Skip to content

Instantly share code, notes, and snippets.

@eloquence

eloquence/make all output 1

Created December 17, 2019 06:13
Show Gist options
  • Save eloquence/38eaadfe38c17a590aa5912c74bc10b0 to your computer and use it in GitHub Desktop.
Save eloquence/38eaadfe38c17a590aa5912c74bc10b0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
make all output 1
$ make all
Deploying Salt config...
local:
----------
sd-workstation.top:
----------
status:
enabled
./scripts/provision-all
Configure Fedora-based system VMs
local:
----------
ID: dom0-install-fedora-template
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 21:25:27.284009
Duration: 944.536 ms
Changes:
----------
ID: set-fedora-default-template-version
Function: cmd.run
Name: qubes-prefs default_template fedora-30
Result: True
Comment: Command "qubes-prefs default_template fedora-30" run
Started: 21:25:28.230236
Duration: 189.439 ms
Changes:
----------
pid:
15762
retcode:
0
stderr:
stdout:
Summary for local
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.134 s
sys-firewall:
----------
ID: sys-firewall-rpm-test-key
Function: file.managed
Name: /rw/config/RPM-GPG-KEY-securedrop-workstation-test
Result: True
Comment: File /rw/config/RPM-GPG-KEY-securedrop-workstation-test updated
Started: 21:25:54.903819
Duration: 111.509 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: sys-firewall-rpm-test-key-script
Function: file.managed
Name: /rw/config/sd-copy-rpm-repo-pubkey.sh
Result: True
Comment: File /rw/config/sd-copy-rpm-repo-pubkey.sh updated
Started: 21:25:55.015457
Duration: 3.17 ms
Changes:
----------
diff:
New file
mode:
0755
----------
ID: sys-firewall-rpm-test-key-rclocal
Function: file.append
Name: /rw/config/rc.local
Result: True
Comment: Appended 1 lines
Started: 21:25:55.018750
Duration: 2.194 ms
Changes:
----------
diff:
---
+++
@@ -12,3 +12,4 @@
+/rw/config/sd-copy-rpm-repo-pubkey.sh
----------
ID: sys-firewall-rpm-test-key-import
Function: cmd.run
Name: /rw/config/sd-copy-rpm-repo-pubkey.sh
Result: True
Comment: Command "/rw/config/sd-copy-rpm-repo-pubkey.sh" run
Started: 21:25:55.024785
Duration: 17.952 ms
Changes:
----------
pid:
2210
retcode:
0
stderr:
stdout:
Summary for sys-firewall
------------
Succeeded: 4 (changed=4)
Failed: 0
------------
Total states run: 4
Total run time: 134.825 ms
Set up dom0 config files, including RPC policies, and create VMs
[ERROR ] Recursive requisite found
local:
----------
ID: template-whonix-ws-15
Function: pkg.installed
Name: qubes-template-whonix-ws-15
Result: True
Comment: Package qubes-template-whonix-ws-15 is already installed
Started: 21:26:04.124231
Duration: 944.218 ms
Changes:
----------
ID: whonix-ws-tag
Function: qvm.vm
Name: whonix-ws-15
Result: True
Comment: ====== ['features'] ======
[SKIP] Feature already in desired state: ENABLE 'whonix-ws' = Enabled
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-workstation-updates,whonix-updatevm
Started: 21:26:05.073506
Duration: 137.783 ms
Changes:
----------
ID: whonix-ws-update-policy
Function: file.prepend
Name: /etc/qubes-rpc/policy/qubes.UpdatesProxy
Result: True
Comment: File /etc/qubes-rpc/policy/qubes.UpdatesProxy is in correct state
Started: 21:26:05.213348
Duration: 3.573 ms
Changes:
----------
ID: whonix-get-date-policy
Function: file.prepend
Name: /etc/qubes-rpc/policy/qubes.GetDate
Result: True
Comment: File /etc/qubes-rpc/policy/qubes.GetDate is in correct state
Started: 21:26:05.217020
Duration: 1.357 ms
Changes:
----------
ID: template-whonix-gw-15
Function: pkg.installed
Name: qubes-template-whonix-gw-15
Result: True
Comment: Package qubes-template-whonix-gw-15 is already installed
Started: 21:26:05.218481
Duration: 0.368 ms
Changes:
----------
