[qubes-users] Re: Announcement: Fedora 30 TemplateVM available
Thank you very much for the timely wonderful update qubes team! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3c5366a3-26f7-4595-a284-714ef672ec5e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Openbsd as a netvm
I think what unman means is for you to provide the logs in text and not just provide images to help diagnose this problem -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/51f90c16-e24f-4154-a9c7-11a7e4820e28%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Openbsd as a netvm
On Sun, Jun 02, 2019 at 06:24:33PM +, ronpunz wrote: > > On 6/2/19 3:11 PM, unman wrote: > > On Sun, Jun 02, 2019 at 02:04:57PM +, ronpunz wrote: > > > On 6/2/19 1:46 PM, unman wrote: > > > > On Sun, Jun 02, 2019 at 01:41:48PM +, ronpunz wrote: > > > > > On 6/2/19 1:06 AM, unman wrote: > > > > > > > Not sure which direction to go next and to be honest, feel a bit > > > > > > > out of my > > > > > > > depth. When I started this task I thought there was a simple > > > > > > > correlation > > > > > > > between openFW to sys-net and fw to sys-firewall. In reality it > > > > > > > seems a > > > > > > > fair bit more complicated than that. For example, fw seems to > > > > > > > have a dual > > > > > > > firewall and network interface role? > > > > > > > > > > > > > I dont understand what this means. > > > > > > There is simple correlation as you describe, it's just that fw > > > > > > needs to > > > > > > do a little more work to provide the internal interface to the HVM. > > > > > > > > > > > > What error do you get when you bring up em0? > > > > > > What's the output from ifconfig? > > > > > > > > > > > I note the ifconfig screen shots were missed off my reply. > > > > > > > > > > They should be here > > > > > > > > > I'm sorry - can you cut and paste the contents rather than imaging? > > > > > > Copy/paste as requested > > > > > ?? > > I cant see the images - paste the contents in the mail. > > > Sorry. I'm a bit confused. I pasted them in the mail and they're viewable on > the qubes user forum at > https://groups.google.com/forum/#!topic/qubes-users/MpXLhz5COvM > > Please let me know if there's more i can do > I cant view them. Please post the contents, not pictures. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190603005401.u5itrr3f57unvetq%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Announcement: Fedora 30 TemplateVM available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 02/06/2019 4.13 PM, Yethal wrote: > W dniu sobota, 1 czerwca 2019 22:29:31 UTC+2 użytkownik Andrew David Wong > napisał: > Dear Qubes Community, > > A new Fedora 30 TemplateVM is now available. We previously announced > that Fedora 28 reached EOL [1] and encouraged users to upgrade to Fedora > 29. Fedora 29 is still supported by the Fedora Project, so users may now > choose either Fedora 29 or 30 (or both) depending on their needs and > preferences. Instructions are available for upgrading from Fedora 29 to > 30. [2] We also provide fresh Fedora 30 TemplateVM packages through the > official Qubes repositories, which you can get with the following > commands (in dom0). > > Standard Fedora 30 TemplateVM: > > $ sudo qubes-dom0-update qubes-template-fedora-30 > > Minimal [3] Fedora 30 TemplateVM: > > $ sudo qubes-dom0-update qubes-template-fedora-30-minimal > > After upgrading to a Fedora 30 TemplateVM, please remember to set all > qubes that were using the old template to use the new one. This can be > done in dom0 either with the Qubes Template Manager [4] or with the > qvm-prefs [5] command-line tool. > > > [1] https://www.qubes-os.org/news/2019/05/29/fedora-28-eol/ > [2] https://www.qubes-os.org/doc/template/fedora/upgrade-29-to-30/ > [3] https://www.qubes-os.org/doc/templates/fedora-minimal/ > [4] https://www.qubes-os.org/doc/templates/#how-to-switch-templates > [5] > https://dev.qubes-os.org/projects/core-admin-client/en/latest/manpages/qvm-prefs.html > > This announcement is also available on the Qubes website: > https://www.qubes-os.org/news/2019/05/30/fedora-30-template-available/ > > > Can existing fedora-29 templates be upgraded in-place or do we need to > download fresh ones and switch over all of our qubes? > As explained in the announcement, instructions are available for upgrading from Fedora 29 to 30: https://www.qubes-os.org/doc/template/fedora/upgrade-29-to-30/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlz0PkQACgkQ203TvDlQ MDARtQ//esoDuJE9Lcj1lcyjRXqK8FFJftT2S7+b8Y5fcz2gQ4ahYsVRBjpM5ta5 7k6ognx9A6NVLkaVikhDapLgibo56PNHwfA1SnR8TuzerdSWfdWOoODbeMxrjoGv QRBJ/EjbFG00EKRZZvl5KLT5CMIKZI2kIkbAPxuLU25cCfv6ytItN6O05qOCcBoK 8gfJreO/BpmLHE4g10Z6dlgovoET2jl7DUCfTDZ88jUkkotIaX4p3BlVfW0+9En0 JofCspwr7T48a9vqWGAC1pHo4yDQQ4K7nwAFOJuAo1QHwBNlK8fGMM3ppanYQ3gz Rqiir7npdqyzgmqrsPYfJ1MqwpHKRdZjfwLekeUcvT5IorO3kpUk9/UR10GGZlQr ZK8nzPaCEJ+d2SKpDl61+7R/G9xy2TjnHjmKG6FDY58dEgdeWg5ltSXumenqG4Yk gNyjW7jeTje3kkHdbHbQ2hKpfEukyUMnlBpdpzoLDS9CpX4XV2g9Y2xJuH1VvVTv 1ur29/yH8xaPwElNml4AVY9EVwybo87Zq2H+ipiCrQxqyp5ER8cspCeKg/Zx+SaS qkKx0VwuM/DeGBroWN9ouhE4dohbsyeiAD98zj2jpcaw0715qlaj+8vY15hYGR6/ tVpOk2SyJ0vM/vTwntjr/vO2qZum/rXxx7AXHzr+GxT0rlp25Wk= =g7Aq -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c2afc12c-047e-7523-1447-3860ac82d254%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Boot loop
Bootloop on amd 1950x,titan x (maxwell),nvme after entering password for fde it loops. Img of output. https://m.imgur.com/a/9m4FaqO -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/fc8fd5aa-7095-421e-8600-73bd6ba8b8e1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] How to create a new User in Qubes OS 4?
On Sun, 2 Jun 2019, n6-w6...@tuta.io wrote: > I need help to create a new user in Qubes OS 4.0. > > I went to “System Tools - Xfce Terminal” > > I did: > > useradd -m user > passwd user > > usermod -a -G sudo user = ERROR > > I can’t login with my my new user. > Login don’t accept my new created user and password. > > I can't find user+groups manager into Qubes OS 4.0. > > What to do? You want to put the new user into wheel and qubes groups. The other issue might be that your login manager could launch more than one X server behind your back and some gui stuff has some challenges in handling that. ...Then, next you will face issues with the menu I guess. ;-) I have a working multi-user qubes system myself (the other users have only a locked down view to dom0). It works about ok for my use case but requires some trickery with tags (and current one patch which I've not yet sent out). -- i. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/alpine.DEB.2.20.1906020119120.24401%40whs-18.cs.helsinki.fi. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: Announcement: Fedora 30 TemplateVM available
W dniu sobota, 1 czerwca 2019 22:29:31 UTC+2 użytkownik Andrew David Wong napisał: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Dear Qubes Community, > > A new Fedora 30 TemplateVM is now available. We previously announced > that Fedora 28 reached EOL [1] and encouraged users to upgrade to Fedora > 29. Fedora 29 is still supported by the Fedora Project, so users may now > choose either Fedora 29 or 30 (or both) depending on their needs and > preferences. Instructions are available for upgrading from Fedora 29 to > 30. [2] We also provide fresh Fedora 30 TemplateVM packages