I want to experiment a bit with the vchan library and develop a program that
make unprivileged VMs communicate without using the network and without Qrexec
or any Qubes specific framework.
Qubes OS run on top of Xen, so it should be possible to use the vchan library
inside the unprivileged
I've been using R4-rc2 for some months and I've just installed the R4-rc5
version, but it's giving me hard times.
During the installation it complains about Vt-d and Interrupt Remapping
feautures missing and sys-usb didn't work at the beginning, but after I
switched to PV mode it works fine, I
I've just finished to download all the files for R4.0 rc2, but the verification
failed.
gpg --verify Qubes-R4.0-rc2-x86_64.iso.asc Qubes-R4.0-rc2-x86_64.iso.DIGESTS
gpg: Signature made Sat Oct 21 10:10:36 2017 BST using RSA key ID 9E2795E9
gpg: BAD signature from "Qubes OS Release 4
I had the same problem with fedora 25 in R4.0, but I managed to install it in
fedora 26 and it works fine.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Please, someone?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to
I'm already in the process of implementing this feauture (method A) in R4.0.
> dom0 doesn't store any DNS settings. Each VM forwards packets to the
> next upstream VM and the DNS decision is made at your netvm resolv.conf.
> Dynamic firewalls (iptables in 3.2, netfilter or so in 4.0) managed by
>
I'm already in the process of implementing this feauture (method A) in R4.0.
> dom0 doesn't store any DNS settings. Each VM forwards packets to the
> next upstream VM and the DNS decision is made at your netvm resolv.conf.
> Dynamic firewalls (iptables in 3.2, netfilter or so in 4.0) managed by
>
I'm already in the process of implementing this feauture (method A) in R4.0.
> dom0 doesn't store any DNS settings. Each VM forwards packets to the
> next upstream VM and the DNS decision is made at your netvm resolv.conf.
> Dynamic firewalls (iptables in 3.2, netfilter or so in 4.0) managed by
Up to now, I've thought of 2 possible solutions:
Of course Dom0 or a NetManagementVM (thanks to the new Admin API) has to store
the DNS settings for the VMs with Networking and the easy way is to store only
the infos about VMs that don't use the standars DNS (10.139.1.1 and 10.139.1.2).
So,
I'd like to setup a DNS cache server with a cache application like dnsmasq or
similar on a different qube than 'sys-net', so that 'sys-firewall' DNAT all
requests to my dnsVM, instead of passing it directly to 'sys-net' and the
dnsVM, of course, could pass both 'sys-firewall' or 'sys-net'.
I'd
I've upgraded a fedora-25 template in R4.0 rc1/current-testing to fedora-26 and
now the VM stops at login(tty1).
It doesn't let me login as 'user', but only as root and after few seconds being
root, the VM shutdowns.
Upgrade commands:
`sudo dnf clean all`
`sudo dnf --best --allowerasing
Thanks for the answer.
The release note specified at that time there was no Whonix template available
for R4.0 rc1, but now they are available in the template-community repo and we
are at rc2 (almost).
--
You received this message because you are subscribed to the Google Groups
"qubes-users"
Thanks for the details.
Can you send a simple benchmark (`hdparm -t --direct`) of the default ssd
pre-installed, if you didn't choose another drive?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop
I don't know if dom0 actually warned you after having successfully removed the
packages or it didn't let you do that because of the matter it warned you about.
Anyway, I think the problem is you set up the dom0 updates to be done through
Whonix, so you can try to change the UpdateVM field in
Great, thank you so much.
And if I wanted to manually change some libvirt configs and play with network
interfaces?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
Please, help me with this.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to
I'd like to know where the Xen configurations are stored and how to manipulate
them, for example, to add net interfaces or exposing a console.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving
Thanks for your answer.
I wrote that I'm trying to connect TO a Template Emergency Dracut shell FROM
Dom0, using 'xl console'.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it,
Any help?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to
I think you can use a systemd socket associated with a `socat` service that
connects the rpc stdin/stdout to a target VM listening port.
You can mimic how the Templates updates packets are redirected to the port 8082
of sys-net using rpc in R4.0.
Since you're using R3.2, if you can't figure
I think you can use a systemd socket associated with a `socat` service that
connects the rpc stdin/stdout to a target VM listening port.
You can see the basics in how the Templates updates packets are redirected to
the port 8082 of sys-net using rpc.
--
You received this message because you
Thank you, you saved me.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to
What do you mean by 'pick'?
This is the part I think it's not immediate.
Do the scripts download automatically the chosen version or I have to get the
sources?
I've managed to find only the spec (config) files for Fedora and Debian for
Qubes R3.1 and not for R3.2 or R4.0?
Do you know where I
I've tried to figure out something reading the docs, but it seems to me there
are more infos about how to compile a template based on a new system rather
than a Fedora or Debian one.
I wanted to try with the minimal flavour of fedora 25 and Debian 9.
Can someone guide me through the entire
Nobody has noticed this?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to
I'm using R4.0 rc1.
I wanted to install a Linux distro inside a disk image located in dom0 home,
using QEMU in an AppVM.
I've created a new disk image in dom0, set it up (dos partition label and a
primary ext4 partition) and attached it with `kpartx` to loopX, but `qvm-block`
doesn't list it
I'm using R4.0 rc1.
I wanted to install a Linux distro inside a disk image located in dom0 home,
using QEMU in an AppVM.
I've created a new disk image in dom0, set it up (dos partition label and a
primary ext4 partition) and attached with `kpartx` to loopX, but `qvm-block`
doesn't list in the
I've checked the BIOS configs and VT-d is enabled.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this
Thanks for all the details.
I've tested on the R4.0 rc1, so fc25, I'll try it soon on the R3.2 (fc23 and
fc24), so we can crosscheck the script.
I saw both dom0 and vm rpms are generated, but is it better to generate
different rpms for them with config-host and config-vm?
--
You received
Thanks for all the details.
I've tested on the R4.0 rc1, so fc25, I'll try it soon on the R3.2 (fc23 and
fc24), so we can crosscheck the script.
I saw both dom0 and vm rpmd are generated, but wouldn't be better to generate
different rpms based on config-host and config-guest?
--
You received
I think Reg has done a great job and the porting its a must go path to force
the developers to throw away all the differences that slow down or prevent the
develop of a secure system.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To
Thanks for your answer!
I had already noticed that, in fact I'm using the host version as .config, but
an error occurs at the line specified above.
With the trick of using the current configs and then override them with your
file I've managed to build the rpms, but the sign fails (maybe it's
I've used Qubes 3.2 and everythings there worked fine, but now I'm trying R4.0
rc1 and I can't figure out why the sound doesn't work.
`qvm-pci` reports 2 Intel Audio Devices (00:03.0 and 00:1b.0), so I've tried
to attach them to an base AppVm, such personal and start it with `qvm-run`, but
it
I've used Qubes 3.2 and everythings there worked fine, but now I'm trying R4.0
rc1 and I can't figure out why the sound doesn't work.
`qvm-pci` reports 2 Intel Audio Devices (00:03.0 and 00:1b.0), so I've tried
to attach them to an base AppVm, such personal and start it with `qvm-run`, but
it
I'm trying to build your port, but I,ve actually had to to some changes to
`kernel.spec` because the script exits with an error at line 136:
`%_sourcedir/check-for-config-changes .config.orig .config`.
So, here are my changes.
Original:
117 if [ -f %_sourcedir/config-%{version} ]; then
118
I've used Qubes 3.2 and everythings there worked fine, but now I'm trying 4.0
rc1 and I can't figure out why the sound doesn't work.
`qvm-pci` reports 2 Intel Audio Devices (00:03.0 and 00:1b.0), so I've tried
to attach them to an base AppVm, such personal and start it with `qvm-run`, but
it
Why the repo can't be cloned without credentials?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this
In the past I've read in the docs about the way to isolate the root account in
VMs using PolKit.
I was wandering if there is a way to always prompt Dom0 for authorization for
some specific operations inside VMs, like a syscall, using policies or better
modifying the kernel.
--
You received
With the new Admin APIs is there a way to set up a FirewallVM with an
Application Firewall running inside that can pop up dialogs always on top to
let the user decide where to accept or not a connection?
Problems:
1) Unprivileged VM windows always on top
2) The Firewall VM need to know details
Yeah, currently I'm using LXC Containers inside AppVMs.
What do you need exactly?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Why it's not possible to set 'kernel.unprivileged_userns_clone'
(/proc/sys/kernel/unprivileged_userns_clone) to use LXC unprivileged
containers?
Qubes Kernel doesn't support it yet or is it possible to recompile the Kenel to
add support to this?
--
You received this message because you are
Il giorno mercoledì 8 febbraio 2017 00:33:04 UTC-5, nicholas roveda ha scritto:
> 3) Compiling the kernel with default configs
>
> I ran 'make defconfig', then
> I ran 'make' and it went all good,
> but when I ran 'sudo make install' I encountered some errors, so I remembered
&
Il giorno mercoledì 8 febbraio 2017 00:33:04 UTC-5, nicholas roveda ha scritto:
> 3) Compiling the kernel with default configs
>
> I ran 'make defconfig', then
> I ran 'make' and it went all good,
> but when I ran 'sudo make install' I encountered some errors, so I remembered
&
Il giorno mercoledì 8 febbraio 2017 00:33:04 UTC-5, nicholas roveda ha scritto:
> 3) Compiling the kernel with default configs
>
> I ran 'make defconfig', then
> I ran 'make' and it went all good,
> but when I ran 'sudo make install' I encountered some errors, so I remembered
&
Il giorno mercoledì 8 febbraio 2017 02:45:24 UTC-5, Foppe de Haan ha scritto:
> I can't help you with the troubleshooting, but I can tell you that you can
> get the 4.8.12 kernel from qubes-dom0-unstable.
Yeah, thanks. I need to change the kernel configs, disable some drivers end
remove some
45 matches
Mail list logo