ID: whonix-gw-tag
Function: qvm.vm
Name: whonix-gw-15
Result: True
Comment: ====== ['features'] ======
[SKIP] Feature already in desired state: ENABLE 'whonix-gw' = Enabled
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-workstation-updates,whonix-updatevm
Started: 21:26:05.218948
Duration: 137.735 ms
Changes:
----------
ID: whonix-gw-update-policy
Function: file.prepend
Name: /etc/qubes-rpc/policy/qubes.UpdatesProxy
Result: True
Comment: File /etc/qubes-rpc/policy/qubes.UpdatesProxy is in correct state
Started: 21:26:05.356815
Duration: 1.995 ms
Changes:
----------
ID: sys-net
Function: qvm.exists
Result: True
Comment: /usr/bin/qvm-check sys-net None
Started: 21:26:05.358921
Duration: 207.572 ms
Changes:
----------
ID: sys-firewall
Function: qvm.exists
Result: True
Comment: /usr/bin/qvm-check sys-firewall None
Started: 21:26:05.566892
Duration: 199.527 ms
Changes:
----------
ID: sys-whonix
Function: qvm.exists
Result: True
Comment: /usr/bin/qvm-check sys-whonix None
Started: 21:26:05.766810
Duration: 196.217 ms
Changes:
----------
ID: anon-whonix
Function: qvm.vm
Result: False
Comment: Recursive requisite found
Changes:
----------
ID: sys-whonix-template-config
Function: qvm.vm
Name: sys-whonix
Result: False
Comment: One or more requisite failed: qvm.anon-whonix.anon-whonix
Changes:
----------
ID: whonix-ws-15-dvm
Function: qvm.vm
Result: False
Comment: One or more requisite failed: sd-sys-whonix-vms.sys-whonix-template-config
Changes:
----------
ID: qvm-appmenus --update whonix-ws-15-dvm
Function: cmd.run
Result: False
Comment: One or more requisite failed: qvm.whonix-ws-dvm.whonix-ws-15-dvm
Changes:
----------
ID: dom0-rpm-test-key
Function: file.managed
Name: /etc/pki/rpm-gpg/RPM-GPG-KEY-securedrop-workstation-test
Result: True
Comment: File /etc/pki/rpm-gpg/RPM-GPG-KEY-securedrop-workstation-test updated
Started: 21:26:05.971577
Duration: 20.218 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: dom0-rpm-test-key-import
Function: cmd.run
Name: sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-securedrop-workstation-test
Result: True
Comment: Command "sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-securedrop-workstation-test" run
Started: 21:26:05.992415
Duration: 59.453 ms
Changes:
----------
pid:
16690
retcode:
0
stderr:
stdout:
----------
ID: dom0-workstation-rpm-repo
Function: file.managed
Name: /etc/yum.repos.d/securedrop-workstation-dom0.repo
Result: True
Comment: File /etc/yum.repos.d/securedrop-workstation-dom0.repo updated
Started: 21:26:06.053172
Duration: 6.255 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: dom0-remove-securedrop-workstation-stretch-template
Function: pkg.removed
Result: True
Comment: All specified packages are already absent
Started: 21:26:06.060236
Duration: 0.623 ms
Changes:
----------
ID: dom0-install-securedrop-workstation-template
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 21:26:06.061768
Duration: 0.453 ms
Changes:
----------
ID: dom0-update-securedrop-script
Function: file.managed
Name: /usr/bin/securedrop-update
Result: True
Comment: File /usr/bin/securedrop-update updated
Started: 21:26:06.062318
Duration: 3.171 ms
Changes:
----------
diff:
New file
mode:
0755
----------
ID: dom0-update-securedrop-script-cron
Function: file.symlink
Name: /etc/cron.daily/securedrop-update-cron
Result: True
Comment: Created new symlink /etc/cron.daily/securedrop-update-cron -> /usr/bin/securedrop-update
Started: 21:26:06.065583
Duration: 1.58 ms
Changes:
----------
new:
/etc/cron.daily/securedrop-update-cron
----------
ID: dom0-securedrop-icons-directory
Function: file.directory
Name: /usr/share/securedrop/icons
Result: True
Comment: Directory /usr/share/securedrop/icons updated