through the > official Qubes repositories, which you can get with the following > commands (in dom0). > > Standard Fedora 30 TemplateVM: > > $ sudo qubes-dom0-update qubes-template-fedora-30 > > Minimal [3] Fedora 30 TemplateVM: > > $ sudo qubes-dom0-update qubes-template-fedora-30-minimal > > After upgrading to a Fedora 30 TemplateVM, please remember to set all > qubes that were using the old template to use the new one. This can be > done in dom0 either with the Qubes Template Manager [4] or with the > qvm-prefs [5] command-line tool. > > > [1] https://www.qubes-os.org/news/2019/05/29/fedora-28-eol/ > [2] https://www.qubes-os.org/doc/template/fedora/upgrade-29-to-30/ > [3] https://www.qubes-os.org/doc/templates/fedora-minimal/ > [4] https://www.qubes-os.org/doc/templates/#how-to-switch-templates > [5] > https://dev.qubes-os.org/projects/core-admin-client/en/latest/manpages/qvm-prefs.html > > This announcement is also available on the Qubes website: > https://www.qubes-os.org/news/2019/05/30/fedora-30-template-available/ > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > > -BEGIN PGP SIGNATURE- > > iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlzy4B4ACgkQ203TvDlQ > MDCgTw//Yn4xHJxAIhGq6PgZW99FwAz+5/lI8JYy0H62aC5ngZG7MnNrRlw/+cx9 > YtdtCXF/NEW2TES7k3nqLa2qXpXN6JUuPliPy2SfhrAIkXxnbuCrXcHNEpTk8ICd > rU87rnf3zTuk2R46bsGVTkCavzRkOouiIvGNAl7R839v96T98FEWS0GptcTPDwmg > LYl3gTBBkZUSixBMNemMy20W4m131S+OAtZhSjzEBLJxgaRDVO+VFCKYQFarNqlI > sYv2MBUZ953Y7rOcPpBM5ffqBP8Eo0ztmJ+hPygIHDfhkI+W3PS27JEY6mo7a5aL > eeikq9gX25hahI7hihvMF87oLY1QHGwNk54Ke7haBZBvLRITDJQhkUmN7LJTmmpj > y8IZ+1s7csMaVuLMkC8WJRR6SK8FXELk3XaDgt6Qn/XNOo9RZsr5ZnRpsa1VEOy1 > SEh7S+QpkoSOcmlvNqqQ46U4jNDC/lhLtsTKtau2gAoUx+83SwxkcYwkMBb9WSUT > 4tSK/canqKUH9XSC4fq5klKvXcqbgAWM6BoW2/pZyLVrHqNMKbxNHUN8kMwpKjJF > kFc0kq+LNgStqBXare8tOF+4dYIYnRB2ZzAGz0ku4dkEfZ/gFgDOevYri50bUCDR > J5MxNGfHEHx3FKcFShFr+BBgAP7lXmIwEijBuzKnI41q2JTmAw0= > =Fgkj > -END PGP SIGNATURE- Can existing fedora-29 templates be upgraded in-place or do we need to download fresh ones and switch over all of our qubes? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/70cbdb3c-d61f-4488-b8a0-cd00e1b9645e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Openbsd as a netvm
On 6/2/19 3:11 PM, unman wrote: On Sun, Jun 02, 2019 at 02:04:57PM +, ronpunz wrote: On 6/2/19 1:46 PM, unman wrote: On Sun, Jun 02, 2019 at 01:41:48PM +, ronpunz wrote: On 6/2/19 1:06 AM, unman wrote: Not sure which direction to go next and to be honest, feel a bit out of my depth. When I started this task I thought there was a simple correlation between openFW to sys-net and fw to sys-firewall. In reality it seems a fair bit more complicated than that. For example, fw seems to have a dual firewall and network interface role? I dont understand what this means. There is simple correlation as you describe, it's just that fw needs to do a little more work to provide the internal interface to the HVM. What error do you get when you bring up em0? What's the output from ifconfig? I note the ifconfig screen shots were missed off my reply. They should be here I'm sorry - can you cut and paste the contents rather than imaging? Copy/paste as requested ?? I cant see the images - paste the contents in the mail. Sorry. I'm a bit confused. I pasted them in the mail and they're viewable on the qubes user forum at https://groups.google.com/forum/#!topic/qubes-users/MpXLhz5COvM Please let me know if there's more i can do -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/77fcde0b-dee8-ce50-b82e-8987809e655c%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] How to sync files from a file as block device attached to another qube?
If I create a loopback device in vm1 and attach it to vm2, any changes in vm1 device are not reflected in the attached vm2 device. Why is that and how can they be reflected/synced? Here is my test code: # in vm1 sudo losetup -f --show ~/loopfile.img ## result: /dev/loop2 sudo mkdir /mnt/loopmnt # in vm2 sudo mkdir /mnt/loopmnt # in dom0 qvm-block ## result: vm1:loop2 /home/user/loopfile.img qvm-block attach vm2 vm1:loop2 qvm-block ## result: vm1:loop2 /home/user/loopfile.img b(frontend-dev=xvdi, read-only=no) qvm-run -u root -p vm1 'mount /dev/loop2 /mnt/loopmnt' qvm-run -u root -p vm2 'mount /dev/loop2 /mnt/loopmnt' # in vm1 cd /mnt/loopmnt # create a new file and verify it is there # in vm2 ls -al /mnt/loopmnt # the changes from vm1 are not reflected. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/181919757.99537.1559491395496%40ichabod.co-bxl. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Openbsd as a netvm
On Sun, Jun 02, 2019 at 02:04:57PM +, ronpunz wrote: > > On 6/2/19 1:46 PM, unman wrote: > > On Sun, Jun 02, 2019 at 01:41:48PM +, ronpunz wrote: > > > On 6/2/19 1:06 AM, unman wrote: > > > > > Not sure which direction to go next and to be honest, feel a bit out > > > > > of my > > > > > depth. When I started this task I thought there was a simple > > > > > correlation > > > > > between openFW to sys-net and fw to sys-firewall. In reality it > > > > > seems a > > > > > fair bit more complicated than that. For example, fw seems to have a > > > > > dual > > > > > firewall and network interface role? > > > > > > > > > I dont understand what this means. > > > > There is simple correlation as you describe, it's just that fw needs to > > > > do a little more work to provide the internal interface to the HVM. > > > > > > > > What error do you get when you bring up em0? > > > > What's the output from ifconfig? > > > > > > > I note the ifconfig screen shots were missed off my reply. > > > > > > They should be here > > > > > I'm sorry - can you cut and paste the contents rather than imaging? > > > Copy/paste as requested > ?? I cant see the images - paste the contents in the mail. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190602151129.xxbnaedcwdbzgbb7%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Outline - your own OpenVPN server without logs
Does anyone use Outline (https://getoutline.org/en/home). It is absolutely free and open source project. As I understood this project allows to deploy on any server your own VPN Server without any knowledge. In some of manuals I red that you can use third-party Shadowsocks-clients for more accurate tuning. Does anyone know how can we implement this for Qubes Vpn with auto-start and anti-leaks options? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/10e72a7c-0a4e-4552-9cf6-62a3bbcc80a6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] what happened to qvm-trim-template?
On Sunday, June 2, 2019 at 2:10:47 AM UTC-4, haaber wrote: > On 6/2/19 10:16 AM, 'awokd' via qubes-users wrote: > > dr.@gmail.com: > >> Don't see it. > > > > Deprecated; no longer needed in Qubes 4.0. > > > There is "fstrim -a", see man mage. Template trim procedure is: $ sudo fstrim -av $ sudo shutdown -h now (wait for template shutdown) (start the template) $ sudo fstrim -av $ sudo shutdown -h now (wait for template shutdown) (continue your tasks that depend on creating VMs from or cloning the template) Doing it twice ensures that any significant changes from earlier in the previous session aren't stored in a difference file. Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5c5589ad-1afd-4beb-8759-b3dd8fc6a2d0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bootloop
It would do nothing after entering the correct password when typed in us layout. It still had the password screen and the progression bar would still move but once it reached the end it would be stuck their and gave no errors on the console. Just that Plymouth starting and then staring cyptosetup for luk device Id. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0a46f407-8fed-4e60-b841-9c717b8019d8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Openbsd as a netvm
On Sun, Jun 02, 2019 at 01:28:59PM +, ronpunz wrote: > > On 6/2/19 1:06 AM, unman wrote: > > On Fri, May 31, 2019 at 06:25:41PM +, ronpunz wrote: > > > On 5/31/19 10:30 AM, unman wrote: > > > > On Fri, May 31, 2019 at 08:43:59AM +, ronpunz wrote: > > > > > On 5/31/19 12:51 AM, unman wrote: > > > > > > On Thu, May 30, 2019 at 09:56:18AM +, ronpunz wrote: > > > > > > > I'm attempting setup a netvm using openbsd. > > > > > > > > > > > > > > I'm following Unman's guide > > > > > > > https://github.com/unman/notes/blob/master/openBSD_as_netvm but > > > > > > > "fell at the > > > > > > > first hurdle" i.e. Line No1 states "Install OpenBSD as HVM > > > > > > > Template". Does > > > > > > > this mean a standalone template? If so I've successfully > > > > > > > completed this > > > > > > > stage, but, am unable to proceed to line No2 " Create netvm > > > > > > > "openFW" using > > > > > > > OpenBSD as template" - as I understand it an appvm cannot be > > > > > > > created from a > > > > > > > standalone template. That being the case, it looks like I need to > > > > > > > create an > > > > > > > openbsd template - but how? I need either source code to build it > > > > > > > or a > > > > > > > repository to download it? As far as I'm aware, neither exists? > > > > > > > > > > > > > > Any help would appreciated > > > > > > Those are notes, not really intended as a guide. > > > > > > > > > > > > What you need is: > > > > > > qvm-create --class TemplateVM openBSD --property virt_mode=HVM > > > > > > --property kernel='' -l purple > > > > > > qvm-create -t openBSD --property virt_mode=HVM --property kernel='' > > > > > > -l purple open > > > > > Thanks Unman for getting me up and running. > > > > > > > > > > I made it down to line 12 Set fw as netvm for openFW. > > > > > qvm-prefs openFW netvm fw. This command returns: qvm-prefs : error : > > > > > the fw > > > > > qube does not provide network. > > > > > > > > > > Is there a workaround for this? > > > > > > > > > > I managed to get round this with "qvm-prefs openFW provides_network > > > > > true". > > > > I assume you meant:"qvm-prefs fw provides_network true". > > > > > > > > > This enabled me to proceed to the next step "start openFW". However, > > > > > it > > > > > starts only in a transient state (i.e. qubes manager shows yellow led > > > > > not > > > > > the usual green) As a consequence I can't start fw. > > > > > > > > > Ignore this - it's because you dont have any qvm hooks in the HVM. Same > > > > would apply for any HVM - windows, linux, BSDs > > > > Start fw first. Then openFW. > > > > > > > Have now completed all the steps with the exception of line No 44; Bring > > > up > > > em0 - dhclient em0 - which resulted in an error. > > > > > > I now have a network applet associated with fw. But am unable to obtain a > > > connection to my router. > > > > > > From openFW I'm able to ping 10.137.0.34 and the gateway to fw; > > > 10.137.0.33 > > > > > > Not sure which direction to go next and to be honest, feel a bit out of my > > > depth. When I started this task I thought there was a simple correlation > > > between openFW to sys-net and fw to sys-firewall. In reality it seems a > > > fair bit more complicated than that. For example, fw seems to have a dual > > > firewall and network interface role? > > > > > I dont understand what this means. > > There is simple correlation as you describe, it's just that fw needs to > > do a little more work to provide the internal interface to the HVM. > > > > What error do you get when you bring up em0? > > What's the output from ifconfig? > > > Hi I appreciate you're continuing patience and support. > > I've started afresh on a development box. > > I managed to get em0 up > > Here's the results of ifconfig (on 2 screenshots - because I couldn't expand > the terminal dialogue box - I know that's sad) > > > Have tried without success getting the network applet up and running - I > > chose vif26 as client and under ipv4 auto dhcp but recognise that probably > > wrong. > Incidently I note that the settings in OpenFW are non-persistent, as is fw > vif reference number. Once the system works properly, is there a way to make > things persistent across reboots? > > Dont bother with the network applet - all the work in fw is done with the interplay between the vif+ interfaces. This is dealt with in the scripts that you place in /rw/config. OpenFW is indeed amnesiac - I like it that way. If you want persistence, you can configure mounts to another disk, and then put scripts on that disk to configure your setup as you want. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit
Re: [qubes-users] Openbsd as a netvm
On Sun, Jun 02, 2019 at 01:41:48PM +, ronpunz wrote: > > On 6/2/19 1:06 AM, unman wrote: > > > Not sure which direction to go next and to be honest, feel a bit out of my > > > depth. When I started this task I thought there was a simple correlation > > > between openFW to sys-net and fw to sys-firewall. In reality it seems a > > > fair bit more complicated than that. For example, fw seems to have a dual > > > firewall and network interface role? > > > > > I dont understand what this means. > > There is simple correlation as you describe, it's just that fw needs to > > do a little more work to provide the internal interface to the HVM. > > > > What error do you get when you bring up em0? > > What's the output from ifconfig? > > > I note the ifconfig screen shots were missed off my reply. > > They should be here > I'm sorry - can you cut and paste the contents rather than imaging? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190602134644.2tr4ffakuhetho7d%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Openbsd as a netvm
On 6/2/19 1:06 AM, unman wrote: On Fri, May 31, 2019 at 06:25:41PM +, ronpunz wrote: On 5/31/19 10:30 AM, unman wrote: On Fri, May 31, 2019 at 08:43:59AM +, ronpunz wrote: On 5/31/19 12:51 AM, unman wrote: On Thu, May 30, 2019 at 09:56:18AM +, ronpunz wrote: I'm attempting setup a netvm using openbsd. I'm following Unman's guide https://github.com/unman/notes/blob/master/openBSD_as_netvm but "fell at the first hurdle" i.e. Line No1 states "Install OpenBSD as HVM Template". Does this mean a standalone template? If so I've successfully completed this stage, but, am unable to proceed to line No2 " Create netvm "openFW" using OpenBSD as template" - as I understand it an appvm cannot be created from a standalone template. That being the case, it looks like I need to create an openbsd template - but how? I need either source code to build it or a repository to download it? As far as I'm aware, neither exists? Any help would appreciated Those are notes, not really intended as a guide. What you need is: qvm-create --class TemplateVM openBSD --property virt_mode=HVM --property kernel='' -l purple qvm-create -t openBSD --property virt_mode=HVM --property kernel='' -l purple open Thanks Unman for getting me up and running. I made it down to line 12 Set fw as netvm for openFW. qvm-prefs openFW netvm fw. This command returns: qvm-prefs : error : the fw qube does not provide network. Is there a workaround for this? I managed to get round this with "qvm-prefs openFW provides_network true". I assume you meant:"qvm-prefs fw provides_network true". This enabled me to proceed to the next step "start openFW". However, it starts only in a transient state (i.e. qubes manager shows yellow led not the usual green) As a consequence I can't start fw. Ignore this - it's because you dont have any qvm hooks in the HVM. Same would apply for any HVM - windows, linux, BSDs Start fw first. Then openFW. Have now completed all the steps with the exception of line No 44; Bring up em0 - dhclient em0 - which resulted in an error. I now have a network applet associated with fw. But am unable to obtain a connection to my router. From openFW I'm able to ping 10.137.0.34 and the gateway to fw; 10.137.0.33 Not sure which direction to go next and to be honest, feel a bit out of my depth. When I started this task I thought there was a simple correlation between openFW to sys-net and fw to sys-firewall. In reality it seems a fair bit more complicated than that. For example, fw seems to have a dual firewall and network interface role? I dont understand what this means. There is simple correlation as you describe, it's just that fw needs to do a little more work to provide the internal interface to the HVM. What error do you get when you bring up em0? What's the output from ifconfig? Hi I appreciate you're continuing patience and support. I've started afresh on a development box. I managed to get em0 up Here's the results of ifconfig (on 2 screenshots - because I couldn't expand the terminal dialogue box - I know that's sad) Have tried without success getting the network applet up and running - I chose vif26 as client and under ipv4 auto dhcp but recognise that probably wrong. Incidently I note that the settings in OpenFW are non-persistent, as is fw vif reference number. Once the system works properly, is there a way to make things persistent across reboots? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1517e5c8-34c5-eaad-77af-b292ba296556%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Does Qubes-OS 4.0.1 have support for KDE or GNOME desktop environment?
unman wrote on 6/2/19 11:28 AM: On Sun, Jun 02, 2019 at 07:41:36AM +, Finn wrote: I've installed Qubes-OS 4.0.1 and it's XFCE desktop environment but I would rather prefer either KDE or GNOME desktop environment. I found this document[1] where mentioned that Qubes-OS is migrating towards GNOME but at the time of installation only XFCE (neither KDE nor GNOME) is available. I was wondering, is there a way I can use my preferred desktop environment? Or, I have to wait for GNOME until migration is not fully completed because it seems currently there is no support for KDE. [1]: https://www.qubes-os.org/doc/usability-ux/ There are minor issues with KDE - the most significant is that the sys-net icon does not appear - there's a blank icon there. Other than that KDE works fine. In fact, that's offset by the ease of menu manipulation, use of activities to ensure separation of qube windows etc etc. This is completley separate from using mainly Gnome programs. Also, see https://www.qubes-os.org/doc/kde/. Not sure if it's been updated for 4.0. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8a6b8195-383f-a70e-0d30-5bc41656a93a%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bootloop
keyloggerjoshwin...@gmail.com wrote on 6/2/19 9:39 AM: If I dont use fde during install it works fine and boots to the config qubes. There is or was a bug with the FDE password not working right if selecting a non-US keyboard as part of the install. When you say bootloop, what happens after entering the password? Try leaving the keyboard on the default for the install. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/75d3c744-857f-f7c6-f28c-8bb1452b6882%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Domain sys-net has failed to start: internal error: libxenlight to create a new domain 'sts-net'
rotellini9...@gmail.com wrote on 6/2/19 9:17 AM: I serch for the driver log file in the dom0 terminal but it say that the file doesn't exist. I don't know how to send you the command's log because on the pc there is no internet I tried copying the file on a pen drive,the one whit I made the installation of cube,I succeed copying the file but the usb doesn't boot on my windows pc I think is because the installation is still on the usb, I'm buying a new usb but you know some other method of copying file that I can use while waiting for the usb? I forgot, you have to be in "sudo su" mode first in order to find the driver log file. For the "qvm-pci" output, you can take a picture of the screen and include it. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/77c82fdf-92c5-4565-9896-4163cf0b1ba9%40danwin1210.me. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Does Qubes-OS 4.0.1 have support for KDE or GNOME desktop environment?
On Sun, Jun 02, 2019 at 07:41:36AM +, Finn wrote: > I've installed Qubes-OS 4.0.1 and it's XFCE desktop environment but I > would rather prefer either KDE or GNOME desktop environment. I found > this document[1] where mentioned that Qubes-OS is migrating towards > GNOME but at the time of installation only XFCE (neither KDE nor GNOME) > is available. I was wondering, is there a way I can use my preferred > desktop environment? Or, I have to wait for GNOME until migration is not > fully completed because it seems currently there is no support for KDE. > > > [1]: https://www.qubes-os.org/doc/usability-ux/ There are minor issues with KDE - the most significant is that the sys-net icon does not appear - there's a blank icon there. Other than that KDE works fine. In fact, that's offset by the ease of menu manipulation, use of activities to ensure separation of qube windows etc etc. This is completley separate from using mainly Gnome programs. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190602112853.47wawci3yh72mn4u%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
[qubes-users] HCL - ASUS H170-PRO with Intel Core i5-6600 & Radeon RX 570
Motherboard: ASUS H170-PRO CPU: Intel Core i5-6600 RAM: 24 GB GPU: MSI Radeon RX 570 ARMOR 8G --- layout: 'hcl' type: 'desktop' hvm: 'yes' iommu: 'yes' slat: 'yes' tpm: 'unknown' remap: 'yes' brand: | System manufacturer model: | System Product Name bios: | 3805 cpu: | Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz cpu-short: | FIXME chipset: | Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:191f] (rev 07) chipset-short: | FIXME gpu: | Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/580] [1002:67df] (rev cf) (prog-if 00 [VGA controller]) gpu-short: | FIXME network: | Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15) memory: | 24503 scsi: | CT500MX500SSD1 Rev: 023 SAMSUNG HD154UI Rev: 1113 WDC WD20EZRX-00D Rev: 0A80 CT500MX500SSD1 Rev: 020 usb: | 1 versions: - works: 'yes' qubes: | R4.0 xen: | 4.8.5-5.fc25 kernel: | 4.14.116-1 remark: | Also worked with the onboard Intel HD Graphics 530. credit: | eye0ai2phi link: | FIXLINK --- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/vt70RvG29_PajrKPLA6HUti487VFYb2WkyK-99KvmVTnGlePbgEtc9JZo3bNrnXVUJ_zSXmf_Yq-V52TJGDkhH1L-pL22VSI756uBQCsLPE%3D%40protonmail.ch. For more options, visit https://groups.google.com/d/optout. Qubes-HCL-System_manufacturer-System_Product_Name-20190602-183110.yml Description: application/yaml
Re: [qubes-users] Bootloop
If I dont use fde during install it works fine and boots to the config qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/29568d40-874d-48e8-a275-b0fde17daac1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bootloop
If I dont use fde during install it works fine and boots to the config qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/359e8e5b-af91-4029-81cf-3ab2b5433a95%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Domain sys-net has failed to start: internal error: libxenlight to create a new domain 'sts-net'
I serch for the driver log file in the dom0 terminal but it say that the file doesn't exist. I don't know how to send you the command's log because on the pc there is no internet I tried copying the file on a pen drive,the one whit I made the installation of cube,I succeed copying the file but the usb doesn't boot on my windows pc I think is because the installation is still on the usb, I'm buying a new usb but you know some other method of copying file that I can use while waiting for the usb? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/43103bae-fab3-4f7d-bb04-5ddb43d50a43%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Does Qubes-OS 4.0.1 have support for KDE or GNOME desktop environment?
I've installed Qubes-OS 4.0.1 and it's XFCE desktop environment but I would rather prefer either KDE or GNOME desktop environment. I found this document[1] where mentioned that Qubes-OS is migrating towards GNOME but at the time of installation only XFCE (neither KDE nor GNOME) is available. I was wondering, is there a way I can use my preferred desktop environment? Or, I have to wait for GNOME until migration is not fully completed because it seems currently there is no support for KDE. [1]: https://www.qubes-os.org/doc/usability-ux/ Cheers, Finn -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/3904456e-cb2c-45a7-e19a-ee94a70f0aaf%40disroot.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Bootloop
I haven't touched the kernel it's on the default one that comes with R4.0.1. Do I need to update it ? If so how when it dose not boot? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8bb2ca9a-ffe3-41a1-80ad-fc29ec8dc243%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] what happened to qvm-trim-template?
On 6/2/19 10:16 AM, 'awokd' via qubes-users wrote: drok...@gmail.com: Don't see it. Deprecated; no longer needed in Qubes 4.0. There is "fstrim -a", see man mage. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f3d04dea-2759-a6ff-ff2e-7afc91a6acf9%40web.de. For more options, visit https://groups.google.com/d/optout.
