Hello all,
I've just installed Qubes latest preview 3. Installed it offline, so all the logs you will see are from a disconnected system. There are some services disabled related to security that worry me ( listed below ). Also some entries that i have some doubts on sys logs ( written below also ). I had a critical warning just after the install, related to gtk before the login screen. Attached are all the logs found, complete. If you need some other info please just let me know.
Thank you very much in advance for your help. Doubts below.
output of systemctl -al showing inactive services only ( full list of services attached )
-----------------------------------------------------------------------------------------
UNIT LOAD ACTIVE SUB DESCRIPTION
boot.automount loaded inactive dead boot.automount
dev-block-259:2.device loaded inactive dead dev-block-259:2.device
dev-hugepages.mount loaded inactive dead Huge Pages File System
proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System
sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System
systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch
alsa-restore.service loaded inactive dead Save/Restore Sound Card State
● apparmor.service not-found inactive dead apparmor.service
auditd.service loaded inactive dead Security Auditing Service
dmraid-activation.service loaded inactive dead Activation of DM RAID sets
emergency.service loaded inactive dead Emergency Shell
● fedora-autorelabel-mark.service not-found inactive dead fedora-autorelabel-mark.service
● fedora-autorelabel.service not-found inactive dead fedora-autorelabel.service
fedora-import-state.service loaded inactive dead Import network configuration from initramfs
fstrim.service loaded inactive dead Discard unused blocks
ge...@tty1.service loaded inactive dead Getty on tty1
iscsid.service loaded inactive dead Open-iSCSI
iscsiuio.service loaded inactive dead iSCSI UserSpace I/O driver
libvirt-guests.service loaded inactive dead Suspend/Resume Running libvirt Guests
● livesys-late.service not-found inactive dead livesys-late.service
● lvm2-activation-early.service not-found inactive dead lvm2-activation-early.service
● lvm2-activation.service not-found inactive dead lvm2-activation.service
plymouth-quit-wait.service loaded inactive dead Hold until boot process finishes up
plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen
plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data
plymouth-start.service loaded inactive dead Show Plymouth Boot Screen
qube...@sys-firewall.service loaded inactive dead Start Qubes VM sys-firewall
qube...@sys-net.service loaded inactive dead Start Qubes VM sys-net
qube...@sys-whonix.service loaded inactive dead Start Qubes VM sys-whonix
rc-local.service loaded inactive dead /etc/rc.d/rc.local Compatibility
rescue.service loaded inactive dead Rescue Shell
● syslog.service not-found inactive dead syslog.service
systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console
systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth
systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall
systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats
systemd-firstboot.service loaded inactive dead First Boot Wizard
systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon
systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk
systemd-quotacheck.service loaded inactive dead File System Quota Check
systemd-rfkill.service loaded inactive dead Load/Save RF Kill Switch Status
systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories
systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes
virtlockd.service loaded inactive dead Virtual machine lock manager
virtlogd.service loaded inactive dead Virtual machine log manager
● ypbind.service not-found inactive dead ypbind.service
system-qubes\x2dvm.slice loaded inactive dead system-qubes\x2dvm.slice
syslog.socket loaded inactive dead Syslog Socket
emergency.target loaded inactive dead Emergency Mode
network-pre.target loaded inactive dead Network (Pre)
network.target loaded inactive dead Network
remote-fs-pre.target loaded inactive dead Remote File Systems (Pre)
rescue.target loaded inactive dead Rescue Mode
shutdown.target loaded inactive dead Shutdown
time-sync.target loaded inactive dead System Time Synchronized
umount.target loaded inactive dead Unmount All Filesystems
virt-guest-shutdown.target loaded inactive dead Libvirt guests shutdown
The question here is if it is normal that these services are disabled on first login just after a disconnected install?