Started: 21:26:06.067272
Duration: 0.996 ms
Changes:
----------
/usr/share/securedrop/icons:
New Dir
----------
ID: dom0-securedrop-icon
Function: file.managed
Name: /usr/share/securedrop/icons/sd-logo.png
Result: True
Comment: File /usr/share/securedrop/icons/sd-logo.png updated
Started: 21:26:06.068840
Duration: 2.889 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: dom0-enabled-apparmor-on-whonix-gw-template
Function: qvm.vm
Name: whonix-gw-15
Result: False
Comment: One or more requisite failed: qvm.anon-whonix.anon-whonix
Changes:
----------
ID: dom0-enabled-apparmor-on-whonix-ws-template
Function: qvm.vm
Name: whonix-ws-15
Result: False
Comment: One or more requisite failed: qvm.anon-whonix.anon-whonix
Changes:
----------
ID: dom0-create-opt-securedrop-directory
Function: file.directory
Name: /opt/securedrop
Result: True
Comment: Directory /opt/securedrop updated
Started: 21:26:06.072295
Duration: 0.605 ms
Changes:
----------
/opt/securedrop:
New Dir
----------
ID: dom0-login-autostart-directory
Function: file.directory
Name: /home/erik/.config/autostart
Result: True
Comment: Directory /home/erik/.config/autostart is in the correct state
Directory /home/erik/.config/autostart updated
Started: 21:26:06.073001
Duration: 0.759 ms
Changes:
----------
ID: dom0-login-autostart-desktop-file
Function: file.managed
Name: /home/erik/.config/autostart/SDWLogin.desktop
Result: True
Comment: File /home/erik/.config/autostart/SDWLogin.desktop updated
Started: 21:26:06.074348
Duration: 5.877 ms
Changes:
----------
diff:
New file
group:
erik
mode:
0664
user:
erik
----------
ID: dom0-login-autostart-script
Function: file.managed
Name: /usr/bin/securedrop-login
Result: True
Comment: File /usr/bin/securedrop-login updated
Started: 21:26:06.080354
Duration: 2.604 ms
Changes:
----------
diff:
New file
mode:
0755
----------
ID: dom0-tag-whonix-ws-15
Function: qvm.vm
Name: whonix-ws-15
Result: True
Comment: ====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-workstation-updates,whonix-updatevm
Started: 21:26:06.083064
Duration: 108.437 ms
Changes:
----------
ID: dom0-tag-whonix-gw-15
Function: qvm.vm
Name: whonix-gw-15
Result: True
Comment: ====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-workstation-updates,whonix-updatevm
Started: 21:26:06.191615
Duration: 107.223 ms
Changes:
----------
ID: sd-workstation-template
Function: qvm.vm
Name: securedrop-workstation-buster
Result: True
Comment: ====== ['prefs'] ======
[SKIP] virt_mode : hvm
[SKIP] kernel :
====== ['features'] ======
[SKIP] Feature already in desired state: ENABLE 'service.paxctld' = Enabled
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-buster,sd-workstation,sd-workstation-updates
Started: 21:26:06.299541
Duration: 425.776 ms
Changes:
----------
ID: run-prep-upgrade-scripts
Function: cmd.script
Name: salt://securedrop-handle-upgrade
Result: True
Comment: Command 'salt://securedrop-handle-upgrade' run
Started: 21:26:06.725472
Duration: 8158.268 ms
Changes:
----------
pid:
16692
retcode:
0
stderr:
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-svs'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-svs-disp'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-export-usb'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-proxy'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-whonix'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-gpg'
stdout:
----------
ID: sd-gpg
Function: qvm.vm
Result: True
Comment: ====== ['present'] ======
/usr/bin/qvm-create sd-gpg --class=AppVM --template=securedrop-workstation-buster --label=purple
====== ['prefs'] ======
[SKIP] template : securedrop-workstation-buster
====== ['tags'] ======
Started: 21:26:14.884745
Duration: 2267.74 ms
