/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

qubes-firewall should output errors to X #3880

Open
3hhh opened this Issue May 5, 2018 · 1 comment

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 4.0 updates
3 participants
@3hhh @tasket @andrewdavidwong
@3hhh

3hhh commented May 5, 2018

Qubes OS version:

4.0

Affected component(s):

qubes-firewall

Steps to reproduce the behavior:

E.g.

  1. Allow access for an AppVM to a non-existent domain [a] and an existent domain [b] via qubes-firewall.

  2. Try to access [b] from the AppVM.

Expected behavior:

You cannot access [b] because the firewall rules are in an invalid state.

An error (e.g. notification) is presented to the user explaining that the rule for [a] is causing issues.

Actual behavior:

You cannot access [b] because the firewall rules are in an invalid state.

No error is shown. There might be something in the log in the respective firewall VM.

General notes:

In 3.2. FW errors were shown via notify-send. This was apparently dropped for 4.0.

It can become rather annoying when you have > 20 domains in the firewall rules for a VM and need to go through all of them to find out which one is not used anymore.

Related issues:

none that I'm aware of

@andrewdavidwong andrewdavidwong added bug C: core UX labels May 5, 2018

@andrewdavidwong andrewdavidwong added this to the Release 4.0 updates milestone May 5, 2018

@tasket

This comment has been minimized.

Show comment
Hide comment
@tasket

tasket Jun 8, 2018

I would consider extending the solution for this into a general facility for reporting failures of critical qubes guest services, including qubes-gui-agent. This would mean it has to work even if the guest GUI isn't working (it would use only dom0 GUI).

tasket commented Jun 8, 2018

I would consider extending the solution for this into a general facility for reporting failures of critical qubes guest services, including qubes-gui-agent. This would mean it has to work even if the guest GUI isn't working (it would use only dom0 GUI).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment