[qubes-users] Qubes won't install on legacy BIOS (non-UEFI supported pc)
My system doesn't support UEFI Firmware, The USB works fine on Rufus but whenever I try to boot from the USB via boot menu it's almost like it doesn't even detect my USB since every single boot device I've tried on the boot menu I see that damn Windows logo every time. I already tried making the USB device the boot priority and that doesn't seem to work. I even tried on a different computer with UEFI settings and guess what? It worked perfectly. It's crazy how my computer is custom built but doesn't have UEFI lol... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/06ed32de-185d-481f-87ec-d8f5e24d2aa9%40googlegroups.com.
Re: [qubes-users] Qubes sys-net-private missing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 2019-09-16 12:34 PM, Private Name wrote: > One last error Ive bern seeing is no matter the Qube or domain, in > the settings, under the firewall-rules tab, the same error always > pops up no matter what I do, which isand which pops up if I simply > click on the firewall-rules tab: > > “This Qube has networking disabled, (Basic—> Networking) - network > will be disabled. If you want to use firewall, enable networking.” > > However, as you can see, in the “Basic Tab” under Networking, > unless I click none (which disables any network, even in the > sus-net domain) the error is not only the same “ERROR: basic tab: > Loops in network are unsupported.” but precludes the modification > of any firewall rules under the same Tab. > Please send these sorts of questions to the qubes-users mailing list rather than qubes-devel. (I'm moving this thread there now.) You can read more about the different mailing lists here: https://www.qubes-os.org/support/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl2ByT8ACgkQ203TvDlQ MDDagw//VSRxJpa3JfckoyCllKUQzjlYIphskU7bYdomV8jO4gTg9z9JQ+xEmT1Z vk+KwoyssBVvwMtx8TLbh31OAM3VQDPLjW49Tn2OofriYKn70GUThFhjUyQxBZQu rTuWPyFZhmHYgkXe/Sygr1awO/O+6m6NE0VISQ8t4D3sVhHvi5OIdItW31j/RD9c tAuOsDSOooJ6P7xE6XzlLzUAxCoYUgUIfIfqdWkdOhn3TrNuXjugStEjZJiRfxux wLmmgj4ahY072DUBECMBinsnad06zx7e5ugZtDl8caxAloOCI3qyzaYonJEhDDgv yplaZJfRTv2V738JZ6f+tQLw2jXIXgY/+QYQrj79ISL4wfjQIZHuFGjC7BNb5HW2 uRdGnCqXKWYKC10AYSX8c8vYyvy38K5j/pn148tw4uavbufNpS1ICK2nJYmzxSBZ 7p+oym+D1Z8Cyyiga9SQYG9rdwcSohywxLsSyEkQ8ZaQdPDiU/LW2BDhpGbB9MMt PY4wuXZeUSaKkr8EK37vePsSwAaeZ/7zJH5t31/xjUOzi0TuGaTjI3AcjjWKmd8I qOODddZ1PfjPgXiz/WKvXjKx0Sni+AIm0o2dbdIEdlDkw0+a5O1XkIQzESRrYnlZ oFCHxxMRgd3thXKgcFjAZU0mRoIuc8T6TYC5vzPGmNF7ddsSwbk= =zXlX -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/55f29eb3-5086-3db9-8f4c-a4220b0cc628%40qubes-os.org.
[qubes-users] Ghost in menu
Recently, I created a virtual machine called sys-firewall-raspberrypi-2 through the graphical wizard of virtual machines, then removed it with the qvm-remove sys-firewall-raspberrypi-2 command in the terminal. After deleting, there is something like this in the menu despite the fact that the qvm-ls command no longer displays this virtual machine. https://imgur.com/a/VKEoUqm Any idea why it is here? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1791865303.304810.1568715945575%40ichabod.co-bxl.
[qubes-users] Upcoming Qubes presentations at Platform Security Summit 2019
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear Qubes Community, There will be two separate Qubes presentations at this year's Platform Security Summit. [1] Marek Marczykowski-Górecki's [2] presentation in the Hypervisor category is titled, "Complexity Everywhere: is it time to step back and rethink our platforms?" [3] Meanwhile, Thierry Laurion [4] of Insurgo Open Technologies [5] will give a presentation in the Boot Integrity category titled, "Accessible Security: deploying Qubes reasonably secured OS on slightly more secured hardware. An OEM approach to transferring device and secrets ownership." [6] We recently announced that Insurgo's PrivacyBeast X230 passed Qubes 4.0 hardware certification [7] to become a Qubes-certified Laptop. [8] The summit will take place October 1-3 in Redmond, Washington. [1] https://www.platformsecuritysummit.com/ [2] https://www.qubes-os.org/team/#marek-marczykowski-górecki [3] https://www.platformsecuritysummit.com/#marek [4] https://www.linkedin.com/in/thierry-laurion-40b4128/ [5] https://insurgo.ca/ [6] https://www.platformsecuritysummit.com/#laurion [7] https://www.qubes-os.org/news/2019/07/18/insurgo-privacybeast-qubes-certification/ [8] https://www.qubes-os.org/doc/certified-hardware/#qubes-certified-laptop-insurgo-privacybeast-x230 This announcement is also available on the Qubes website: https://www.qubes-os.org/news/2019/09/18/qubes-presentations-at-platform-security-summit-2019/ - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl2BxYgACgkQ203TvDlQ MDCjJxAAvWv3+SEifJNFhvOptMkjad1y0VkFP54ex73iZCqvPdD7taMLlV69K0z+ nEd6Ov/GX9Dl5Euvg0fRj+knlaLuK6mpR2zj0XVZ7Ms2OQZeUf+6gc3FKFm+ZSmH pj72RH59ax3E2VwCaMJCSJWTDmjoviwGRAuJytOUaPjEozm1T+Kh6RLzr/D47pDU 1g2x70FvsGVKe6Kp/ZHvS30eEpvsGSHplDqIPToV/9BNWMwUcOVDxaQRkcP0LM6J Dq4gCznNsB43nehIwif/pZ/ejCtuhC58Cvvj37qj8vTEgXKrepEIbbw5m19+xVO4 pO3wSTcBeTGlJCRuL507OjH387ABgHMsgB1mgLkOXERw0fjs77g0IJkXrqfAIKG5 LCye2O/i7p0SSm0ehwfe6ZRoEgK80ZjN675hYA2rBiqJOS1VP5z7LYawSmKQOSdo zKOw4vzbDoTC9hWuJ87AJ+47YSTQu/vbYj12t3wTaVpqFsGbeHnKQZh2NerGXRjl CmObK7jTzCQtEh58ShW/Nv5irPZxCPW45DgcZAOsEptPd+iFnglnNZNJhXdVLqau 4uaro0HWdIf6oo8tAkr+NFOQTi27DS0yUKr99ZbSpS0z5oJQIHnBV9ogdAWmzyWv f3rNWNj/myo7EyBs0e8RmMg2ux89dMjtMh6VT5eyiTq+HMf1Yac= =pQAx -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4fb7a326-5ab4-b70a-05ee-d631fb6c97e2%40qubes-os.org.
Re: [qubes-users] Using Salt to update TemplateVMs
On Thu, Sep 12, 2019 at 10:41:35PM -0400, Brian C. Duggan wrote: > Thanks for these great resources, unman. Wish I had known about them when I > got started. > > Where do you edit the salt files and how do you keep them under version > control? Earlier, Marek said he synchronized his configuration using > signed tarballs, manually: > > https://groups.google.com/d/msg/qubes-users/PtzhBZ8pT4w/8hyG1KWiCAAJ > > But it's unclear to me whether he edits, signs, and tars in dom0 and > transfers those *out* of dom0, or does those things in a VM and transfers > them *in* to dom0. > > I ask because it's obviously much more convenient to edit, sign, and version > control those files in a VM with the latest editors, gnupg, and > git. But copying data in to dom0 is generally undesirable and slows salt > config iteration. > > Brian > I don't know what Marek does. I edit files in dom0, manually copy them to offline dispVM , gpg sign, copy them to online dispVM and store in git. This sounds long winded: it's not. It's automated in script. On a new machine, just reverse the process. Pull down the files you want - check sig - copy to offline - check - transfer to dom0. Because salt files are so straightforward it's possible to audit before use. You could also store checksums from dom0. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190918014935.GA24270%40thirdeyesecurity.org.
Re: [qubes-users] "Root File out of memory warning"?
V C: > I ran the commands, the changes were very small but a reduction did occur. > The pop-up did come from the top right near the disk monitor widget. My > "Total disc usage" states it is only at 31%... No problem, it looks like you had already caught it in time anyways. Good thing, because it's a lot easier to clean up before the disk (or worse, metadata) gets full! On a side note, anyone know why "sudo fstrim -av" in dom0 now says 0 bytes trimmed for root? I double-checked and have discard specified everywhere it should be. Only thing I don't remember seeing before is stripe=64 in the mount, but I searched issues and qubes-src for "stripe" and didn't find anything related. /dev/mapper/qubes_dom0-root on / type ext4 (rw,relatime,discard,stripe=64) -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f22333b8-8bfc-a14e-e206-d7bbe2cd4b7c%40danwin1210.me.
Re: [qubes-users] "Root File out of memory warning"?
Thanks Awokd... I ran the commands, the changes were very small but a reduction did occur. The pop-up did come from the top right near the disk monitor widget. My "Total disc usage" states it is only at 31%... It seems to have settled down as my new templates are finalized and old ones deleted...I'll grab a screen shot with more details if it happens again. As always...thank you! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/cf1db89c-07dd-44c8-8467-e08fb993b77c%40googlegroups.com.
[qubes-users] Qubes on Mac's: from USB or natively installed?
Hello list, On the Qubes-HCL there are some Mac's from Apple listed. Is Qubes "natively" installed on those Mac's or are those MAC's booted into Qubes from an USB-stick? Thank you! Regards, Joe -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190917144339.03085E075D%40smtp.hushmail.com.
Re: [qubes-users] Ghost in menu
'Andrzej Andrzej' via qubes-users: > I am not sure how it happened, I have only guesses but the icon shown in the > screenshot and this whole ghost in the menu disappeared. But it is something > that should not appear. > Your screenshot didn't seem to make it. Maybe it was too big? -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/38d1d684-869c-4cc1-dc07-08c5552bfa0c%40danwin1210.me.
Re: [qubes-users] F2 stoped working after last kernel update
dimi: > There is no rhgb quiet in /boot/efi/EFI/qubes/xen.cfg > I have been pressing just F2 to unlock Kernel with passphrase for over a > year now and i was being able to read dmesg messages until XFCE login > prompt. > Already tried combinations of ctrl-alt-F2, alt-ctrl-Fx, alt-Fx and none > shows the console. OK. > My xen.xfg, > options=loglvl=all dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx ucode > =scan smt=off pci=noaer > Since i do not exactly remember where i added the pci=noaer, i cannot find > /etc/default/grub to eddit options, could you be so kind and point as to > where one modifies kernel options? Looks like you're using UEFI boot instead of grub, so kernel options are right next door to the Xen options in xen.cfg- look one line down for "kernel=". :) This is where I see rhgb quiet. Plymouth.ignore-serial-consoles is new; you might also try removing, but it could be there for a reason. -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bf573f3f-3bdf-79dd-e396-e3a2417b656f%40danwin1210.me.
Re: [qubes-users] F2 stoped working after last kernel update
> Check to make sure "rhgb quiet" didn't get added to your boot options. > Also, isn't it ctrl-alt-F2, or is that only once inside XFCE? > There is no rhgb quiet in /boot/efi/EFI/qubes/xen.cfg I have been pressing just F2 to unlock Kernel with passphrase for over a year now and i was being able to read dmesg messages until XFCE login prompt. Already tried combinations of ctrl-alt-F2, alt-ctrl-Fx, alt-Fx and none shows the console. Today's Kernel update showed some dmesg but way after kernel unlocking and right before XFCE Login. My guess, it might be driver related. I do run qubes with a rx 480 since my mobo/cpu does not have intel grafix. My xen.xfg, options=loglvl=all dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx ucode =scan smt=off pci=noaer (Since install, there have been countless pcieport :00:01.1: AER: Corrected error received: :00:01.1 messages with PCIe Bus Error: severity=Corrected from the rx 480 and tried to stop displaying them with pci=noaer but the option has not helped yet.) Since i do not exactly remember where i added the pci=noaer, i cannot find /etc/default/grub to eddit options, could you be so kind and point as to where one modifies kernel options? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1c6d4285-afd9-459c-9574-b0be103a0097%40googlegroups.com.
Re: [qubes-users] "Root File out of memory warning"?
V C: > Sorry for the noob question but I am getting a pop-up warning that my "Root > File is almost out of memory"? Its kinda scary... Not noob to ask and fix before it causes more problems! Click on the Qubes disk monitor widget in the top right; that's probably where the warnings are coming from. Also, check "sudo lvdisplay qubes_dom0/pool00" in dom0. It should show a similar pool data %. If your allocated metadata is over 80%, don't do the next steps. Try running "sudo fstrim -av" in dom0 first, and see if that helps. If not, find your largest qube with the most free space and run the same command inside it. Check lvdisplay again and see if the data % went down, and that metadata % didn't increase too much. -- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/55d82ebd-78ed-dfb3-30b0-c524494504e2%40danwin1210.me.
[qubes-users] Ghost in menu
I am not sure how it happened, I have only guesses but the icon shown in the screenshot and this whole ghost in the menu disappeared. But it is something that should not appear. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1701068142.307070.1568718811427%40ichabod.co-bxl.
[qubes-users] whonix-15 TB in dvm on Safest has whitelisted sites in NoScript by default
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Current behavior: - - start TB in a whonix-15-dvm AppVM (Q -> whonix-ws-15-dvm -> Tor Browser (Anon Dist) - - set Advanced security settings on Safest (click Yes) - - about:addons -> NoScript Preferences -> Per-site Permissions - - there are plenty of whitelisted sites like google.com, microsoft.com, passport.com, afx.ms and many others. This behavior is whonix-ws-15-dvm specific. I don't see this behavior in anon-whonix (no whitelisted sites on Safest). Expected behavior: I believe that on Safest settings the TB shouldn't have any sites whitelisted by default. I tried to reinstall the whonix-15-dvm but it doesn't help. The whitelisted sites are still there in the popped up dvm. Can others please check if they have the same issue? -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEExlmPb5HoPUTt+CQT44JZDAWK6UwFAl2AjGVfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEM2 NTk4RjZGOTFFODNENDRFREY4MjQxM0UzODI1OTBDMDU4QUU5NEMACgkQ44JZDAWK 6UxlLA//aJgx+14d7omw2O4aMIZzY+KWGA8dwePEt61O/p1rNuJo+Bb1w83vLwrD g0xULHyun4jf0EIdI59og+AXuL77yIEbUMtBr98QeB1PZwvtsGK2Kbzm1GwbPTif 4S7ZRlwhq9gcPmq0DCbkguEzF3nHcLuOa2rNIQhe7s79Mugx2uYIjC/y9p6U3yyf qEpzwxs392lNW8fkiR4wdE5qOPIHkxSMpqGekS/sh5Xoqc1GdKrzccsyALqzRV+Q G7ymCDTGc96ROoUg6az71XmpmZB5hx87c1k63LYj3aBi/8ijkdyx+0fwoaarsGND zcPiqyyJSq7l9qso7PgpcIiSezL+TjWA58R99YYUwl1+ZM2ngEtaeTsyR0Kj7z6H wdu6ixvvFb4cCoVEMibdDaapT2iFKsFYCgI/8NOuHuUI8TWeNDS7+CKLSJ7UXZM/ T2RBGTORvDN7JzSv8TynWZoiSaekst9g0HmlUd/JbKqkL8OFC7rRgwa0DKzpXj/D DFiHXkJiuj/OWeH47uViw3asz9c6w5N62Jjte/jo1KepsBfQBC+BgZIZBoap+dyF jfWwis/39eAcGIExU1Yvy+W6fMZq6Exz6gKmh89GaTFUKnP+DsMZp2XcEe/tNnor e8BzMrWgrirKUCtBf0Qlj8TILY0oBw/f/JLugc3RVq29zTZZna8= =YeAi -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2a8bd079-2de7-a54a-ab65-96d3d68227e7%40cock.li. 0xC1F4E83AF470A4ED.asc Description: application/pgp-keys