Skip to content
Permalink
Browse files

improved Qubes settings checks; show a warning if NetVM is set to none

  • Loading branch information...
adrelanos committed Dec 12, 2015
1 parent f9f4f87 commit a5407b75a575af4aaf9a46ce396e8b48a505af19
Showing with 41 additions and 16 deletions.
  1. +41 −16 usr/lib/whonixcheck/check_qubes
@@ -4,44 +4,48 @@
## Copyright (C) 2012 - 2014 Patrick Schleizer <adrelanos@riseup.net>
## See the file COPYING for copying conditions.

check_qubes_settings() {
if [ ! "$qubes_detected" = "true" ]; then
local MSG="<p>Qubes Settings Test Result: Skipped, because Qubes not detected.</p>"
if [ "$verbose" -ge "1" ]; then
$output_x ${output_opts[@]} --messagex --typex "info" --message "$MSG"
$output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"
fi
return 0
fi
check_qubes_network_interface() {
local qubesdb_read_qubes_ip_exit_code
qubesdb_read_qubes_ip_exit_code="0"
qubes_ip="$(qubesdb-read /qubes-ip 2>&1)" || { qubesdb_read_qubes_ip_exit_code="$?" ; true; };

if [ "$GATEWAY_IP" = "qubesdb_read_failed" ]; then
if [ "$GATEWAY_IP" = "qubesdb_read_failed" ] || [ ! "$qubesdb_read_qubes_ip_exit_code" = "0" ] ; then
local netvm_to_what
if [ "$vm_lower_case_short" = "gateway" ]; then
netvm_to_what="<code>sys-firewall</code>"
else
netvm_to_what="<code>sys-whonix</code>"
fi
local if_you_know_what_you_are_doing_msg
if_you_know_what_you_are_doing_msg="$(if_you_know_what_you_are_doing_funct "$FUNCNAME")"
local MSG="\
<p>Qubes Settings Test Result: Networking will probably not work. Is the netvm of this VM set to <code>none</code>?
<br></br>Usually you want to set the netvm of this VM to $netvm_to_what.
<blockquote>dom0 -> Qubes VM Manager -> right click '<code>$qubes_name_of_vm</code>' -> VM Settings -> NetVM</blockquote>
<blockquote>1. Shutdown this VM.
<br></br>2. dom0 -> Qubes VM Manager -> right click '<code>$qubes_name_of_vm</code>' -> VM Settings -> NetVM
<br></br>3. Restart this VM.</blockquote>
Also refer to the installation instructions of Qubes-Whonix.
<br></br>(Debugging information:)
<br></br>(GATEWAY_IP could not be read.)
<br></br>(command failed: <code>qubesdb-read /qubes-gateway</code>)
<br></br>(GATEWAY_IP: <code>$GATEWAY_IP</code>)
<br></br>(qubes_vm_type: <code>$qubes_vm_type</code>)\
</p>"
<br></br>(qubes_ip: <code>$qubes_ip</code>)
<br></br>(qubes_vm_type: <code>$qubes_vm_type</code>)
<br></br>
<br></br>$if_you_know_what_you_are_doing_msg</p>"
$output_x ${output_opts[@]} --messagex --typex "warning" --message "$MSG"
$output_cli ${output_opts[@]} --messagecli --typecli "warning" --message "$MSG"
EXIT_CODE="1"
cleanup "1"
return 0
else
local MSG="<p>Qubes Settings Test Result: Ok. (GATEWAY_IP: <code>$GATEWAY_IP</code>)</p>"
if [ "$verbose" -ge "1" ]; then
$output_x ${output_opts[@]} --messagex --typex "info" --message "$MSG"
$output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"
fi
fi
}

check_qubes_vm_type() {
if [ "$vm_lower_case_short" = "gateway" ]; then
if [ "$qubes_vm_type" = "NetVM" ] || [ "$qubes_vm_type" = "ProxyVM" ] || [ "$qubes_vm_type" = "TemplateVM" ] ; then
local MSG="<p>Qubes Settings Test Result: Ok, qubes_vm_type is <code>$qubes_vm_type</code>.</p>"
@@ -50,16 +54,37 @@ Also refer to the installation instructions of Qubes-Whonix.
$output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"
fi
else
local if_you_know_what_you_are_doing_msg
if_you_know_what_you_are_doing_msg="$(if_you_know_what_you_are_doing_funct "$FUNCNAME")"
local MSG="\
<p>Qubes Settings Test Result: Qubes-Whonix-Gateway Qubes VM Type is <code>$qubes_vm_type</code>, but NetVM or ProxyVM is expected.
<br></br>You most likely want to re-create this VM. Make sure to choose ProxyVM.
<br></br>Also refer to the installation instructions of Qubes-Whonix.</p>"
<br></br>Also refer to the installation instructions of Qubes-Whonix.</p>
<br></br>
<br></br>$if_you_know_what_you_are_doing_msg</p>"
$output_x ${output_opts[@]} --messagex --typex "warning" --message "$MSG"
$output_cli ${output_opts[@]} --messagecli --typecli "warning" --message "$MSG"
EXIT_CODE="1"
cleanup "1"
return 0
fi
fi
}

check_qubes_settings() {
if [ ! "$qubes_detected" = "true" ]; then
local MSG="<p>Qubes Settings Test Result: Skipped, because Qubes not detected.</p>"
if [ "$verbose" -ge "1" ]; then
$output_x ${output_opts[@]} --messagex --typex "info" --message "$MSG"
$output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"
fi
return 0
fi

whonixcheck_run_function check_qubes_network_interface
whonixcheck_run_function check_qubes_vm_type
}

check_qubes_update_proxy_reachability() {
local MSG="<p>Qubes Update Proxy Reachability Test: Trying to reach Qubes update proxy... PROXY_SERVER: $PROXY_SERVER</p>"
$output_cli ${output_opts[@]} --messagecli --typecli "info" --message "$MSG"

0 comments on commit a5407b7

Please sign in to comment.
You can’t perform that action at this time.