5CPleQOzGo SiFbdtJRHcZW9cjXgsQjPGmmawdbzhDgzPydGaGrCG3B9o0CMl1IAu9qivuGfeEZ 9W6VTiBLpkVyBNs+zFAWJQ0787e9hZy/NL/2s9HhxzvISOf4B6dVuyZCb1WxkArA cM9Pf+rVAqx2ncYJvSTMsQNlFXYi9kVHoV3Bu3U4Bm8CtpaTmPWiQ9GycB2Mj7jm G2t19CjlZ2FshYAw0C6WM4Y5xkEkY7oNGwnKOeSZ24B35Muy6L2p+t0bCzIwZjeI LfB/+iVS0qwwjpoxQuTfkZjaQ3Ii3i/3ipd0mQF6TfOyJziR5B2aGL9W9w2AK7a+ rghxYP7jNNWwxILmdgg0hYhK7l3jS+iw6XkhpAwGt3MVp7OG7P+3Q1Osr8JYctFh kHyTSb66F+AqOzlWJbekkWtD1ONc9EhLqn3/GAcY1ZTJIUiFlxT55dznluwJYIUY GmBjSzf/Kx8QyQ+NYOOFKdcJFqHQ2p71CXFsbI0dJjky9Z+AdvJviEys3nCJGcwJ Cfu3OXeVxYEiKr+NKaof =rxZv -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dbb7ab0a-c089-056b-18cc-9988b45bf63f%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Qubes - Revocation of the Qubes Signing Key
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/21/16 07:46, Me wrote: > Do Qubes have any intention of following in the footsteps of TAILS as > proposed below: > [...] This is a good idea. Tracking it here: https://github.com/QubesOS/qubes-issues/issues/2459 - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOEpMAAoJENtN07w5UDAwa3YQAL+lkWgR8klU70/J098lPTUU sY0nin+jMUa7VATfShZoZT6fR+sfaWT90HCGHkEAQiO8iIP+qYk19+B/GxYUi0SC JwK0pMn2rlo7phtAteLui5znPam25j0T9bfDZOdk7pMpSihSj6OXbqcXa6aeRImd K5zciq2BedP+cjmq1INHbWf5fscoqGh0cRlydYbwWDrQ92bEWflTvrqExLaGTqhN n8Bg0ceEVdz7YQjhc9rKDslOfgVVwzEaqqpU+luI91tXG04KLIgJxC8mSgnB7e1O bC/ImjzqmUIbd3O4Xcy8v8XzgliPlzGc50GzyBFVAwLr5ZjjEGEwU5Z+v/kmlG99 8T1JF7utjuuPCFzdrht5p/+6WMN0G2qIJzrqE1QMOMJbjZspjSvIumLEHVQx2TOQ ZkkwWlzd8JqCSIoSYJpPD1gTjn6NjCEdMshy/pISHCdocC7cWZdEIIGSv4NgowCY q0eX0zp4CRbnkcbcnP9b19HZInAkkay9b6Mi1s7wifzRG7z7MNnieuSAXnVeuIn5 d9QunG7bElzG2ls5oD4e08sCN4vcEaPxgiVh9QgbZzROOSdWqmsfYbJxMULd6Zht CGWMuBPZs2NRKTUC0/yqoBllHLTEwmCHDnF5O4iCRjcBgZ/qj8rN6cVBK3DCqGG1 5X+SqllKC9PHO40m7NTw =EPCo -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6fc6b6f5-e4ce-9906-adc2-969c7e1c6ec5%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Can't update dom0?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/21/16 09:12, Loren Rogers wrote: > > On 11/19/2016 06:31 AM, Andrew David Wong wrote: > On 2016-11-16 12:10, Loren Rogers wrote: I can't seem to update dom0 using the regular updater. The system keeps telling me there are updates for dom0, but I can't get anything to actually update. Is there something I'm missing here? Clicking the "Update VM System" button with dom0 selected seems like it starts, but it doesn't really go anywhere. I attached a screenshot of the system after it gets going. Eventually, it'll just silently crash. I can re-start the process, but it does the exact same thing. I'm using R3.2 on a Thinkpad X201 Tablet. Thanks! Loren > Are you sure it's crashing instead of simply not finding any updates? There's > a known issue with the update notification icon showing even when no updates > are available: > > https://github.com/QubesOS/qubes-issues/issues/2086 > > No, I don't actually know what happens when it disappears. What would be a > good way to determine if it crashes or exits without updates? Is there any > indication that the process completed? > I'm not aware of a way from the GUI. That's why I prefer using the command-line for updates. I'd recommend doing that if you're comfortable with it (and are still having problems). - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOEkXAAoJENtN07w5UDAwzfoP/AzoT/cevG7gtk3vRWCCl374 obXiwxTUmsM7fnW2NiH5NYZa/IFyrqLnv6MWVVnYw6NQtn99MfRvY4gn/fzVqqDo Yic8jhcpiKGgHtsvaFGZCB0lUlP8RY2wZVh9ddEL/z+1UtbpXB2ZJDRPbyN4fP6N QX5eYt4XKrx+Z1TBrglG0hJ9wshghl18yWq9eM0do3lt10DYbmdamhma2cIKMN8D pMOfd5hwUh+qDbDj5zEsI/2DJpzoplcTbquPIxoCDOf5tO/x0yKNqaA8++qS2jKs giwnKhJfmgjxnaQI+rwTjOgV8WyatNRwsVG1Vh2ntNpZM6cJNPhULUkkzGKMDkgA bO50VmFDdo4GXC6Rdl+KCcJ635OARhKMrGrCUO7fFATH0fJEQ2mj9pIpL1VkiCub K0VLuXfJVi4Iw/ye6jUufWqxA7ehCjHSHCjDfDYt1L5TFazQYt44y6AZvmS6we/R cFgA70v3Q+KCfRlScQVJhq5dJDrkye9zW4+L3IQl0Ryc9AcunNpCKS3B43qQyAlM JjN5JSiLdMGlmZD1JAIZeDHlLx9TlrguZt2DAtBy1GiBs7nMAPHNGpypMobKZeGF iz+/X5pXKZXEZLHI/jgxXkEeMU++2pCp3nqDy9M2h6tvf7QHVjyMmv8gaN4aM7un mh33rujEHIbWivht+FEz =wgFr -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3adc354f-7afe-c061-dff7-2b0b79d4cfa3%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Date/Time panel plugin appears with white backgroud after yesterday's upgrade
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 11/21/16 07:11, 55qpno+2vc52qkc122uo via qubes-users wrote: > Hi, > > After yesterday's upgrade my date/time panel on the XFCE panel appears with a > white-ish background that makes almost impossible to verifying the current > time/date. > Is anyone else experience the same thing? Any ideas how to resolve this? > > Thanks > I haven't see this personally. Have you tried changing the desktop and window manager styles? Settings Manager -> Appearance -> Style and Settings Manager -> Window Manager -> Style - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYOEeOAAoJENtN07w5UDAwAsUP/2AtzJTNDFvezqeQ7P8uh2MO kyTK9Wq476d2ekkfVmJhkpDTTI8u+XIu+rhAId7PrD5vmn0pf04jwwhDYxG0CqPK My11hImfzvucJnQFdiQAkmOEdqSnQRv3C41ng0o9lqoXDhirSi91YFOpL3PL32b+ o3CcWxbNanqShrqXw4hFhXZ9e97GKXhbUQG/IhujCB+/UF79Ei8qhSlhTnCbM/HI ZfAKVuoTPlWXm9HIOiGu7mb4DjX+CAhNEoAgf339KCGRSiX6S23ImNZRJUsOOcDD IOORi3aJv28haKI9wilx62t+rQxI1Lrwy/GzRQf+VK9l/RjXB3o7tv3w2ceEa6hn 0Rh2+ZzVETYHbiwtR/IYJIhLx1/5ygfrd9WYl9XxdJgfBruEaYjBL7PnSzK+J94/ 2j4IxnKF6FQR7wcr3hhWd8FuEAxhFx3kKvx292xs8ytYeSMLy3m3280t9x0LHbP4 tNumO5Om3OwX6tteSor+Z8Z0l+B9vpCY1kC4qTEQq+Wod40Yd4LewsHlg33V/GY9 TPoA2EaXktwV/ysev84kbr4lIzPOl8/rKzgKQDPf3pwB8v6SwsoHpsCzMA10xAkG U2bFOxUpmB+zmOxuW9gyhlseJ+KnJMQJYNV1+Y65L7Vt2PU3uOCHI6LLb95xWvNy RsIM3oQETrvmRCK6bbq2 =k6iF -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e3c72c3d-bebf-282a-3cc9-1222e649761c%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Passthrough
On Friday, November 25, 2016 at 1:36:42 PM UTC+1, Desobediente wrote: > As for these checking algorithms, everything can be faked, Not really pertinent to this discussion but PUFs: https://en.wikipedia.org/wiki/Physical_unclonable_function -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0ad2ea33-057f-4fcb-92ca-52b72c9eb3ca%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Friday, 25 November 2016 11:38:21 UTC, raah...@gmail.com wrote: > can you just tell us the options so we can compile it ourselves? paste the > cfg or something. https://wiki.gentoo.org/wiki/Hardened/FAQ#Do_I_need_to_pass_any_flags_to_LDFLAGS.2FCFLAGS_in_order_to_turn_on_hardened_building.3F Also: > Can I add -fstack-protector-all or -fstack-protector in the make.conf CFLAGS? > No, they will likely break the building of many packages, amongst others > glibc. in other words these options will break some packages - particularly glibc; ulibc is more flexible in that regards. There's also: https://wiki.gentoo.org/wiki/Hardened/Toolchain It's not as straightforward as you think. Perhaps you can build selected applications as statically linked with PIE, and place it in a grsec chroot instead - it would be a lot simpler. I'd really like to see Gentoo (hardened) support, that and OpenBSD. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/85a85993-5aaa-42a5-b627-3ff158fe456f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Network problem since upgrade to fedora-24 template
I found the "problem". It seems that the code of the systemd script that detects virtualization (systemd-detect-virt) has changed between fedora-23 and fedora-24. The one in fedora-24 is confused by the fact I use QubesOS insed a KVM VM and is not able to detect xen on top of the VM (it detects KVM instead). As a consequence, the service xendriverdomain.service was not started (ConditionVirtualization not met), causing networking to not work on the AppVM (as the backend network was not correctly configured on the NetVM side). To workaround this "problem" I overwritten the systemd-detect-virt in fedora-24 by the one in fedora-23. Everything works fine again :) On 11/25/2016 12:01 PM, BePe wrote: > I suspect that the script vif-route-qubes is not called at all? > What triggers this script? Where is it configured? > > On 11/24/2016 04:09 PM, Opal Raava wrote: >> On Thursday, November 24, 2016 at 3:03:01 PM UTC+1, BePe wrote: >>> Hi Opal, >>> Thanks. >>> But I don't know all the actions that should be realized. For sur there >>> will be IP configuration, routing and probably iptables rules. >>> BePe >>> >>> On 11/24/2016 01:22 PM, Opal Raava wrote: On Thursday, November 24, 2016 at 8:33:14 AM UTC+1, BePe wrote: > Hi All, > > I have an installation of QubeOS 3.2 inside a KVM VM (I know > that it's not recommended but it's very practical for testing) > that was working without any major issue since last week when I > decided to upgrade to the fedora-24 template and have migrated > the net-vm et the firewall-vm to use the new template. > > Since then, the networking (e.g. internet access) is no longer > working on all the AppVM except on the net-vm. > > I noted that when an AppVM is started there is no vif interface > that is brought up in its configured NetVM as it used be the > case when fedora-23 template was used for the NetVM. > > Does somebody have the same issue? How could I fix/workaround > the problem? > > Is there a way to manually and properply bring up the vif.XX > interface to establish the connection between a VM and its > configured NetVM? > > Thanks for your help. > > Regards, > > > -- > BePe Hi BePe, I don't have the same issue, but maybe you can manually put the required ifconfig orso commands in your /rw/config/rc.local file? (and make that file executable.) >>> -- >>> BePe >> Hmm there should be an easier way, but I dont know how... I'm still a noob :/ >> -- BePe -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3aa66b77-9a06-83d8-d965-6583ef10d2a9%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Passthrough
In the settings tab on the qubes manager you could passthrough almost everything. For example, if you passthrough the video card, your screen will black out. As for these checking algorithms, everything can be faked, which implies the very idea of checking the system is broken because you can run your "system checking" software everywhere you want to, because with virtualization, you can tell the operating system whatever you want to. Modern and clever software for checking COULD bypass some things, what would require you to recompile qubes/xen to apply more aggressive means to fool the windows guest. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAF0bz4QxNBCJmRH8yVvtUyWs6%3D7Rzz1T%3DDFz42m8mW3mKxhBZg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes and GPUs for Data Science
You would need "GPU passthrough" and give the entire GPU to one VM. Some people try; most fail. It's not supported and finicky. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/11401b03-7f1c-442d-bb12-e2097f136801%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Passthrough
On Friday, November 25, 2016 at 12:55:27 AM UTC+1, Drew White wrote: > Is there any way that I can pass through all real hardware specifics to the > guest to make it not think it's running under xen? (primarily Windows) It depends on what exactly is used as input to creating this device identifier but it's extremely unlikely that you will be able to pass through all the necessary devices. You might be able to fake some of it, though. There is no support from qubes except for PCI passthrough. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4f948a2e-5aae-4451-b806-7b6961e513b0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Tuesday, November 22, 2016 at 7:57:56 PM UTC+1, kev27 wrote: > I saw this being retweeted by the Qubes account on Twitter. Can Grsec support > still land in Qubes 4.0, or should we expect it for 4.1 or 4.2, etc? > > I think if Grsec would be enabled by default in Qubes, it would be no > question that Qubes is the most secure operating system out there. Technically you could consider having grsec in dom0 or in AppVMs. It seems unklikely to me that it will appear as a default in either place. In dom0 it isn't really necessary because it is extremely hardened and trustworthy already. In AppVMs it can be used already which is what this tweet is about but I doubt that the default Fedora template will change. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/530ca2c9-c99f-447f-88ed-5a4fe59ca65a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Friday, November 25, 2016 at 6:38:21 AM UTC-5, raah...@gmail.com wrote: > On Wednesday, November 23, 2016 at 6:34:08 PM UTC-5, jkitt wrote: > > On Tuesday, 22 November 2016 19:49:07 UTC, Ronald Duncan wrote: > > > Will this be using the latest linux kernel since grsecurity only provide > > > the latest version free. > > > > Yes, it will be an "unstable" kernel. A bare metal grsec kernel is actually > > available in Debian's testing repo. However, it is not compiled with > > optimal hypervisor guest options, and will be slow (if working at all) in a > > Xen guest environment. And because it's in the testing repo it probably > > doesn't receive as much attention to security as stable. > > can you just tell us the options so we can compile it ourselves? paste the > cfg or something. does it need any other special patches? something like this to stay up to date you gonna need compile the multiple times a month. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/dedae420-91df-4a54-b96c-a56bb36e7d1f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Qubes 4 with Grsec could make a big splash
On Wednesday, November 23, 2016 at 6:34:08 PM UTC-5, jkitt wrote: > On Tuesday, 22 November 2016 19:49:07 UTC, Ronald Duncan wrote: > > Will this be using the latest linux kernel since grsecurity only provide > > the latest version free. > > Yes, it will be an "unstable" kernel. A bare metal grsec kernel is actually > available in Debian's testing repo. However, it is not compiled with optimal > hypervisor guest options, and will be slow (if working at all) in a Xen guest > environment. And because it's in the testing repo it probably doesn't receive > as much attention to security as stable. can you just tell us the options so we can compile it ourselves? paste the cfg or something. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/80ea0796-216f-49d9-ac6c-56924058cba3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes not shutting down
On Thursday, November 24, 2016 at 3:11:15 PM UTC-5, Loren Rogers wrote: > On 11/24/2016 01:39 PM, Loren Rogers wrote: > > > > > > On 11/24/2016 03:57 AM, Pawel Debski wrote: > >> W dniu środa, 23 listopada 2016 00:34:09 UTC+1 użytkownik Drew White > >> napisał: > >>> On Tuesday, 22 November 2016 13:41:30 UTC+11, Loren Rogers wrote: > On 11/21/2016 06:24 PM, Drew White wrote: > > On Tuesday, 22 November 2016 06:04:43 UTC+11, Loren Rogers wrote: > >> On 11/21/2016 11:04 AM, Loren Rogers wrote: > >>> On 11/21/2016 12:42 AM, Drew White wrote: > On Sunday, 20 November 2016 04:56:03 UTC+11, Loren Rogers wrote: > > Another correlation I've noticed is that my machine randomly > > shuts > > itself down without warning when I'm browsing in the > > Anon-Whonix VM. It > > seems that simply having the Whonix browser open causes the > > problem. > > I've not been able to pin down an exact cause, but it seems to > > happen > > after about 5-20min. When this happens, the machine sometimes > > ends > > up in > > a hung state (black screen) at the end of the shutdown process. > > > > I've also noticed that the fan speeds up right at it starts to > > shutdown. > > (The screen turns to the Qubes logo with the progress bar, > > then the fan > > cranks up.) Sometimes the bar makes it all the way to the end, > > other > > times it seems to simply crash to a hault. As I mentioned > > elsewhere, > > the > > Thinkpad X201t is known to have overheating issues, but I'm > > not sure if > > this is related. I'm not working the machine particularly hard > > (just > > browsing articles on the web), and the hardware is not > > particularly hot > > to the touch. > When it gets to the qubes logo screen, press ESC to see what it's > actually doing. > > If you wish to always know what it's doing, turn off rhgb and > quiet > in the boot config. > > Then you will see where the issue is. > >>> Thanks, I'll give that a shot next time it happens. I feel like > >>> it'll > >>> go by too quickly for me to see what's happening; does it also > >>> write > >>> its activity to a log somewhere? > >> I can now confirm that it's an over heating issue. When it went > >> into the > >> automatic shutdown sequence, I pressed escape and managed to take > >> note > >> of a few of the messages. One of the very first ones was > >> something about > >> "thermal_zone_0 critical temperature reached: 128C", which I > >> assume is > >> the cause. (This isn't an exact quote, since I noted it from > >> memory.) > >> > >> This raises some questions: > >> - What could be causing this overheating issue in Whonix? > >> - Is 128C a normal temperature for the safety shutdown to kick in? > >> - Does Qubes have a warning / alert system for potential > >> overheat? (Like > >> low battery) > > It is a high temperature, but does it ONLY happen in Whonix? > > Or if you push the PC does it happen also? > > Have you tried limiting the threads Whonix can use? > > > > Sometimes CPUs have shutdown at 99 degrees. > > So 128 degrees is a bit high in my own opinion. > > > > I recommend you check the CPU Fan and heatsinks (if it has them). > Thanks for the input - I just dusted out the fan, and we'll see if it > helps. It wasn't too bad, but we'll see if there's an improvement. > > No, it also randomly goes into auto-shutdown when backing up VMs. > However, that happens about 20% of the time. Whonix seems to do it > about > 80% of the time, the other 20% I figure I shut it down before it > does so > on its own. I figure there may be something in the Whonix VM that's > causing my processor to over work itself. The auto-shutdowns may be > ultimately linked to dust in the fan or something like that, but if > there's something processor intensive in Whonix, it may be worth > looking > into. > > Also, a heat warning message would be nice. I assume the thresholds > are > set via the bios - is there a standard way of monitoring this? (I'm > not > particularly well versed in this sort of thing.) > >>> > >>> > >>> I recommend you get your HDD checked, and your RAM. > >>> > >>> Test both thoroughly. > >>> Could be some bad sectors. > >>> Also run a smartd check. > >>> > >>> Some PCs have system diagnostics built in for RAM in the startup > >>> sequence. > >> Thinkpads have known problem that after long time of usage GPU > >> radiator glued to the chip goes loose and X201 is rather older model. > >> Not sure how to measure GPU
Re: [qubes-users] Re: Qubes not shutting down
On Monday, November 21, 2016 at 2:04:43 PM UTC-5, Loren Rogers wrote: > On 11/21/2016 11:04 AM, Loren Rogers wrote: > > > > On 11/21/2016 12:42 AM, Drew White wrote: > >> On Sunday, 20 November 2016 04:56:03 UTC+11, Loren Rogers wrote: > >>> Another correlation I've noticed is that my machine randomly shuts > >>> itself down without warning when I'm browsing in the Anon-Whonix VM. It > >>> seems that simply having the Whonix browser open causes the problem. > >>> I've not been able to pin down an exact cause, but it seems to happen > >>> after about 5-20min. When this happens, the machine sometimes ends > >>> up in > >>> a hung state (black screen) at the end of the shutdown process. > >>> > >>> I've also noticed that the fan speeds up right at it starts to > >>> shutdown. > >>> (The screen turns to the Qubes logo with the progress bar, then the fan > >>> cranks up.) Sometimes the bar makes it all the way to the end, other > >>> times it seems to simply crash to a hault. As I mentioned elsewhere, > >>> the > >>> Thinkpad X201t is known to have overheating issues, but I'm not sure if > >>> this is related. I'm not working the machine particularly hard (just > >>> browsing articles on the web), and the hardware is not particularly hot > >>> to the touch. > >> When it gets to the qubes logo screen, press ESC to see what it's > >> actually doing. > >> > >> If you wish to always know what it's doing, turn off rhgb and quiet > >> in the boot config. > >> > >> Then you will see where the issue is. > > > > Thanks, I'll give that a shot next time it happens. I feel like it'll > > go by too quickly for me to see what's happening; does it also write > > its activity to a log somewhere? > > I can now confirm that it's an over heating issue. When it went into the > automatic shutdown sequence, I pressed escape and managed to take note > of a few of the messages. One of the very first ones was something about > "thermal_zone_0 critical temperature reached: 128C", which I assume is > the cause. (This isn't an exact quote, since I noted it from memory.) > > This raises some questions: > - What could be causing this overheating issue in Whonix? > - Is 128C a normal temperature for the safety shutdown to kick in? > - Does Qubes have a warning / alert system for potential overheat? (Like > low battery) maybet thats your hdd reported temp? Fedora use smartctl by default I think? could be your hdd is going if its the case. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a355c3c2-7a49-4553-a8de-a5d572e0a2fc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Passthrough
On Thursday, November 24, 2016 at 6:55:27 PM UTC-5, Drew White wrote: > Is there any way that I can pass through all real hardware specifics to the > guest to make it not think it's running under xen? (primarily Windows) what? lol -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4f541c21-32e7-493f-8ad6-bef4c1e72765%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Qubes 4.x and Librem 13
À 25.11.2016 04:36, Jean-Philippe Ouellet a écrit: On Thu, Nov 24, 2016 at 8:12 PM, Duncan Guthriewrote: And of course Coreboot is fast and fun. I love your description of BIOS work as "fun" ;) In my experience, getting things working has been anything but! xD I like customising things, so it is fun. Coreboot usually works fine the first time you compile... As for the fun, what I am referring too is some of its advanced features - can your BIOS run Tetris from the flash chip, I ask? D -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/40c9e25ff064949581ee8270008c91da%40posteo.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Network problem since upgrade to fedora-24 template
I suspect that the script vif-route-qubes is not called at all? What triggers this script? Where is it configured? On 11/24/2016 04:09 PM, Opal Raava wrote: > On Thursday, November 24, 2016 at 3:03:01 PM UTC+1, BePe wrote: >> Hi Opal, >> Thanks. >> But I don't know all the actions that should be realized. For sur there >> will be IP configuration, routing and probably iptables rules. >> BePe >> >> On 11/24/2016 01:22 PM, Opal Raava wrote: >>> On Thursday, November 24, 2016 at 8:33:14 AM UTC+1, BePe wrote: Hi All, I have an installation of QubeOS 3.2 inside a KVM VM (I know that it's not recommended but it's very practical for testing) that was working without any major issue since last week when I decided to upgrade to the fedora-24 template and have migrated the net-vm et the firewall-vm to use the new template. Since then, the networking (e.g. internet access) is no longer working on all the AppVM except on the net-vm. I noted that when an AppVM is started there is no vif interface that is brought up in its configured NetVM as it used be the case when fedora-23 template was used for the NetVM. Does somebody have the same issue? How could I fix/workaround the problem? Is there a way to manually and properply bring up the vif.XX interface to establish the connection between a VM and its configured NetVM? Thanks for your help. Regards, -- BePe >>> Hi BePe, I don't have the same issue, but maybe you can manually put the >>> required ifconfig orso commands in your /rw/config/rc.local file? (and make >>> that file executable.) >>> >> -- >> BePe > Hmm there should be an easier way, but I dont know how... I'm still a noob :/ > -- BePe -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/eb259fab-fe54-d997-add2-50c078b390f3%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Tradeoffs between btrfs, lvm, and lvm thin provisioning.
вторник, 28 июня 2016 г., 17:37:57 UTC+3 пользователь Chris Laprise написал: > On 06/27/2016 09:47 PM, indoler...@gmail.com wrote: > > What are the tradeoffs between btfs, lvm, and lvm with thin provisioning > > WRT speed and space efficiency? > > > > Both btrfs and (thin) lvm do similar things with copy-on-write, though I > have not seen direct comparisons of speed between them. Btrfs is more > flexible by far, though, and its what I use for Qubes. Regular lvm is > just a hassle and IMO only good for snapshots that are immediately > created and destroyed for backup procedures. > > Qubes will automatically use reflinks whenever it clones vm disk images, > which is a COW copy that happens instantly and only allocates extra data > blocks when blocks are changed in either copy. It allows a lot of > experimentation to be done at virtually no cost in disk space, for > instance. This happens on a per-vm (actually, per-file) basis, without > having to do whole-filesystem snapshots as in lvm. This makes btrfs > potentially much more space efficient than the rest if you make use of > cloning. Btrfs also has compression. > > Its worth noting that vm images suffer from logical fragmentation > because writing to disk image files behaves like random database > updates. Because btrfs does COW on *every* write, it does make it slower > than ext4 but on Qubes not noticeably so. Qubes vm images are sparse, so > whenever deletions occur this fragments ext4 filesystems and slows them > down also. > > The fastest filesystem to use in dom0 is probably ext4 *without* lvm. > Turning off 'discard' in the vm's /rw volume may prevent some > sparse-related slowdown (at a cost in disk space). With lvm, ext4 will > probably become slower than btrfs as soon as you start making snapshots > and updates. > > Beyond that, I think its possible to assign a raw block device to a vm, > though I haven't explored that yet. Ext4 on a raw block device would be > the fastest, but not flexible or space efficient. > > Chris Hello Chris, Thank you so much for your answer -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/77ff3000-2a24-447b-b54b-a0d51a2c9d2e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Attaching Item as FDD
On Friday, November 25, 2016 at 3:55:04 AM UTC+1, Drew White wrote: > How do I attach am IMG to appear as an FDD? A floppy? You mean in Windows? I've never seen anything about that being supported. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4b1ac7d6-49ed-4218-acef-6ef949c46d05%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.