Changes:
----------
qvm.prefs:
----------
qvm.create:
----------
autostart:
----------
new:
True
old:
*default*
netvm:
----------
new:
None
old:
*default*
qvm.tags:
----------
qvm.tags:
----------
new:
- created-by-dom0
- sd-workstation
old:
- created-by-dom0
----------
ID: sd-export-template
Function: qvm.vm
Name: sd-export-buster-template
Result: True
Comment: ====== ['clone'] ======
/usr/bin/qvm-check sd-export-buster-template
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-buster,sd-workstation,sd-workstation-updates
Started: 21:26:17.153339
Duration: 6708.875 ms
Changes:
----------
ID: sd-export-usb-dvm
Function: qvm.vm
Result: True
Comment: ====== ['present'] ======
/usr/bin/qvm-create sd-export-usb-dvm --class=AppVM --template=sd-export-buster-template --label=red
====== ['prefs'] ======
[SKIP] template : sd-export-buster-template
====== ['features'] ======
====== ['tags'] ======
Started: 21:26:23.863275
Duration: 2321.908 ms
Changes:
----------
qvm.features:
----------
qvm.features:
----------
service.paxctld:
----------
new:
1
old:
None
qvm.prefs:
----------
qvm.create:
----------
netvm:
----------
new:
None
old:
*default*
template_for_dispvms:
----------
new:
True
old:
*default*
qvm.tags:
----------
qvm.tags:
----------
new:
- created-by-dom0
- sd-buster
- sd-workstation
old:
- created-by-dom0
----------
ID: sd-export-template-sync-appmenus
Function: cmd.run
Name: qvm-start --skip-if-running sd-export-buster-template && qvm-sync-appmenus sd-export-buster-template
Result: True
Comment: State was not run because none of the onchanges reqs changed
Changes:
----------
ID: sd-export-create-named-dispvm
Function: qvm.vm
Name: sd-export-usb
Result: True
Comment: ====== ['present'] ======
/usr/bin/qvm-create sd-export-usb --class=DispVM --template=sd-export-usb-dvm --label=red
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-buster,sd-workstation
Started: 21:26:26.187113
Duration: 2215.386 ms
Changes:
----------
ID: sd-whonix
Function: qvm.vm
Result: False
Comment: One or more requisite failed: qvm.anon-whonix.anon-whonix
Changes:
----------
ID: sd-proxy-template
Function: qvm.vm
Name: sd-proxy-buster-template
Result: True
Comment: ====== ['clone'] ======
/usr/bin/qvm-check sd-proxy-buster-template
====== ['tags'] ======
Started: 21:26:28.403528
Duration: 6675.992 ms
Changes:
----------
qvm.tags:
----------
qvm.tags:
----------
new:
- created-by-dom0
- sd-buster
- sd-workstation
- sd-workstation-updates
- whonix-updatevm
old:
- created-by-dom0
- sd-workstation-updates
- whonix-updatevm
----------
ID: sd-proxy
Function: qvm.vm
Result: False
Comment: One or more requisite failed: sd-whonix.sd-whonix
Changes:
----------
ID: sd-proxy-dom0-securedrop.Proxy
Function: file.prepend
Name: /etc/qubes-rpc/policy/securedrop.Proxy
Result: True
Comment: File /etc/qubes-rpc/policy/securedrop.Proxy is in correct state
Started: 21:26:35.081180
Duration: 3.005 ms
Changes:
----------
ID: anon-whonix-template-config
Function: qvm.vm
Name: anon-whonix
Result: False
Comment: One or more requisite failed: qvm.anon-whonix.anon-whonix
Changes:
----------
ID: run-remove-upgrade-scripts
Function: cmd.script
Name: salt://securedrop-handle-upgrade
Result: True
Comment: Command 'salt://securedrop-handle-upgrade' run
Started: 21:26:35.084568
Duration: 341.837 ms
Changes:
----------
pid:
19354
retcode:
0
stderr:
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-svs-template'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-svs-disp-template'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-export-template'
usage: qvm-check [--verbose] [--quiet] [--help] [--all] [--exclude EXCLUDE]
[--running] [--paused] [--template] [--networked]
[VMNAME [VMNAME ...]]
qvm-check: error: no such domain: 'sd-proxy-template'
stdout:
----------
ID: sd-svs-disp-template
Function: qvm.vm
Name: sd-svs-disp-buster-template
Result: True
Comment: ====== ['clone'] ======
/usr/bin/qvm-check sd-svs-disp-buster-template
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-buster,sd-workstation,sd-workstation-updates
Started: 21:26:35.427482
Duration: 7030.895 ms
Changes:
----------
ID: sd-svs-disp
Function: qvm.vm
Result: True
Comment: ====== ['present'] ======
/usr/bin/qvm-create sd-svs-disp --class=AppVM --template=sd-svs-disp-buster-template --label=green
====== ['prefs'] ======
[SKIP] template : sd-svs-disp-buster-template
====== ['features'] ======
====== ['tags'] ======
Started: 21:26:42.459419
Duration: 2487.978 ms
Changes:
----------
qvm.features:
----------
qvm.features:
----------
service.paxctld:
----------
new:
1
old:
None
qvm.prefs:
----------
qvm.create:
----------
netvm:
----------
new:
None
old:
*default*
template_for_dispvms:
----------
new:
True
old:
*default*
qvm.tags:
----------
qvm.tags:
----------
new:
- created-by-dom0
- sd-buster
- sd-svs-disp-vm
- sd-workstation
old:
- created-by-dom0
----------
ID: sd-svs-disp-default-dispvm
Function: cmd.run
Name: qubes-prefs default_dispvm sd-svs-disp
Result: True
Comment: Command "qubes-prefs default_dispvm sd-svs-disp" run
Started: 21:26:44.948354
Duration: 179.857 ms
Changes:
----------
pid:
20341
retcode:
0
stderr:
stdout:
----------
ID: dom0-rpc-qubes.ClipboardPaste
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.ClipboardPaste
Result: True
Comment: Changes were made
Started: 21:26:45.128676
Duration: 3.831 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
##
----------
ID: dom0-rpc-qubes.FeaturesRequest
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.FeaturesRequest
Result: True
Comment: Changes were made
Started: 21:26:45.132621
Duration: 1.889 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
----------
ID: dom0-rpc-qubes.Filecopy
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.Filecopy
Result: True
Comment: Changes were made
Started: 21:26:45.134627
Duration: 1.873 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+sd-proxy $tag:sd-client allow
$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
disp-mgmt-securedrop-workstatio securedrop-workstation-buster allow,user=root
dev sd-export-usb allow
disp-mgmt-securedrop-workstatio securedrop-workstation allow,user=root
----------
ID: dom0-rpc-qubes.OpenInVM
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.OpenInVM
Result: True
Comment: Changes were made
Started: 21:26:45.136616
Duration: 1.866 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$tag:sd-client $dispvm:sd-svs-disp allow
$tag:sd-client sd-export-usb allow
$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
$tag:sd-svs-disp-vm sd-svs allow
$tag:sd-svs-disp-vm sd-svs allow
$tag:sd-svs-disp-vm sd-svs allow
----------
ID: dom0-rpc-qubes.OpenURL
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.OpenURL
Result: True
Comment: Changes were made
Started: 21:26:45.138586
Duration: 1.808 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
----------
ID: dom0-rpc-qubes.PdfConvert
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.PdfConvert
Result: True
Comment: Changes were made
Started: 21:26:45.140492
Duration: 1.776 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
----------
ID: dom0-rpc-qubes.StartApp
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.StartApp
Result: True
Comment: Changes were made
Started: 21:26:45.142383
Duration: 1.775 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
----------
ID: dom0-rpc-qubes.USB
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.USB
Result: True
Comment: Changes were made
Started: 21:26:45.144254
Duration: 1.827 ms
Changes:
----------
diff:
---
+++
@@ -1 +1,4 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
$anyvm $anyvm deny
----------
ID: dom0-rpc-qubes.VMRootShell
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.VMRootShell
Result: True
Comment: Changes were made
Started: 21:26:45.146180
Duration: 1.863 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
disp-mgmt-securedrop-workstatio securedrop-workstation-buster allow,user=root
disp-mgmt-securedrop-workstatio securedrop-workstation allow,user=root
disp-mgmt-securedrop-workstatio securedrop-workstation allow,user=root
----------
ID: dom0-rpc-qubes.VMshell
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.VMShell
Result: True
Comment: Changes were made
Started: 21:26:45.148140
Duration: 1.86 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,6 @@
+### BEGIN securedrop-workstation ###
+$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
disp-mgmt-securedrop-workstatio securedrop-workstation-buster allow,user=root
disp-mgmt-securedrop-workstatio securedrop-workstation allow,user=root
disp-mgmt-securedrop-workstatio securedrop-workstation allow,user=root
----------
ID: dom0-rpc-qubes.Gpg
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.Gpg
Result: True
Comment: Changes were made
Started: 21:26:45.150092
Duration: 1.717 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,5 @@
+### BEGIN securedrop-workstation ###
+$tag:sd-client sd-gpg allow
$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
$tag:sd-decrypt-vm sd-gpg allow
$anyvm $anyvm ask
----------
ID: dom0-rpc-qubes.GpgImportKey
Function: file.blockreplace
Name: /etc/qubes-rpc/policy/qubes.GpgImportKey
Result: True
Comment: Changes were made
Started: 21:26:45.151929
Duration: 1.879 ms
Changes:
----------
diff:
---
+++
@@ -1 +1,4 @@
+### BEGIN securedrop-workstation ###
+$tag:sd-client sd-gpg allow
$anyvm $tag:sd-workstation deny
+### END securedrop-workstation ###
$anyvm $anyvm ask
----------
ID: dom0-install-fedora-template
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 21:26:45.153936
Duration: 0.647 ms
Changes:
----------
ID: set-fedora-default-template-version
Function: cmd.run
Name: qubes-prefs default_template fedora-30
Result: True
Comment: Command "qubes-prefs default_template fedora-30" run
Started: 21:26:45.155773
Duration: 180.244 ms
Changes:
----------
pid:
20342
retcode:
0
stderr:
stdout:
----------
ID: topd-always-passes
Function: test.succeed_without_changes
Name: foo
Result: True
Comment: Success!
Started: 21:26:45.339851
Duration: 0.694 ms
Changes:
----------
ID: sd-svs-template
Function: qvm.vm
Name: sd-svs-buster-template
Result: True
Comment: ====== ['clone'] ======
/usr/bin/qvm-check sd-svs-buster-template
====== ['tags'] ======
[SKIP] All requested tags already set: created-by-dom0,sd-buster,sd-workstation,sd-workstation-updates
Started: 21:26:45.341405
Duration: 7862.764 ms
Changes:
----------
ID: sd-svs
Function: qvm.vm
Result: True
Comment: ====== ['present'] ======
/usr/bin/qvm-create sd-svs --class=AppVM --label=yellow
====== ['prefs'] ======
====== ['features'] ======
====== ['tags'] ======
Started: 21:26:53.205342
Duration: 3301.037 ms
Changes:
----------
qvm.features:
----------
qvm.features:
----------
service.paxctld:
----------
new:
1
old:
None
qvm.prefs:
----------
qvm.create:
----------
netvm:
----------
new:
None
old:
*default*
template:
----------
new:
sd-svs-buster-template
old:
fedora-30
qvm.tags:
----------
qvm.tags:
----------
new:
- created-by-dom0
- sd-client
- sd-workstation
old:
- created-by-dom0
----------
ID: sd-svs-template-sync-appmenus
Function: cmd.run
Name: qvm-start --skip-if-running sd-svs-buster-template && qvm-sync-appmenus sd-svs-buster-template
Result: True
Comment: State was not run because none of the onchanges reqs changed
Changes:
Summary for local
-------------
Succeeded: 56 (changed=31)
Failed: 9
-------------
Total states run: 65
Total run time: 52.338 s
DOM0 configuration failed, not continuing
Makefile:11: recipe for target 'all' failed
make: *** [all] Error 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment