Noob issues with DNS Failure in Debian-8 and Debian-9 after creating upgrade TemplateVM

[chuc...@gmail.com]

Hi, all. I apologize in advance that I'm totally new to Qubes and somewhat new to the Linux environment in general.

After following the Qubes documentation instructions to clone the stock Debian-8 TVM to Debian-9 and perform the upgrade to 9, I find that I can't resolve DNS in either Debian template.

I'm running R3.2.

Any help would be greatly appreciated. I've done a lot of searching and am stumped. :/

[awokd]

You might just want to start with a fresh template instead of trying to
upgrade. If so, do "sudo qubes-dom0-update qubes-template-debian-9".

Ordinarily you don't access the network directly from your templates. You
use those templates to create AppVMs which do. Is that what you are doing?
If so, make sure your NetVM (Networking) is set to something in your
AppVM.

[Chuck Cage]

Maybe I'm misunderstanding the system. (Again, apologies!) I can start an AppVM based on the debian-9 template and resolve. I can't start the debian-9 TemplateVM and resolve, which is preventing me from installing software to the template. Am I thinking incorrectly, re: how to make modifications to my base debian-9 TemplateVM?

--
You received this message because you are subscribed to a topic in the Google Groups "qubes-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/qubes-users/KhkZNwTJdGs/unsubscribe.
To unsubscribe from this group and all its topics, send an email to qubes-users...@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/897d3f1f514c8f0ecc8edf8a2508f5dd.squirrel%40tt3j2x4k5ycaa5zt.onion.
For more options, visit https://groups.google.com/d/optout.

[Chuck Cage]

Ok, I think I understand after a little more reading. apt-get works. I need to move some other files, and I now realize that I need to use an AppVM to do that. Thanks for your reply and for helping someone who's trying like hell to RTFM. :)

[Unman]

Welcome to Qubes.

By default templates are limited in what they can do.
In particular, they are restricted to accessing the updates proxy that
is running in an upstream netvm.
This means that you can use tools like apt/dpkg etc but not
wget/curl/firefox etc. DNS wont work either.
You can read about this here:
https://www.qubes-os.org/doc/software-update-vm/

You should only allow networking to a template if it's essential - it
rarely is. This is because of a template is compromised then all qubes
that use it will be compromised. Don't take that risk.

[awokd]

On Thu, March 1, 2018 6:48 pm, Chuck Cage wrote:
> Ok, I think I understand after a little more reading. apt-get works. I
> need to move some other files, and I now realize that I need to use an
> AppVM to
> do that. Thanks for your reply and for helping someone who's trying like
> hell to RTFM. :)

No trouble! Once you get the concepts down (and it sounds like you are),
you should get the hang of it pretty quickly. Even if Qubes provided no
security benefits (but it provides a lot), I'd still use it as my primary
desktop simply for the flexibility it provides.

[Chuck Cage]

Indeed. I'm stumbling through configuring and testing everything on an older laptop before making the leap to my current setup. Very excited both about security and general usability. This really looks like the way forward.

[Qubed One]

chuc...@gmail.com:

> Hi, all. I apologize in advance that I'm totally new to Qubes and somewhat new to the Linux environment in general.

You do not need to apologize! No one is born knowing all these things.
You just simply need to have a willingness to learn, that's it. Don't
hesitate to continue asking questions as needed, and to echo Unman, welcome!