[qubes-users] Xentop: MEM greater than MAXMEM
Hi folks, Occasionally I will have a VM lock up (UI remains on screen but windows Dow not respond) and notice that the MEM size in xentop is greater than the MAXMEM value in xentop, while at least one associated cpu is spinning (xentop shows state as perpetually r aka running). Memory ballooning is enabled. Swap is available in the vm and not really being used much. First…what is the definition of MAXMEM vs. MEM in xentop (e.g. is MAXMEM a limit or a high water mark)? Second, depending on the answer to the above, I may ask…how can MEM be larger than MAXMEM? Brendan -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAOajFec1qpAoK%2BEBSXXWNcWXdh%3DJdTD%3DEbxMQr%2BttpX4_D%3DG_w%40mail.gmail.com.
Re: [qubes-users] Trying to create an OSINT VM with Qubes Fedora template: Need help getting pip to work
Sorry for the double post, I'm unfamiliar with google groups. Floyd: I'll keep that in mind regarding the tools he suggests. For one, I'm not installing chrome anytime soon. I'll try to stick to open source, but honestly, I'm probably gonna focus on maintaining anonymity and effectiveness with how I treat his book. And the tools first usage will certainly be a crash course for me. If I run into video codec problems with this install and find it too much of a pain, I'll try the debian install for sure. I'm actually kinda interesting in seeing what you put together, do you have a link to that template handy? And yes, whonix-Qubes with a VPN to make sure google plays nice with me would be the plan. Thank you. On Monday, June 7, 2021 at 11:33:46 AM UTC-4 Chrome wrote: > I appreciate all the responses. The AppVM approached turned out to be > ideal anyway: what didn't get installed via pip to the templateVM got > installed to a dedicated OSINT "template" AppVM. That way, like steve > suggested, I can clone it at will so I can have a clean start point each > time. > > As an aside, I don't mind the learning curve honestly for this OS, I love > it. I just had to learn to actually talk and ask for help when it comes to > troubleshooting issues I come across. The OS itself is a little > intimidating for a novice, but all it takes is some work. Appreciate this > response steve, thank you it did help. > > On Sunday, June 6, 2021 at 2:54:18 PM UTC-4 stevenlc...@gmail.com wrote: > >> On 6/6/21 2:12 PM, Chrome wrote: >> > Hello there all, >> > >> > I am currently following the instructions to create an OSINT VM >> > Michael Bazzell's "Open Source Intelligence Techniques 8th Edition." >> Its a good book. I do wish he had a chapter for Qubes in it. I think the >> only reason Michael doesn't push Qubes as a platform is that it has a >> steep learning curve that not many are willing to take on. If you do >> Qubes anyway and the learning curve is Ok, then you will find Qubes to >> be a much more flexible platform in the long run. >> > Naturally I'm trying to avoid installing a whole new OS (Ubuntu is >> > recommended by the author) or to have a dedicated laptop for this. I >> > figured it would be a fun experiment to see how far I could get with >> > Qubes before I ran into problems. >> >> All the way I'm sure. >> >> > So far, issues are minor but when I hit a roadblock, like the below >> > terminal text, I'm ill-prepared to troubleshoot it myself. Can someone >> > help me understand what I'm looking at and how to fix it so I can >> > install packages via pip onto my Fedora templateVM? Thank you >> >> First templates do not have network access by default so you may need a >> proxy setup. >> >> >> https://qubes-os.discourse.group/t/when-to-assign-templatevms-a-network-connection/4307/2 >> >> >> By default pip needs/wants to install directly into the system space >> (/usr/local/) which on a template is not shared with the AppVM. Because >> this directory is not even presented to an AppVM file system it wont be >> useable in the AppVM. It would need to be installed in the AppVM itself >> if you want it installed in /usr/local. >> >> The problem is, security wise, its a bad idea to run foreign code (pip's >> package installer scripts) as root in a template. You could easily >> compromise every AppVM on the system by introducing malicious code. That >> is way pip was warning about running as root. >> >> But if you use the "--user" flag as the error message says then pip can >> install the packages an AppVM with everything installed into the user's >> home directory. That way the user has control over the env and can >> choose which environment they want to use. >> >> If you were wanting to have the ability to start from a pristine >> starting point for each user session then you might want to either to >> create a dvm or create a default AppVM which can be cloned as often as >> you like. >> >> > Relevant Terminal text: >> > [user@fedora-32 ~]$ sudo -H python3 -m pip install instalooter >> >> >> https://stackoverflow.com/questions/42988977/what-is-the-purpose-of-pip-install-user >> >> >> $ sudo -H python3 -m pip install --user instalooter >> >> The above will install in the users directory instead >> >> > WARNING: Running pip install with root privileges is generally not a >> > good idea. Try `python3 -m pip install --user` instead. >> >> -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8b3fddfd-436b-4541-8cec-aaaddab1c0e2n%40googlegroups.com.
Re: [qubes-users] Trying to create an OSINT VM with Qubes Fedora template: Need help getting pip to work
I appreciate all the responses. The AppVM approached turned out to be ideal anyway: what didn't get installed via pip to the templateVM got installed to a dedicated OSINT "template" AppVM. That way, like steve suggested, I can clone it at will so I can have a clean start point each time. As an aside, I don't mind the learning curve honestly for this OS, I love it. I just had to learn to actually talk and ask for help when it comes to troubleshooting issues I come across. The OS itself is a little intimidating for a novice, but all it takes is some work. Appreciate this response steve, thank you it did help. On Sunday, June 6, 2021 at 2:54:18 PM UTC-4 stevenlc...@gmail.com wrote: > On 6/6/21 2:12 PM, Chrome wrote: > > Hello there all, > > > > I am currently following the instructions to create an OSINT VM > > Michael Bazzell's "Open Source Intelligence Techniques 8th Edition." > Its a good book. I do wish he had a chapter for Qubes in it. I think the > only reason Michael doesn't push Qubes as a platform is that it has a > steep learning curve that not many are willing to take on. If you do > Qubes anyway and the learning curve is Ok, then you will find Qubes to > be a much more flexible platform in the long run. > > Naturally I'm trying to avoid installing a whole new OS (Ubuntu is > > recommended by the author) or to have a dedicated laptop for this. I > > figured it would be a fun experiment to see how far I could get with > > Qubes before I ran into problems. > > All the way I'm sure. > > > So far, issues are minor but when I hit a roadblock, like the below > > terminal text, I'm ill-prepared to troubleshoot it myself. Can someone > > help me understand what I'm looking at and how to fix it so I can > > install packages via pip onto my Fedora templateVM? Thank you > > First templates do not have network access by default so you may need a > proxy setup. > > > https://qubes-os.discourse.group/t/when-to-assign-templatevms-a-network-connection/4307/2 > > > By default pip needs/wants to install directly into the system space > (/usr/local/) which on a template is not shared with the AppVM. Because > this directory is not even presented to an AppVM file system it wont be > useable in the AppVM. It would need to be installed in the AppVM itself > if you want it installed in /usr/local. > > The problem is, security wise, its a bad idea to run foreign code (pip's > package installer scripts) as root in a template. You could easily > compromise every AppVM on the system by introducing malicious code. That > is way pip was warning about running as root. > > But if you use the "--user" flag as the error message says then pip can > install the packages an AppVM with everything installed into the user's > home directory. That way the user has control over the env and can > choose which environment they want to use. > > If you were wanting to have the ability to start from a pristine > starting point for each user session then you might want to either to > create a dvm or create a default AppVM which can be cloned as often as > you like. > > > Relevant Terminal text: > > [user@fedora-32 ~]$ sudo -H python3 -m pip install instalooter > > > https://stackoverflow.com/questions/42988977/what-is-the-purpose-of-pip-install-user > > > $ sudo -H python3 -m pip install --user instalooter > > The above will install in the users directory instead > > > WARNING: Running pip install with root privileges is generally not a > > good idea. Try `python3 -m pip install --user` instead. > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f0eb7419-bc65-4362-ab34-c42a03c98990n%40googlegroups.com.
[qubes-users] Re: Having an issue with recommneded Qubes Bisq install (Broken Pipe, Device or resource busy)
Attempted fix: try a fedora based install. It seems successful thus far, it installed following the same process. Just vi when making the config file vs using nano since its not on the fedora based template. Steps to be modified from cited guide: https://bisq.wiki/Running_Bisq_on_Qubes#Install_package *Configure binding dirs* sudo nano /rw/config/qubes-bind-dirs.d/50_user.conf BECOMES sudo vi /rw/config/qubes-bind-dirs.d/50_user.conf *Install package* sudo dpkg -i Bisq-*.deb BECOMES sudo dnf install ./Bisq-*.rpm On Sunday, June 6, 2021 at 1:03:32 PM UTC-4 Chrome wrote: > > Procedure followed: bisq wiki entry for running bisq on qubes > https://bisq.wiki/Running_Bisq_on_Qubes > > Current terminal error: > user@bisq-vm:~$ sudo dpkg -i Bisq-64bit-1.6.5.deb > Selecting previously unselected package bisq. > (Reading database ... 133382 files and directories currently installed.) > Preparing to unpack Bisq-64bit-1.6.5.deb ... > Unpacking bisq (1.6.5-1) ... > > *dpkg: error processing archive Bisq-64bit-1.6.5.deb (--install): unable > to move aside './opt/bisq/bin/Bisq' to install new version: Device or > resource busy* > dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) > Errors were encountered while processing: > Bisq-64bit-1.6.5.deb > user@bisq-vm:~$ > > Possible things I screwed up on: I typo'd the very first line of the > instructions, is there any chance this caused me a problem during my > install? > "sudo mkdir -p /rw/bind-dirs/opt/bisq/bin/Bisq" was typoed and likely > corresponds to the following terminal message "unable to move aside > './opt/bisq/bin/Bisq' to install new version: Device or resource busy" > > Attempted solutions: Deleted the VM twice and attempted to follow the > steps again, twice. > Potential solution: Follow the same steps on the wiki but try a fedora > install instead? > > Any help would be greatly appreciated. Thank you. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0879f6b7-af48-49de-8708-e1e8b44764fen%40googlegroups.com.
