diff --git a/BackupEmergencyRestoreV3.md b/BackupEmergencyRestoreV3.md deleted file mode 100644 index 52b3dd60..00000000 --- a/BackupEmergencyRestoreV3.md +++ /dev/null @@ -1,94 +0,0 @@ ---- -layout: doc -title: Emergency Backup Recovery - format version 3 -permalink: /doc/BackupEmergencyRestoreV3/ ---- - -Emergency Backup Recovery without Qubes - format version 3 -========================================================== - -This page describes how to perform emergency restore of backup created on Qubes R2 or later (which uses backup format 3). - -The Qubes backup system has been designed with emergency disaster recovery in mind. No special Qubes-specific tools are required to access data backed up by Qubes. In the event a Qubes system is unavailable, you can access your data on any GNU/Linux system with the following procedure. - -**Note:** In the following example, the backup file is assumed to be both encrypted and compressed. - -1. Untar the main backup file. - - [user@restore ~]$ tar -i -xvf qubes-backup-2013-12-26-123456 - backup-header - backup-header.hmac - qubes.xml.000 - qubes.xml.000.hmac - vm1/private.img.000 - vm1/private.img.000.hmac - vm1/icon.png.000 - vm1/icon.png.000.hmac - vm1/firewall.xml.000 - vm1/firewall.xml.000.hmac - vm1/whitelisted-appmenus.list.000 - vm1/whitelisted-appmenus.list.000.hmac - dom0-home/dom0user.000 - dom0-home/dom0user.000.hmac - -1. Verify the integrity of the `backup-header` file contains basic information about your backup. - [user@restore ~]$ cd vm1/ - [user@restore ~]$ openssl dgst -sha512 -hmac "your_passphrase" backup-header - HMAC-SHA512(backup-header)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c - [user@restore ~]$ cat backup-header.hmac - (stdin)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c - - **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error. - - **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`. - -1. Read the `backup-header`. You'll need some of this information later. The file will look similar to this: - version=3 - hmac-algorithm=SHA512 - crypto-algorithm=aes-256-cbc - encrypted=True - compressed=True - - If you see `version=2` here, go to [Emergency Backup Recovery - format version 2](/doc/BackupEmergencyRestoreV2/) page instead. - -1. Verify the integrity of the `private.img` file which houses your data. - - [user@restore ~]$ cd vm1/ - [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000 - HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e - [user@restore vm1]$ cat private.img.000.hmac - (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e - - **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error. - - **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`. You can check `backup-header` file for the hash used to create the backup. - -1. Decrypt the `private.img` file. - - cat private.img.??? | openssl enc -d -pass pass:your_passphrase -aes-256-cbc -out private.img.dec - - **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`. You can check `backup-header` file to get that information. - -1. Decompress the decrypted `private.img` file. - - [user@restore vm1]$ zforce private.img.dec - [user@restore vm1]$ gunzip private.img.dec.gz - - **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program. `backup-header` file contains name of program used to compress the data. - -1. Untar the decrypted and decompressed `private.img` file. - - [user@restore vm1]$ tar -xvf private.img.dec - vm1/private.img - -1. Mount the private.img file and access your data. - - [user@restore vm1]$ sudo mkdir /mnt/img - [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/ - [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt - This data has been successfully recovered! - - **Note:** You may wish to store a plain text copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. You may obtain a plaintext version of this file in Git repository housing all the documentation at: - - https://github.com/QubesOS/qubes-doc.git - diff --git a/ContributorsList.md b/ContributorsList.md deleted file mode 100644 index 31ef1af5..00000000 --- a/ContributorsList.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -layout: doc -title: ContributorsList -permalink: /doc/ContributorsList/ -redirect_from: /wiki/ContributorsList/ ---- - -List of Qubes developers ------------------------- - -- Joanna Rutkowska (Invisible Things Lab) - initial idea, architecture, core, packaging - -- Rafal Wojtczuk (Invisible Things Lab) - architecture, gui virtualization, core - -- Tomasz Sterna (TLS) - installer - diff --git a/DevelFaq.md b/DevelFaq.md deleted file mode 100644 index 64f74fbc..00000000 --- a/DevelFaq.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -layout: doc -title: DevelFaq -permalink: /doc/DevelFaq/ -redirect_from: /wiki/DevelFaq/ ---- - -Qubes Developers FAQ -==================== - -1. 1. [Q: Why does dom0 need to be 64-bit?](#q-why-does-dom0-need-to-be-64-bit) - 2. [Q: Why do you use KDE in Dom0? What is the roadmap for Gnome support?](#q-why-do-you-use-kde-in-dom0-what-is-the-roadmap-for-gnome-support) - 3. [Q: What is the recommended build environment?](#q-what-is-the-recommended-build-environment) - 4. [Q: How to build Qubes from sources?](#q-how-to-build-qubes-from-sources) - 5. [Q: How do I submit a patch?](#q-how-do-i-submit-a-patch) - -### Q: Why does dom0 need to be 64-bit? - -Often it is more difficult to exploit a bug on the x64 Linux than it is on x86 Linux (e.g. ASLR is sometimes harder to get around). While we designed Qubes with the emphasis on limiting any potential attack vectors in the first place, still we realize that some of the code running in Dom0, e.g. our GUI daemon or xen-store daemon, even though it is very simple code, might contain some bugs. Plus currently we haven't implemented a separate storage domain, so also the disk backends are in Dom0 and are "reachable" from the VMs, which adds up to the potential attack surface. So, having faced a choice between 32-bit and 64-bit OS for Dom0, it was almost a no-brainer, as the 64-bit option provides some (little perhaps, but still) more protection against some classes of attacks, and at the same time do not have any disadvantages (except that it requires a 64-bit processor, but all systems on which it makes sense to run Qubes, e.g. that have at least 3-4GB memory, they do have 64-bit CPUs anyway). - -### Q: Why do you use KDE in Dom0? What is the roadmap for Gnome support? - -There a few things that are KDE-specific, but generally it should not be a big problem to also add Gnome support to Qubes (in Dom0 of course). Those KDE-specific things are: - -- Qubes requires KDM (KDE Login Manager), rather than GDM, for the very simple reason that GDM doesn't obey standards and start `/usr/bin/Xorg` instead of `/usr/bin/X`. This is important for Qubes, because we need to load a special "X wrapper" (to make it possible to use Linux usermode shared memory to access Xen shared memory pages in our App Viewers -- see the sources [here](https://github.com/QubesOS/qubes-gui-daemon/tree/master/shmoverride)). So, Qubes makes the `/usr/bin/X` to be a symlink to the Qubes X Wrapper, which, in turn, executes the `/usr/bin/Xorg`. This works well with KDM (and would probably also work with other X login managers), but not with GDM. If somebody succeeded in makeing GDM to execute `/usr/bin/X` instead of `/usr/bin/Xorg`, we would love to hear about it! - -- We maintain a special [repository](/doc/KdeDom0/) for building packages specifically for Qubes Dom0. - -- We've patched the KDE's Window Manager (specifically [one of the decoration plugins](https://github.com/QubesOS/qubes-desktop-linux-kde/tree/master/plastik-for-qubes)) to draw window decorations in the color of the specific AppVM's label. - -If you're interested in porting GNOME for Qubes Dom0 use, let us know -- we will most likely welcome patches in this area. - -### Q: What is the recommended build environment? - -Any rpm-based, 64-bit. Preferred Fedora. - -### Q: How to build Qubes from sources? - -See [the instruction](/doc/QubesBuilder/) - -### Q: How do I submit a patch? - -1. Make all the changes in your working directory, i.e. edit files, move them around (you can use 'git mv' for this), etc. - -1. Add the changes and commit them (git add, git commit). Never mix different changes into one commit! Write a good description of the commit. The first line should contain a short summary, and then, if you feel like more explanations are needed, enter an empty new line, and then start the long, detailed description (optional). - -1. Test your changes NOW: check if RPMs build fine, etc. - -1. Create the patch using 'git format-patch'. This has an advantage over 'git diff', because the former will also include your commit message, your name and email, so that \*your\* name will be used as a commit's author. - -1. Send your patch to qubes-devel. Start the message subject with the '[PATCH]' string. - diff --git a/DocStyle.md b/DocStyle.md deleted file mode 100644 index b2617c44..00000000 --- a/DocStyle.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -layout: doc -title: DocStyle -permalink: /doc/DocStyle/ -redirect_from: /wiki/DocStyle/ ---- - -Guidelines for Documentation Contributors -========================================= - - * Use spaces instead of tabs. - * Hard wrap Markdown lines at 80 characters. - * Hard wrap Git commit message lines at 72 characters. - * This leaves exactly four spaces on each side of the commit message when - viewed in the default `git log` format.) - * If appropriate, make numerals in numbered lists match between Markdown source - and HTML output. - * In the event that a user is required to read the Markdown - source directly, this will make it easier to follow, e.g., numbered steps in - a set of instructions. - * Use hanging indentations - where appropriate. - * Use `[reference-style][ref]` links. - `[ref]: http://daringfireball.net/projects/markdown/syntax#link` diff --git a/DomZeroTools.md b/DomZeroTools.md deleted file mode 100644 index b841b7d3..00000000 --- a/DomZeroTools.md +++ /dev/null @@ -1,34 +0,0 @@ ---- -layout: doc -title: DomZeroTools -permalink: /doc/DomZeroTools/ -redirect_from: /wiki/DomZeroTools/ ---- - -QVM-tools: - -- [qubes-dom0-update](/doc/Dom0Tools/QubesDom0Update/) -- [qubes-prefs](/doc/Dom0Tools/QubesPrefs/) -- [qvm-add-appvm](/doc/Dom0Tools/QvmAddAppvm/) -- [qvm-add-template](/doc/Dom0Tools/QvmAddTemplate/) -- [qvm-backup-restore](/doc/Dom0Tools/QvmBackupRestore/) -- [qvm-backup](/doc/Dom0Tools/QvmBackup/) -- [qvm-block](/doc/Dom0Tools/QvmBlock/) -- [qvm-clone](/doc/Dom0Tools/QvmClone/) -- [qvm-create-default-dvm](/doc/Dom0Tools/QvmCreateDefaultDvm/) -- [qvm-create](/doc/Dom0Tools/QvmCreate/) -- [qvm-firewall](/doc/Dom0Tools/QvmFirewall/) -- [qvm-grow-private](/doc/Dom0Tools/QvmGrowPrivate/) -- [qvm-ls](/doc/Dom0Tools/QvmLs/) -- [qvm-kill](/doc/Dom0Tools/QvmKill/) -- [qvm-pci](/doc/Dom0Tools/QvmPci/) -- [qvm-prefs](/doc/Dom0Tools/QvmPrefs/) -- [qvm-remove](/doc/Dom0Tools/QvmRemove/) -- [qvm-revert-template-changes](/doc/Dom0Tools/QvmRevertTemplateChanges/) -- [qvm-run](/doc/Dom0Tools/QvmRun/) -- [qvm-service](/doc/Dom0Tools/QvmService/) -- [qvm-shutdown](/doc/Dom0Tools/QvmShutdown/) -- [qvm-start](/doc/Dom0Tools/QvmStart/) -- [qvm-sync-appmenus](/doc/Dom0Tools/QvmSyncAppmenus/) -- [qvm-template-commit](/doc/Dom0Tools/QvmTemplateCommit/) - diff --git a/Donations.md b/Donations.md deleted file mode 100644 index 612da95b..00000000 --- a/Donations.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -layout: doc -title: Donations -permalink: /doc/Donations/ -redirect_from: /wiki/Donations/ ---- - -Donating to the Qubes Project -============================= - -The Qubes project is now accepting donations in Bitcoins. You can use the following address to send Bitcoins to the project (but you might want to read the short FAQ below first): - -{% highlight trac-wiki %} -14zockMSKKp5MK6X2cHJ3mQwm9MwYsJ39j -{% endhighlight %} - -This address can also be found in a message posted to Qubes mailing list, which can be viewed via Google Groups Web interface over SSL [here](https://groups.google.com/d/msg/qubes-devel/u3wAzm1dB5Y/s5CiUGDebL4J), for double verification. For additional verification, you can verify the digital signature on the message, which should come from Joanna Rutkowska. - -You can check how much others have donated already (over the entire time) via [blockexplorer](https://blockexplorer.com/address/14zockMSKKp5MK6X2cHJ3mQwm9MwYsJ39j) and [blockchain](https://blockchain.info/address/14zockMSKKp5MK6X2cHJ3mQwm9MwYsJ39j). - -FAQ ---- - -### How are you going to spend the donated Bitcoins? - -Our primary intention is to fund development of additional Qubes features, such as Split GPG (\#474), Qubes MIME handlers, USB PV backend, IPv6 routing between VMs, etc. Those additional features, although often very cool and appealing, are often being postponed because we need to focus on the more mainstream features, including the commercial branches for our paying customers. - -But we cannot promise we won't spend your donated Bitcoins in some other way. Frankly, I (JR) don't believe that the income from public donations could sustain ITL in operation for even a month. If, however, ITL were in financial trouble, we would use those donations in an attempt to extend our agony ;) Generally, our goal is to make Qubes/ITL survive -- even if that means we must spend your donated Bitcoins on things other than cool open-source features. Hopefully though, this will not be necessary. - -### I have donated X number of Bitcoins. Can I request that a special feature be implemented? - -The simple answer is: No. If everybody were to decide, then nothing would get implemented. However, if you make a substantial donation (e.g., an amount which you believe could be used to pay for several months of a developer's work), then please contact us in person or via the mailing list. You can attach a digitally signed message using the Bitcoin address you used to donate in order to prove that who made a particular donation. In that case, we will listen carefully and, in the worst case, explain to you why we can't or don't want to implement your requested feature. - -### Who actually owns the above Bitcoin address? - -Joanna Rutkowska (JR), the founder of Invisible Things Lab (ITL) and the Qubes project. Technically, she can do whatever she wants with the donated Bitcoins. Also, if she were to die accidentally, all the Bitcoins would probably be lost. - -### How much do Joanna Rutkowska and the other guys actually earn? I've heard a rumour that she's totally spoiled and lives a pretty luxurious life. Isn't it unfair to accept donations in that case? - -All Qubes developers are paid good salaries, and presently ITL is doing pretty well. JR is spoiled to no end, arrogant beyond comprehension, and generally not nice to people, especially on mailing lists. But you should realize that: - -1. Nobody forces or specifically asks you to donate. Qubes will (probably) survive without any donations. -2. The main reason to donate is to encourage the creation of additional features, i.e., to make Qubes OS more secure and/or easier to use. This should benefit most Qubes users. -3. Another reason to donate is to say "Thank you," as we're releasing Qubes under GPL (excluding the Windows support) and generally trying to make the world a better place. (Oh, right, I had to made this plug somewhere here;) - -### Are you going to provide a financial report on how you spend our donated Bitcoins? - -Nope. - -### Are you going to verify that the donated Bitcoins are not coming from some illegal activity, e.g., Bitcoin thefts? - -Nope. In real life, when you go to a shop to buy a loaf of bread, or a brand new BMW, the shop is not responsible for running a background check on you and checking your financial history (which they can't do in fact). - -### Why use Bitcoins and not some normal currency? - -Bitcoin is an ideologically attractive currency due to its distributed nature (no central authority to control it) and due to the fact that it relies on cryptography for its security. Bitcoin is another tool that can be used to empower an individual against the system. While Bitcoin is about protecting your wealth, Qubes is about protecting your digital life (against an adversary that could also be "the system"). Of course it makes perfect sense to use Qubes OS to secure your Bitcoin wallet by, e.g., running it in a dedicated AppVM (or even more). diff --git a/ExternalDeviceMountPoint.md b/ExternalDeviceMountPoint.md deleted file mode 100644 index 65220cf2..00000000 --- a/ExternalDeviceMountPoint.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -layout: doc -title: ExternalDeviceMountPoint -permalink: /doc/ExternalDeviceMountPoint/ -redirect_from: /wiki/ExternalDeviceMountPoint/ ---- - -All external storage devices connected to an AppVM using the Fedora template can be found under - -{% highlight trac-wiki %} -/run/media/user/ -{% endhighlight %} - -...of that AppVM's filesystem. diff --git a/InstallationGuide.md b/InstallationGuide.md deleted file mode 100644 index 550a5108..00000000 --- a/InstallationGuide.md +++ /dev/null @@ -1,105 +0,0 @@ ---- -layout: doc -title: InstallationGuide -permalink: /doc/InstallationGuide/ -redirect_from: /wiki/InstallationGuide/ ---- - -Installation Guide (for Qubes Release 1) -======================================== - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading from Qubes 1.0-rc1](#UpgradingfromQubes1.0-rc1) -5. [Migrating from Qubes Beta 3](#MigratingfromQubesBeta3) -6. [Installing Updates](#InstallingUpdates) -7. [Known Issues](#KnownIssues) -8. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v .asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R1-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX)'''** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -Upgrading from Qubes 1.0-rc1 ----------------------------- - -If you're already running Qubes 1.0-rc1, you don't need to reinstall, it's just enough to update the packages in your Dom0 and the template VM(s). The easiest way for doing this is to click on the Update Button in the Qubes Manger -- one click when you selected Dom0, and one click for each of your template VM (by default there is just one template). - -Migrating from Qubes Beta 3 ---------------------------- - -If you have Qubes Beta 3 currently installed on your system, you must reinstall from scratch, as we offer no direct upgrade option in the installer (sorry). However, we do offer tools for smooth migration of your AppVMs. In order to do that, please backup your AppVMs using the `qvm-backup` tool [as usual](/doc/BackupRestore/). Then, after you install Qubes 1.0 rc1, you can restore them using `qvm-backup-restore` tool. However, because we have changed the default template in RC1, you should tell qvm-back-restore about that by passing `--replace-template` option: - -{% highlight trac-wiki %} -qvm-backup-restore --replace-template=fedora-15-x64:fedora-17-x64 -{% endhighlight %} - -Installing Updates ------------------- - -Installing updates is very easy and can be done using the "Update" button in the Qubes Manager. Alternatively it can also be done from command prompt -- see the following for more details: - -- For installing updates for Dom0 -- see instructions [here](/doc/SoftwareUpdateDom0/). -- For installing updates for you domains (VMs) -- see instructions [here](/doc/SoftwareUpdateVM/). - -Known Issues ------------- - -- Installer might not support some USB keyboards (\#230). This seems to include all the Mac Book keyboards (most PC laptops have PS2 keyboards and are not affected). - -- If you don't enable Composition (System Setting -\> Desktop -\> Enable desktop effects), which you really should do, then the KDE task bar might get somehow ugly (e.g. half of it might be black). This is some KDE bug that we don't plan to fix. - -- Some keyboard layout set by KDE System Settings can cause [keyboard not working at all](https://groups.google.com/group/qubes-devel/browse_thread/thread/77d076b65dda7226). If you hit this issue, you can switch to console (by console login option) and manually edit `/etc/X11/xorg.conf.d/00-system-setup-keyboard.conf` (and `/etc/sysconfig/keyboard`) and place correct keyboard layout settings (details in linked thread). You can check if specific keyboard layout settings are proper using `setxkbmap` tool. - -- On systems with more than 8GB of RAM there is problem with Disposable VM. To fix it, limit maximum memory allocation for DispVM to 3GB - - {% highlight trac-wiki %} - qvm-prefs -s fedora-17-x64-dvm maxmem 3072 - qvm-create-default-dvm --default-template --default-script - {% endhighlight %} - -- On some systems the KDE Window Manager might freeze upon resuming from S3 sleep when compositing is enabled (and the only method to log in to the system if this happens is to switch to a text console, enter your user's password, kill the kwin process, go back to the Xorg console, log in, and start a new instance of kwin using Konsole application :) If you experience such problems, make sure to disable compositing before putting the system into sleep by pressing Alt-Ctrl-F12 (and then enabling it back once you log in after resume) -- this way you should never see this problem again. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-devel* mailing list: - - [http://groups.google.com/group/qubes-devel](http://groups.google.com/group/qubes-devel) - - `qubes-devel@googlegroups.com` - diff --git a/InstallationGuideR2.md b/InstallationGuideR2.md deleted file mode 100644 index fcc1d1b6..00000000 --- a/InstallationGuideR2.md +++ /dev/null @@ -1,107 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2 -permalink: /doc/InstallationGuideR2/ -redirect_from: /wiki/InstallationGuideR2/ ---- - -Installation Guide for Qubes Release 2 -====================================== - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading](#Upgrading) -5. [Troubleshooting problems with the installer](#Troubleshootingproblemswiththeinstaller) -6. [Known Issues](#KnownIssues) -7. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v Qubes-R2-x86_64-DVD.iso.asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -On windows you can use [this](http://www.chrysocome.net/dd) tool. Example command would be (as Administrator): - -{% highlight trac-wiki %} -dd if=Qubes-R2-x86_64-DVD.iso of=\\?\Device\Harddisk1\Partition0 bs=1M --size --progress -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX or Harddisk1)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -![qubes-r2-installer-welcome.png](/attachment/wiki/InstallationGuideR2/qubes-r2-installer-welcome.png) - -Upgrading ---------- - -Upgrading from Qubes R2 rc1 should be a simple matter of installing updates for [dom0](/doc/SoftwareUpdateDom0/) and [VMs](/doc/SoftwareUpdateVM/). - -Users of R2 beta 3 should follow instructions on how to upgrade to Qubes R2 rc1 [here](/doc/UpgradeToR2rc1/). - -Troubleshooting problems with the installer -------------------------------------------- - -If the installer fails for some reason, typically because of the graphics card not being correctly supported, it is possible to try booting the installer with a different kernel -- to do that, choose Troubleshooting menu in the Installer Welcome screen, and later choose an option to proceed with one of the kernels provided: - -![qubes-r2-installer-troubleshooting.png](/attachment/wiki/InstallationGuideR2/qubes-r2-installer-troubleshooting.png) - -The installer ships with 4 different kernels (3.12, 3.11, 3.9 and 3.7) and all those kernel will be installed (regardless of which is selected to run the installer) so it is later always possible to boot the Qubes OS using any of those kernels. - -Known Issues ------------- - -- On some graphics cards the Xfce4 Window Manager (one of the two supported Dom0 Windows Managers in Qubes R2, the other being KDE) might behave "strangely", e.g. decorations might not be drawn sometimes. Also the accompanying lightdm login manager might incorrectly display the wallpaper. If you're facing those problems, it's advisable to use the KDE Window Manager and kdm instead of Xfce4 and lightdm (this is default if one chooses the KDE only installation option in the installer). - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- If your GPU is not correctly supported by the Dom0 kernel (e.g. the 3D desktop effects do not run smoothly) then you might experience "heaviness" with Windows 7-based AppVMs. In that case, please solve the problem with your GPU support in Dom0 in the first place (by using a different kernel), or install Qubes OS on a different system. - -- Under some circumstances, Qubes backup can create broken backup, without any visible message (\#902). It is advisable to verify a backup to spot the problem. If you encounter this problem, backup VM directory manually. - -- System shutdown sometimes is very slow (\#903). To mitigate the problem, shutdown all the VMs first. - -- For other known issues take a look at [our trac tickets](https://wiki.qubes-os.org/query?status=accepted&status=assigned&status=new&status=reopened&type=defect&milestone=Release+2.1+(post+R2)&col=id&col=summary&col=status&col=type&col=priority&col=milestone&col=component&order=priority) - -It is advised to install updates just after system installation to apply bug fixes for (some of) the above problems. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-users* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [https://groups.google.com/group/qubes-users](https://groups.google.com/group/qubes-users) - - `qubes-users@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR2B1.md b/InstallationGuideR2B1.md deleted file mode 100644 index 96c55f7c..00000000 --- a/InstallationGuideR2B1.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2B1 -permalink: /doc/InstallationGuideR2B1/ -redirect_from: /wiki/InstallationGuideR2B1/ ---- - -Installation Guide (for Qubes Release 2 Beta 1) -=============================================== - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading from Qubes R1](#UpgradingfromQubesR1) -5. [Installing Updates](#InstallingUpdates) -6. [Known Issues](#KnownIssues) -7. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v .asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-Beta-1-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX)'''** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -Upgrading from Qubes R1 ------------------------ - -If you're already running Qubes Release 1, you don't need to reinstall, it's just enough to update the packages in your Dom0 and the template VM(s). This procedure is described [here?](/doc/UpgradeToR2/). - -Installing Updates ------------------- - -Installing updates is very easy and can be done using the "Update" button in the Qubes Manager. Alternatively it can also be done from command prompt -- see the following for more details: - -- For installing updates for Dom0 -- see instructions [here](/doc/SoftwareUpdateDom0/). -- For installing updates for you domains (VMs) -- see instructions [here](/doc/SoftwareUpdateVM/). - -Known Issues ------------- - -- Installer might not support some USB keyboards (\#230). This seems to include all the Mac Book keyboards (most PC laptops have PS2 keyboards and are not affected). - -- If you don't enable Composition (System Setting -\> Desktop -\> Enable desktop effects), which you really should do, then the KDE task bar might get somehow ugly (e.g. half of it might be black). This is some KDE bug that we don't plan to fix. - -- Some keyboard layout set by KDE System Settings can cause [keyboard not working at all](https://groups.google.com/group/qubes-devel/browse_thread/thread/77d076b65dda7226). If you hit this issue, you can switch to console (by console login option) and manually edit `/etc/X11/xorg.conf.d/00-system-setup-keyboard.conf` (and `/etc/sysconfig/keyboard`) and place correct keyboard layout settings (details in linked thread). You can check if specific keyboard layout settings are proper using `setxkbmap` tool. - -- On systems with more than 8GB of RAM there is problem with Disposable VM. To fix it, limit maximum memory allocation for DispVM to 3GB - - {% highlight trac-wiki %} - qvm-prefs -s fedora-17-x64-dvm maxmem 3072 - qvm-create-default-dvm --default-template --default-script - {% endhighlight %} - -- Qubes installer/system won't boot from a USB3-attached disks due to missing modules in initramfs (\#691). Please use USB2 port/device instead for now. - -- Systems with AMD graphics needs additional firmware (missing in default installation), details [here](http://groups.google.com/group/qubes-devel/browse_thread/thread/e27a57b0eda62f76). - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-devel* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [http://groups.google.com/group/qubes-devel](http://groups.google.com/group/qubes-devel) - - `qubes-devel@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR2B2.md b/InstallationGuideR2B2.md deleted file mode 100644 index db490820..00000000 --- a/InstallationGuideR2B2.md +++ /dev/null @@ -1,90 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2B2 -permalink: /doc/InstallationGuideR2B2/ -redirect_from: /wiki/InstallationGuideR2B2/ ---- - -Installation Guide for Qubes Release 2 Beta 2 -============================================= - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading from Qubes R1 or R2 Beta 1](#UpgradingfromQubesR1orR2Beta1) -5. [Installing Updates](#InstallingUpdates) -6. [Known Issues](#KnownIssues) -7. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v .asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-Beta2-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -Upgrading from Qubes R1 or R2 Beta 1 ------------------------------------- - -Because of the distribution change in R2B2 (from fc13 to fc18) it's preferred that users reinstall Qubes R2B2 from scratch, and use [qubes backup and restore tools](/doc/BackupRestore/) for migrating of all of the user VMs. - -Advanced users (and advanced users only) can also try a manual upgrade procedure that has been described [here](/doc/UpgradeToR2B2/). It's advisable to backup your VMs before proceeding anyway! - -Installing Updates ------------------- - -Installing updates is very easy and can be done using the "Update" button in the Qubes Manager. Alternatively it can also be done from command prompt -- see the following for more details: - -- For installing updates for Dom0 -- see instructions [here](/doc/SoftwareUpdateDom0/). -- For installing updates for you domains (VMs) -- see instructions [here](/doc/SoftwareUpdateVM/). - -Known Issues ------------- - -- On some graphics cards the Xfce4 Window Manager (one of the two supported Dom0 Windows Managers in Qubes R2 B2, the other being KDE) might behave "strangely", e.g. decorations might not be drawn sometimes. Also the accompanying lightdm login manager might incorrectly display the wallpaper. If you're facing those problems, it's advisable to use the KDE Window Manager and kdm instead of Xfce4 and lightdm (this is default if one chooses the KDE only installation option in the installer). - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- When restoring service VMs from a backup (such as custom netvms, firewallvms, etc) their icons might not be preserved in the "Start Menu". - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-devel* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [http://groups.google.com/group/qubes-devel](http://groups.google.com/group/qubes-devel) - - `qubes-devel@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR2B3.md b/InstallationGuideR2B3.md deleted file mode 100644 index b9cf3c8d..00000000 --- a/InstallationGuideR2B3.md +++ /dev/null @@ -1,120 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2B3 -permalink: /doc/InstallationGuideR2B3/ -redirect_from: /wiki/InstallationGuideR2B3/ ---- - -Installation Guide for Qubes Release 2 Beta 3 -============================================= - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading from Qubes R1 or R2 Beta 2](#UpgradingfromQubesR1orR2Beta2) -5. [Installing Updates](#InstallingUpdates) -6. [Troubleshooting problems with the installer](#Troubleshootingproblemswiththeinstaller) -7. [Known Issues](#KnownIssues) -8. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v .asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-Beta3-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -On windows you can use [this](http://www.chrysocome.net/dd) tool. Example command would be (as Administrator): - -{% highlight trac-wiki %} -dd if=Qubes-R2-Beta3-x86_64-DVD.iso of=\\?\Device\Harddisk1\Partition0 bs=1M --size --progress -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX or Harddisk1)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -![r2b3-installer-welcome.png](/attachment/wiki/InstallationGuideR2B3/r2b3-installer-welcome.png) - -Upgrading from Qubes R1 or R2 Beta 2 ------------------------------------- - -The easiest and safest way to upgrade to Qubes R2B3 is to install it from scratch and use [qubes backup and restore tools](/doc/BackupRestore/) for migrating of all of the user VMs. - -Users can also try a manual upgrade procedure that has been described [here](/doc/UpgradeToR2B3/). - -Note: if the user has custom Template VMs (i.e. other than the default template, e.g. created from it by cloning), or Standalone VMs, then the user should perform manual upgrade from R2B2 to R2B3, as described under the link given above. - -Installing Updates ------------------- - -NOTE: Updates has been released after R2B3 ISO has been built -- it is recommended to install Dom0 updates shortly after installation to resolve some of the issues mentioned in the section below (Known Issues). - -Installing updates is very easy and can be done using the "Update" button in the Qubes Manager. Alternatively it can also be done from command prompt -- see the following for more details: - -- For installing updates for Dom0 -- see instructions [here](/doc/SoftwareUpdateDom0/). -- For installing updates for you domains (VMs) -- see instructions [here](/doc/SoftwareUpdateVM/). - -Troubleshooting problems with the installer -------------------------------------------- - -If the installer fails for some reason, typically because of the graphics card not being correctly supported, it is possible to try booting the installer with a different kernel -- to do that, choose Troubleshooting menu in the Installer Welcome screen, and later choose an option to proceed with one of the kernels provided: - -![r2b3-installer-troubleshooting.png](/attachment/wiki/InstallationGuideR2B3/r2b3-installer-troubleshooting.png) - -The installer ships with 3 different kernels (3.11, 3.9 and 3.7) and all those kernel will be installed (regardless of which is selected to run the installer) so it is later always possible to boot the Qubes OS using any of those kernels. - -Known Issues ------------- - -- On some graphics cards the Xfce4 Window Manager (one of the two supported Dom0 Windows Managers in Qubes R2 B2, the other being KDE) might behave "strangely", e.g. decorations might not be drawn sometimes. Also the accompanying lightdm login manager might incorrectly display the wallpaper. If you're facing those problems, it's advisable to use the KDE Window Manager and kdm instead of Xfce4 and lightdm (this is default if one chooses the KDE only installation option in the installer). - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- When restoring service VMs from a backup (such as custom netvms, firewallvms, etc) their icons might not be preserved in the "Start Menu". - -- If you're GPU is not correctly supported by the Dom0 kernel (e.g. the 3D desktop effects do not run smoothly) then you might experience "heaviness" with Windows 7-based AppVMs. In that case, please solve the problem with your GPU support in Dom0 in the first place (by using a different kernel), or install Qubes OS on a different system. - -- For HVMs without Qubes Tools installed the GUI window will not be shown unless 'debug' flag is enabled for the VM. This has been fixed in `qubes-core-dom0` package \>= 2.1.35 -- please ensure you install updates after installation to resolve this issue. - -- Clocks might not get syncs in the VMs for up to several minutes after resume from sleep. This has been fixed in `qubes-core-dom0-linux` package \>= 2.0.4 -- please ensure you install updates after installation to resolve this issue. - -- Gnome terminal window sometimes shrinks to minimal size (especially when opening new tab). The workaround is to disable its menubar and scrollbar. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-users* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [http://groups.google.com/group/qubes-users](http://groups.google.com/group/qubes-users) - - `qubes-users@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR2rc1.md b/InstallationGuideR2rc1.md deleted file mode 100644 index 7c715c3c..00000000 --- a/InstallationGuideR2rc1.md +++ /dev/null @@ -1,105 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2rc1 -permalink: /doc/InstallationGuideR2rc1/ -redirect_from: /wiki/InstallationGuideR2rc1/ ---- - -Installation Guide for Qubes Release 2 rc1 -========================================== - -1. [Hardware Requirements](#hardware-requirements) -2. [Download installer ISO](#download-installer-iso) -3. [Burning the ISO onto a DVD or USB stick](#burning-the-iso-onto-a-dvd-or-usb-stick) -4. [Upgrading](#upgrading) -5. [Troubleshooting problems with the installer](#troubleshooting-problems-with-the-installer) -6. [Known Issues](#known-issues) -7. [Getting Help](#getting-help) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v .asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-rc1-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -On windows you can use [this](http://www.chrysocome.net/dd) tool. Example command would be (as Administrator): - -{% highlight trac-wiki %} -dd if=Qubes-R2-rc1-x86_64-DVD.iso of=\\?\Device\Harddisk1\Partition0 bs=1M --size --progress -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX or Harddisk1)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -![qubes-r2-rc1-installer-welcome.png](/attachment/wiki/InstallationGuideR2rc1/qubes-r2-rc1-installer-welcome.png) - -Upgrading ---------- - -The easiest and safest way to upgrade to Qubes R2rc1 (especially from older releases) is to install it from scratch and use [qubes backup and restore tools](/doc/BackupRestore/) for migrating of all of the user VMs. - -Users of R2 beta 3 can upgrade using procedure that has been described [here](/doc/UpgradeToR2rc1/). - -Note: if the user has custom Template VMs (i.e. other than the default template, e.g. created from it by cloning), or Standalone VMs, then the user should perform manual upgrade from R2B3 to R2rc1, as described under the link given above. - -Troubleshooting problems with the installer -------------------------------------------- - -If the installer fails for some reason, typically because of the graphics card not being correctly supported, it is possible to try booting the installer with a different kernel -- to do that, choose Troubleshooting menu in the Installer Welcome screen, and later choose an option to proceed with one of the kernels provided: - -![qubes-r2-rc1-installer-troubleshooting.png](/attachment/wiki/InstallationGuideR2rc1/qubes-r2-rc1-installer-troubleshooting.png) - -The installer ships with 4 different kernels (3.12, 3.11, 3.9 and 3.7) and all those kernel will be installed (regardless of which is selected to run the installer) so it is later always possible to boot the Qubes OS using any of those kernels. - -Known Issues ------------- - -- On some graphics cards the Xfce4 Window Manager (one of the two supported Dom0 Windows Managers in Qubes R2, the other being KDE) might behave "strangely", e.g. decorations might not be drawn sometimes. Also the accompanying lightdm login manager might incorrectly display the wallpaper. If you're facing those problems, it's advisable to use the KDE Window Manager and kdm instead of Xfce4 and lightdm (this is default if one chooses the KDE only installation option in the installer). - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- If your GPU is not correctly supported by the Dom0 kernel (e.g. the 3D desktop effects do not run smoothly) then you might experience "heaviness" with Windows 7-based AppVMs. In that case, please solve the problem with your GPU support in Dom0 in the first place (by using a different kernel), or install Qubes OS on a different system. - -- HVMs with Qubes Tools installed will not have access to the network if firewallvm uses 3.12 kernel (the default). The workaround is to use older (3.11) kernel for firewallvm. You need to [install kernel-qubes-vm-3.11.10 package](/doc/SoftwareUpdateDom0/#how-to-downgrade-a-specific-package), then ensure that it is used for firewallvm (for example using Qubes Manager - advanced tab of VM settings). - -- Just after installation, applications menu will not contain colorful application icons (new feature), only padlock in VM color. To get colorful icons, you need to start template VM (fedora-20-x64) and call `qvm-sync-appmenus fedora-20-x64` in dom0 terminal. If you have other Template VMs or Standalone VMs, repeat the steps for them too. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-users* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [https://groups.google.com/group/qubes-users](https://groups.google.com/group/qubes-users) - - `qubes-users@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR2rc2.md b/InstallationGuideR2rc2.md deleted file mode 100644 index 4c2f11a2..00000000 --- a/InstallationGuideR2rc2.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -layout: doc -title: InstallationGuideR2rc2 -permalink: /doc/InstallationGuideR2rc2/ -redirect_from: /wiki/InstallationGuideR2rc2/ ---- - -Installation Guide for Qubes Release 2 rc2 -========================================== - -1. [Hardware Requirements](#HardwareRequirements) -2. [Download installer ISO](#DownloadinstallerISO) -3. [Burning the ISO onto a DVD or USB stick](#BurningtheISOontoaDVDorUSBstick) -4. [Upgrading](#Upgrading) -5. [Troubleshooting problems with the installer](#Troubleshootingproblemswiththeinstaller) -6. [Known Issues](#KnownIssues) -7. [Getting Help](#GettingHelp) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - -{% highlight trac-wiki %} -gpg -v Qubes-R2-rc2-x86_64-DVD.iso.asc -{% endhighlight %} - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-rc2-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -On windows you can use [this](http://www.chrysocome.net/dd) tool. Example command would be (as Administrator): - -{% highlight trac-wiki %} -dd if=Qubes-R2-rc2-x86_64-DVD.iso of=\\?\Device\Harddisk1\Partition0 bs=1M --size --progress -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX or Harddisk1)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -![qubes-r2-rc2-installer-welcome.png](/attachment/wiki/InstallationGuideR2rc2/qubes-r2-rc2-installer-welcome.png) - -Upgrading ---------- - -Upgrading from Qubes R2 rc1 should be a simple matter of installing updates for [dom0](/doc/SoftwareUpdateDom0/) and [VMs](/doc/SoftwareUpdateVM/). - -Users of R2 beta 3 should follow instructions on how to upgrade to Qubes R2 rc1 [here](/doc/UpgradeToR2rc1/). - -Troubleshooting problems with the installer -------------------------------------------- - -If the installer fails for some reason, typically because of the graphics card not being correctly supported, it is possible to try booting the installer with a different kernel -- to do that, choose Troubleshooting menu in the Installer Welcome screen, and later choose an option to proceed with one of the kernels provided: - -![qubes-r2-rc2-installer-troubleshooting.png](/attachment/wiki/InstallationGuideR2rc2/qubes-r2-rc2-installer-troubleshooting.png) - -The installer ships with 4 different kernels (3.12, 3.11, 3.9 and 3.7) and all those kernel will be installed (regardless of which is selected to run the installer) so it is later always possible to boot the Qubes OS using any of those kernels. - -Known Issues ------------- - -- On some graphics cards the Xfce4 Window Manager (one of the two supported Dom0 Windows Managers in Qubes R2, the other being KDE) might behave "strangely", e.g. decorations might not be drawn sometimes. Also the accompanying lightdm login manager might incorrectly display the wallpaper. If you're facing those problems, it's advisable to use the KDE Window Manager and kdm instead of Xfce4 and lightdm (this is default if one chooses the KDE only installation option in the installer). - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- If your GPU is not correctly supported by the Dom0 kernel (e.g. the 3D desktop effects do not run smoothly) then you might experience "heaviness" with Windows 7-based AppVMs. In that case, please solve the problem with your GPU support in Dom0 in the first place (by using a different kernel), or install Qubes OS on a different system. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-users* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [https://groups.google.com/group/qubes-users](https://groups.google.com/group/qubes-users) - - `qubes-users@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. - diff --git a/InstallationGuideR3.0rc1.md b/InstallationGuideR3.0rc1.md deleted file mode 100644 index 52d46b99..00000000 --- a/InstallationGuideR3.0rc1.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -layout: doc -title: Installation Guide for Qubes 3.0 rc1 -permalink: /doc/InstallationGuideR3.0rc1/ ---- - -Installation Guide for Qubes Release 3.0 rc1 -============================================ - -1. [Hardware Requirements](#hardware-requirements) -2. [Download installer ISO](#download-installer-iso) -3. [Burning the ISO onto a DVD or USB stick](#burning-the-iso-onto-a-dvd-or-usb-stick) -4. [Upgrading](#upgrading) -5. [Troubleshooting problems with the installer](#troubleshooting-problems-with-the-installer) -6. [Known Issues](#known-issues) -7. [Getting Help](#getting-help) - -Hardware Requirements ---------------------- - -Please see the [Hardware Compatibility List](/hcl/) page for more information on required and recommended hardware. - -Note: We don't recommend installing Qubes in a virtual machine! It will likely not work. Don't send emails asking about it. However, you can install it on an external USB hard drive and run from it, at least for testing (normally such disks are *orders* of magnitude slower than even the slowest internal hard drives). - -Download installer ISO ----------------------- - -See [this page](/doc/QubesDownloads/) for ISO downloads. Remember, we have absolutely no control over those servers, and so you should be assuming that they might be compromised, or just be serving a compromised ISOs because their operators decided so, for whatever reason. Always verify the digital signature on the downloaded ISO. See this [page](/doc/VerifyingSignatures/) for more info about how to download and verify our GPG keys, and then verify the downloaded ISO: - - gpg -v Qubes-R3.0-rc1-x86_64-DVD.iso.asc - -Burning the ISO onto a DVD or USB stick ---------------------------------------- - -Once you verify this is an authentic ISO, you should burn it on a DVD. - -If you prefer to use USB as a source for installation, then you just need to copy the ISO onto the USB device, e.g. using dd: - - dd if=Qubes-R3.0-rc1-x86_64-DVD.iso of=/dev/sdX - -On windows you can use [this](http://www.chrysocome.net/dd) tool. Example command would be (as Administrator): - - dd if=Qubes-R3.0-rc1-x86_64-DVD.iso of=\\?\Device\Harddisk1\Partition0 bs=1M --size --progress - -**Be sure to use a correct device as the target in the dd command above (instead of sdX or Harddisk1)** - -Before proceeding with the installation, you are encouraged to first read all the information on this page, especially the *Known Issues* paragraph. - -Then, when finally ready, boot your system from the installer DVD and follow the instructions on screen. The installer is very simple and asks very few questions -- it's actually easier to install Qubes right now than most other Linux distributions! - -The installer loads Xen right at the beginning, so chances are high that if you can see the installer's graphical screen, Qubes will work on your system :) - -Upgrading ---------- - -The easiest and safest way to upgrade to Qubes R3.0rc1 is to install it from scratch and use [qubes backup and restore tools](/doc/BackupRestore/) for migrating of all of the user VMs. - -Users or Qubes R2 can upgrade using experimental procedure that has been described [here](/doc/UpgradeToR3.0rc1/). - -Troubleshooting problems with the installer -------------------------------------------- - -If the installer fails for some reason, typically because of the graphics card not being correctly supported, it is possible to try booting the installer with a different kernel -- to do that, choose Troubleshooting menu in the Installer Welcome screen, and later choose an option to proceed with one of the kernels provided. - -The installer ships with 4 different kernels (3.12, 3.11, 3.9 and 3.7) and all those kernel will be installed (regardless of which is selected to run the installer) so it is later always possible to boot the Qubes OS using any of those kernels. - -Known Issues ------------- - -- There is no Qubes Windows Tools for Qubes R3.0 yet. We are working on this - -- UEFI is not supported, you need to enable "legacy boot" in BIOS before installing Qubes OS - -- Some icons in the Qubes Manager application might not be drawn correctly when using the Xfce4 environment in Dom0. If this bothers you, please use the KDE environment instead. - -- If your GPU is not correctly supported by the Dom0 kernel (e.g. the 3D desktop effects do not run smoothly) then you might experience "heaviness" with Windows 7-based AppVMs. In that case, please solve the problem with your GPU support in Dom0 in the first place (by using a different kernel), or install Qubes OS on a different system. - -- For other known issues take a look at [our tickets](https://github.com/QubesOS/qubes-issues/issues?q=is%3Aopen+is%3Aissue+milestone%3A%22Release+3%22+label%3Abug) - -It is advised to install updates just after system installation to apply bug fixes for (some of) the above problems. - -Getting Help ------------- - -- **User manuals are [here](/doc/UserDoc/).** (Strongly recommended!) - -- Developers documentation (normally not needed by users) is [here](/doc/SystemDoc/) - -- If you don't find answer in the sources given above, write to the *qubes-users* mailing list (you don't need to be subscribed to the list, just send email to the address given below): - - [https://groups.google.com/group/qubes-users](https://groups.google.com/group/qubes-users) - - `qubes-users@googlegroups.com` - -- Please do not write email to individual developers (Marek, Joanna, etc) asking questions about installation or other problems. Please send all such questions to the mailing list. diff --git a/InstallationIsoBuilding.md b/InstallationIsoBuilding.md deleted file mode 100644 index f8f0fc9a..00000000 --- a/InstallationIsoBuilding.md +++ /dev/null @@ -1,86 +0,0 @@ ---- -layout: doc -title: InstallationIsoBuilding -permalink: /doc/InstallationIsoBuilding/ -redirect_from: /wiki/InstallationIsoBuilding/ ---- - -How to build Qubes installation ISO -=================================== - -Qubes uses [Fedora Unity Revisor](http://revisor.fedoraunity.org/) to build the installation ISO. - -You may want to get familiar with [Revisor documentation](http://revisor.fedoraunity.org/documentation). - -Build installer packages ------------------------- - -Get [Qubes Installer repository](http://git.qubes-os.org/?p=smoku/installer) and build its packages: - -{% highlight trac-wiki %} -cd installer -make rpms -{% endhighlight %} - -Packages will be in `rpm/noarch` and `rpm/x86_64`. - -Install Revisor ---------------- - -Next install the freshly built revisor and anaconda: - -{% highlight trac-wiki %} -yum install rpm/noarch/revisor*.rpm -yum install rpm/x86_64/anaconda*.rpm -{% endhighlight %} - -Review configuration files --------------------------- - -All configuration files for Qubes Revisor are kept in the ```conf/``` directory: - -- ```conf/qubes-install.conf``` - Main Revisor configuration file. This configures Revisor to build Qubes Installation image based on Fedora 13. All other configuration files and working directories are pointed here. - -- ```conf/qubes-x86_64.conf``` - This file describes all repositories needed to build Qubes for x86\_64 architecture. - -- ```conf/qubes-kickstart.cfg``` - Fedora Kickstart formatted file describing which packages should land in the ISO `/Packages` repository. This describes basically what will be available for installation. The packages list built using this file will be further filtered by the comps file. - -- ```conf/comps-qubes.xml``` - Repository Comps file for ISO `/Packages` repository, describing packages and package groups of the installer repository. Package groups are used to select which of the packages are mandatory to install, which are optional and which are to be just available on the ISO but not installed by default (not used on Qubes). - -Create/Update local repository ------------------------------- - -Revisor fetches all RPM packages from YUM repositories. We currently use 5 repositories: - -- ```yum/installer``` (installer-related rpms) -- ```yum/qubes-dom0``` (all the Qubes stuff) -- ```yum/dom0-updates``` (for select 3rd party packages, e.g. Xorg) -- ```yum/fedora13-repo``` (local fedora 13 repo, copy from DVD) -- remote fedora repo for extra packages (usually deps for qubes-dom0) - -You need to manually copy the Fedora 13 installation DVD contents (```Packages/``` and ```repodata/``` directories) into ```build/fedora13-repo```. - -Also, you need to copy all the qubes dom0 rpms into ```build/yum/qubes-dom0/rpm``` and run the ```yum/update_repo.sh``` script afterwards. - -In order to fill the ```build/yum/installer``` repo one can just use ```make update-repo```. - -The ```build/yum/dom0-updates``` is to be used for select rpms that should also be used instead of those from the fedora (loacal and remote) repos. - -Update your local repos: - -{% highlight trac-wiki %} -make update-repo -{% endhighlight %} - -Build ISO ---------- - -Now you're finally ready to build the ISO image: - -{% highlight trac-wiki %} -make iso -{% endhighlight %} - -and wait... - -You may add `-d 1` (or `-d 99` if you're a masochist) in the Makefile at the end of the revisor command to get (a ton of) debugging information. diff --git a/QubesContacts.md b/QubesContacts.md deleted file mode 100644 index 6a357896..00000000 --- a/QubesContacts.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -layout: doc -title: QubesContacts -permalink: /doc/QubesContacts/ -redirect_from: /wiki/QubesContacts/ ---- - -Contacting the Qubes OS Team -============================ - -**Note:** Please send all the questions regarding Qubes to the [mailing list](/doc/QubesLists/). This way, your questions, as well as answers to those questions, could be also shared with other users. - -Press & business contact ------------------------- - -- Joanna Rutkowska `joanna at invisiblethingslab dot com` - diff --git a/QubesDevelopers.md b/QubesDevelopers.md deleted file mode 100644 index 4dee20cf..00000000 --- a/QubesDevelopers.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -layout: doc -title: QubesDevelopers -permalink: /doc/QubesDevelopers/ -redirect_from: /wiki/QubesDevelopers/ ---- - -Qubes Developers -================ - -Architects & Core Developers ----------------------------- - -- Joanna Rutkowska `joanna at invisiblethingslab dot com` - architecture & project management, original core, occasional addons -- Marek Marczykowski `marmarek at invisiblethingslab dot com` - everything Xen/Linux related :) -- Wojciech Porczyk `woju at invisiblethingslab dot com` -- various Linux-related things - -Contributors to the open source code ------------------------------------- - -(Roughly in chronology order:) - -- Rafal Wojtczuk `rafal at invisiblethingslab dot com` - architecture & system-level stuff (notably original gui virtualization) -- Tomasz Sterna `tomek at xiaoka dot com` - installer & gui -- Agnieszka Kostrzewa `a.kostrzewa at alx dot pl` - qubes-manager, docs -- Abel Luck `abel at outcomedubious dot im` - torvm -- Alexandre Bezroutchko `abb at gremwell dot com` - pvusb support -- Bruce A Downs `bruceadowns at gmail.com` - minor various cleanups and miscs -- Olivier Médoc `o_medoc at yahoo.fr` - core and gui fixes, template builder generalization (Arch Linux support) -- Timo Juhani Lindfors `timo.lindfors at iki.fi` - minor core cleanups -- Radoslaw Szkodzinski `astralstorm at gmail.com` - minor gui build fixes -- László Zrubecz `mail at zrubi.hu` -- HCL wiki page maintenance, HCL scripts -- Vincent Penquerc'h `vincent.penquerch@collabora.co.uk` -- code review, misc fixes - -Proprietary code developers ---------------------------- - -- Alexander Tereshkin `alex at invisiblethingslab dot com` - core windows (Qubes Windows Tools) -- Rafał Wojdyła `omeg at invisiblethingslab dot com` - currently main developer for Qubes Windows Tools (core, gui agent) - -Wiki/documentation editors --------------------------- - -- Hakisho Nukama `nukama at gmail dot com` - various wiki contributions (ZFS, HCL) -- Axon `axon at openmailbox dot org` - various wiki edits - diff --git a/QubesDocs.md b/QubesDocs.md deleted file mode 100644 index 9d682f9b..00000000 --- a/QubesDocs.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -layout: doc -title: QubesDocs -permalink: /doc/ -redirect_from: \ - /doc/QubesDocs/ - /wiki/QubesDocs/ ---- - -Qubes Documentation -=================== - -For Users ---------- - -- [User Documentation](/doc/UserDoc/) -- [Users' FAQ](/doc/UserFaq/) -- [System Requirements](/doc/SystemRequirements/) -- [Hardware Compatibility List](/hcl/) -- [On Digital Signatures and How to Verify Qubes Downloads](/doc/VerifyingSignatures/) -- [Installation Guides](/doc/QubesDownloads/) -- [Troubleshooting](/doc/TroubleShooting/) -- [Security](/doc/QubesSecurity/) - -For Developers --------------- - -- [Developer Documentation](/doc/SystemDoc/) -- [Developers' FAQ](/doc/DevelFaq/) -- [How can I contribute to the Qubes project?](/doc/ContributingHowto/) -- [Source Code](/doc/SourceCode/) -- [Coding Guidelines](/doc/CodingStyle/) -- [Documentation Guidelines](/doc/DocStyle/) -- [Books for Developers](/doc/DevelBooks/) -- [Research Papers](/doc/QubesResearch/) -- [Architecture](/doc/QubesArchitecture/) -- [Licensing](/doc/QubesLicensing/) - diff --git a/QubesDownloads.md b/QubesDownloads.md deleted file mode 100644 index 59b10726..00000000 --- a/QubesDownloads.md +++ /dev/null @@ -1,59 +0,0 @@ ---- -layout: doc -title: QubesDownloads -permalink: /doc/QubesDownloads/ -redirect_from: /wiki/QubesDownloads/ ---- - -Qubes Downloads -=============== - -- [System Requirements](/doc/SystemRequirements/) -- [Hardware Compatibility List](/hcl/) -- [On Digital Signatures and How to Verify Qubes Downloads](/doc/VerifyingSignatures/) -- [Installation Security Considerations](/doc/InstallSecurity/) -- [Licensing](/doc/QubesLicensing/) - -Qubes Release 3.0 ---------------- - -- [Qubes-R3.0-rc1-x86\_64-DVD.iso](http://sourceforge.net/projects/qubesos/files/Qubes-R3.0-rc1-x86_64-DVD.iso/download) (via sourceforge.net) -- [Digital Signature](http://sourceforge.net/projects/qubesos/files/Qubes-R3.0-rc1-x86_64-DVD.iso.asc/download) (via sourceforge.net) - -- **[Installation Guide for Qubes R3.0 rc1](/doc/InstallationGuideR3.0rc1/)** -- [Upgrading to Qubes R3.0 rc1](/doc/InstallationGuideR3.0rc1/#upgrading) - -Qubes Release 2 ---------------- - -- [Qubes-R2-x86\_64-DVD.iso](http://sourceforge.net/projects/qubesos/files/Qubes-R2-x86_64-DVD.iso/download) (via sourceforge.net) -- [Digital Signature](http://sourceforge.net/projects/qubesos/files/Qubes-R2-x86_64-DVD.iso.asc/download) (via sourceforge.net) - -- **[Installation Guide for Qubes R2](/doc/InstallationGuideR2/)** -- [Upgrading to Qubes R2](/doc/InstallationGuideR2/#upgrading) - -- [Qubes-R2-rc2-x86\_64-DVD.iso](http://sourceforge.net/projects/qubesos/files/Qubes-R2-rc2-x86_64-DVD.iso/download) (via sourceforge.net) -- [Digital Signature](http://sourceforge.net/projects/qubesos/files/Qubes-R2-rc2-x86_64-DVD.iso.asc/download) (via sourceforge.net) - -- **[Installation Guide for Qubes R2 rc2](/doc/InstallationGuideR2rc2/)** -- [Upgrading to Qubes R2 rc2](/doc/InstallationGuideR2rc2/#upgrading) - -Qubes Release 1 ---------------- - -(This is mainly for historical reference, we strongly recommend Qubes R2 above) - -- [Qubes-R1-x86\_64-DVD.iso](http://sourceforge.net/projects/qubesos/files/Qubes-R1-x86_64-DVD.iso/download) (via sourceforge.net) -- [Digital Signature](http://sourceforge.net/projects/qubesos/files/Qubes-R1-x86_64-DVD.iso.asc/download) (via sourceforge.net) - -- **[Installation Guide](/doc/InstallationGuide/)** - -Mirrors -------- - -Qubes ISOs are also available from the following mirrors: - -- [http://ftp.fsn.hu/pub/linux/distributions/qubes/](http://ftp.fsn.hu/pub/linux/distributions/qubes/) -- [http://linuxtracker.org/index.php?page=torrent-details&id=3bdf893771d63bdbe3d83f31e064360ee10f30ec](http://linuxtracker.org/index.php?page=torrent-details&id=3bdf893771d63bdbe3d83f31e064360ee10f30ec) -- [http://burnbit.com/torrent/303367/Qubes\_R2\_rc2\_x86\_64\_DVD\_iso](http://burnbit.com/torrent/303367/Qubes_R2_rc2_x86_64_DVD_iso) - diff --git a/QubesScreenshots.md b/QubesScreenshots.md deleted file mode 100644 index 068da688..00000000 --- a/QubesScreenshots.md +++ /dev/null @@ -1,114 +0,0 @@ ---- -layout: doc -title: QubesScreenshots -permalink: /doc/QubesScreenshots/ -redirect_from: /wiki/QubesScreenshots/ ---- - -Select Qubes OS Screenshots -=========================== - -[![r2b2-kde-start-menu.png](/attachment/wiki/QubesScreenshots/r2b2-kde-start-menu.png)](/attachment/wiki/QubesScreenshots/r2b2-kde-start-menu.png) - -Starting applications from different domains (AppVMs) is very easy. - -* * * * * - -[![r2b2-kde-three-domains-at-work.png](/attachment/wiki/QubesScreenshots/r2b2-kde-three-domains-at-work.png)](/attachment/wiki/QubesScreenshots/r2b2-kde-three-domains-at-work.png) - -In this example, the word processor runs in the “work” domain, which has been assigned the “green” label. It is fully isolated from other domains, such as the “untrusted” domain (assigned the “red” label -- “Watch out!”, “Danger!”) used for random Web browsing, news reading, as well as from the "work-web" domain (assigned the "yellow" label), which is used for work-related Web browsing that is not security critical. Apps from different domains run in different AppVMs and have different X servers, filesystems, etc. Notice the different color frames (labels) and VM names in the titlebars. These are drawn by the trusted Window Manager running in Dom0, and apps running in domains cannot fake them: - -* * * * * - -[![r2b3-windows-seamless-1.png](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-1.png)](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-1.png) - -Qubes Release 2 can also run Windows AppVMs in seamless mode, integrated onto the common Qubes trusted desktop, just like Linux AppVMs! The seamless GUI integration has been introduced in Qubes R2 Beta 3. This requires our dedicated Qubes Windows Support Tools to be installed in the Windows VMs first. The Qubes Windows Tools are proprietary but we distribute the binaries for free with current Qubes OS releases. - -* * * * * - -[![r2b3-windows-seamless-filecopy.png](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-filecopy.png)](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-filecopy.png) - -Windows AppVMs are fully integrated with the rest of the Qubes OS system, which includes things such as secure, policy governed, inter-VM file copy, clipboard, and generally whole our elastic qrexec infrastructure for secure inter-VM RPC! Starting with Qubes R2 Beta 3 we also support HVM-based templates allowing to instantly create many Windows AppVMs with shared "root filesystem" from the Template VM (but one should ensure their license allows for such instantiation of the OS in the template). Just like with Linux AppVMs! - -* * * * * - -[![r2b2-xfce4-programmers-desktop-2.png](/attachment/wiki/QubesScreenshots/r2b2-xfce4-programmers-desktop-2.png)](/attachment/wiki/QubesScreenshots/r2b2-xfce4-programmers-desktop-2.png) - -Here we see Xfce4.10 Window Manager running in Dom0 (instead of KDE as on previous screens). Qubes supports customized Xfce4 in dom0 beginning with R2 Beta 2! - -* * * * * - -[![password-prompt.png](/attachment/wiki/QubesScreenshots/password-prompt.png)](/attachment/wiki/QubesScreenshots/password-prompt.png) - -It is always clearly visible to which domain a given window belongs. Here it’s immediately clear that the passphrase-prompting window belongs to some domain with the “green” label. When we look at the titlebar, we see “[work]”, which is the name of the actual domain. Theoretically, the untrusted application (here, the “red” Firefox) beneath the prompt window could draw a similar looking window within its contents. In practice, this would be very hard, because it doesn’t know, e.g., the exact decoration style that is in use. However, if this is a concern, the user can simply try to move the more trusted window onto some empty space on the desktop such that no other window is present beneath it. Or, better yet, use the Expose-like effect (available via a hot-key). A malicious application from an untrusted domain cannot spoof the whole desktop because the trusted Window Manager will never let any domain “own” the whole screen. Its titlebar will always be visible. - -* * * * * - -[![r2b2-kde-tray-icons.png](/attachment/wiki/QubesScreenshots/r2b2-kde-tray-icons.png)](/attachment/wiki/QubesScreenshots/r2b2-kde-tray-icons.png) - -Qubes is all about seamless integration from the user’s point of view. Here you can see how it virtualizes tray icons from other domains. Notice the network icon in a red frame. This icon is in fact managed by the Network Manager running in a separate NetVM. The notes icon (with the green frame around it) has been drawn by the note-taking app running in the work domain (which has the "green" label). - -* * * * * - -[![r2b2-manager-and-netvm-network-prompt.png](/attachment/wiki/QubesScreenshots/r2b2-manager-and-netvm-network-prompt.png)](/attachment/wiki/QubesScreenshots/r2b2-manager-and-netvm-network-prompt.png) - -All the networking runs in a special, unprivileged NetVM. (Notice the red frame around the Network Manager dialog box on the screen above.) This means that in the event that your network card driver, Wi-Fi stack, or DHCP client is compromised, the integrity of the rest of the system will not be affected! This feature requires Intel VT-d or AMD IOMMU hardware (e.g., Core i5/i7 systems). - -* * * * * - -[![r2b2-software-update.png](/attachment/wiki/QubesScreenshots/r2b2-software-update.png)](/attachment/wiki/QubesScreenshots/r2b2-software-update.png) - -Qubes lets you update all the software in all the domains all at once, in a centralized way. This is possible thanks to Qubes' unique TemplateVM technology. Note that the user is not required to shut down any AppVMs (domains) for the update process. This can be done later, at a convenient moment, and separately for each AppVM. - -* * * * * - -[![copy-paste-1.png](/attachment/wiki/QubesScreenshots/copy-paste-1.png)](/attachment/wiki/QubesScreenshots/copy-paste-1.png) [![copy-paste-2.png](/attachment/wiki/QubesScreenshots/copy-paste-2.png)](/attachment/wiki/QubesScreenshots/copy-paste-2.png) - -Qubes supports secure copy-and-paste operations between AppVMs. Only the user can initiate a copy or paste operation using a special key combination (Ctrl-Shift-C/V). Other AppVMs have no access to the clipboard buffer, so they cannot steal data from the clipboard. Only the user decides which AppVM should be given access to the clipboard. (This is done by selecting the destination AppVM’s window and pressing the Ctrl-Shift-V combination.) - -* * * * * - -[!["r2b2-copy-to-other-appvm-1.png](/attachment/wiki/QubesScreenshots/r2b2-copy-to-other-appvm-1.png)](/attachment/wiki/QubesScreenshots/r2b2-copy-to-other-appvm-1.png) [![r2b2-copy-to-other-appvm-3.png](/attachment/wiki/QubesScreenshots/r2b2-copy-to-other-appvm-3.png)](/attachment/wiki/QubesScreenshots/r2b2-copy-to-other-appvm-3.png) - -Qubes also supports secure file copying between AppVMs. - -* * * * * - -[![r2b2-open-in-dispvm-1.png](/attachment/wiki/QubesScreenshots/r2b2-open-in-dispvm-1.png)](/attachment/wiki/QubesScreenshots/r2b2-open-in-dispvm-1.png) [![r2b2-open-in-dispvm-3.png](/attachment/wiki/QubesScreenshots/r2b2-open-in-dispvm-3.png)](/attachment/wiki/QubesScreenshots/r2b2-open-in-dispvm-3.png) - -Qubes' unique Disposable VMs (DispVMs) allow the user to open any file in a disposable VM in a matter of seconds! A file can be edited in a disposable VM, and any changes are projected back onto the original file. Currently, there is no way to mark files to be automatically opened in a disposable VM (one needs to right-click on the file and choose the "Open in Disposable VM" option), but this is planned for the R2 Beta 3 release. - -* * * * * - -[![r2b2-convert-to-trusted-pdf-3.png](/attachment/wiki/QubesScreenshots/r2b2-convert-to-trusted-pdf-3.png)](/attachment/wiki/QubesScreenshots/r2b2-convert-to-trusted-pdf-3.png) [![r2b2-converting-pdf-2.png](/attachment/wiki/QubesScreenshots/r2b2-converting-pdf-2.png)](/attachment/wiki/QubesScreenshots/r2b2-converting-pdf-2.png) - -Qubes provides an advanced infrastructure for programming inter-VM services, such as a PDF converter for untrusted files (which is described in [this article](http://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html)). - -* * * * * - -[![r2b1-manager-firewall.png](/attachment/wiki/QubesScreenshots/r2b1-manager-firewall.png)](/attachment/wiki/QubesScreenshots/r2b1-manager-firewall.png) - -Qubes provides a dedicated firewall that itself runs in an isolated FirewallVM. - -* * * * * - -And some more screenshots: - -[![r2b2-xfce4-start-menu-3.png](/attachment/wiki/QubesScreenshots/r2b2-xfce4-start-menu-3.png)](/attachment/wiki/QubesScreenshots/r2b2-xfce4-start-menu-3.png) - -[![r2b2-kde-red-and-green-terminals.png](/attachment/wiki/QubesScreenshots/r2b2-kde-red-and-green-terminals.png)](/attachment/wiki/QubesScreenshots/r2b2-kde-red-and-green-terminals.png) - -[![r2b3-windows-seamless-2.png](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-2.png)](/attachment/wiki/QubesScreenshots/r2b3-windows-seamless-2.png) - -* * * * * - -The following screenshots, [courtesy of Qubes user nalu](https://groups.google.com/d/topic/qubes-users/KhfzF19NG1s/discussion), demonstrate some of the ways in which KDE can be customized to work with Qubes: - -[![r3rc1-nalu-desktop-1.png](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-1.png)](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-1.png) - -[![r3rc1-nalu-desktop-2.png](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-2.png)](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-2.png) - -[![r3rc1-nalu-desktop-3.png](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-3.png)](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-3.png) - -[![r3rc1-nalu-desktop-4.png](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-4.png)](/attachment/wiki/QubesScreenshots/r3rc1-nalu-desktop-4.png) - diff --git a/QubesSecurity.md b/QubesSecurity.md deleted file mode 100644 index e65a6f6c..00000000 --- a/QubesSecurity.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -layout: doc -title: QubesSecurity -permalink: /doc/QubesSecurity/ -redirect_from: /wiki/QubesSecurity/ ---- - -Qubes Security -============== - -- [Reporting Security Issues in Qubes OS](/doc/SecurityPage/) -- [Qubes Security Pack](/doc/SecurityPack/) -- [Qubes Security Bulletins](/doc/SecurityBulletins/) -- [Qubes Security Goals](/doc/SecurityGoals/) -- [On digital signatures and how to verify Qubes keys and downloads](/doc/VerifyingSignatures/) - -- [Qubes Keys](http://keys.qubes-os.org/keys/) - diff --git a/README.md b/README.md new file mode 100644 index 00000000..16e98c48 --- /dev/null +++ b/README.md @@ -0,0 +1,48 @@ +Qubes OS Documentation +====================== +https://www.qubes-os.org/doc/ + +All [Qubes OS Project][qubes] documentation pages are stored as plain text +files in this dedicated repository. By cloning and regularly pulling from +this repo, users can maintain their own up-to-date offline copy of all +Qubes documentation rather than relying solely on the Web. Contributions +to the documentation (both new content and edits of existing content) +are welcome. To contribute, please [fork and clone][gh-fork] this repo, +make your changes, then either [submit a pull request][gh-pull] or +[send a patch][patch] to the `qubes-devel` [mailing list][lists]. If you have +a GitHub account (free), you can simply browse this repository and edit the +files here. The GitHub interface will automatically guide you through the +[fork and pull request process][gh-fork]. + + +Markdown Conventions +-------------------- + +All the documentation is written in Markdown for maximum accessibility. When +making contributions, please observe the following style conventions: + + * Use spaces instead of tabs. + * Hard wrap Markdown lines at 80 characters. + * Hard wrap Git commit message lines at 72 characters. + * This leaves exactly four spaces on each side of the commit message when + viewed in the default `git log` format.) + * If appropriate, make numerals in numbered lists match between Markdown + source and HTML output. + * In the event that a user is required to read the Markdown source + directly, this will make it easier to follow, e.g., numbered steps in a + set of instructions. + * Use hanging indentations + where appropriate. + * Use underline headings (`=====` and `-----`) if possible. If this is not + possible, use Atx-style headings on both the left and right sides + (`### H3 ###`). + * Use `[reference-style][ref]` links. + +`[ref]: http://daringfireball.net/projects/markdown/syntax#link` + + +[qubes]: https://github.com/QubesOS +[gh-fork]: https://guides.github.com/activities/forking/ +[gh-pull]: https://help.github.com/articles/using-pull-requests/ +[patch]: /doc/SourceCode/#sending-a-patch +[lists]: https://www.qubes-os.org/doc/QubesLists/ diff --git a/SecurityPack.md b/SecurityPack.md deleted file mode 100644 index 0b58085f..00000000 --- a/SecurityPack.md +++ /dev/null @@ -1,256 +0,0 @@ ---- -layout: doc -title: SecurityPack -permalink: /doc/SecurityPack/ -redirect_from: /wiki/SecurityPack/ ---- - -Qubes Security Pack -=================== - -1. [Qubes Security Pack](#QubesSecurityPack) - 1. [Introduction](#Introduction) - 2. [History and Rationale](#HistoryandRationale) - 3. [How to Obtain, Verify, and Read](#HowtoObtainVerifyandRead) - -Introduction ------------- - -The **Qubes Security Pack (QSP)** is a Git repository which contains: - -- [All Qubes Security Bulletins (QSBs)](/doc/SecurityBulletins/) -- [All PGP keys](https://keys.qubes-os.org/keys/) -- [Warrant canaries](https://en.wikipedia.org/wiki/Warrant_canary) -- Other security-related information and announcements (such as key revocations) - -The QSP is located here: - -> [https://github.com/QubesOS/qubes-secpack](https://github.com/QubesOS/qubes-secpack) - -History and Rationale ---------------------- - -On 2013-01-05, Joanna Rutkowska announced the QSP and explained its rationale in an [email](https://groups.google.com/d/msg/qubes-devel/twkOEaMLtNI/lZyGx6_jFCEJ) to the Qubes mailing lists: - -{% highlight trac-wiki %} -Hello, - -A new Qubes Security Bulletin has been just released and is available here: - -https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-013-2015.txt - -As per the previous discussions about recent problems with verifying -digital signatures on messages sent to Google Groups (thanks to -automatic footer addition by Google), we have decided to change the way -we publish Qubes Security Bulletins, as well as other security-related -info pertinent to the Qubes Project. - -Starting today, we will be maintain a Git repository -- "Qubes Security -Pack" -- which will contain all the QSBs released so far, all the keys, -warrant canaries [1], and potentially some additional info or -announcements (e.g. key revocations). The whole repo can be found here: - -https://github.com/QubesOS/qubes-secpack - -Note that all the keys distributed there should be signed by Qubes -Master Key. The Master Key is also attached in the repo, but should -really be obtained/verified using a different channel. - -Additionally, most of the files are signed by core Qubes -developers (currently by Marek and myself) via detached signatures as -well as git tag signatures. - -The are several advantages of using Git to distribute all these information: - -1) Git repo is a collection of files, some of which can be detached GPG -signatures for other files and we can ensure all these files are -distributed together. - -2) Git makes it easy for people to clone and redistribute these -collection of files, as well as to easily host them and view on the Web. - -3) Git provides for signed tags mechanisms which is another mean we -utilize to ensure integrity of the distributed files. - -A few words about the Warrant Canary which we've just introduced today, -and which can be seen here: - -https://github.com/QubesOS/qubes-secpack/blob/master/canaries/canary-001-2015.txt - -Even though we're not providing any kind of services (such as e.g. email -hosting), that could be searched or tapped by authorities, there are -other possibilities that worry us [2], in the light of various recent -law "developments", such as those that might be coercing people to hand -over their private keys to authorities. - -Until we fully decentralize the root of trust for Qubes, something that -requires the move to deterministic builds [3], and so won't happen -very soon, the possibility of having to disclose any of the Qubes -signing keys to anybody might have pretty serious consequences for those -who decided to entrust Qubes with anything serious. And we would like to -somehow minimize these consequences with this canary thing. - -Additionally the canary is a nice way of ensuring "freshness" of our -messaging to the community. - -Of course the canary doesn't solve all the problems. E.g. if my signing -keys were somehow stolen without our knowledge, it wouldn't help. -Neither it could help in case me being or becoming a miscreant. And -probably it doesn't address many other potential problems, which could -only be solved one day with a multi-signature scheme. But anyway, until -that time, this is the best we can do, I think. - -And congrats to Jann for the very interesting clipboard attack (even -though mostly theoretical, still very cool)! - -Thanks, -joanna. - --- -The Qubes Security Team -https://www.qubes-os.org/doc/SecurityPage - - -[1] http://en.wikipedia.org/wiki/Warrant_canary - -[2] Especially myself, because I'm currently the Root Of Trust for all -Qubes binaries :/ - -[3] Deterministic builds are required because it's the only way we can -implement multiple signature scheme for distributed binaries. -{% endhighlight %} - -How to Obtain, Verify, and Read -------------------------------- - -The following example demonstrates one method of obtaining the QSP, verifying its contents, and reading them. - -1. Clone the QSP repo. - - {% highlight trac-wiki %} - [user@qubes ~]$ git clone https://github.com/QubesOS/qubes-secpack.git - Cloning into 'qubes-secpack'... - remote: Counting objects: 195, done. - remote: Total 195 (delta 0), reused 0 (delta 0) - Receiving objects: 100% (195/195), 130.94 KiB | 207.00 KiB/s, done. - Resolving deltas: 100% (47/47), done. - Checking connectivity... done. - {% endhighlight %} - -2. Import the included PGP keys. - - {% highlight trac-wiki %} - [user@qubes ~]$ gpg --import qubes-secpack/keys/*/* - gpg: directory `/home/user/.gnupg' created - gpg: new configuration file `/home/user/.gnupg/gpg.conf' created - gpg: WARNING: options in `/home/user/.gnupg/gpg.conf' are not yet active during this run - gpg: keyring `/home/user/.gnupg/secring.gpg' created - gpg: keyring `/home/user/.gnupg/pubring.gpg' created - gpg: /home/user/.gnupg/trustdb.gpg: trustdb created - gpg: key C37BB66B: public key "Joanna Rutkowska (Qubes OS signing key) " imported - gpg: key 1E30A75D: public key "Joanna Rutkowska (Qubes OS signing key) " imported - gpg: key 74EADABC: public key "Joanna Rutkowska (Qubes OS signing key) " imported - gpg: key 65EF29CA: public key "Joanna Rutkowska (Qubes OS Signing Key) " imported - gpg: key 34898310: public key "Joanna Rutkowska (Qubes OS Signing Key) " imported - gpg: key B298547C: public key "Marek Marczykowski (Qubes OS signing key) " imported - gpg: key AB5EEF90: public key "Marek Marczykowski (Qubes OS signing key) " imported - gpg: key A603BCB6: public key "Marek Marczykowski (Qubes OS signing key) " imported - gpg: key 42CFA724: public key "Marek Marczykowski-G�recki (Qubes OS signing key) " imported - gpg: key 15CE40BF: public key "Wojciech Zygmunt Porczyk (Qubes OS signing key) " imported - gpg: key 36879494: public key "Qubes Master Signing Key" imported - gpg: key 211093A7: public key "Qubes OS Release 1 Signing Key" imported - gpg: key 0A40E458: public key "Qubes OS Release 2 Signing Key" imported - gpg: key 03FA5082: public key "Qubes OS Release 3 Signing Key" imported - gpg: key 92C7B3DC: public key "Joanna Rutkowska (Qubes Security Pack Signing Key) " imported - gpg: key 1830E06A: public key "Marek Marczykowski-G�recki (Qubes security pack) " imported - gpg: key 3F48CB21: public key "Qubes OS Security Team " imported - gpg: Total number processed: 17 - gpg: imported: 17 (RSA: 17) - gpg: no ultimately trusted keys found - {% endhighlight %} - -3. Verify and trust the Qubes Master Signing Key. - - {% highlight trac-wiki %} - [user@qubes ~]$ gpg --edit-key 36879494 - gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc. - This is free software: you are free to change and redistribute it. - There is NO WARRANTY, to the extent permitted by law. - - - pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: unknown validity: unknown - [ unknown] (1). Qubes Master Signing Key - - gpg> fpr - pub 4096R/36879494 2010-04-01 Qubes Master Signing Key - Primary key fingerprint: 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 - - gpg> trust - pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: unknown validity: unknown - [ unknown] (1). Qubes Master Signing Key - - Please decide how far you trust this user to correctly verify other users' keys - (by looking at passports, checking fingerprints from different sources, etc.) - - 1 = I don't know or won't say - 2 = I do NOT trust - 3 = I trust marginally - 4 = I trust fully - 5 = I trust ultimately - m = back to the main menu - - Your decision? 5 - Do you really want to set this key to ultimate trust? (y/N) y - - pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: ultimate validity: unknown - [ unknown] (1). Qubes Master Signing Key - Please note that the shown key validity is not necessarily correct - unless you restart the program. - - gpg> q - {% endhighlight %} - -> **Important!** - -> In order to verify the authenticity of the Qubes Master Signing Key prior to trusting it, you should obtain the Qubes Master Signing Key fingerprint from a trustworthy source (ideally, multiple sources) *other than* this website and visually compare it (them) to the fingerprint displayed in the preceding step, ensuring they match. You can read more about digital signatures and key verification [here](/doc/VerifyingSignatures/). - -1. Verify and read the canaries. - - {% highlight trac-wiki %} - [user@qubes ~]$ cd qubes-secpack/canaries/ - [user@qubes canaries]$ gpg --verify canary-001-2015.txt.sig.joanna canary-001-2015.txt - gpg: Signature made Mon Jan 5 20:21:40 2015 UTC using RSA key ID 92C7B3DC - gpg: Good signature from "Joanna Rutkowska (Qubes Security Pack Signing Key) " - [user@qubes canaries]$ gpg --verify canary-001-2015.txt.sig.marmarek canary-001-2015.txt - gpg: Signature made Mon Jan 5 20:13:37 2015 UTC using RSA key ID 1830E06A - gpg: Good signature from "Marek Marczykowski-G�recki (Qubes security pack) " - [user@qubes canaries]$ cat canary-001-2015.txt - - - ---===[ Qubes Canary #1 ]===--- - - [...] - {% endhighlight %} - -2. Verify and read the QSBs. - - {% highlight trac-wiki %} - [user@qubes canaries]$ cd ../QSBs/ - [user@qubes QSBs]$ gpg --verify qsb-013-2015.txt.sig.joanna qsb-013-2015.txt - gpg: Signature made Mon Jan 5 21:22:14 2015 UTC using RSA key ID 92C7B3DC - gpg: Good signature from "Joanna Rutkowska (Qubes Security Pack Signing Key) " - [user@qubes QSBs]$ gpg --verify qsb-013-2015.txt.sig.marmarek qsb-013-2015.txt - gpg: Signature made Mon Jan 5 21:38:11 2015 UTC using RSA key ID 1830E06A - gpg: Good signature from "Marek Marczykowski-G�recki (Qubes security pack) " - [user@qubes QSBs]$ cat qsb-013-2015.txt - - - ---===[ Qubes Security Bulletin #13 ]===--- - - [...] - {% endhighlight %} - - diff --git a/SecurityPage.md b/SecurityPage.md deleted file mode 100644 index d02691fd..00000000 --- a/SecurityPage.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -layout: doc -title: SecurityPage -permalink: /doc/SecurityPage/ -redirect_from: /wiki/SecurityPage/ ---- - -Reporting Security Issues in Qubes OS -===================================== - -If you believe you have found a security issue affecting Qubes OS, either directly or indirectly (e.g. the issue affects Xen in a configuration that is used in Qubes OS), then we would be more than happy to hear from you! - -We promise to treat any reported issue seriously and, if the investigation confirms it affects Qubes, to patch it within a reasonable time, and also to release a public Security Bulletin that describes the issue, discusses potential impact of the vulnerability, references applicable patches or workarounds, and also credits the discoverer. - -The list of all Qubes Security Advisories published so far can be found [here](/doc/SecurityBulletins/). - -Qubes Security Team -------------------- - -The Qubes Security Team can be contacted via email using the following address: - -{% highlight trac-wiki %} -security at qubes-os dot org -{% endhighlight %} - -Qubes Security Team GPG Key ---------------------------- - -Please use the [this GPG key](http://keys.qubes-os.org/keys/qubes-os-security-team-key.asc) for encrypting any emails send to this address. Like all the GPG keys used by the Qubes project, this key is signed with the Qubes Master key. Please see [this page](/doc/VerifyingSignatures/) for more information on how to verify the keys. - -Members of the Security Team ----------------------------- - -- Joanna Rutkowska \ -- Marek Marczykowski \ - diff --git a/SourceCode.md b/SourceCode.md deleted file mode 100644 index 40697b19..00000000 --- a/SourceCode.md +++ /dev/null @@ -1,37 +0,0 @@ ---- -layout: doc -title: SourceCode -permalink: /doc/SourceCode/ -redirect_from: /wiki/SourceCode/ ---- - -Qubes Source Code Repositories -============================== - -All the Qubes code is kept in GIT repositories. We divided the project into several components, each of which has its own separate repository, some of them: - -- `core-admin.git` -- the core Qubes infrastructure responsible for VM management, VM templates, fs sharing, etc. -- `gui-daemon.git` -- GUI virtualization, Dom0 side. -- `gui-agent-linux.git` -- GUI virtualization, Linux VM side. -- `linux-template-builder.git` - scripts and other files used to create Qubes templates images. - -You can browse the repositories [online on -GitHub](https://github.com/QubesOS/). The Qubes official repositories are on -this `QubesOS` github account. - -To clone a repository: - -{% highlight trac-wiki %} -git clone git://github.com/QubesOS/.git -{% endhighlight %} - -e.g.: - -{% highlight trac-wiki %} -git clone git://github.com/QubesOS/qubes-core-admin.git core-admin -{% endhighlight %} - -If you want to contribute to the project, there are two preferred ways: - -1. Use github [fork & pull requests](https://guides.github.com/activities/forking/) -2. [sending a patch](/doc/DevelFaq/#q-how-do-i-submit-a-patch) via the project's mailing list (`git format-patch`). diff --git a/StickMounting.md b/StickMounting.md deleted file mode 100644 index 83d1a342..00000000 --- a/StickMounting.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -layout: doc -title: StickMounting -permalink: /doc/StickMounting/ -redirect_from: /wiki/StickMounting/ ---- - -How to Mount USB Sticks to AppVMs -================================= - -(**Note:** In the present context, the term "USB stick" denotes any [USB mass storage device](https://en.wikipedia.org/wiki/USB_mass_storage_device_class). In addition to smaller flash memory sticks, this includes things like USB external hard drives.) - -Qubes supports the ability to mount a USB stick to any AppVM easily, no matter which VM actually handles the USB controller. (The USB controller may be assigned on the **Devices** tab of an AppVM's settings page in Qubes VM Manager or by using the [qvm-pci command](/doc/AssigningDevices/).) - -As of Qubes R2 Beta 3, USB stick mounting has been integrated into the Qubes VM Manger GUI. Simply insert your USB stick, right-click the desired AppVM in the Qubes VM Manager list, click **Attach/detach block devices**, and select your desired action and device. - -A command-line tool, `qvm-block`, is also available. This tool can be used to assign a USB stick to an AppVM as follows: - -1. Insert your USB stick. - -1. In a dom0 console (running as normal user), list all available block devices: - - {% highlight trac-wiki %} - qvm-block -l - {% endhighlight %} - -> This will list all available block devices connected to any USB controller in your system, no matter in which VM hosts the controller. The name of the VM hosting the USB controller is displayed before the colon in the device name. The string after the colon is the name of the device used within the VM. - -> **Note:** If your device is not listed here, you may refresh the list by calling (from the VM to which device is connected): -> -> {% highlight trac-wiki %} -> sudo udevadm trigger --action=change -> {% endhighlight %} - -1. Connect the device to an AppVM: - - {% highlight trac-wiki %} - qvm-block -a personal dom0:sda - {% endhighlight %} - - **Note:** The order of these parameters was changed in Qubes 1.0-rc1. - -> This will attach the device as "/dev/xvdi" in the AppVM. - -1. The USB stick is now attached to the AppVM. If using a default AppVM, you may open Nautilus file manager in the AppVM, and your stick should be visible in the **Devices** panel on the left. - -1. When you finish using your USB stick, click the eject button or right-click and select **Unmount**. - -1. In a dom0 console, unmount the stick: - -{% highlight trac-wiki %} -qvm-block -d -{% endhighlight %} - -1. You may now remove the device. - diff --git a/SystemDoc.md b/SystemDoc.md deleted file mode 100644 index 1a552e12..00000000 --- a/SystemDoc.md +++ /dev/null @@ -1,48 +0,0 @@ ---- -layout: doc -title: SystemDoc -permalink: /doc/SystemDoc/ -redirect_from: /wiki/SystemDoc/ ---- - -System Documentation for Developers -=================================== - -1. Fundamentals: - 1. Qubes OS Architecture v0.3 [(pdf)](http://files.qubes-os.org/files/doc/arch-spec-0.3.pdf) (The original 2009 document that started this all...) - 2. [Security-critical elements of Qubes OS](/doc/SecurityCriticalCode/) - 3. Qubes RPC framework (qrexec): - 1. [The Qubes RPC/Service API](/doc/Qrexec/) - 2. Example for writing a qrexec service in Qubes OS [blog post](http://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html) - 3. [qrexec implementation in Qubes R2](/doc/Qrexec2Implementation/) - 4. [qrexec implementation in Qubes R3/Odyssey](/doc/Qrexec3Implementation/) - - 4. [Qubes GUI virtualization protocol](/doc/GUIdocs/) - 5. [Networking in Qubes](/doc/QubesNet/) - 6. [Implementation of template sharing and updating](/doc/TemplateImplementation/) - -2. Services: - 1. [Inter-domain file copying](/doc/Qfilecopy/) - 2. [Dynamic memory management in Qubes](/doc/Qmemman/) - 3. [Implementation of DisposableVMs](/doc/DVMimpl/) - 4. [Article about disposable VMs](http://theinvisiblethings.blogspot.com/2010/06/disposable-vms.html) - 5. [Dom0 secure update mechanism](/doc/Dom0SecureUpdates/) - 6. [VM secure update mechanism?](/doc/VMSecureUpdates/) - -3. Debugging: - 1. [Profiling python code](/doc/Profiling/) - 2. [Test environment in separate machine for automatic tests](/doc/TestBench/) - 3. [Automated tests](/doc/AutomatedTests/) - 3. [VM-dom0 internal configuration interface](/doc/SystemDoc/VMInterface/) - 4. [Debugging Windows VMs](/doc/WindowsDebugging/) - -4. Building: - 1. [Building Qubes](/doc/QubesBuilder/) - 2. [Development Workflow](/doc/DevelopmentWorkflow/) - 3. [KDE Dom0 packages for Qubes](/doc/KdeDom0/) - 4. [How to build Qubes installation ISO](/doc/InstallationIsoBuilding/) - 5. [Building USB passthrough support (experimental)](/doc/USBVM/) - 6. [Building a TemplateVM based on a new OS (ArchLinux example)](/doc/BuildingNonFedoraTemplate/) - 7. [Building the Archlinux Template](/doc/BuildingArchlinuxTemplate/) - - diff --git a/SystemDoc/VMInterface.md b/SystemDoc/VMInterface.md deleted file mode 100644 index a28407cf..00000000 --- a/SystemDoc/VMInterface.md +++ /dev/null @@ -1,62 +0,0 @@ ---- -layout: doc -title: VMInterface -permalink: /doc/SystemDoc/VMInterface/ -redirect_from: /wiki/SystemDoc/VMInterface/ ---- - -VM Configuration Interface -========================== - -Qubes VM have some settings set by dom0 based on VM settings. There are multiple configuration channels, which includes: - -- XenStore -- QubesDB - replacing most of xenstore (in R3 only) -- Qubes RPC (called at VM startup, or when configuration changed) -- GUI protocol - -xenstore --------- - -Keys exposed by dom0 to VM (only Qubes specific included): - -- `qubes-vm-type` - VM type, the same as `type` field in `qvm-prefs`. One of `AppVM`, `ProxyVM`, `NetVM`, `TemplateVM`, `HVM`, `TemplateHVM` -- `qubes-vm-updatable` - flag whether VM is updatable (whether changes in root.img will survive VM restart). One of `True`, `False` -- `qubes-timezone - name of timezone based on dom0 timezone. For example `Europe/Warsaw` -- `qubes-keyboard` - keyboard layout based on dom0 layout. Its syntax is suitable for `xkbcomp` command (after expanding escape sequences like `\n` or `\t`). This is meant only as some default value, VM can ignore this option and choose its own keyboard layout (this is what keyboard setting from Qubes Manager does). This entry is created as part of gui-daemon initialization (so not available when gui-daemon disabled, or not started yet). -- `qubes-debug-mode` - flag whether VM have debug mode enabled (qvm-prefs setting). One of `1`, `0` -- `qubes-service/SERVICE_NAME` - subtree for VM services controlled from dom0 (using qvm-service command or Qubes Manager). One of `1`, `0`. Note that not every service will be listed here, if entry is missing, it means "use VM default". List of currently supported services is in [qvm-service man page](/wiki/Dom0Tools/QvmService) -- `qubes-netmask` - network mask (only when VM has netvm set); currently hardcoded "255.255.255.0" -- \`qubes-ip - IP address for this VM (only when VM has netvm set) -- `qubes-gateway` - default gateway IP and primary DNS address (only when VM has netvm set); VM should add host route to this address directly via eth0 (or whatever default interface name is) -- `qubes-secondary-dns` - secondary DNS address (only when VM has netvm set) -- `qubes-netvm-gateway` - same as `qubes-gateway` in connected VMs (only when VM serves as network backend - ProxyVM and NetVM); because this is also set as primary DNS in connected VMs, traffic sent to this IP on port 53 should be redirected to DNS server -- `qubes-netvm-netmask` - same as `qubes-netmask` in connected VMs (only when VM serves as network backend - ProxyVM and NetVM) -- `qubes-netvm-network` - network address (only when VM serves as network backend - ProxyVM and NetVM); can be also calculated from qubes-netvm-gateway and qubes-netvm-netmask -- `qubes-netvm-secondary-dns` - same as `qubes-secondary-dns` in connected VMs (only when VM serves as network backend - ProxyVM and NetVM); traffic sent to this IP on port 53 should be redirected to secondary DNS server - -Keys set by VM for passing info to dom0: - -- `memory/meminfo` - used memory (updated by qubes-meminfo-writer), input information for qmemman; Format: 6 lines (EOL encoded as `\n`), each in format "FIELD: VALUE kB"; fields: `MemTotal`, `MemFree`, `Buffers`, `Cached`, `SwapTotal`, `SwapFree`; meaning the same as in `/proc/meminfo` in Linux -- `qubes-block-devices` - list of block devices exposed by this VM, each device (subdirectory) should be named in a way that VM can attach the device based on it. Each should contain those entries: - - `desc` - device description (ASCII text) - - `size` - device size in bytes - - `mode` - default connection mode; `r` for read-only, `w` for read-write -- `qubes-usb-devices` - list of USB devices exposed by this VM, each device (subdirectory) should contain: - - `desc` - device description (ASCII text) - - `usb-ver` - USB version (1, 2 or 3) - -Qubes RPC ---------- - -Services called by dom0 to provide some VM configuration: - -- qubes.SetMonitorLayout - provide list of monitors, one in a line, each line contains four numbers: width height X Y -- qubes.WaitForSession - called to wait for full VM startup -- qubes.GetAppmenus - receive appmenus from given VM (template); TODO: describe format here -- qubes.GetImageRGBA - receive image/application icon: TODO: describe format and parameters here - -GUI protocol ------------- - -GUI initialization includes passing the whole screen dimensions from dom0 to VM. This will most likely be overwritten by qubes.SetMonitorLayout Qubes RPC call. diff --git a/TemplateImplementation.md b/TemplateImplementation.md deleted file mode 100644 index ee9b068d..00000000 --- a/TemplateImplementation.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -layout: doc -title: TemplateImplementation -permalink: /doc/TemplateImplementation/ -redirect_from: /wiki/TemplateImplementation/ ---- - -Overview of VM block devices -============================ - -Every VM has 4 block devices connected: - -- **xvda** - base root device (/) - details described below -- **xvdb** - private.img - place where VM always can write. -- **xvdc** - volatile.img, discarded at each VM restart - here is placed swap and temporal "/" modifications (see below) -- **xvdd** - modules.img - kernel modules and firmware - -private.img (xvdb) ------------------- - -This is mounted as /rw and here is placed all VM private data. This includes: - -- */home* - which is symlink to /rw/home -- */usr/local* - which is symlink to /rw/usrlocal -- some config files (/rw/config) called by qubes core scripts (ex /rw/config/rc.local) - -modules.img (xvdd) ------------------- - -As kernel is chosen in dom0, not VM there must be some way to provide matching kernel modules to VM OS. Qubes kernel dir consists of 3 files: - -- *vmlinuz* - actual kernel -- *initramfs* - initial ramdisk containing script to setup snapshot devices (see below) and mount /lib/modules -- *modules.img* - filesystem image of /lib/modules with matching kernel modules and firmware (/lib/firmware/updates is symlinked to /lib/modules/firmware) - -Normally kernel "package" is common for many VMs (can be set using qvm-prefs). One of them can be set as default (qvm-set-default-kernel) to simplify kernel updates (by default all VMs uses default kernel). All installed kernels are placed in /var/lib/qubes/vm-kernels as separate subdirs. In this case, modules.img is attached to VM as R/O device. - -There is special case when VM can have custom kernel - when it is updateable (StandaloneVM or TemplateVM) and kernel is set to "none" (by qvm-prefs). In this case VM uses kernel from "kernels" VM subdir and modules.img is attached as R/W device. FIXME: "none" should be renamed to "custom". - -Qubes TemplateVM implementation -=============================== - -TemplateVM has a shared root.img across all AppVMs that are based on it. This mechanism has some advantages over a simple common device connected to multiple VMs: - -- root.img can be modified while there are AppVMs running - without corrupting the filesystem -- multiple AppVMs that are using different versions of root.img (from various points in time) can be running concurrently - -There are two layers of the device-mapper snapshot device; the first one enables modifying root.img without stopping the AppVMs and the second one, which is contained in the AppVM, enables temporal modifications to its filesystem. These modifications will be discarded after a restart of the AppVM. - -![TemplateSharing2.png](/attachment/wiki/TemplateImplementation/TemplateSharing2.png) - -Snapshot device in Dom0 ------------------------ - -This device consists of: - -- root.img - real template filesystem -- root-cow.img - differences between the device as seen by AppVM and the current root.img - -The above is achieved through creating device-mapper snapshots for each version of root.img. When an AppVM is started, a xen hotplug script (/etc/xen/scripts/block-snapshot) reads the inode numbers of root.img and root-cow.img; these numbers are used as the snapshot device's name. When a device with the same name exists the new AppVM will use it - therefore, AppVMs based on the same version of root.img will use the same device. Of course, the device-mapper cannot use the files directly - it must be connected through /dev/loop\*. The same mechanism detects if there is a loop device associated with a file determined by the device and inode numbers - or if creating a new loop device is necessary. - -When an AppVM is stopped the xen hotplug script checks whether the device is still in use - if it is not, the script removes the snapshot and frees the loop device. - -### Changes to template filesystem - -In order for the full potential of the snapshot device to be realized, every change in root.img must save the original version of the modified block in root-cow.img. This is achieved by a snapshot-origin device. - -When TemplateVM is started, it receives the snapshot-origin device connected as a root device (in read-write mode). Therefore, every change to this device is immediately saved in root.img - but remains invisible to the AppVM, which uses the snapshot. - -When TemplateVM is stopped, the xen script moves root-cow.img to root-cow.img.old and creates a new one (using the qvm-template-commit tool). The snapshot device will remain untouched due to the loop device, which uses an actual file on the disk (by inode, not by name). Linux kernel frees the old root-cow.img files as soon as they are unused by all snapshot devices (to be exact, loop devices). The new root-cow.img file will get a new inode number, and so new AppVMs will get new snapshot devices (with different names). - -### Rollback template changes - -There is possibility to rollback last template changes. Saved root-cow.img.old contains all changes made during last TemplateVM run. Rolling back changes is done by reverting this "binary patch". - -This is done using snapshot-merge device-mapper target (available from 2.6.34 kernel). It requires that no other snapshot device uses underlying block devices (root.img, root-cow.img via loop device). Because of this all AppVMs based on this template must be halted during this operation. - -Steps performed by **qvm-revert-template-changes**: - -1. Ensure that no other VMs uses this template. -2. Prepare snapshot device with ***root-cow.img.old*** instead of *root-cow.img* (*/etc/xen/scripts/block-snapshot prepare*). -3. Replace *snapshot* device-mapper target with *snapshot-merge*, other parameters (chunk size etc) remains untouched. Now kernel starts merging changes stored in *root-cow.img.old* into *root.img*. d-m device can be used normally (if needed). -4. Waits for merge completed: *dmsetup status* shows used snapshot blocks - it should be equal to metadata size when completed. -5. Replace *snapshot-merge* d-m target back to *snapshot*. -6. Cleanup snapshot device (if nobody uses it it the moment). -7. Move *root-cow.img.old* to *root-cow.img* (overriding existing file). - -Snapshot device in AppVM ------------------------- - -Root device is exposed to AppVM in read-only mode. AppVM can write only in: - -- private.img - persistent storage (mounted in /rw) used for /home, /usr/local - in future versions, its use may be extended -- volatile.img - temporary storage, which is discarded after an AppVM restart - -volatile.img is divided into two partitions: - -1. changes to root device -2. swap partition - -Inside of an AppVM, the root device is wrapped by the snapshot in the first partition of volatile.img. Therefore, the AppVM can write anything to its filesystem - however, such changes will be discarded after a restart. - -StandaloneVM ------------- - -Standalone VM enables user to modify root filesystem persistently. It can be created using *--standalone* switch to *qvm-create*. - -It is implemented just like TemplateVM (has own root.img connected as R/W device), but no other VMs can be based on it. diff --git a/Templates.md b/Templates.md deleted file mode 100644 index f401a5f7..00000000 --- a/Templates.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -layout: doc -title: Templates -permalink: /doc/Templates/ -redirect_from: /wiki/Templates/ ---- - -Templates -========= - -Every AppVM in Qubes is based on some template, this is where all the software -available for AppVMs is installed. Default template is based on Fedora, but -there are additional templates based on other Linux distributions, or with some -additional software installed by default. This concept is described -[here](/doc/GettingStarted/#appvms-domains-and-templatevms). - -Some templates are available in ready to use binary form, but some of them are -only as a source code, which can be built using [Qubes Builder](/doc/QubesBuilder/). -Especially some templates "flavors" are available in source code form only. -Take a look at [Qubes Builder -documentation](https://github.com/QubesOS/qubes-builder/blob/master/README.md) -how to compile them. - -ITL Supported templates ------------------------ - -For those templates ITL is responsible for build and releasing updates, -especially ITL guarantees that the binary updates are compiled from exactly -the source code we publish. - -- Fedora -- [Fedora - Minimal](/doc/Templates/FedoraMinimal) -- [Debian](/doc/Templates/Debian/) - -Community Supported templates ------------------------------ - -Those templates are supported by Qubes Community. Some of them are available in -ready to use binary package (built by ITL), some are only in source code form. -In any case ITL does not provide updates for those templates, but such updates -can be provided by template maintainer. - -In short - by installing those templates, you trust not only ITL and -distribution maintainers, but also the template maintainer. It can also happen -that those templates are somehow less stable, because we do not test them. - -- [Whonix](/doc/Templates/Whonix/) -- [Ubuntu](/doc/Templates/Ubuntu/) -- [Archlinux](/doc/Templates/Archlinux/) - diff --git a/Templates/FedoraMinimal.md b/Templates/FedoraMinimal.md deleted file mode 100644 index a0791e37..00000000 --- a/Templates/FedoraMinimal.md +++ /dev/null @@ -1,76 +0,0 @@ ---- -layout: doc -title: FedoraMinimal -permalink: /doc/Templates/FedoraMinimal/ -redirect_from: /wiki/Templates/FedoraMinimal/ ---- - -Fedora - minimal -================ - -We have uploaded a new "minimal" template to our templates-itl repo. The template weighs only 150MB and has most of the stuff cut off, except for minimal X and xterm. - -More into in ticket \#828 - -Install -------- - -It can be installed via the following command: - -{% highlight trac-wiki %} -[user@dom0 ~]$ sudo qubes-dom0-update qubes-template-fedora-20-x64-minimal -{% endhighlight %} - -Usage ------ - -It is a good idea to clone the original template, and make any changes in the new clone instead: - -{% highlight trac-wiki %} -[user@dom0 ~]$ qvm-clone fedora-20-x64-minimal -{% endhighlight %} - -The sudo package is not installed by default, so lets install it: - -{% highlight trac-wiki %} -[user@F20-Minimal ~]$ su - -[user@F20-Minimal ~]$ yum install sudo -{% endhighlight %} - -The rsyslog logging service is not installed by default. All logging is now being handled by the systemd journal. Users requiring the rsyslog service should install it manually. - -To access the journald log, use the following command: `journalctl` - -### as a NetVM - -If You want to use this template to for standard NetVMs You should install some more packeges: - -{% highlight trac-wiki %} -[user@F20-Minimal ~]$ sudo yum install NetworkManager network-manager-applet wireless-tools dbus-x11 dejavu-sans-fonts tar tinyproxy -{% endhighlight %} - -And maybe some more optional but useful packages as well: - -{% highlight trac-wiki %} -[user@F20-Minimal ~]$ sudo yum install pciutils vim-minimal less tcpdump telnet psmisc nmap nmap-ncat gnome-keyring -{% endhighlight %} - -If Your network device needs some firmware then you should also install the corresponding packages as well. The `lspci; yum search firmware` command will help to choose the right one :) - -### as a ProxyVM - -If You want to use this template as a ProxyVM You may want to install evem more packages - -#### Firewall - -This template is ready to use for a standard firewall VM. However, using the default minimal template with the default firewall and default update settings will result in an error when attempting to update dom0 (`qubes-dom0-update`), since this process requires `tar`, which is not present by default in the minimal template. - -#### VPN - -The needed packages are depend on the VPN technology. `yum search "NetworkManager VPN plugin"` command may help you to choose the right one. - -[More details about setting up a VPN Gateway](/wiki/VPN#ProxyVM) - -#### TOR - -[UserDoc/TorVM](/wiki/UserDoc/TorVM) diff --git a/Templates/Ubuntu.md b/Templates/Ubuntu.md deleted file mode 100644 index 3d7f635b..00000000 --- a/Templates/Ubuntu.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -layout: doc -title: Ubuntu -permalink: /doc/Templates/Ubuntu/ -redirect_from: /wiki/Templates/Ubuntu/ ---- - -Ubuntu template(s) -================== - -If you like to use Ubuntu Linux distribution in your AppVMs, you can build and -install one of available Ubuntu templates. Those template currently are not -available in ready to use binary packages. - -Install -------- - -It can built using [Qubes Builder](/doc/QubesBuilder/). You can also access its -documentation in the [source code -repository](https://github.com/QubesOS/qubes-builder/blob/master/README.md). - -To quickly prepare the builder configuration, you can use `setup` script -available in the repository - it will interactively ask you which templates you -want to build. - -Known issues ------------- - -If you want to help in improving the template, feel free to [contribute](/wiki/ContributingHowto). diff --git a/TestPage.md b/TestPage.md deleted file mode 100644 index a9fdf0dd..00000000 --- a/TestPage.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -layout: doc -title: TestPage -permalink: /doc/TestPage/ -redirect_from: /wiki/TestPage/ ---- - -This is a test. diff --git a/TestTest.md b/TestTest.md deleted file mode 100644 index 7b142f4c..00000000 --- a/TestTest.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -layout: doc -title: TestTest -permalink: /doc/TestTest/ -redirect_from: /wiki/TestTest/ ---- - -This is a test page -=================== - -Please ignore. - -![snapshot1.png](/attachment/wiki/TestTest/snapshot1.png) diff --git a/TroubleShooting.md b/TroubleShooting.md deleted file mode 100644 index 704b1cbf..00000000 --- a/TroubleShooting.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -layout: doc -title: TroubleShooting -permalink: /doc/TroubleShooting/ -redirect_from: /wiki/TroubleShooting/ ---- - -- [Home directory is out of disk space error](/doc/OutOfmemory/) - diff --git a/Trusted_parts.md b/Trusted_parts.md deleted file mode 100644 index 99d13d91..00000000 --- a/Trusted_parts.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -layout: doc -title: Trusted_parts -permalink: /doc/Trusted_parts/ -redirect_from: /wiki/Trusted_parts/ ---- - - diff --git a/UsbInstallation.md b/UsbInstallation.md deleted file mode 100644 index 2819ae0e..00000000 --- a/UsbInstallation.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -layout: doc -title: UsbInstallation -permalink: /doc/UsbInstallation/ -redirect_from: /wiki/UsbInstallation/ ---- - -How to create a bootable USB stick from Qubes ISO -================================================= - -Qubes ISO image is already prepared to boot from USB disk, you just need to copy the ISO onto the USB device, e.g. using dd: - -{% highlight trac-wiki %} -dd if=Qubes-R2-Beta2-x86_64-DVD.iso of=/dev/sdX -{% endhighlight %} - -**Be sure to use a correct device as the target in the dd command above (instead of sdX)** diff --git a/UserDoc.md b/UserDoc.md deleted file mode 100644 index 3e5417ab..00000000 --- a/UserDoc.md +++ /dev/null @@ -1,101 +0,0 @@ ---- -layout: doc -title: UserDoc -permalink: /doc/UserDoc/ -redirect_from: /wiki/UserDoc/ ---- - -Qubes User Documentation -======================== - -1. **Basic Reading** - 1. [Getting Started](/doc/GettingStarted/) - 2. [Security Guidelines](/doc/SecurityGuidelines/) - 3. [Glossary of Qubes Terminology](/doc/Glossary/) - -2. **Dom0** - 1. [Dom0 Command-Line Tools](/doc/DomZeroTools/) - 2. [Updating Software in dom0](/doc/SoftwareUpdateDom0/) - 3. [Copying Files to and from dom0](/doc/CopyToDomZero/) - 4. [Backup, Restoration, and Migration](/doc/BackupRestore/) - 5. [Qubes Policy for InterVM Services](/doc/Qrexec/#qubes-services-rpc-policy) - 6. Advanced Topics - 1. [Installing Anti Evil Maid](/doc/AntiEvilMaid/) - 2. [XFCE Installation in dom0](/doc/UserDoc/XFCE/) - 3. [Installing ZFS in Qubes](/doc/ZFS/) - 4. [Configuring YubiKey for user authentication](/doc/YubiKey/) - 5. [Storing AppVMs on Secondary Drives](/doc/SecondaryStorage/) - 7. External Links - 1. [Customizing the GUI experience with KDE](https://groups.google.com/d/topic/qubes-users/KhfzF19NG1s/discussion) - -3. **DomUs** - 1. [DomU Command-Line Tools](/doc/VmTools/) - 2. **Intra-VM Actions** - 1. [Enabling Fullscreen Mode](/doc/FullScreenMode/) - 2. [Managing Application Shortcuts](/doc/ManagingAppVmShortcuts/) - - 3. **Inter-VM Actions** - 1. [Copying and Pasting Text Between Domains](/doc/CopyPaste/) - 2. [Copying and Moving Files Between Domains](/doc/CopyingFiles/) - 3. [Using GPG more securely in Qubes: Split GPG tutorial](/doc/UserDoc/SplitGpg/) - - 4. **NetVMs and ProxyVMs** - 1. [Understanding Qubes Firewall](/doc/QubesFirewall/) - 2. [Understanding and Preventing Data Leaks](/doc/DataLeaks/) - 3. [How to Install a Transparent Tor ProxyVM (TorVM)](/doc/UserDoc/TorVM/) - 4. [How to set up a ProxyVM as a VPN Gateway](/doc/VPN/) - 5. [Adding Bridge Support to the NetVM (EXPERIMENTAL)](/doc/NetworkBridgeSupport/) - 6. External Links - 1. [Creating Custom NetVMs and ProxyVMs](http://theinvisiblethings.blogspot.com/2011/09/playing-with-qubes-networking-for-fun.html) - 2. [How to run TorBrowser using external tor proxy (from TorVM)](https://groups.google.com/group/qubes-devel/msg/34f67194d3422bfa) - 3. [How to make proxy for individual tcp connection from networkless VM](https://groups.google.com/group/qubes-devel/msg/4ca950ab6d7cd11a) - 4. [HTTP filtering proxy in Qubes firewall VM](https://groups.google.com/group/qubes-devel/browse_thread/thread/5252bc3f6ed4b43e/d881deb5afaa2a6c#39c95d63fccca12b) - - 5. **[TemplateVMs](/doc/Templates/)** - 1. [Updating and Installing Software in VMs](/doc/SoftwareUpdateVM/) - 2. [Templates: Fedora - minimal](/doc/Templates/FedoraMinimal/) - 3. [Templates: Debian](/doc/Templates/Debian/) - 4. External Links - 1. [Extending \`root.img\` Size](https://groups.google.com/group/qubes-devel/msg/9d1ac581236ca9b4) - - 6. **DispVMs** - 1. [Disposable VMs](/doc/DisposableVms/) - 2. [DispVM Customization](/doc/UserDoc/DispVMCustomization/) - - 7. **HVMs** - 1. [Resizing AppVM and HVM Disk Images](/doc/ResizeDiskImage/) - 2. [Tips for Using Linux in an HVM](/doc/LinuxHVMTips/) - 3. [Creating and Using HVM and Windows Domains (Qubes R2+)](/doc/HvmCreate/) - 4. External Links - 1. [Creating Whonix HVMs in Qubes](https://www.whonix.org/wiki/Qubes) - 2. [Creating NetBSD VM](https://groups.google.com/group/qubes-devel/msg/4015c8900a813985) - - 8. **Windows VMs** - 1. [Installing and Using Windows-based AppVMs (Qubes R2 Beta 3 and later)](/doc/WindowsAppVms/) - 2. [Advanced options and troubleshooting of Qubes Tools for Windows](/doc/WindowsTools/) - - 9. Advanced Topics - 1. [Configuration files](/doc/UserDoc/ConfigFiles/) - 2. [Qubes service framework](/doc/QubesService/) - 3. [Note regarding password-less root access in VM](/doc/VMSudo/) - -4. **Applications** - 1. [Languages](/doc/LanguageLocalization/) - -5. **Hardware** - 1. [How to Mount USB Sticks to AppVMs](/doc/StickMounting/) - 2. [Where are my external storage devices mounted?](/doc/ExternalDeviceMountPoint/) - 3. [Assigning PCI Devices to AppVMs](/doc/AssigningDevices/) - 4. [Enabling TRIM for SSD disks](/doc/DiskTRIM/) - 5. [Configuring a Network Printer](/doc/NetworkPrinter/) - 6. [Using External Audio Devices](/doc/ExternalAudio/) - 7. Vendor-specific - 1. [How to install an Nvidia driver in dom0](/doc/InstallNvidiaDriver/) - 2. [Getting Sony Vaio Z laptop to work with Qubes](/doc/SonyVaioTinkering/) - - 8. External Links - 1. [Installing on system with new AMD GPU (missing firmware problem)](https://groups.google.com/group/qubes-devel/browse_thread/thread/e27a57b0eda62f76) - 2. [Solving problems with Macbook Air 2012](https://groups.google.com/group/qubes-devel/browse_thread/thread/b8b0d819d2a4fc39/d50a72449107ab21#8a9268c09d105e69) - 3. [Booting with GRUB2 and GPT](https://groups.google.com/group/qubes-devel/browse_thread/thread/e4ac093cabd37d2b/d5090c20d92c4128#d5090c20d92c4128) - - diff --git a/UserDoc/DispVMCustomization.md b/UserDoc/DispVMCustomization.md deleted file mode 100644 index bb331fb1..00000000 --- a/UserDoc/DispVMCustomization.md +++ /dev/null @@ -1,37 +0,0 @@ ---- -layout: doc -title: DispVMCustomization -permalink: /doc/UserDoc/DispVMCustomization/ -redirect_from: /wiki/UserDoc/DispVMCustomization/ ---- - -Customization of Disposable VM -============================== - -It is possible to change the settings of each new Disposable VM (DispVM). This can be done by customizing the DispVM template: - -1. Start a terminal in the `fedora-20-x64-dvm` TemplateVM by running the following command in a dom0 terminal. (By default, this TemplateVM is not shown in Qubes VM Manager. However, it can be shown by selecting "Show/Hide internal VMs.") - - {% highlight trac-wiki %} - [user@dom0 ~]$ qvm-run -a fedora-20-x64-dvm gnome-terminal - {% endhighlight %} - -2. Change the VM's settings and/or applications, as desired. Note that currently Qubes supports exactly one DispVM template, so any changes you make here will affect all DispVMs. Some examples of changes you may want to make include: - - Changing Firefox's default startup settings and homepage. - - Changing Nautilus' default file preview settings. - - Changing the DispVM's default NetVM. For example, you may wish to set the NetVM to "none." Then, whenever you start a new DispVM, you can choose your desired ProxyVM manually (by changing the newly-started DipsVMs settings). This is useful if you sometimes wish to use a DispVM with a TorVM, for example. It is also useful if you sometimes wish to open untrusted files in a network-disconnected DispVM. - -3. Create an empty `/home/user/.qubes-dispvm-customized` file: - - {% highlight trac-wiki %} - [user@fedora-20-x64-dvm ~]$ touch /home/user/.qubes-dispvm-customized - {% endhighlight %} - -4. Shutdown the VM (either by `poweroff` from VM terminal, or `qvm-shutdown` from dom0 terminal). -5. Regenerate the DispVM template: - - {% highlight trac-wiki %} - [user@dom0 ~]$ qvm-create-default-dvm --default-template --default-script - {% endhighlight %} - -**Note:** All of the above requires at least qubes-core-vm \>= 2.1.2 installed in template. diff --git a/UserDoc/SplitGpg.md b/UserDoc/SplitGpg.md deleted file mode 100644 index 9af6ccf8..00000000 --- a/UserDoc/SplitGpg.md +++ /dev/null @@ -1,166 +0,0 @@ ---- -layout: doc -title: SplitGpg -permalink: /doc/UserDoc/SplitGpg/ -redirect_from: /wiki/UserDoc/SplitGpg/ ---- - -Qubes Split GPG -=============== - -What is Split GPG and why should I use it instead of the standard GPG? ----------------------------------------------------------------------- - -Split GPG implements a concept similar to having a smart card with your private GPG keys, except that the role of the "smart card" plays another Qubes AppVM. This way one, not-so-trusted domain, e.g. the one where Thunderbird is running, can delegate all crypto operations, such as encryption/decryption and signing to another, more trusted, network-isolated, domain. This way a compromise of your domain where the Thunderbird or other client app is running -- arguably a not-so-unthinkable scenario -- does not allow the attacker to automatically also steal all your keys (we should make a rather obvious comment here that the so-often-used passphrases on private keys are pretty meaningless because the attacker can easily set up a simple backdoor which would wait until the user enters the passphrase and steal the key then). - -The diagram below presents the big picture of Split GPG architecture. - -![split-gpg-diagram.png](/attachment/wiki/UserDoc/SplitGpg/split-gpg-diagram.png) - -### Advantages of Split GPG vs. traditional GPG with a smart card - -It is often thought that the use of smart cards for private key storage guarantees ultimate safety. While this might be true (unless the attacker can find a usually-very-expensive-and-requiring-physical-presence way to extract the key from the smart card) but only with regards to the safety of the private key itself. However, there is usually nothing that could stop the attacker from requesting the smart card to perform decryption of all the user documents the attacker has found or need to decrypt. In other words, while protecting the user's private key is an important task, we should not forget that ultimately it is the user data that are to be protected and that the smart card chip has no way of knowing the requests to decrypt documents are now coming from the attacker's script and not from the user sitting in front of the monitor. (Similarly the smart card doesn't make the process of digitally signing a document or a transaction in any way more secure -- the user cannot know what the chip is really signing. Unfortunately this problem of signing reliability is not solvable by Split GPG) - -With Qubes Split GPG this problem is drastically minimized, because each time the key is to be used the user is asked for consent (with a definable time out, 5 minutes by default), plus is always notified each time the key is used via a tray notification from the domain where GPG backend is running. This way it would be easy to spot unexpected requests to decrypt documents. - -![r2-split-gpg-1.png](/attachment/wiki/UserDoc/SplitGpg/r2-split-gpg-1.png) ![r2-split-gpg-3.png](/attachment/wiki/UserDoc/SplitGpg/r2-split-gpg-3.png) - -### Current limitations - -- Current implementation requires importing of public keys to the vault domain. This opens up an avenue to attack the gpg running in the backend domain via a hypothetical bug in public key importing code. See ticket \#474 for more details and plans how to get around this problem, as well as the section on [using split GPG with subkeys](/wiki/UserDoc/SplitGpg#Advanced:UsingSplitGPGwithSubkeys) below. - -- It doesn't solve the problem of allowing the user to know what is to be signed before the operation gets approved. Perhaps the GPG backend domain could start a Disposable VM and have the to-be-signed document displayed there? To Be Determined. - -- Verifying detached signatures does not work (see \#900). You have to have public keys in AppVM and some means to use different command to verify them. Both git and Enigmail does not allow that and you have to choose between [SplitGpg](/wiki/UserDoc/SplitGpg) and PGP/MIME. - -Configuring and using Split GPG -------------------------------- - -Start with creating a dedicated AppVM for storing your keys (the GPG backend domain). It is recommended that this domain be network disconnected (set its netvm to `none`) and only used for this one purpose. In later examples this AppVM is named `work-gpg`, but of course it might have any other name. - -### Setting up the GPG backend domain - -Make sure the gpg is installed there and there are some private keys in the keyring, e.g.: - -{% highlight trac-wiki %} -[user@work-gpg ~]$ gpg -K -/home/user/.gnupg/secring.gpg ------------------------------ -sec 4096R/3F48CB21 2012-11-15 -uid Qubes OS Security Team -ssb 4096R/30498E2A 2012-11-15 -(...) -{% endhighlight %} - -This is pretty much all that is required. However one might also want to modify the default timeout which tells the backend for how long the user's approval for key access should be valid (default 5 minutes). This is adjustable via `QUBES_GPG_AUTOACCEPT` variable. One can override it e.g. in `~/.bash_profile`: - -{% highlight trac-wiki %} -[user@work-gpg ~]$ echo "export QUBES_GPG_AUTOACCEPT=86400" >> ~/.bash_profile -{% endhighlight %} - -### Configuring the client apps to use split GPG backend - -Normally it should be enough to set the `QUBES_GPG_DOMAIN` to the GPG backend domain name and use `qubes-gpg-client` in place of `gpg`, e.g.: - -{% highlight trac-wiki %} -[user@work ~]$ export QUBES_GPG_DOMAIN=work-gpg -[user@work ~]$ gpg -K -[user@work ~]$ qubes-gpg-client -K -/home/user/.gnupg/secring.gpg ------------------------------ -sec 4096R/3F48CB21 2012-11-15 -uid Qubes OS Security Team -ssb 4096R/30498E2A 2012-11-15 -(...) - -[user@work ~]$ qubes-gpg-client secret_message.txt.asc -(...) -{% endhighlight %} - -Note that running normal `gpg -K` in the demo above shows no private keys stored in this AppVM. - -### Configuring Thunderbird/Enigmail for use with Split GPG - -However, when using Thunderbird with Enigmail extension it is not enough, because Thunderbird doesn't preserve the environment variables. Instead it is recommended to use a simple script provided by `/usr/bin/qubes-gpg-client-wrapper` file by pointing Enigmail to use this script instead of the standard GnuPG binary: - -![tb-enigmail-split-gpg-settings-2.png](/attachment/wiki/UserDoc/SplitGpg/tb-enigmail-split-gpg-settings-2.png) - -The script also sets the QUBES\_GPG\_DOMAIN variable automatically based on the content of the file `/rw/config/gpg-split-domain`, which should be set to the name of the GPG backend VM. This file survives the AppVM reboot, of course. - -{% highlight trac-wiki %} -[user@work ~]$ sudo bash -[user@work ~]$ echo "work-gpg" > /rw/config/gpg-split-domain -{% endhighlight %} - -*NOTE*: A recent engimail update, version `thunderbird-enigmail-1.7-1`, introduced changes in how Enigmail expects to execute GPG binary and so requires an updated split-gpg package with version \>= `qubes-gpg-split-2.0.7-1`. Please make sure you have all the latest qubes packages installed in your template. - -### How to use `gpg2` instead of `gpg` - -In your GPG backend domain's TemplateVM: - -1. `sudo vim /etc/qubes-rpc/qubes.Gpg` -2. Change `/usr/bin/gpg` to `/usr/bin/gpg2`. -3. Ensure that your key has a **blank passphrase**. If not, you will encounter an error. -4. Shut down the TemplateVM and restart the GPG backend domain. - -### Importing public keys - -Use `qubes-gpg-import-key` in the client AppVM to import the key into the GPG backend VM. Of course a (safe, unspoofable) user consent dialog box is displayed to accept this. - -{% highlight trac-wiki %} -[user@work ~]$ export QUBES_GPG_DOMAIN=work-gpg -[user@work ~]$ qubes-gpg-import-key ~/Downloads/marmarek.asc -{% endhighlight %} - -![r2-split-gpg-5.png](/attachment/wiki/UserDoc/SplitGpg/r2-split-gpg-5.png) - -Advanced: Using Split GPG with Subkeys --------------------------------------- - -Users with particularly high security requirements may wish to use split GPG with [​subkeys](https://wiki.debian.org/Subkeys). However, this setup comes at a significant cost: It will be impossible to sign other people's keys with the master secret key without breaking this security model. Nonetheless, if signing others' keys is not required, then split GPG with subkeys offers unparalleled security for one's master secret key. - -### Setup Description - -In this example, the following keys are stored in the following locations: - -|| -|**PGP Key(s)**|**VM Name**| -|master secret key|vault| -|secret subkeys|work-gpg| -|public key|work-email| - -master secret key (sec) -It is recommended that this key be created as a **certify-only (C)** key, i.e., a key which is capable only of signing other keys. This key may be created *without* an expiration date. This is for two reasons. First, the master secret key is never to leave the vault VM, so it is extremely unlikely ever to be obtained by an adversary (see below). Second, an adversary who *does* manage to obtain the master secret key either possesses the passphrase to unlock the key, or he does not. If he does, then he can simply use the passphrase in order to legally extend the expiration date of the key (or remove it entirely). If he does not, then he cannot use the key. In either case, an expiration date provides no additional benefit. It is, however, recommended that a **revocation certificate** be created so that the master keypair may be revoked in the (exceedingly unlikely) event that an adversary obtains both the master secret key *and* the passphrase. It is recommended that the master secret key passphrase only ever be input in the vault VM. (Subkeys should use a different passphrase; see below). - -secret subkeys (ssb) -It is recommended that two subkeys be created: one for **signing (S)**, and one for **encryption (E)**. It is further recommended that a *different* passphrase be used for these subkeys than for the master secret key. Finally, it is recommended that each of these subkeys be created with a reasonable expiration date (e.g., one year), and that a *new* set of subkeys be created whenever the existing set expires, rather than the expiration date of the existing keys being extended. This is because an adversary who obtains any existing encryption subkey (for example) will be able to use it in order to decrypt all emails (for example) which were encrypted with that subkey. If the same subkey were to continue to be used--and its expiration date continually extended--only that one key would need to be stolen (e.g., as a result of the work-gpg VM being compromised; see below) in order to decrypt *all* of the user's emails. If, on the other hand, each encryption subkey is used for at most approximately one year, then an adversary who obtains the secret subkey will be capable of decrypting at most approximately one year's worth of emails. - -public key (pub) -This is the complement of the master secret key. It should be uploaded to keyservers and may be signed by others. - -vault -This is a network-isolated VM. The initial master keypair and subkeys are generated in this VM. The master secret key *never* leaves this VM under *any* circumstances. No files or text is *ever* [copied](/wiki/CopyingFiles#Oninter-domainfilecopysecurity) or [pasted](/wiki/CopyPaste#Clipboardautomaticpolicyenforcement) into this VM under *any* circumstances. - -work-gpg -This is a network-isolated VM. This VM is used *only* as the GPG backend for work-email. The secret subkeys (but *not* the master secret key) are [copied](/wiki/CopyingFiles) from the vault VM to this VM. Files from less trusted VMs are *never* copied into this VM under *any* circumstances. - -work-email -This VM has access to the mail server. It accesses the work-gpg VM via the split GPG protocol. The public key may be stored in this VM so that it can be attached to emails and for other such purposes. - -### Security Benefits - -In the standard split GPG setup, there are at least two ways in which the work-gpg VM might be compromised. First, an attacker who is capable of exploiting a hypothetical bug in work-email's [​MUA](https://en.wikipedia.org/wiki/Mail_user_agent) could gain control of the work-email VM and send a malformed request which exploits a hypothetical bug in the GPG backend (running in the work-gpg VM), giving the attacker control of the work-gpg VM. Second, a malicious public key file which is imported to the work-gpg VM might exploit a hypothetical bug in the GPG backend which is running there, again giving the attacker control of the work-gpg VM. In either case, such an attacker might then be able to leak both the master secret key and its passphrase (which is regularly input in the work-gpg VM and is therefore easily obtained by an attacker who controls this VM) back to the work-email VM or to another VM (e.g., the netvm, which is always untrusted by default) via the split GPG protocol or other [covert channels](/wiki/DataLeaks). - -In the alternative setup described in this section (i.e., the subkey setup), even an attacker who manages to gain access to the work-gpg VM will not be able to obtain the user's master secret key since it is simply not there. Rather, the master secret key remains in the vault VM, which is extremely unlikely to be compromised, since nothing is ever copied or transferred into it.