I installed Qubes 4 because 3 had some issues on my system, 4 seems to run a lot better, so I’d like to avoid having to install Qubes 3.2.
Failed to synchronize cache for repo ‘qubes-templates-community’, disabling.
Patrick
October 18, 2017, 3:34pm
#4
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-4.0-templates-community
sudo qubes-dom0-update --enablerepo=qubes-templates-community qubes-template-whonix-gw qubes-template-whonix-ws
sudo qubesctl state.sls qvm.sys-whonix
sudo qubesctl state.sls qvm.anon-whonix
sudo qubesctl state.highstate
qvm-prefs --set sys-whonix netvm sys-firewall
Patrick
October 19, 2017, 12:43pm
#5
There are quite some bugs we need to work around.
opened 04:26PM - 15 Sep 17 UTC
closed 12:45AM - 08 Aug 18 UTC
T: bug
R: duplicate
C: Whonix
#### Qubes OS version (e.g., `R3.2`):
R4.0-RC-1
#### Affected TemplateVMs (e.g… ., `fedora-23`, if applicable):
dom0
---
### Expected behavior:
install qubes-release-4.0-0.2.noarch and import RPM-GPG-KEY-qubes* for installing whonix-*
### Actual behavior:
when updating to qubes-release-4.0-0.2.noarch the keys could not be imported.
error: can't create transaction lock on /var/lib/rpm/.rpm.lock (resource temporarily unavailable)
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-4-template-community: key 1 import failed
this error is repeated for every key in the directory /etc/pki/rpm-gpg/
### Steps to reproduce the behavior:
Update system with qubes-dom0-update --enablerepo=qubes-dom0-current-testing.
### General notes:
---
#### Related issues:
#2954
opened 06:57PM - 07 Jul 16 UTC
T: enhancement
help wanted
C: doc
C: mgmt
https://www.qubes-os.org/doc/reinstall-template/ - Please consider adding the fo… llowing.
```
sudo qubesctl state.highstate
```
That would invoke salt.
https://www.qubes-os.org/doc/salt/
And thereby in case of Whonix (which is currently used as an example in the replace template documentation) create a TemplateBased ProxyVM sys-whonix.
opened 11:46AM - 19 Oct 17 UTC
closed 01:03AM - 20 Oct 17 UTC
T: bug
C: mgmt
C: Whonix
r4.0-dom0-stable
Salt - Qubes R4 RC1 - fails to set `sys-whonix`'s NetVM to `default` (`sys-firew… all`)
#### Qubes OS version:
<!-- (e.g., `R3.2`)
You can get it from the dom0 terminal with the command
`cat /etc/qubes-release`
Type below this line. -->
Qubes R4 with all Qubes testing repositories
#### Affected TemplateVMs:
<!-- (e.g., `fedora-23`, if applicable)
Type below this line. -->
Dom0
---
### Steps to reproduce the behavior:
Install Qubes R4 with all Qubes testing repositories.
Enable Qubes community templates repository in /etc/yum.repos.d/qubes-templates.repo.
sudo qubes-dom0-update qubes-template-whonix-gw qubes-template-whonix-ws
(Did last command because of https://github.com/QubesOS/qubes-issues/issues/3188.)
sudo qubesctl state.sls qvm.sys-whonix
### Expected behavior:
sys-whonix's NetVM set to default (sys-firewall).
### Actual behavior:
sys-whonix's NetVM set to none.
### General notes:
While running `sudo qubesctl state.sls qvm.sys-whonix` it is showing
```
===== [prefs] =====
[Skipped] netvm: sys-firewall
```
---
#### Related issues:
https://github.com/QubesOS/qubes-issues/issues/2157
https://github.com/QubesOS/qubes-issues/issues/2954
opened 12:14PM - 19 Oct 17 UTC
closed 01:08AM - 20 Oct 17 UTC
T: bug
C: core
r4.0-dom0-stable
failed to change NetVM of `sys-whonix` using `qubes-vm-settings`
#### Qubes O… S version:
<!-- (e.g., `R3.2`)
You can get it from the dom0 terminal with the command
`cat /etc/qubes-release`
Type below this line. -->
Qubes R4 with all Qubes testing repositories
#### Affected TemplateVMs:
<!-- (e.g., `fedora-23`, if applicable)
Type below this line. -->
Dom0
---
### Steps to reproduce the behavior:
Install Qubes R4 with all Qubes testing repositories.
Enable Qubes community templates repository in /etc/yum.repos.d/qubes-templates.repo.
sudo qubes-dom0-update qubes-template-whonix-gw qubes-template-whonix-ws
(Did last command because of https://github.com/QubesOS/qubes-issues/issues/3188.)
sudo qubesctl state.sls qvm.sys-whonix
start menu -> sys-whonix -> vm settings -> set NetVM to default (sys-firewall).
(Did last action because of https://github.com/QubesOS/qubes-issues/issues/3189.)
### Expected behavior:
sys-whonix's NetVM set to default (sys-firewall).
### Actual behavior:
sys-whonix's NetVM setting gets reset to none.
### General notes:
Might be related to (or even a follow-up issue?) https://github.com/QubesOS/qubes-issues/issues/3188?
Maybe it is because sys-whonix was already running. But even if sys-whonix was running, changing the NetVM using qubes-vm-settings (started from start menu -> sys-whonix -> vm settings) should be possible?
`qvm-shutdown sys-whonix` followed by `qvm-prefs --set sys-whonix netvm sys-firewall` worked for me.
After restarting sys-whonix, to provide further debug output, I set sys-whonix NetVM from default (sys-firewall) to sys-firewall, clicked okay. Restarted qubes-vm-settigns for sys-whonix. Expected: set to sys-friewall. Actual result: set to `(none) (current)`.
Using `qubes-vm-settings sys-whonix` while sys-whonix has been shutdown (and confirmed using `qvm-ls`) doesn't help either. The only way to change sys-whonix NetVM setting for me currently is the command line.
---
#### Related issues:
https://github.com/QubesOS/qubes-issues/issues/2157
https://github.com/QubesOS/qubes-issues/issues/2954
Patrick
October 19, 2017, 12:49pm
#6
The Whonix-Gateway NetVM required for updates error popup can and should be safely ignored. That is a usability bug to be ironed out soonish.
Patrick
October 19, 2017, 12:53pm
#7
whonixcheck in whonix-gw / whonix-ws TemplateVMs does not work yet for the same reason.
Patrick
October 19, 2017, 12:55pm
#8
Still very experimental. Anyone wanna try with the instructions from post #3 in this thread.
(Link: experimental Qubes-Whonix 13 in Qubes R3 RC1 - please test - #3 )