output of journalctl -ax --merge ( full journalctl output attached ) below the messages i have some comments on my doubts
-------------------------------------------------------------------------------------------------------------------------
Dec 15 20:52:30 dom0 kernel: Linux version 4.19.86-1.pvops.qubes.x86_64 (user@build-fedora4) (gcc version 6.4.1 20170727 (Red Hat 6.4.1-1) (GCC)) #1 SMP Sun Dec 1 07:16:00 UTC 2019
Dec 15 20:52:30 dom0 kernel: Command line: placeholder root=/dev/mapper/qubes_dom0-root ro
rd.lvm.lv=qubes_dom0/root
rd.lvm.lv=qubes_dom0/swap i915.alpha_support=1 plymouth.ignore-serial-con
( is it possible to disable alpha support? i Have a skylake 9th gen ) - later there is an entry stating that it taints the kernel
Dec 15 20:52:30 dom0 kernel: ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
Dec 15 20:52:30 dom0 kernel: ata1.00: supports DRM functions and may not be fully accessible
Dec 15 20:52:30 dom0 kernel: ata1.00: ATA-11: Samsung SSD 860 EVO 250GB, RVT01B6Q, max UDMA/133
Dec 15 20:52:30 dom0 kernel: ata1.00: 488397168 sectors, multi 1: LBA48 NCQ (depth 32), AA
Dec 15 20:52:30 dom0 kernel: ata1.00: supports DRM functions and may not be fully accessible
Dec 15 20:52:30 dom0 kernel: ata1.00: configured for UDMA/133
( isn`t UDMA 133 a little old for a recent SSD? If so, is it possible to speedup the disk with newer drivers? )
Dec 15 20:52:30 dom0 kernel: ahci 0000:00:17.0: port does not support device sleep
Dec 15 20:52:30 dom0 kernel: scsi 0:0:0:0: Direct-Access ATA Samsung SSD 860 1B6Q PQ: 0 ANSI: 5
Dec 15 20:52:30 dom0 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
Dec 15 20:52:30 dom0 kernel: ata1.00: Enabling discard_zeroes_data
Dec 15 20:52:30 dom0 kernel: sd 0:0:0:0: [sda] 488397168 512-byte logical blocks: (250 GB/233 GiB)
Dec 15 20:52:30 dom0 kernel: sd 0:0:0:0: [sda] Write Protect is off
Dec 15 20:52:30 dom0 kernel: sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
Dec 15 20:52:30 dom0 kernel: sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
Dec 15 20:52:30 dom0 kernel: ata1.00: Enabling discard_zeroes_data
Dec 15 20:52:30 dom0 kernel: sda:
Dec 15 20:52:30 dom0 kernel: ata1.00: Enabling discard_zeroes_data
Dec 15 20:52:30 dom0 systemd-modules-load[195]: Failed to find module 'uinput'
( found info on
kernel.org stating this module is for user input, is it normal that the module is not present? )
Dec 15 20:52:31 dom0 kernel: Setting dangerous option alpha_support - tainting kernel
( can this be disabled and a more accurate skylake 9th gen driver made available? )
Dec 15 20:52:31 dom0 kernel: nvme nvme0: missing or invalid SUBNQN field.
Dec 15 20:52:31 dom0 kernel: nvme nvme0: Shutdown timeout set to 8 seconds
Dec 15 20:52:31 dom0 kernel: nvme0n1: p1 p2
( after some searching i found that this message is related to the boot disk Samsung V-NAND SSD 970 PRO NVMe M.2, just installed. The hardware is pretty new but Samsung has made available the source code for 'magician' ( if i remember correctly, ( i am still offline ), software under request. The linux version is old and does not recognize any of the disks present on the machine. Do you know of any opensource project ongoing to port the tool to linux? )
Dec 15 20:52:34 dom0 kernel: input: PC Speaker as /devices/platform/pcspkr/input/input8
( a speakear as input??? like a mic or something? )
Dec 15 20:52:34 dom0 kernel: cfg80211: Loading compiled-in X.509 certificates for regulatory database
Dec 15 20:52:34 dom0 kernel: RAPL PMU: API unit is 2^-32 Joules, 5 fixed counters, 655360 ms ovfl timer
Dec 15 20:52:34 dom0 kernel: RAPL PMU: hw unit of domain pp0-core 2^-14 Joules
Dec 15 20:52:34 dom0 kernel: RAPL PMU: hw unit of domain package 2^-14 Joules
Dec 15 20:52:34 dom0 kernel: RAPL PMU: hw unit of domain dram 2^-14 Joules
Dec 15 20:52:34 dom0 kernel: RAPL PMU: hw unit of domain pp1-gpu 2^-14 Joules
Dec 15 20:52:34 dom0 kernel: RAPL PMU: hw unit of domain psys 2^-14 Joules
Dec 15 20:52:34 dom0 kernel: cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
Dec 15 20:52:34 dom0 kernel: platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
( is it normal this error? )
Dec 15 20:52:35 dom0 systemd[1]: tmp.mount: Directory /tmp to mount over is not empty, mounting anyway.
( this always happened in previous installations, strange no? )
Dec 15 20:52:36 dom0 systemd-tmpfiles[1180]: Cannot set file attribute for '/var/log/journal', value=0x00800000, mask=0x00800000: Operation not supported
Dec 15 20:52:36 dom0 systemd-tmpfiles[1180]: Cannot set file attribute for '/var/log/journal/2f474aa11eba4b1394708823e685bcd8', value=0x00800000, mask=0x00800000: Operation not supported
( is this normal? )
Dec 15 20:52:36 dom0 xenstored[1267]: TDB: tdb_open_ex: could not open file /var/lib/xenstored/tdb: No such file or directory
Dec 15 20:52:36 dom0 xenstored[1267]: Checking store ...
( this message happens at every boot )
Dec 15 20:52:37 dom0 xenstored[1267]: Checking store complete.
Dec 15 20:52:38 dom0 udisksd[1497]: Acquired the name org.freedesktop.UDisks2 on the system message bus
Dec 15 20:52:38 dom0 udisksd[1497]: Error loading modules: Error opening directory '/usr/lib64/udisks2/modules': No such file or directory
Dec 15 20:52:40 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/__init__.py:703: DeprecationWarning: Gdk.Screen.get_primary_monitor is deprecated primary = screen.get_primary_monitor()
Dec 15 20:52:40 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/__init__.py:704: DeprecationWarning: Gdk.Screen.get_monitor_geometry is deprecated monitor_geometry = screen.get_monitor_geometry(primary)
Dec 15 20:52:40 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/__init__.py:705: DeprecationWarning: Gdk.Screen.get_monitor_scale_factor is deprecated monitor_scale = screen.get_monitor_scale_factor(primary)
Dec 15 20:52:40 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/__init__.py:706: DeprecationWarning: Gdk.Screen.get_monitor_width_mm is deprecated monitor_width_mm = screen.get_monitor_width_mm(primary)
Dec 15 20:52:40 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/__init__.py:707: DeprecationWarning: Gdk.Screen.get_monitor_height_mm is deprecated monitor_height_mm = screen.get_monitor_height_mm(primary)
Dec 15 20:52:40 dom0 anaconda[1338]: Detected primary monitor: 1920x1080 168dpix 161dpiy
Dec 15 20:52:40 dom0 anaconda[1338]: Entered hub: InitialSetupMainHub
Dec 15 20:52:41 dom0 anaconda[1338]: /usr/share/anaconda/addons/org_qubes_os_initial_setup/gui/spokes/qubes_os.py:113: DeprecationWarning: Gtk.Alignment.set_padding is deprecated self.outer_widget.set_padding(0, 0, 20, 0)
Dec 15 20:52:41 dom0 anaconda[1338]: /usr/lib64/python3.5/_collections_abc.py:597: DeprecationWarning: Will be removed in 1.0. Access properties with Device.properties. return self[key]
Dec 15 20:52:41 dom0 anaconda[1338]: /usr/share/anaconda/addons/org_qubes_os_initial_setup/gui/spokes/qubes_os.py:90: DeprecationWarning: Will be removed in 1.0. Use equivalent Devices method udev_info = pyudev.Device.from_device_file(context, dev)
Dec 15 20:52:41 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/pyanaconda/ui/gui/hubs/__init__.py:197: DeprecationWarning: Gtk.Widget.set_margin_left is deprecated selector.set_margin_left(12)
Dec 15 20:52:41 dom0 anaconda[1338]: /usr/lib64/python3.5/site-packages/gi/overrides/Gdk.py:329: DeprecationWarning: Gdk.Cursor.new is deprecated return cls.new(*args, **kwds)
( is it possible that the critical errors of gtk are because of this? )
Dec 15 20:53:16 dom0 kernel: kauditd_printk_skb: 30 callbacks suppressed
( probably typing the password, no? )
Dec 15 21:02:47 dom0 pulseaudio[12493]: [pulseaudio] authkey.c: Failed to open cookie file '/home/dunde/.config/pulse/cookie': No such file or directory
Dec 15 21:02:47 dom0 pulseaudio[12493]: [pulseaudio] authkey.c: Failed to load authentication key '/home/dunde/.config/pulse/cookie': No such file or directory
Dec 15 21:02:47 dom0 pulseaudio[12493]: [pulseaudio] authkey.c: Failed to open cookie file '/home/dunde/.pulse-cookie': No such file or directory
Dec 15 21:02:47 dom0 pulseaudio[12493]: [pulseaudio] authkey.c: Failed to load authentication key '/home/dunde/.pulse-cookie': No such file or directory
( this message happens at every boot too )
Dec 15 22:01:01 dom0 CROND[12871]: (root) CMD (run-parts /etc/cron.hourly)
Dec 15 22:01:01 dom0 run-parts[12874]: (/etc/cron.hourly) starting 0anacron
Dec 15 22:01:01 dom0 anacron[12882]: Anacron started on 2019-12-15
Dec 15 22:01:01 dom0 anacron[12882]: Will run job `cron.daily' in 28 min.
Dec 15 22:01:01 dom0 anacron[12882]: Will run job `cron.weekly' in 48 min.
Dec 15 22:01:01 dom0 anacron[12882]: Will run job `cron.monthly' in 68 min.
Dec 15 22:01:01 dom0 anacron[12882]: Jobs will be executed sequentially
Dec 15 22:01:01 dom0 run-parts[12884]: (/etc/cron.hourly) finished 0anacron
Dec 15 22:29:01 dom0 anacron[12882]: Job `cron.daily' started
Dec 15 22:29:01 dom0 run-parts[12979]: (/etc/cron.daily) starting logrotate
Dec 15 22:29:01 dom0 run-parts[12984]: (/etc/cron.daily) finished logrotate
Dec 15 22:29:01 dom0 run-parts[12986]: (/etc/cron.daily) starting lvm-cleanup
Dec 15 22:29:01 dom0 run-parts[12991]: (/etc/cron.daily) finished lvm-cleanup
Dec 15 22:29:01 dom0 run-parts[12993]: (/etc/cron.daily) starting qubes-dom0-updates.cron
Dec 15 22:29:02 dom0 run-parts[13006]: (/etc/cron.daily) finished qubes-dom0-updates.cron
Dec 15 22:29:02 dom0 anacron[12882]: Job `cron.daily' terminated (mailing output)
Dec 15 22:29:02 dom0 anacron[12882]: Can't find sendmail at /usr/sbin/sendmail, not mailing output
( below i have the configuration of anacron, is this email sent to root? If root is disabled can it be redirected? )
Dec 15 22:49:01 dom0 anacron[12882]: Job `cron.weekly' started
Dec 15 22:49:01 dom0 anacron[12882]: Job `cron.weekly' terminated
Dec 15 23:00:01 dom0 CROND[13112]: (root) CMD (/usr/bin/qvm-sync-clock > /dev/null 2>&1 || true)
Dec 15 23:00:02 dom0 systemd[12338]: Time has been changed
-- The system clock has been changed to REALTIME microseconds after January 1st, 1970.
Dec 16 03:00:02 dom0 audit[13989]: USYS_CONFIG pid=13989 uid=0 auid=4294967295 ses=4294967295 msg='op=change-system-time exe="/usr/sbin/hwclock" hostname=? addr=? terminal=? res=success'
Dec 16 03:00:02 dom0 kernel: audit: type=1111 audit(1576465202.499:664): pid=13989 uid=0 auid=4294967295 ses=4294967295 msg='op=change-system-time exe="/usr/sbin/hwclock" hostname=? addr=? t
Dec 16 03:01:01 dom0 CROND[13997]: (root) CMD (run-parts /etc/cron.hourly)
Dec 16 03:01:01 dom0 run-parts[14000]: (/etc/cron.hourly) starting 0anacron
Dec 16 03:01:01 dom0 anacron[14008]: Anacron started on 2019-12-16
Dec 16 03:01:01 dom0 anacron[14008]: Will run job `cron.daily' in 16 min.
Dec 16 03:01:01 dom0 anacron[14008]: Jobs will be executed sequentially
Dec 16 03:01:01 dom0 run-parts[14010]: (/etc/cron.hourly) finished 0anacron
Dec 16 03:03:06 dom0 qrexec[14018]: qubes.GetDate: sys-firewall -> @default: allowed to dom0
Dec 16 03:17:01 dom0 anacron[14008]: Job `cron.daily' started
Dec 16 03:17:01 dom0 run-parts[14075]: (/etc/cron.daily) starting logrotate
Dec 16 03:17:01 dom0 run-parts[14080]: (/etc/cron.daily) finished logrotate
Dec 16 03:17:01 dom0 run-parts[14082]: (/etc/cron.daily) starting lvm-cleanup
Dec 16 03:17:01 dom0 run-parts[14087]: (/etc/cron.daily) finished lvm-cleanup
Dec 16 03:17:01 dom0 run-parts[14089]: (/etc/cron.daily) starting qubes-dom0-updates.cron
Dec 16 03:17:02 dom0 run-parts[14102]: (/etc/cron.daily) finished qubes-dom0-updates.cron
Dec 16 03:17:02 dom0 anacron[14008]: Job `cron.daily' terminated (mailing output)
Dec 16 03:17:02 dom0 anacron[14008]: Can't find sendmail at /usr/sbin/sendmail, not mailing output
( second time it happens )
Dec 16 08:57:02 dom0 xfce4-notifyd[15405]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 08:57:30 dom0 xfce4-notifyd[15405]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 08:57:55 dom0 xfce4-notifyd[15405]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 08:58:25 dom0 xfce4-notifyd[15405]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 08:58:52 dom0 xfce4-notifyd[15405]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
( i suppose this was the first critical message i got after install and before the login screen, below the second. I include Xorg logs, do not know if it helps or not troubleshooting. Please let me know what to do to solve this )
Dec 16 09:41:04 dom0 xfce4-notifyd[17096]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 09:44:28 dom0 xfce4-notifyd[17096]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 09:49:02 dom0 xfce4-notifyd[17096]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 09:50:44 dom0 xfce4-notifyd[17096]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 09:53:38 dom0 xfce4-notifyd[17096]: xfce_notify_window_expire_timeout: assertion 'XFCE_IS_NOTIFY_WINDOW(data)' failed
Dec 16 10:00:01 dom0 CROND[17189]: (root) CMD (/usr/bin/qvm-sync-clock > /dev/null 2>&1 || true)
Sent with ProtonMail Secure Email.