\* The attacker might nonetheless be able to leak the secret subkeys from the work-gpg VM in the manner described above, but even if this is successful, the secure master secret key can simply be used to revoke the compromised subkeys and to issue new subkeys in their place. - -\*In order to gain access to the vault VM, the attacker would require the use of, e.g., a general Xen VM escape exploit or a [signed, compromised package which is already installed in the TemplateVM](/wiki/SoftwareUpdateVM#NotesontrustingyourTemplateVMs) upon which the vault VM is based. - -### Subkey Tutorials and Discussions - -(Note: Although the tutorials below were not written with Qubes Split GPG in mind, they can be adapted with a few commonsense adjustments. As always, exercise caution and use your good judgment.) - -- [​"OpenPGP in Qubes OS" on the qubes-users mailing list](https://groups.google.com/d/topic/qubes-users/Kwfuern-R2U/discussion) -- [​"Creating the Perfect GPG Keypair" by Alex Cabal](https://alexcabal.com/creating-the-perfect-gpg-keypair/) -- [​"GPG Offline Master Key w/ smartcard" maintained by Abel Luck](https://gist.github.com/abeluck/3383449) -- [​"Using GnuPG with QubesOS" by Alex](https://apapadop.wordpress.com/2013/08/21/using-gnupg-with-qubesos/) - diff --git a/UserDoc/XFCE.md b/UserDoc/XFCE.md deleted file mode 100644 index bc79b3e2..00000000 --- a/UserDoc/XFCE.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -layout: doc -title: XFCE -permalink: /doc/UserDoc/XFCE/ -redirect_from: /wiki/UserDoc/XFCE/ ---- - -XFCE installtion in dom0 -======================== - -**Disclaimer: XFCE isn't fully integrated with Qubes environment, it still require notable amount of manual configuration after install** - -Requirements (as of 10/24/2012): - -- qubes-core-dom0-2.0.37 (not released yet, possible to build from "master" branch of marmarek's repo) - -Installation: - -{% highlight trac-wiki %} -qubes-dom0-update --enablerepo=qubes-dom0-unstable @XFCE -{% endhighlight %} - -Then you need to create /etc/sysconfig/desktop to stay with KDM, as GDM still starts invalid Xorg startup script: - -{% highlight trac-wiki %} -DISPLAYMANAGER=KDE -{% endhighlight %} - -Reboot the system. At system startup, select "Xfce session" in login screen (menu on the right bottom corner of the screen). - -Configuration -------------- - -Things needs/recommended to be done: - -- remove some useless entries from menu and panel, especially file manager, web browser -- create own favorites menu (currently standard XFCE menu isn't modified to use per-VM subsections, which makes it very inconvenient): - 1. create \~/.config/menus/favorites.menu, example content: - - {% highlight trac-wiki %} - - - - Favorites - - - - favorites.directory - - personal-gnome-terminal.desktop - personal-firefox.desktop - work-gnome-terminal.desktop - work-firefox.desktop - mail-mozilla-thunderbird.desktop - mail-gnome-terminal.desktop - banking-mozilla-firefox.desktop - untrusted-firefox.desktop - - - {% endhighlight %} - - 2. add it to the panel: right click on panel, "add new items", select "XFCE menu", choose custom menu file - just created one - - diff --git a/VerifyingSignatures.md b/VerifyingSignatures.md deleted file mode 100644 index a971be31..00000000 --- a/VerifyingSignatures.md +++ /dev/null @@ -1,159 +0,0 @@ ---- -layout: doc -title: VerifyingSignatures -permalink: /doc/VerifyingSignatures/ -redirect_from: /wiki/VerifyingSignatures/ ---- - -On Digital Signatures and Key Verification -========================================== - -What Digital Signatures Can and Cannot Prove --------------------------------------------- - -Most people – even programmers – are confused about the basic concepts underlying digital signatures. Therefore, most people should read this section, even if it looks trivial at first sight. - -Digital signatures can prove both **authenticity** and **integrity** to a reasonable degree of certainty. **Authenticity** ensures that a given file was indeed created by the person who signed it (i.e., that it was not forged by a third party). **Integrity** ensures that the contents of the file have not been tampered with (i.e., that a third party has not undetectably altered its contents *en route*). - -Digital signatures **cannot** prove any other property, e.g., that the signed file is not malicious. In fact, there is nothing that could stop someone from signing a malicious program (and it happens from time to time in reality). - -The point is, of course, that people must choose who they will trust (e.g., Linus Torvalds, Microsoft, the Qubes Project, etc.) and assume that if a given file was signed by a trusted party, then it should not be malicious or buggy in some horrible way. But the decision of whether to trust any given party is beyond the scope of digital signatures. It's more of a sociological and political decision. - -Once we make the decision to trust certain parties, digital signatures are useful, because they make it possible for us to limit our trust only to those few parties we choose and not to worry about all the "Bad Things That Can Happen In The Middle" between us and them, e.g., server compromises (qubes-os.org will surely be compromised one day), dishonest IT staff at the hosting company, dishonest staff at the ISPs, Wi-Fi attacks, etc. - -By verifying all the files we download which purport to be authored by a party we've chosen to trust, we eliminate concerns about the bad things discussed above, since we can easily detect whether any files have been tampered with (and subsequently choose to refrain from executing, installing, or opening them). - -However, for digital signatures to make any sense, we must ensure that the public keys we use for signature verification are indeed the original ones. Anybody can generate a GPG key pair that purports to belong to "The Qubes Project," but of course only the key pair that we (i.e., the Qubes developers) generated is the legitimate one. The next section explains how to verify the validity of the Qubes signing keys. - -Importing Qubes Signing Keys ----------------------------- - -Every file published by the Qubes Project (ISO, RPM, TGZ files and git repositories) is digitally signed by one of the developer or release signing keys. Each such key is signed by the Qubes Master Signing Key ([\`0x36879494\`](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc)). - -The public portion of the Qubes Master Signing Key can be imported directly from a [ keyserver](https://en.wikipedia.org/wiki/Key_server_%28cryptographic%29#Keyserver_examples) (specified on first use with --keyserver URI, keyserver saved in \~/.gnupg/gpg.conf), e.g., - -{% highlight trac-wiki %} -gpg --keyserver pool.sks-keyservers.net --recv-keys 0x427F11FD0FAA4B080123F01CDDFA1A3E36879494 -{% endhighlight %} - -or downloaded [here](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc) and imported with gpg, - -{% highlight trac-wiki %} -$ gpg --import ./qubes-master-signing-key.asc -{% endhighlight %} - -or fetched directly with gpg. - -{% highlight trac-wiki %} -$ gpg --fetch-keys https://keys.qubes-os.org/keys/qubes-master-signing-key.asc -{% endhighlight %} - -For additional security we also publish the fingerprint of the Qubes Master Signing Key ([\`0x36879494\`](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc)) here in this document: - -{% highlight trac-wiki %} -pub 4096R/36879494 2010-04-01 - Key fingerprint = 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 -uid Qubes Master Signing Key -{% endhighlight %} - -There should also be a copy of this key at the project's main website, in the [Qubes Security Pack](/doc/SecurityPack/), and in the archives of the project's [developer](https://groups.google.com/forum/#!msg/qubes-devel/RqR9WPxICwg/kaQwknZPDHkJ) and [user](https://groups.google.com/d/msg/qubes-users/CLnB5uFu_YQ/ZjObBpz0S9UJ) mailing lists. - -Once you have obtained the Qubes Master Signing Key ([\`0x36879494\`](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc)), you should verify the fingerprint of this key very carefully by obtaining copies of the fingerprint from trustworthy independent sources and comparing them to the downloaded key's fingerprint to ensure they match. Then set its trust level to "ultimate" (oh, well), so that it can be used to automatically verify all the keys signed by the Qubes Master Signing Key: - -{% highlight trac-wiki %} -$ gpg --edit-key 0x36879494 -gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc. -This is free software: you are free to change and redistribute it. -There is NO WARRANTY, to the extent permitted by law. - - -pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: unknown validity: unknown -[ unknown] (1). Qubes Master Signing Key - -gpg> fpr -pub 4096R/36879494 2010-04-01 Qubes Master Signing Key - Primary key fingerprint: 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 - -gpg> trust -pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: unknown validity: unknown -[ unknown] (1). Qubes Master Signing Key - -Please decide how far you trust this user to correctly verify other users' keys -(by looking at passports, checking fingerprints from different sources, etc.) - - 1 = I don't know or won't say - 2 = I do NOT trust - 3 = I trust marginally - 4 = I trust fully - 5 = I trust ultimately - m = back to the main menu - -Your decision? 5 -Do you really want to set this key to ultimate trust? (y/N) y - -pub 4096R/36879494 created: 2010-04-01 expires: never usage: SC - trust: ultimate validity: unknown -[ unknown] (1). Qubes Master Signing Key -Please note that the shown key validity is not necessarily correct -unless you restart the program. - -gpg> q -{% endhighlight %} - -Now you can easily download any of the developer or release signing keys that happen to be used to sign particular ISO, RPM, TGZ files or git tags. - -For example: Qubes OS Release 2 Signing Key ([\`0x0A40E458\`](https://keys.qubes-os.org/keys/qubes-release-2-signing-key.asc)) is used for all Release 2 ISO images. - -{% highlight trac-wiki %} -$ gpg --recv-keys 0x3F01DEF49719158EF86266F80C73B9D40A40E458 -gpg: requesting key 0A40E458 from hkp server keys.gnupg.net -gpg: key 0A40E458: public key "Qubes OS Release 2 Signing Key" imported -gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model -gpg: depth: 0 valid: 1 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 1u -gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u -gpg: Total number processed: 1 -gpg: imported: 1 (RSA: 1) -{% endhighlight %} - -You can also download all the currently used developers' signing keys and current and older release signing keys (and also a copy of the Qubes Master Signing Key) from the [keys directory on our server](https://keys.qubes-os.org/keys/) and from the [Qubes Security Pack](/doc/SecurityPack/). - -The developer signing keys are set to be valid for 1 year only, while the Qubes Master Signing Key ([\`0x36879494\`](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc)) has no expiration date. This latter key was generated and is kept only within a dedicated, air-gapped "vault" machine, and the private portion will (hopefully) never leave this isolated machine. - -You can now verify the ISO image (Qubes-R2-x86\_64-DVD.iso) matches its signature (Qubes-R2-x86\_64-DVD.iso.asc): - -{% highlight trac-wiki %} -$ gpg -v --verify Qubes-R2-x86_64-DVD.iso.asc -gpg: armor header: Version: GnuPG v1 -gpg: assuming signed data in `Qubes-R2-x86_64-DVD.iso' -gpg: Signature made Tue Sep 23 08:38:40 2014 UTC using RSA key ID 0A40E458 -gpg: using PGP trust model -gpg: Good signature from "Qubes OS Release 2 Signing Key" -gpg: binary signature, digest algorithm SHA1 -{% endhighlight %} - -The Release 2 Signing Key ([\`0x0A40E458\`](https://keys.qubes-os.org/keys/qubes-release-2-signing-key.asc)) used to sign this ISO image should be signed by the Qubes Master Signing Key ([\`0x36879494\`](https://keys.qubes-os.org/keys/qubes-master-signing-key.asc)): - -{% highlight trac-wiki %} -$ gpg --list-sig 0A40E458 -pub 4096R/0A40E458 2012-11-15 -uid Qubes OS Release 2 Signing Key -sig 36879494 2012-11-15 Qubes Master Signing Key -sig 3 0A40E458 2012-11-15 Qubes OS Release 2 Signing Key -{% endhighlight %} - -Having problems verifying the ISO images? Make sure you have the corresponding release signing key and see this thread: - -[https://groups.google.com/group/qubes-devel/browse\_thread/thread/4bdec1cd19509b38/9f8e219c41e1b232](https://groups.google.com/group/qubes-devel/browse_thread/thread/4bdec1cd19509b38/9f8e219c41e1b232) - -Verifying Qubes Code --------------------- - -Developers who fetch code from our Git server should always verify tags on the latest commit. Any commits that are not followed by a signed tag should not be trusted! - -To verify a signature on a git tag, you can use: - -{% highlight trac-wiki %} -$ git tag -v -{% endhighlight %} diff --git a/VersionScheme.md b/VersionScheme.md deleted file mode 100644 index 667684dd..00000000 --- a/VersionScheme.md +++ /dev/null @@ -1,43 +0,0 @@ ---- -layout: doc -title: VersionScheme -permalink: /doc/VersionScheme/ -redirect_from: /wiki/VersionScheme/ ---- - -Version Scheme -============== - -Beginning with R3 release, we change (and formalise) the versioning scheme. From now on, it will be as follows. - -Qubes distributions and products --------------------------------- - -We intend to make it easy to make a remix of qubes, targetting another hypervisor or isolation provider. We may also create commercial products intended for specific circumstances. There is one distinguished distribution called **Qubes OS**. All source code for it is available for download under GPL licence and is openly developed on the mailing lists. The rest of this document discusses Qubes OS. Another remix may have its own version series. - -Release version ---------------- - -Qubes OS as a whole is released from time to time. Version scheme for all releases is modelled after Linux kernel version numbers. When announcing new release, we decide on the major.minor version (like `3.0`) and release `3.0-rc1`. When we feel that enough progress has been made, we put `3.0-rc2` and so on. All these versions are considered unstable and not ready for production. You may ask for support on mailing lists (specifically **qubes-devel**), but it is not guaranteed (you may for example get answer „update to newer `-rc`”). Public ISO image may or may not be available. - -When enough development has been made, we announce the first stable version, like e.g. `3.0.0` (i.e. without `-rc`). This version is considered stable and we support it for some period. Core components are branched at this moment and bugfixes are backported from master branch. Questions about stable release should be directed to the **qubes-users** mailing list. No major features and interface incompatibilities are to be included in this release. We release bugfixes as `3.0.1`, `3.0.2` and so on, while new features come into the next release e.g. `3.1-rcX`. - -Tickets in the tracker are sorted out by release major.minor, such as `3.0`, `3.1` (trac calls this „milestone”). - -Component version ------------------ - -Qubes release is defined as specific versions of components, which are developed more or less separately. Their versions are composed of major and minor version of target Qubes OS release followed by third component which is just incremented. There is no apparent indication that given version is stable or not. - -There are some non-essential components like `qubes-apps-*` that are shared between releases. Their versions indicate oldest qubes-release that is supported. We try hard to support multiple releases by one branch to ease code maintenance. - -Different Qubes releases remixes may comprise of different components and version are not guaranteed to be monotonic between releases. We may decide that for newer release some component should be downgraded. There is no guarantee that arbitrary combination of different versions of random components will yield usable (or even install-able) compilation. - -Git tags and branches ---------------------- - -We mark each component version in the repository by tag containing `v`. Likewise, each Qubes OS release is marked by `R` tag. - -At the release of some release we create branches named like `release2`. Only bugfixes and compatible improvements are backported to these branches. These branches should compile. All new development is done in `master` branch. This branch is totally unsupported and may not even compile depending on maintainer of repository. - -All version and release tags should be made and signed by someone from ITL staff. Public keys are included in `qubes-builder` and available at [http://keys.qubes-os.org/keys/](http://keys.qubes-os.org/keys/). diff --git a/VmTools.md b/VmTools.md deleted file mode 100644 index 24157a8c..00000000 --- a/VmTools.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -layout: doc -title: VmTools -permalink: /doc/VmTools/ -redirect_from: /wiki/VmTools/ ---- - -VM tools: - -- [qvm-copy-to-vm](/doc/VmTools/QvmCopyToVm/) -- [qvm-open-in-dvm](/doc/VmTools/QvmOpenInDvm/) -- [qvm-open-in-vm](/doc/VmTools/QvmOpenInVm/) -- [qvm-run](/doc/VmTools/QvmRun/) - diff --git a/WikiStart.md b/WikiStart.md deleted file mode 100644 index 80956394..00000000 --- a/WikiStart.md +++ /dev/null @@ -1,47 +0,0 @@ ---- -layout: doc -title: Qubes OS Project -permalink: / -redirect_from: -- "/wiki/" -- "/wiki/WikiStart/" -- "/trac/" -- "/trac/WikiStart/" ---- - -Welcome to the Qubes OS Project -=============================== - -[![Qubes OS Architecture](/attachment/wiki/QubesArchitecture/qubes-arch-diagram-1.png)](/doc/QubesArchitecture/) - -Qubes is an open-source operating system designed to provide strong security for desktop computing using **Security by Compartmentalization** approach. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. Qubes **Release 1** was released in September 2012 and **Release 2** in September 2014. Qubes also supports Windows-based AppVMs beginning with Release 2 (currently in "Beta"). Qubes **Release 3** is coming soon and will introduce **Hypervisor Abstraction Layer (HAL)**, allowing easy porting to alternative virtualization systems. - -- [A Simple Introduction to Qubes](/doc/SimpleIntro/) -- [Getting Started](/doc/GettingStarted/) -- [Qubes OS Tutorial slides by ITL](http://www.invisiblethingslab.com/resources/2014/LinuxCon_2014_Qubes_Tutorial.pdf) (LinuxCon October 2014) -- [Screenshots](/doc/QubesScreenshots/) -- [Architecture Overview](/doc/QubesArchitecture/), and also the more recent: [Why Qubes OS is more than a bunch of VMs?](http://www.invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf) -- [Security](/doc/QubesSecurity/) -- [FAQ](/doc/UserFaq/) -- [User Documentation](/doc/UserDoc/) -- [How is Qubes OS different from...?](http://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-different-from.html) -- Beyond Qubes R2 -- the [Qubes Odyssey Framework](http://theinvisiblethings.blogspot.com/2013/03/introducing-qubes-odyssey-framework.html) - -Recent News ------------ - -- `Mar 21, 2013` Introducing Qubes Odyssey Framework [article](http://theinvisiblethings.blogspot.com/2013/03/introducing-qubes-odyssey-framework.html) -- `Jun 21, 2013` Qubes OS R3 Alpha preview: Odyssey HAL in action! [announcement](http://theinvisiblethings.blogspot.com/2013/06/qubes-os-r3-alpha-preview-odyssey-hal.html) -- `Nov 26, 2013` Windows 7 seamless GUI integration coming to Qubes OS! [article](http://theinvisiblethings.blogspot.com/2013/11/windows-7-seamless-gui-integration.html) -- `Dec 11, 2013` Qubes OS R2 Beta 3 has been released! [announcement](http://theinvisiblethings.blogspot.com/2013/12/qubes-r2-beta-3-has-been-released.html) -- `Feb 16, 2014` Qubes OS selected as a finalist of Access Innovation Prize 2014 for Endpoint Security Solution [announcement](https://www.accessnow.org/blog/2014/02/13/endpoint-security-prize-finalists-announced?utm_content=buffere803e&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer) -- `Mar 28, 2014` [Article about Qubes OS](http://www.economist.com/blogs/babbage/2014/03/computer-security) in The Economist -- `Apr 12, 2014` [Article about Qubes OS](https://pressfreedomfoundation.org/blog/2014/04/operating-system-can-protect-you-even-if-you-get-hacked) by the [Freedom of the Press Foundation](https://pressfreedomfoundation.org/about/board) -- `Apr 21, 2014` Qubes OS R2 rc1 has been released! [announcement](http://theinvisiblethings.blogspot.com/2014/04/qubes-os-r2-rc1-has-been-released.html) -- `Jul 03, 2014` ITL to present on Qubes OS at LinuxCon Europe: a keynote by Joanna Rutkowska and hands-on training by the core dev team! [conference website](http://events.linuxfoundation.org/events/linuxcon-europe) -- `Jul 16, 2014` Qubes Wiki now uses a CA-signed SSL cert (but you might also want to [read](https://groups.google.com/forum/#!topic/qubes-users/LsDpKnwN6w8) also why this is mostly irrelevant) -- `Aug 06, 2014` Qubes OS R2 rc2 has been released! [announcement](http://theinvisiblethings.blogspot.com/2014/08/qubes-os-r2-rc2-debian-template-ssled.html) -- `Sep 26, 2014` **Qubes OS R2** has been released! [announcement](http://theinvisiblethings.blogspot.com/2014/09/announcing-qubes-os-release-2.html) -- `Oct 19, 2014` LinuxCon EU 2014 slides: [keynote](http://www.invisiblethingslab.com/resources/2014/LinuxCon_2014_Qubes_Keynote.pdf) and [tutorial](http://www.invisiblethingslab.com/resources/2014/LinuxCon_2014_Qubes_Tutorial.pdf) -- `Nov 20, 2014` [Article about Qubes OS](http://www.wired.com/2014/11/protection-from-hackers/) in Wired - diff --git a/amChartTest.md b/amChartTest.md deleted file mode 100644 index 7bef4b14..00000000 --- a/amChartTest.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -layout: doc -title: amChartTest -permalink: /doc/amChartTest/ -redirect_from: /wiki/amChartTest/ ---- - - diff --git a/GettingStarted.md b/en/basics/getting-started.md similarity index 83% rename from GettingStarted.md rename to en/basics/getting-started.md index 4b91bb31..e53dfa12 100644 --- a/GettingStarted.md +++ b/en/basics/getting-started.md @@ -1,14 +1,16 @@ --- layout: doc -title: GettingStarted -permalink: /doc/GettingStarted/ -redirect_from: /wiki/GettingStarted/ +title: Getting Started +permalink: /en/doc/getting-started/ +redirect_from: +- /doc/GettingStarted/ +- /wiki/GettingStarted/ --- Getting Started with Qubes OS ============================= -Note: This guide assumes that you've just installed Qubes for the first time. The installation guide for your Qubes release can be found on the [Downloads](/doc/QubesDownloads/) page. +Note: This guide assumes that you've just installed Qubes for the first time. The installation guide for your Qubes release can be found on the [Downloads](/downloads/) page. Now that you've installed Qubes, let's cover some basic concepts. @@ -27,14 +29,14 @@ Each domain, apart from having a distinct name, is also assigned a **label**, wh ![snapshot12.png](/attachment/wiki/GettingStarted/snapshot12.png) -In addition to AppVMs and TemplateVMs, there's one special domain called "dom0," which is where the Desktop Manager runs. This is where you log in to the system. Dom0 is more trusted than any other domain (including TemplateVMs and black-labeled domains). If dom0 were ever compromised, it would be Game OverTM. (The entire system would effectively be compromised.) Due to its overarching importance, dom0 has no network connectivity and is used only for running the Window and Desktop Managers. Dom0 shouldn't be used for anything else. In particular, [you should never run user applications in dom0](/doc/SecurityGuidelines/#dom0-precautions). (That's what your AppVMs are for!) +In addition to AppVMs and TemplateVMs, there's one special domain called "dom0," which is where the Desktop Manager runs. This is where you log in to the system. Dom0 is more trusted than any other domain (including TemplateVMs and black-labeled domains). If dom0 were ever compromised, it would be Game OverTM. (The entire system would effectively be compromised.) Due to its overarching importance, dom0 has no network connectivity and is used only for running the Window and Desktop Managers. Dom0 shouldn't be used for anything else. In particular, [you should never run user applications in dom0](/en/doc/security-guidelines/#dom0-precautions). (That's what your AppVMs are for!) Qubes VM Manager and Command Line Tools --------------------------------------- All aspects of the Qubes system can be controlled using command line tools run under a dom0 console. To open a console window in dom0, either go to Start-\>System Tools-\>Konsole or press Alt-F2 and type `konsole`. -Various command line tools are described as part of this guide, and the whole reference can be found [here](/doc/DomZeroTools/). +Various command line tools are described as part of this guide, and the whole reference can be found [here](/en/doc/dom0-tools/). ![r2b1-dom0-konsole.png](/attachment/wiki/GettingStarted/r2b1-dom0-konsole.png) @@ -51,19 +53,15 @@ You can start apps directly from the start menu. Each domain has its own menu di ![r2b1-appsmenu-1.png](/attachment/wiki/GettingStarted/r2b1-appsmenu-1.png) ![r2b1-appsmenu-3.png](/attachment/wiki/GettingStarted/r2b1-appsmenu-3.png) -By default, each domain's menu contains only a few shortcuts. If you'd like to add more, simply click **Add more shortcuts...**, select the desired applictions, and click **OK**. You can also add shortcuts manually. (This is sometimes necessary if the desired application doesn't show up in the Qubes VM Manager window.) To do this in KDE, right-click on the **Start** button and click **Menu Editor**. Click the domain directory in which you'd like the menu to appear, click **New Item**, enter its name as **\: \**, and provide the command for starting the app (see below). Then click **Save** and wait approximately 15 seconds for the changes to propagate to the KDE menu. +By default, each domain's menu contains only a few shortcuts. If you'd like to add more, simply click **Add more shortcuts...**, select the desired applications, and click **OK**. You can also add shortcuts manually. (This is sometimes necessary if the desired application doesn't show up in the Qubes VM Manager window.) To do this in KDE, right-click on the **Start** button and click **Menu Editor**. Click the domain directory in which you'd like the menu to appear, click **New Item**, enter its name as **\: \**, and provide the command for starting the app (see below). Then click **Save** and wait approximately 15 seconds for the changes to propagate to the KDE menu. To start apps from the console in dom0, type: -{% highlight trac-wiki %} -qvm-run -a " [arguments]" -{% endhighlight %} + qvm-run -a " [arguments]" e.g.: -{% highlight trac-wiki %} -qvm-run -a red firefox -{% endhighlight %} + qvm-run -a untrusted firefox Adding, Removing, and Listing Domains ------------------------------------- @@ -81,7 +79,7 @@ How Many Domains Do I Need? That's a great question, but there's no one-size-fits-all answer. It depends on the structure of your digital life, and this is at least a little different for everyone. If you plan on using your system for work, then it also depends on what kind of job you do. -It's a good idea to start out with the three domains created automatically by the installer: work, personal, and untrusted. Then, if and when you start to feel that some activity just doesn't fit into any of your existing domains, you can easily create a new domain for it. You'll also be able to easily copy any files you need to the newly created domain, as explained [here](/doc/CopyingFiles/). +It's a good idea to start out with the three domains created automatically by the installer: work, personal, and untrusted. Then, if and when you start to feel that some activity just doesn't fit into any of your existing domains, you can easily create a new domain for it. You'll also be able to easily copy any files you need to the newly created domain, as explained [here](/en/doc/copying-files/). More paranoid people might find it worthwhile to read [this article](http://theinvisiblethings.blogspot.com/2011/03/partitioning-my-digital-life-into.html), which describes how one of the Qubes authors partitions her digital life into security domains. @@ -96,30 +94,26 @@ To allow domains to enter full screen mode, one should edit the `/etc/qubes/guid E.g. to allow all domains to enter full screen mode, set `allow_fullscreen` flag to `true` in the `global` section: -{% highlight trac-wiki %} -global: { - # default values - allow_fullscreen = false; - #allow_utf8_titles = false; - #secure_copy_sequence = "Ctrl-Shift-c"; - #secure_paste_sequence = "Ctrl-Shift-v"; - #windows_count_limit = 500; -}; -{% endhighlight %} + global: { + # default values + allow_fullscreen = false; + #allow_utf8_titles = false; + #secure_copy_sequence = "Ctrl-Shift-c"; + #secure_paste_sequence = "Ctrl-Shift-v"; + #windows_count_limit = 500; + }; To allow only select AppVMs to enter full screen mode, create a per-VM section, and set `allow_fullscreen` flag there to `true`: -{% highlight trac-wiki %} -VM: { - work: { - allow_fullscreen = true; - }; + VM: { + work: { + allow_fullscreen = true; + }; -}; -{% endhighlight %} + }; In order for the changes to take effect, restart the AppVM(s). * * * * * -Now that you're familiar with the basics, feel free to have a look at other [Qubes User Guides](/doc/UserDoc/). +Now that you're familiar with the basics, please have a look at the rest of the [documentation](/en/doc/). diff --git a/SimpleIntro.md b/en/basics/intro.md similarity index 82% rename from SimpleIntro.md rename to en/basics/intro.md index 127318ea..bb418abe 100644 --- a/SimpleIntro.md +++ b/en/basics/intro.md @@ -1,8 +1,11 @@ --- layout: doc -title: SimpleIntro -permalink: /doc/SimpleIntro/ -redirect_from: /wiki/SimpleIntro/ +title: Introduction +permalink: /en/intro/ +redirect_from: +- /intro/ +- "/doc/SimpleIntro/" +- "/wiki/SimpleIntro/" --- A Simple Introduction to Qubes @@ -23,7 +26,7 @@ Most people use an operating system like Windows or OS X on their desktop and la Aren't antivirus programs and firewalls enough? ----------------------------------------------- -Unfortunately, conventional security approaches like antivirus programs and (softare and/or hardware) firewalls are no longer enough to keep out sophisticated attackers. For example, nowadays it's common for malware creators to check to see if their malware is recognized by any popular antivirus programs. If it's recognized, they scramble their code until it's no longer recognizable by the antivirus programs, then send it out. The best antivirus programs will subsequently get updated once the antivirus programmers discover the new threat, but this usually occurs at least a few days after the new attacks start to appear in the wild. By then, it's typically too late for those who have already been compromised. In addition, bugs are inevitably discovered in the common software we all use (such as our web browsers), and no antivirus program or firewall can prevent all of these bugs from being exploited. +Unfortunately, conventional security approaches like antivirus programs and (software and/or hardware) firewalls are no longer enough to keep out sophisticated attackers. For example, nowadays it's common for malware creators to check to see if their malware is recognized by any popular antivirus programs. If it's recognized, they scramble their code until it's no longer recognizable by the antivirus programs, then send it out. The best antivirus programs will subsequently get updated once the antivirus programmers discover the new threat, but this usually occurs at least a few days after the new attacks start to appear in the wild. By then, it's typically too late for those who have already been compromised. In addition, bugs are inevitably discovered in the common software we all use (such as our web browsers), and no antivirus program or firewall can prevent all of these bugs from being exploited. How does Qubes provide security? -------------------------------- @@ -40,7 +43,7 @@ Booting your computer from a live CD (or DVD) when you need to perform sensitive How does Qubes compare to running VMs in a convential OS? --------------------------------------------------------- -Not all virtual machine software is equal when it comes to security. You may have used or heard of VMs in relation to software like VirtualBox or VMware Workstation. These are known as "Type 2" or "hosted" hypervisors. (The **hypervisor** is the software, firmare, or hardware that creates and runs virtual machines.) These programs are popular because they're designed primarily to be easy to use and run under popular OSes like Windows (which is called the **host** OS, since it "hosts" the VMs). However, the fact that Type 2 hypervisors run under the host OS means that they're really only as secure as the host OS itself. If the host OS is ever compromised, then any VMs it hosts are also effectivley compromised. +Not all virtual machine software is equal when it comes to security. You may have used or heard of VMs in relation to software like VirtualBox or VMware Workstation. These are known as "Type 2" or "hosted" hypervisors. (The **hypervisor** is the software, firmare, or hardware that creates and runs virtual machines.) These programs are popular because they're designed primarily to be easy to use and run under popular OSes like Windows (which is called the **host** OS, since it "hosts" the VMs). However, the fact that Type 2 hypervisors run under the host OS means that they're really only as secure as the host OS itself. If the host OS is ever compromised, then any VMs it hosts are also effectively compromised. By contrast, Qubes uses a "Type 1" or "bare metal" hypervisor called [Xen](http://www.xenproject.org). Instead of running inside an OS, Type 1 hypervisors run directly on the "bare metal" of the hardware. This means that an attacker must be capable of subverting the hypervisor itself in order to compromise the entire system, which is vastly more difficult. @@ -54,7 +57,7 @@ Using a separate physical computer for sensitive activities can certainly be mor Pros: - Physical separation doesn't rely on a hypervisor. (It's very unlikely that an attacker will break out of Qubes' hypervisor, but if she were to manage to do so, she could potentially gain control over the entire system.) -- Physical seaparation can be a natural complement to physical security. (For example, you might find it natural to lock your secure laptop in a safe when you take your unsecure laptop out with you.) +- Physical separation can be a natural complement to physical security. (For example, you might find it natural to lock your secure laptop in a safe when you take your unsecure laptop out with you.) Cons: @@ -70,8 +73,8 @@ More information This page is just a brief sketch of what Qubes is all about, and many technical details have been omitted here for the sake of presentation. -- If you're a current or potential Qubes user, you may want to check out the [documentation](/doc/UserDoc/) and the [FAQ](/doc/UserFaq/). -- If you're a developer, there's dedicated [documentation](/doc/SystemDoc/) and an [FAQ](/doc/DevelFaq/) just for you. -- Ready to give Qubes a try? Head on over to the [download page](/doc/QubesDownloads/). -- Once you've installed Qubes, here's a guide on [getting started](/doc/GettingStarted/). +- If you're a current or potential Qubes user, you may want to check out the [documentation](/en/doc/) and the [FAQ](/en/doc/user-faq/). +- If you're a developer, there's dedicated [documentation](/en/doc/system-doc/) and an [FAQ](/en/doc/devel-faq/) just for you. +- Ready to give Qubes a try? Head on over to the [downloads page](/downloads/). +- Once you've installed Qubes, here's a guide on [getting started](/en/doc/getting-started/). diff --git a/QubesLists.md b/en/basics/mailing-lists.md similarity index 96% rename from QubesLists.md rename to en/basics/mailing-lists.md index 9bd9e2be..54745560 100644 --- a/QubesLists.md +++ b/en/basics/mailing-lists.md @@ -1,8 +1,10 @@ --- layout: doc -title: QubesLists -permalink: /doc/QubesLists/ -redirect_from: /wiki/QubesLists/ +title: Mailing Lists +permalink: /en/doc/mailing-lists/ +redirect_from: +- /doc/QubesLists/ +- /wiki/QubesLists/ --- Qubes Mailing Lists @@ -45,8 +47,8 @@ This list is for helping users solve various daily problems with Qubes OS. Examp Please try searching both the Qubes website and the archives of the mailing lists before sending a question. In addition, please make sure that you have read and understood the following basic documentation prior to posting to the list: - [Installation guides, System Requirements, and HCL](/doc/QubesDownloads/) \<-- for problems related to Qubes OS installation -- [Qubes User FAQ](/doc/UserFaq/) -- [Qubes User Guides](/doc/UserDoc/) \<-- for questions about how to use Qubes OS +- [Qubes User FAQ](/en/doc/user-faq/) +- [Qubes User Guides](/en/doc/) \<-- for questions about how to use Qubes OS ### How to Subscribe and Post diff --git a/UserFaq.md b/en/basics/user-faq.md similarity index 68% rename from UserFaq.md rename to en/basics/user-faq.md index e8ac15d7..c44ec8eb 100644 --- a/UserFaq.md +++ b/en/basics/user-faq.md @@ -1,45 +1,54 @@ --- layout: doc -title: UserFaq -permalink: /doc/UserFaq/ -redirect_from: /wiki/UserFaq/ +title: Users' FAQ +permalink: /en/doc/user-faq/ +redirect_from: +- /doc/UserFaq/ +- /wiki/UserFaq/ --- Qubes Users' FAQ ================ -1. [General Questions](#general-questions) - 1. [Is Qubes just another Linux distribution?](#is-qubes-just-another-linux-distribution) - 2. [How is Qubes different from other security solutions?](#how-is-qubes-different-from-other-security-solutions) - 3. [What is the main concept behind Qubes?](#what-is-the-main-concept-behind-qubes) - 4. [What about other approaches to security?](#what-about-other-approaches-to-security) - 5. [What about safe languages and formally verified microkernels?](#what-about-safe-languages-and-formally-verified-microkernels) - 6. [Why does Qubes use virtualization?](#why-does-qubes-use-virtualization) - 7. [Does Qubes run every app in a separate VM?](#does-qubes-run-every-app-in-a-separate-vm) - 8. [Why does Qubes use Xen instead of KVM or some other hypervisor?](#why-does-qubes-use-xen-instead-of-kvm-or-some-other-hypervisor) - 9. [What about this other/new (micro)kernel/hypervisor?](#what-about-this-othernew-microkernelhypervisor) - 10. [What's so special about Qubes' GUI virtualization?](#whats-so-special-about-qubes-gui-virtualization) - 11. [Can I watch YouTube videos in AppVMs?](#can-i-watch-youtube-videos-in-appvms) - 12. [Can I run applications, like games, which require 3D support?](#can-i-run-applications-like-games-which-require-3d-support) - 13. [Is Qubes a multi-user system?](#is-qubes-a-multi-user-system) - 14. [Why passwordless sudo?](#why-passwordless-sudo) - 15. [How should I report documentation issues?](#how-should-i-report-documentation-issues) +[General Questions](#general-questions) +--------------------------------------- + * [Is Qubes just another Linux distribution?](#is-qubes-just-another-linux-distribution) + * [How is Qubes different from other security solutions?](#how-is-qubes-different-from-other-security-solutions) + * [What is the main concept behind Qubes?](#what-is-the-main-concept-behind-qubes) + * [What about other approaches to security?](#what-about-other-approaches-to-security) + * [What about safe languages and formally verified microkernels?](#what-about-safe-languages-and-formally-verified-microkernels) + * [Why does Qubes use virtualization?](#why-does-qubes-use-virtualization) + * [Does Qubes run every app in a separate VM?](#does-qubes-run-every-app-in-a-separate-vm) + * [Why does Qubes use Xen instead of KVM or some other hypervisor?](#why-does-qubes-use-xen-instead-of-kvm-or-some-other-hypervisor) + * [What about this other/new (micro)kernel/hypervisor?](#what-about-this-othernew-microkernelhypervisor) + * [What's so special about Qubes' GUI virtualization?](#whats-so-special-about-qubes-gui-virtualization) + * [Can I watch YouTube videos in AppVMs?](#can-i-watch-youtube-videos-in-appvms) + * [Can I run applications, like games, which require 3D support?](#can-i-run-applications-like-games-which-require-3d-support) + * [Is Qubes a multi-user system?](#is-qubes-a-multi-user-system) + * [Why passwordless sudo?](#why-passwordless-sudo) + * [How should I report documentation issues?](#how-should-i-report-documentation-issues) -2. [Installation & Hardware Compatibility](#installation--hardware-compatibility) - 1. [How much disk space does each AppVM require?](#how-much-disk-space-does-each-appvm-require) - 2. [How much memory is recommended for Qubes?](#how-much-memory-is-recommended-for-qubes) - 3. [Can I install Qubes on a system without VT-x?](#can-i-install-qubes-on-a-system-without-vt-x) - 4. [Can I install Qubes on a system without VT-d?](#can-i-install-qubes-on-a-system-without-vt-d) - 5. [Can I use AMD-v instead of VT-x?](#can-i-use-amd-v-instead-of-vt-x) - 6. [Can I install Qubes in a virtual machine (e.g., on VMWare)?](#can-i-install-qubes-in-a-virtual-machine-eg-on-vmware) - 7. [Why does my network adapter not work?](#why-does-my-network-adapter-not-work) +[Installation & Hardware Compatibility](#installation--hardware-compatibility) +------------------------------------------------------------------------------ + * [How much disk space does each AppVM require?](#how-much-disk-space-does-each-appvm-require) + * [How much memory is recommended for Qubes?](#how-much-memory-is-recommended-for-qubes) + * [Can I install Qubes on a system without VT-x?](#can-i-install-qubes-on-a-system-without-vt-x) + * [Can I install Qubes on a system without VT-d?](#can-i-install-qubes-on-a-system-without-vt-d) + * [Can I use AMD-v instead of VT-x?](#can-i-use-amd-v-instead-of-vt-x) + * [Can I install Qubes in a virtual machine (e.g., on VMWare)?](#can-i-install-qubes-in-a-virtual-machine-eg-on-vmware) + * [Why does my network adapter not work?](#why-does-my-network-adapter-not-work) + +[Common Problems](#common-problems) +----------------------------------- + * [My AppVMs lost Internet access after a TemplateVM update. What should I do?](#my-appvms-lost-internet-access-after-a-templatevm-update-what-should-i-do) + * [My keyboard layout settings are not behaving correctly. What should I do?](#my-keyboard-layout-settings-are-not-behaving-correctly-what-should-i-do) + * [My dom0 and/or TemplateVM update stalls when attempting to update via …](#my-dom0-andor-templatevm-update-stalls-when-attempting-to-update-via-the-gui-tool-what-should-i-do) + * [How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?](#how-do-i-run-a-windows-hvm-in-non-seamless-mode-ie-as-a-single-window) + * [I created a usbVM and assigned usb controllers to it. Now the usbVM wont boot.](#i-created-a-usbvm-and-assigned-usb-controllers-to-it-now-the-usbvm-wont-boot) + * [I assigned a PCI device to an AppVM, then unassigned it/shut down the …](#i-assigned-a-pci-device-to-an-appvm-then-unassigned-itshut-down-the-appvm-why-isnt-the-device-available-in-dom0) + +----------------- -3. [Common Problems](#common-problems) - 1. [My AppVMs lost Internet access after a TemplateVM update. What should I do?](#my-appvms-lost-internet-access-after-a-templatevm-update-what-should-i-do) - 2. [My keyboard layout settings are not behaving correctly. What should I do?](#my-keyboard-layout-settings-are-not-behaving-correctly-what-should-i-do) - 3. [My dom0 and/or TemplateVM update stalls when attempting to update via …](#my-dom0-andor-templatevm-update-stalls-when-attempting-to-update-via-the-gui-tool-what-should-i-do) - 4. [How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?](#how-do-i-run-a-windows-hvm-in-non-seamless-mode-ie-as-a-single-window) - 5. [I assigned a PCI device to an AppVM, then unassigned it/shut down the …](#i-assigned-a-pci-device-to-an-appvm-then-unassigned-itshut-down-the-appvm-why-isnt-the-device-available-in-dom0) General Questions ----------------- @@ -62,7 +71,7 @@ The other two popular [approaches](http://theinvisiblethings.blogspot.com/2008/0 ### What about safe languages and formally verified microkernels? -In short: these are non-realistic solutions today. We discuss this in further depth in our [Architecture Specification document](http://files.qubes-os.org/files/doc/arch-spec-0.3.pdf). +In short: these are non-realistic solutions today. We discuss this in further depth in our [Architecture Specification document](/attachment/wiki/QubesArchitecture/arch-spec-0.3.pdf). ### Why does Qubes use virtualization? @@ -74,7 +83,7 @@ No! This would not make much sense. Qubes uses lightweight VMs to create securit ### Why does Qubes use Xen instead of KVM or some other hypervisor? -In short: we believe the Xen architecture allows for the creation of more secure systems (i.e. with a much smaller TCB, which translates to a smaller attack surface). We discuss this in much greater depth in our [Architecture Specification document](http://files.qubes-os.org/files/doc/arch-spec-0.3.pdf). +In short: we believe the Xen architecture allows for the creation of more secure systems (i.e. with a much smaller TCB, which translates to a smaller attack surface). We discuss this in much greater depth in our [Architecture Specification document](/attachment/wiki/QubesArchitecture/arch-spec-0.3.pdf). ### What about this other/new (micro)kernel/hypervisor? @@ -132,7 +141,7 @@ Create an issue in [qubes-issues](https://github.com/QubesOS/qubes-issues/issues Installation & Hardware Compatibility ------------------------------------- -(See also: [System Requirements](/doc/SystemRequirements/) and [Hardware Compatibility List](/hcl/).) +(See also: [System Requirements](/en/doc/system-requirements/) and [Hardware Compatibility List](/hcl/).) ### How much disk space does each AppVM require? @@ -185,7 +194,28 @@ In your TemplateVMs, open a terminal and run `sudo yum upgrade`. ### How do I run a Windows HVM in non-seamless mode (i.e., as a single window)? -Enable "debug mode" in the AppVM's settings, either by checking the box labelled "Run in debug mode" in the Qubes VM Manager AppVM settings menu or by running the [qvm-prefs command](/doc/Dom0Tools/QvmPrefs/).) +Enable "debug mode" in the AppVM's settings, either by checking the box labelled "Run in debug mode" in the Qubes VM Manager AppVM settings menu or by running the [qvm-prefs command](/en/doc/dom0-tools/qvm-prefs/).) + + +### I created a usbVM and assigned usb controllers to it. Now the usbVM wont boot. + + +This is probably because one of the controllers does not support reset. In Qubes R2 any such errors were ignored but in Qubes R3.0 they are not. +A device that does not support reset is not safe and generally should not be assigned to a VM. + +Most likely the offending controller is a USB3.0 device. You can remove this controller from the usbVM, and see if this allows the VM to boot. +Alternatively you may be able to disable USB 3.0 in the BIOS. + +Another solution would be to set the pci_strictreset option using qvm-prefs in dom0: + +`qvm-prefs usbVM -s pci_strictreset false` + +This option allows the VM to ignore the error and the VM will start. +Please review the note on [this page](https://www.qubes-os.org/doc/Dom0Tools/QvmPrefs/) and be aware of the potential risk. + + + + ### I assigned a PCI device to an AppVM, then unassigned it/shut down the AppVM. Why isn't the device available in dom0? @@ -196,12 +226,8 @@ This is an intended feature. A device which was previously assigned to a less tr or 1. Go to the sysfs (`/sys/bus/pci`), find the right device, detach it from the pciback driver and attach back to the original driver. Replace `` with your device, for example `00:1c.2`: - - {% highlight trac-wiki %} - echo 0000: > /sys/bus/pci/drivers/pciback/unbind - MODALIAS=`cat /sys/bus/pci/devices/0000:/modalias` - MOD=`modprobe -R $MODALIAS | head -n 1` - echo > /sys/bus/pci/drivers/$MOD/bind - {% endhighlight %} - - + + echo 0000: > /sys/bus/pci/drivers/pciback/unbind + MODALIAS=`cat /sys/bus/pci/devices/0000:/modalias` + MOD=`modprobe -R $MODALIAS | head -n 1` + echo > /sys/bus/pci/drivers/$MOD/bind diff --git a/BackupEmergencyRestoreV2.md b/en/common-tasks/backup-emergency-restore-v2.md similarity index 89% rename from BackupEmergencyRestoreV2.md rename to en/common-tasks/backup-emergency-restore-v2.md index f8359783..9f820683 100644 --- a/BackupEmergencyRestoreV2.md +++ b/en/common-tasks/backup-emergency-restore-v2.md @@ -1,7 +1,8 @@ --- layout: doc title: Emergency Backup Recovery - format version 2 -permalink: /doc/BackupEmergencyRestoreV2/ +permalink: /en/doc/backup-emergency-restore-v2/ +redirect_from: /doc/BackupEmergencyRestoreV2/ --- Emergency Backup Recovery without Qubes - format version 2 @@ -15,7 +16,7 @@ The Qubes backup system has been designed with emergency disaster recovery in mi 1. Untar the main backup file. - {% highlight trac-wiki %} + ~~~ [user@restore ~]$ tar -i -xvf qubes-backup-2013-12-26-123456 backup-header backup-header.hmac @@ -31,17 +32,17 @@ The Qubes backup system has been designed with emergency disaster recovery in mi vm1/whitelisted-appmenus.list.000.hmac dom0-home/dom0user.000 dom0-home/dom0user.000.hmac - {% endhighlight %} + ~~~ 1. Verify the integrity of the `private.img` file which houses your data. - {% highlight trac-wiki %} + ~~~ [user@restore ~]$ cd vm1/ [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000 HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e [user@restore vm1]$ cat private.img.000.hmac (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e - {% endhighlight %} + ~~~ **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error. @@ -49,59 +50,59 @@ The Qubes backup system has been designed with emergency disaster recovery in mi 1. Decrypt the `private.img` file. - {% highlight trac-wiki %} + ~~~ [user@restore vm1]$ openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000 - {% endhighlight %} + ~~~ **Note:** For multi-part files, a loop can be used: - {% highlight trac-wiki %} + ~~~ for f in private.img.*; do openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in $f -out ${f/.img/.img.dec} done - {% endhighlight %} + ~~~ **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`. 1. Decompress the decrypted `private.img` file. - {% highlight trac-wiki %} + ~~~ [user@restore vm1]$ zforce private.img.dec.* [user@restore vm1]$ gunzip private.img.dec.000.gz - {% endhighlight %} + ~~~ **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program. 1. Untar the decrypted and decompressed `private.img` file. - {% highlight trac-wiki %} + ~~~ [user@restore vm1]$ tar -M -xvf private.img.dec.000 vm1/private.img - {% endhighlight %} + ~~~ **Note:** For multi-part files, a script is required: 1. Create a `new-volume-script`: - {% highlight trac-wiki %} + ~~~ #!/bin/sh name=`expr $TAR_ARCHIVE : '\(.*\)\..*'` suffix=`printf %03d $[ $TAR_VOLUME - 1 ]` echo $name.$suffix >&$TAR_FD - {% endhighlight %} + ~~~ 2. `chmod +x new-volume-script`. 3. `tar --new-volume-script=./new-volume-script -xvf private.img.dec.000`. (The `--new-volume-script` option enables multi-volume untaring.) 1. Mount the private.img file and access your data. - {% highlight trac-wiki %} + ~~~ [user@restore vm1]$ sudo mkdir /mnt/img [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/ [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt This data has been successfully recovered! - {% endhighlight %} + ~~~ **Note:** You may wish to store a plain text copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. You may obtain a plaintext version of this file in Git repository housing all the documentation at: diff --git a/en/common-tasks/backup-emergency-restore-v3.md b/en/common-tasks/backup-emergency-restore-v3.md new file mode 100644 index 00000000..01028e5e --- /dev/null +++ b/en/common-tasks/backup-emergency-restore-v3.md @@ -0,0 +1,101 @@ +--- +layout: doc +title: Emergency Backup Recovery - format version 3 +permalink: /en/doc/backup-emergency-restore-v3/ +redirect_from: /doc/BackupEmergencyRestoreV3/ +--- + +Emergency Backup Recovery without Qubes - format version 3 +========================================================== + +This page describes how to perform an emergency restore of a backup created on Qubes R2 or later (which uses backup format version 3). + +The Qubes backup system has been designed with emergency disaster recovery in mind. No special Qubes-specific tools are required to access data backed up by Qubes. In the event a Qubes system is unavailable, you can access your data on any GNU/Linux system with the following procedure. + +**Note:** In the following example, the backup file is both *encrypted* and *compressed*. + + 1. Untar the main backup file. + + [user@restore ~]$ tar -i -xvf qubes-backup-2015-06-05T123456 + backup-header + backup-header.hmac + qubes.xml.000 + qubes.xml.000.hmac + vm1/private.img.000 + vm1/private.img.000.hmac + vm1/icon.png.000 + vm1/icon.png.000.hmac + vm1/firewall.xml.000 + vm1/firewall.xml.000.hmac + vm1/whitelisted-appmenus.list.000 + vm1/whitelisted-appmenus.list.000.hmac + dom0-home/dom0user.000 + dom0-home/dom0user.000.hmac + + 2. Verify the integrity of the `backup-header` file, which contains basic information about your backup. + + [user@restore ~]$ openssl dgst -sha512 -hmac "your_passphrase" backup-header + HMAC-SHA512(backup-header)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c + [user@restore ~]$ cat backup-header.hmac + (stdin)= 5b266783e116fe3b2601a54c249ca5f5f96d421dfe6828eeaeb2dcd014e9e945c27b3d7b0f952f5d55c927318906d9c360f387b0e1f069bb8195e96543e2969c + + **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error. + + **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. This information is contained in the `backup-header` file (see step 3), however it is not recommended to open this file until its integrity and authenticity has been verified (the current step). A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`. + + 3. Read the `backup-header`. You'll need some of this information later. The file will look similar to this: + + [user@restore ~]$ cat backup-header + version=3 + hmac-algorithm=SHA512 + crypto-algorithm=aes-256-cbc + encrypted=True + compressed=True + compression-filter=gzip + + **Note:** If you see `version=2` here, go to [Emergency Backup Recovery - format version 2](/doc/BackupEmergencyRestoreV2/) instead. + + 4. Verify the integrity of the `private.img` file which houses your data. + + [user@restore ~]$ cd vm1/ + [user@restore vm1]$ openssl dgst -sha512 -hmac "your_passphrase" private.img.000 + HMAC-SHA512(private.img.000)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e + [user@restore vm1]$ cat private.img.000.hmac + (stdin)= cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e + + **Note:** The hash values should match. If they do not match, then the backup file may have been tampered with, or there may have been a storage error. + + **Note:** If your backup was hashed with a message digest algorithm other than `sha512`, you must substitute the correct message digest command. This information is contained in the `backup-header` file (see step 3). A complete list of supported message digest algorithms can be found with `openssl list-message-digest-algorithms`. + + 5. Decrypt the `private.img` file. + + [user@restore vm1]$ cat private.img.??? | openssl enc -d -pass pass:your_passphrase -aes-256-cbc -out private.img.dec + + **Note:** If your backup was encrypted with a cipher algorithm other than `aes-256-cbc`, you must substitute the correct cipher command. This information is contained in the `backup-header` file (see step 3). A complete list of supported cipher algorithms can be found with `openssl list-cipher-algorithms`. + + 6. Decompress the decrypted `private.img` file. + + [user@restore vm1]$ zforce private.img.dec + private.img.dec -- replaced with private.img.dec.gz + [user@restore vm1]$ gunzip private.img.dec.gz + + **Note:** If your backup was compressed with a program other than `gzip`, you must substitute the correct compression program. This information is contained in the `backup-header` file (see step 3). + + 7. Untar the decrypted and decompressed `private.img` file. + + [user@restore vm1]$ tar -xvf private.img.dec + vm1/private.img + + 8. Mount the private.img file and access your data. + + [user@restore vm1]$ sudo mkdir /mnt/img + [user@restore vm1]$ sudo mount -o loop vm1/private.img /mnt/img/ + [user@restore vm1]$ cat /mnt/img/home/user/your_data.txt + This data has been successfully recovered! + + 9. Success! If you wish to recover data from more than one VM in your backup, simply repeat steps 4--8 for each additional VM. + + **Note:** You may wish to store a copy of these instructions with your Qubes backups in the event that you fail to recall the above procedure while this web page is inaccessible. All Qubes documentation, including this page, is available in plain text format in the following Git repository: + + https://github.com/QubesOS/qubes-doc.git + diff --git a/BackupRestore.md b/en/common-tasks/backup-restore.md similarity index 91% rename from BackupRestore.md rename to en/common-tasks/backup-restore.md index 5c2ae5ee..379d04ad 100644 --- a/BackupRestore.md +++ b/en/common-tasks/backup-restore.md @@ -1,8 +1,10 @@ --- layout: doc -title: BackupRestore -permalink: /doc/BackupRestore/ -redirect_from: /wiki/BackupRestore/ +title: Backup, Restoration, and Migration +permalink: /en/doc/backup-restore/ +redirect_from: +- /doc/BackupRestore/ +- /wiki/BackupRestore/ --- Qubes Backup, Restoration, and Migration @@ -17,7 +19,7 @@ Qubes Backup, Restoration, and Migration With Qubes, it's easy to back up and restore your whole system, as well as to migrate between two physical machines. -As of Qubes R2B3, these functions are integrated into the Qubes VM Manager GUI. There are also two command-line tools available which perform the same functions: [qvm-backup](/doc/Dom0Tools/QvmBackup/) and [qvm-backup-restore](/doc/Dom0Tools/QvmBackupRestore/). +As of Qubes R2B3, these functions are integrated into the Qubes VM Manager GUI. There are also two command-line tools available which perform the same functions: [qvm-backup](/en/doc/dom0-tools/qvm-backup/) and [qvm-backup-restore](/en/doc/dom0-tools/qvm-backup-restore/). Creating a Backup ----------------- @@ -32,7 +34,7 @@ Creating a Backup 1. Select the destination for the backup: - - If you wish to send your backup to a [USB mass storage device](/doc/StickMounting/), select the device in the dropdown box next to **Device** (feature removed in R3, select appropriate **Target AppVM** and mount the stick with one click in file selection dialog). + - If you wish to send your backup to a [USB mass storage device](/en/doc/stick-mounting/), select the device in the dropdown box next to **Device** (feature removed in R3, select appropriate **Target AppVM** and mount the stick with one click in file selection dialog). - If you wish to send your backup to a (currently running) AppVM, select the AppVM in the dropdown box next to **Target AppVM**. You must also specify a directory on the device or in the AppVM, or a command to be executed in the AppVM as a destination for your backup. For example, if you wish to send your backup to the `~/backups` folder in the target AppVM, you would simply type `backups` in this field. This destination directory must already exist. If it does not exist, you must create it manually prior to backing up. @@ -54,7 +56,7 @@ Restoring from a Backup 1. Select the source location of the backup to be restored: - - If your backup is located on a [USB mass storage device](/doc/StickMounting/), select the device in the dropdown box next to **Device**. + - If your backup is located on a [USB mass storage device](/en/doc/stick-mounting/), select the device in the dropdown box next to **Device**. - If your backup is located in a (currently running) AppVM, select the AppVM in the dropdown box next to **AppVM**. You must also specify the directory in which the backup resides (or a command to be executed in an AppVM). If you followed the instructions in the previous section, "Creating a Backup," then your backup is most likely in the location you chose as the destination in step 3. For example, if you had chosen the `~/backups` directory of an AppVM as your destination in step 3, you would now select the same AppVM and again type `backups` into the **Backup directory** field. diff --git a/CopyPaste.md b/en/common-tasks/copy-paste.md similarity index 94% rename from CopyPaste.md rename to en/common-tasks/copy-paste.md index 7ac185ce..618af974 100644 --- a/CopyPaste.md +++ b/en/common-tasks/copy-paste.md @@ -1,8 +1,10 @@ --- layout: doc -title: CopyPaste -permalink: /doc/CopyPaste/ -redirect_from: /wiki/CopyPaste/ +title: Copy and Paste +permalink: /en/doc/copy-paste/ +redirect_from: +- /doc/CopyPaste/ +- /wiki/CopyPaste/ --- Copy and Paste between domains @@ -44,7 +46,7 @@ You may now paste the log contents to any VM as you normally would (i.e., Ctrl-S For data other than logs, there are two options: -1. [Copy it as a file.](/doc/CopyToDomZero/) +1. [Copy it as a file.](/en/doc/copy-to-dom0/) 2. Paste the data to `/var/run/qubes/qubes-clipboard.bin`, then write "dom0" to `/var/run/qubes/qubes-clipboard.bin.source`. Then use Ctrl-Shift-V to paste the data to the desired VM. Clipboard automatic policy enforcement @@ -52,22 +54,22 @@ Clipboard automatic policy enforcement The Qubes clipboard policy is configurable in: -{% highlight trac-wiki %} +~~~ /etc/qubes-rpc/policy/qubes.ClipboardPaste -{% endhighlight %} +~~~ You may wish to configure this policy in order to prevent user error. For example, if you are certain that you never wish to paste *into* your "vault" AppVM (and it is highly recommended that you do not), then you should edit the policy as follows: -{% highlight trac-wiki %} +~~~ $anyvm vault deny $anyvm $anyvm ask -{% endhighlight %} +~~~ Shortcut Configuration ---------------------- The copy/paste shortcuts are configurable in: -{% highlight trac-wiki %} +~~~ /etc/qubes/guid.conf -{% endhighlight %} +~~~ diff --git a/CopyToDomZero.md b/en/common-tasks/copy-to-dom0.md similarity index 91% rename from CopyToDomZero.md rename to en/common-tasks/copy-to-dom0.md index 93606a17..829d1b49 100644 --- a/CopyToDomZero.md +++ b/en/common-tasks/copy-to-dom0.md @@ -1,8 +1,10 @@ --- layout: doc -title: CopyToDomZero -permalink: /doc/CopyToDomZero/ -redirect_from: /wiki/CopyToDomZero/ +title: Copying to and from dom0 +permalink: /en/doc/copy-to-dom0/ +redirect_from: +- /doc/CopyToDomZero/ +- /wiki/CopyToDomZero/ --- Copying files to between VMs and Dom0 @@ -12,15 +14,15 @@ First, there should normally be few reasons for the user to want to copy files f For this reason we intentionally do not provide a convenient tool for copying files between VMs and Dom0 (while we provide a tool for copying files between VMs). However, if you're determined to copy some files to Dom0 anyway, you can use the following method (run this command from Dom0's console): -{% highlight trac-wiki %} +~~~ qvm-run --pass-io 'cat /path/to/file_in_src_domain' > /path/to/file_name_in_dom0 -{% endhighlight %} +~~~ BTW, you can use the same method to copy files from Dom0 to VMs: -{% highlight trac-wiki %} +~~~ cat /path/to/file_in_dom0 | qvm-run --pass-io 'cat > /path/to/file_name_in_appvm' -{% endhighlight %} +~~~ ### Copying logs from dom0 diff --git a/CopyingFiles.md b/en/common-tasks/copying-files.md similarity index 93% rename from CopyingFiles.md rename to en/common-tasks/copying-files.md index 012df483..ce2f7c07 100644 --- a/CopyingFiles.md +++ b/en/common-tasks/copying-files.md @@ -1,8 +1,10 @@ --- layout: doc -title: CopyingFiles -permalink: /doc/CopyingFiles/ -redirect_from: /wiki/CopyingFiles/ +title: Copying Files between Domains +permalink: /en/doc/copying-files/ +redirect_from: +- /doc/CopyingFiles/ +- /wiki/CopyingFiles/ --- Copying files between domains @@ -26,7 +28,7 @@ GUI CLI --- -[qvm-copy-to-vm](/doc/VmTools/QvmCopyToVm/) +[qvm-copy-to-vm](/en/doc/vm-tools/qvm-copy-to-vm/) On inter-domain file copy security ---------------------------------- diff --git a/DisposableVms.md b/en/common-tasks/dispvm.md similarity index 50% rename from DisposableVms.md rename to en/common-tasks/dispvm.md index 003149e8..b55c7fc3 100644 --- a/DisposableVms.md +++ b/en/common-tasks/dispvm.md @@ -1,8 +1,10 @@ --- layout: doc -title: DisposableVms -permalink: /doc/DisposableVms/ -redirect_from: /wiki/DisposableVms/ +title: Disposable VMs +permalink: /en/doc/dispvm/ +redirect_from: +- /doc/DisposableVms/ +- /wiki/DisposableVMs/ --- Disposable VMs (DispVMs) @@ -13,17 +15,23 @@ Background See [this article](http://theinvisiblethings.blogspot.com/2010/06/disposable-vms.html) for a background on why would one want to use a Disposable VM and what it is. +A DisposableVM is a lightweight VM that can be created quickly and which will disappear when it is finished with. Usually a Disposable VM is created in order to host a single application, like a viewer or an editor. This means that you can safely work with files without risk of compromising any of your VMs. Changes made to a file opened in a disposable VM are passed back to the originating VM. + +By default a Disposable VM will inherit the netVM and firewall settings of the ancestor VM. You can change this behaviour: in the Qubes Manager go to the advanced tab of VM Settings where you can set the default netVM to be used for DisposableVMs created from that VM. + +Once a dispVM has been created it will appear in the Qubes Manager with the name "dispX", and NetVM and firewall rules can be set as for a normal VM. + Opening a file in a Disposable VM (via GUI) ------------------------------------------- -In some AppVM, right click on the file you wish to open in a Disposable VM (in the Nautilus file manager), then choose Scripts -\> Open in Disposable VM. Wait a few seconds and an default application for this file type should appear displaying the file content. This app is running in a whole new VM -- a disposable VM created for the purpose of view this very file. Once you close the viewing application then whole Disposable VM will get destroyed. +In some AppVM, right click on the file you wish to open in a Disposable VM (in the Nautilus file manager), then choose "Open in Disposable VM". Wait a few seconds and the default application for this file type should appear displaying the file content. This app is running in a whole new VM -- a disposable VM created for the purpose of viewing or editing this very file. Once you close the viewing application the whole Disposable VM will be destroyed. If you have edited the file and saved the changes the changed file will be saved back to the original VM, overwriting the original. ![r1-open-in-dispvm-1.png](/attachment/wiki/DisposableVms/r1-open-in-dispvm-1.png) ![r1-open-in-dispvm-2.png](/attachment/wiki/DisposableVms/r1-open-in-dispvm-2.png) Opening a fresh web browser instance in a new Disposable VM ----------------------------------------------------------- -Sometimes it is convenient to open a fresh instance of Firefox within a new fresh Disposable VM. This can be easily done by using the Start Menu: just go to Start -\> Disposable VM -\> Firefox and wait a few seconds until a web browser starts. Once you close the viewing application then whole Disposable VM will get destroyed. +Sometimes it is convenient to open a fresh instance of Firefox within a new fresh Disposable VM. This can be easily done by using the Start Menu: just go to Start -\> System Tools -\> DispVM:Firefox web browser . Wait a few seconds until a web browser starts. Once you close the viewing application the whole Disposable VM will get destroyed. ![r1-open-in-dispvm-3.png](/attachment/wiki/DisposableVms/r1-open-in-dispvm-3.png) @@ -32,9 +40,9 @@ Opening a file in a Disposable VM via command line (from AppVM) Use the `qvm-open-in-dvm` command line (from your AppVM), e.g.: -{% highlight trac-wiki %} +~~~ [user@work-pub ~]$ qvm-open-in-dvm Downloads/apple-sandbox.pdf -{% endhighlight %} +~~~ The qvm-open-in-dvm will not exit until you close the application in the Disposable VM. @@ -43,9 +51,9 @@ Starting an arbitrary application in a disposable VM via command line (from Dom0 **Note:** Normally there should be no need for doing this -- this is just for Qubes hackers ;) -{% highlight trac-wiki %} -[joanna@dom0 ~]$ echo gnome-terminal | /usr/lib/qubes/qfile-daemon-dvm qubes.VMShell dom0 DEFAULT red -{% endhighlight %} +~~~ +[joanna@dom0 ~]$ echo xterm | /usr/lib/qubes/qfile-daemon-dvm qubes.VMShell dom0 DEFAULT red +~~~ In fact the Disposable VM appmenu used for starting Firefox contains a very similar command to the above. Please note, however, that it generally makes little sense to start any other application other than a Web Browser this way... @@ -54,34 +62,19 @@ Starting an arbitrary program in a Disposable VM from an AppVM Sometimes it might be useful to start an arbitrary program, such as e.g. terminal in an Disposable VM from an AppVM. This could be simply done this way: -{% highlight trac-wiki %} -[user@vault ~]$ qvm-run '$dispvm' gnome-terminal -{% endhighlight %} +~~~ +[user@vault ~]$ qvm-run '$dispvm' xterm +~~~ -Note the above command is issued in an AppVM, not in Dom0. The created Disposable VM can be normally accessed via other tools, such as e.g. `qvm-copy-to-vm`, using its 'dispX' name, as shown by the Qubes Manager or `qvm-ls` tools. The created Disposable VM will inherit firewall settings of the ancestor VM, which is useful in some cases (e.g. when the original AppVM had networking cut off). +Note the above command is issued in an AppVM, not in Dom0. The created Disposable VM can be normally accessed via other tools, such as e.g. `qvm-copy-to-vm`, using its 'dispX' name, as shown by the Qubes Manager or `qvm-ls` tools. -Using a non-default template as a basis for Disposable VM + +Customizing Disposable VMs --------------------------------------------------------- -In some situations it might be beneficial to use a non-default template as a basis for Disposable VM. One example is to use a less-trusted template with some less trusted, 3rd party, often unsigned, applications installed, such as e.g. 3rd part printer drivers. +You can change the template used to generate the Disposable VM, and change settings used in the Disposable VM savefile. These changes will be reflected in every new Disposable VM. +Full instructions are [here](/en/doc/disp-vm-customization/) -In order to regenerate Disposable VM "snapshot" (called 'savefile' on Qubes) one can conveniently use the following command in Dom0: - -{% highlight trac-wiki %} -[joanna@dom0 ~]$ qvm-create-default-dvm -{% endhighlight %} - -This would create a new Disposable VM savefile based on the custom template. Now, whenever one opens a file (from any AppVM) in a Disposable VM, a Disposable VM based on this template will be used. - -One can easily verify if the new Disposable VM template is indeed based on a custom template (in the example below the template called "f17-yellow" was used as a basis for the Disposable VM): - -{% highlight trac-wiki %} -[joanna@dom0 ~]$ ll /var/lib/qubes/dvmdata/ -total 0 -lrwxrwxrwx 1 joanna joanna 45 Mar 11 13:59 default_dvm.conf -> /var/lib/qubes/appvms/f17-yellow-dvm/dvm.conf -lrwxrwxrwx 1 joanna joanna 49 Mar 11 13:59 default_savefile -> /var/lib/qubes/appvms/f17-yellow-dvm/dvm-savefile -lrwxrwxrwx 1 joanna joanna 47 Mar 11 13:59 savefile_root -> /var/lib/qubes/vm-templates/f17-yellow/root.img -{% endhighlight %} Disposable VMs and Local Forensics ---------------------------------- diff --git a/FullScreenMode.md b/en/common-tasks/full-screen-mode.md similarity index 94% rename from FullScreenMode.md rename to en/common-tasks/full-screen-mode.md index 11ff817d..54847aae 100644 --- a/FullScreenMode.md +++ b/en/common-tasks/full-screen-mode.md @@ -1,8 +1,10 @@ --- layout: doc -title: FullScreenMode -permalink: /doc/FullScreenMode/ -redirect_from: /wiki/FullScreenMode/ +title: Full Screen Mode +permalink: /en/doc/full-screen-mode/ +redirect_from: +- /doc/FullScreenMode/ +- /wiki/FullScreenMode/ --- Enabling Full Screen Mode for select VMs @@ -30,19 +32,19 @@ If you want to enable full screen mode for select VMs, you can do that by creati **Note:** There should be only one `VM: {}` block in the file (or you will [get into problems](https://groups.google.com/d/msg/qubes-users/-Yf9yNvTsVI/xXsEm8y2lrYJ)) -{% highlight trac-wiki %} +~~~ VM: { personal: { allow_fullscreen = true; }; }; -{% endhighlight %} +~~~ The string 'personal' above is exemplary and should be replaced by the actual name of the VM for which you want to enable this functionality. One can also enable this functionality for all the VMs globally in the same file, by modifying the 'global' section: -{% highlight trac-wiki %} +~~~ global: { # default values allow_fullscreen = true; @@ -51,6 +53,6 @@ global: { #secure_paste_sequence = "Ctrl-Shift-v"; #windows_count_limit = 500; }; -{% endhighlight %} +~~~ Be sure to restart the VM(s) after modifying this file, for the changes to take effect. diff --git a/ManagingAppVmShortcuts.md b/en/common-tasks/managing-appvm-shortcuts.md similarity index 82% rename from ManagingAppVmShortcuts.md rename to en/common-tasks/managing-appvm-shortcuts.md index 4cd8b6b4..def8e038 100644 --- a/ManagingAppVmShortcuts.md +++ b/en/common-tasks/managing-appvm-shortcuts.md @@ -1,8 +1,10 @@ --- layout: doc -title: ManagingAppVmShortcuts -permalink: /doc/ManagingAppVmShortcuts/ -redirect_from: /wiki/ManagingAppVmShortcuts/ +title: Managing AppVm Shortcuts +permalink: /en/doc/managing-appvm-shortcuts/ +redirect_from: +- /doc/ManagingAppVmShortcuts/ +- /wiki/ManagingAppVmShortcuts/ --- Managing shortcuts to applications in AppVMs @@ -29,6 +31,6 @@ List of installed applications for each AppVM is stored in its template's `/var/ Actual command lines for the menu shortcuts involve `qvm-run` command which starts a process in another domain. Example: `qvm-run -q --tray -a w7s 'cmd.exe /c "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Accessories\\Calculator.lnk"'` or `qvm-run -q --tray -a untrusted 'firefox %u'` -`qvm-sync-appmenus` works by invoking *GetAppMenus* [Qubes service](/doc/Qrexec/) in the target domain. This service enumerates installed applications and sends formatted info back to the dom0 script (`/usr/libexec/qubes-appmenus/qubes-receive-appmenus`) which creates .desktop files in the AppVM/TemplateVM directory. +`qvm-sync-appmenus` works by invoking *GetAppMenus* [Qubes service](/en/doc/qrexec/) in the target domain. This service enumerates installed applications and sends formatted info back to the dom0 script (`/usr/libexec/qubes-appmenus/qubes-receive-appmenus`) which creates .desktop files in the AppVM/TemplateVM directory. For Linux VMs the service script is in `/etc/qubes-rpc/qubes.GetAppMenus`. In Windows it's a PowerShell script located in `c:\Program Files\Invisible Things Lab\Qubes OS Windows Tools\qubes-rpc-services\get-appmenus.ps1` by default. diff --git a/SoftwareUpdateDom0.md b/en/common-tasks/software-update-dom0.md similarity index 88% rename from SoftwareUpdateDom0.md rename to en/common-tasks/software-update-dom0.md index 756065b3..9c02a088 100644 --- a/SoftwareUpdateDom0.md +++ b/en/common-tasks/software-update-dom0.md @@ -1,8 +1,10 @@ --- layout: doc -title: SoftwareUpdateDom0 -permalink: /doc/SoftwareUpdateDom0/ -redirect_from: /wiki/SoftwareUpdateDom0/ +title: Updating software in dom0 +permalink: /en/doc/software-update-dom0/ +redirect_from: +- /doc/SoftwareUpdateDom0/ +- /wiki/SoftwareUpdateDom0/ --- Updating software in dom0 @@ -35,15 +37,15 @@ Of course, command line tools are still available for accomplishing various upda 1. To check and install updates for dom0 software: - {% highlight trac-wiki %} + ~~~ $ sudo qubes-dom0-update - {% endhighlight %} + ~~~ 1. To install additional packages in dom0 (usually not recommended): - {% highlight trac-wiki %} + ~~~ $ sudo qubes-dom0-update anti-evil-maid - {% endhighlight %} + ~~~ You may also pass the `--enablerepo=` option in order to enable optional repositories (see yum configuration in dom0). However, this is only for advanced users who really understand what they are doing. @@ -51,16 +53,30 @@ Of course, command line tools are still available for accomplishing various upda 1. Download an older version of the package: - {% highlight trac-wiki %} + ~~~ sudo qubes-dom0-update package-version - {% endhighlight %} + ~~~ Yum will say that there is no update, but the package will nonetheless be downloaded to dom0. 1. Downgrade the packge: - {% highlight trac-wiki %} + ~~~ sudo yum downgrade package-version - {% endhighlight %} + ~~~ +### Kernel Upgrade ### +Install newer kernel. The following example installs kernel 3.19 and was tested on Qubes R3 RC1. + + ~~~ + sudo qubes-dom0-update kernel-3.19* + ~~~ + +Rebuild grub config. + + ~~~ + sudo grub2-mkconfig -o /boot/grub2/grub.cfg + ~~~ + +Reboot required. diff --git a/SoftwareUpdateVM.md b/en/common-tasks/software-update-vm.md similarity index 91% rename from SoftwareUpdateVM.md rename to en/common-tasks/software-update-vm.md index d0fa367e..e39286dd 100644 --- a/SoftwareUpdateVM.md +++ b/en/common-tasks/software-update-vm.md @@ -1,8 +1,10 @@ --- layout: doc -title: SoftwareUpdateVM -permalink: /doc/SoftwareUpdateVM/ -redirect_from: /wiki/SoftwareUpdateVM/ +title: Installing and updating software in VMs +permalink: /en/doc/software-update-vm/ +redirect_from: +- /doc/SoftwareUpdateVM/ +- /wiki/SoftwareUpdateVM/ --- Installing and updating software in VMs @@ -39,7 +41,7 @@ As the template VM is used for creating filesystems for other AppVMs, where you There are several ways to deal with this problem: -- Only install packages from trusted sources -- e.g. from the pre-configured Fedora repositories. All those packages are signed by Fedora, and as we expect that at least the package's installation scripts are not malicious. This is enforced by default (at the [firewall VM level](/doc/QubesFirewall/)), by not allowing any networking connectivity in the default template VM, except for access to the Fedora repos. +- Only install packages from trusted sources -- e.g. from the pre-configured Fedora repositories. All those packages are signed by Fedora, and as we expect that at least the package's installation scripts are not malicious. This is enforced by default (at the [firewall VM level](/en/doc/qubes-firewall/)), by not allowing any networking connectivity in the default template VM, except for access to the Fedora repos. - Use *standalone VMs* (see below) for installation of untrusted software packages. @@ -49,7 +51,7 @@ Some popular questions: - So, why should we actually trust Fedora repos -- it also contains large amount of 3rd party software that might buggy, right? -As long as template's compromise is considered, it doesn't really matter whether /usr/bin/firefox is buggy and can be exploited, or not. What matters is whether its *installation* scripts (such as %post in the rpm.spec) are benign or not. Template VM should be used only for installation of packages, and nothing more, so it should never get a chance to actually run the /usr/bin/firefox and got infected from it, in case it was compromised. Also, some of your more trusted AppVMs, would have networking restrictions enforced by the [firewall VM](/doc/QubesFirewall/), and again they should not fear this proverbial /usr/bin/firefox being potentially buggy and easy to compromise. +As long as template's compromise is considered, it doesn't really matter whether /usr/bin/firefox is buggy and can be exploited, or not. What matters is whether its *installation* scripts (such as %post in the rpm.spec) are benign or not. Template VM should be used only for installation of packages, and nothing more, so it should never get a chance to actually run the /usr/bin/firefox and got infected from it, in case it was compromised. Also, some of your more trusted AppVMs, would have networking restrictions enforced by the [firewall VM](/en/doc/qubes-firewall/), and again they should not fear this proverbial /usr/bin/firefox being potentially buggy and easy to compromise. - But why trusting Fedora? @@ -72,9 +74,9 @@ Sometime it might be convenient to have a VM that has its own filesystem, where In order to create a standalone VM you can use a command line like this (from console in Dom0): -{% highlight trac-wiki %} +~~~ qvm-create --standalone --label