```
+
To permanently enable a repo, set the line `enabled = 1` in the repo definition in `/etc/qubes/repo-templates`.
To permanently disable, set the line to `enabled = 0`.
diff --git a/user/templates/windows/migrate-to-4-1.md b/user/templates/windows/migrate-to-4-1.md
index d80f65d55..bfa9a3f5b 100644
--- a/user/templates/windows/migrate-to-4-1.md
+++ b/user/templates/windows/migrate-to-4-1.md
@@ -33,6 +33,7 @@ While this is somewhat straightforward, things get difficult if QWT 4.0.1.3 was
## Preparation for Windows 10 and 11
If there is a drive `D:` from this earlier installation of Qubes Windows Tools, it will probably contain incomplete private data; especially the folder `AppData` containing program configuration data will be missing. In this situation, it may be better to perform a new Windows installation, because repair may be difficult and trouble-prone.
+
- First, be sure that the automatic repair function is disabled. In a command window, execute `bcdedit /set recoveryenabled NO`, and check that this worked by issuing the command `bcdedit`, without parameters, again.
- Now, uninstall QWT 4.0.1.3, using the Apps and Features function of Windows. This will most likely result in a crash.
- Restart Windows again, possibly two or three times, until repair options are offered. By hitting the F8 key, select the restart menu, and there select a start in safe mode (in German, it's option number 4).
@@ -51,4 +52,7 @@ The PV disk drivers used for migration can be removed after successful installat
After successful uninstallation of the PV disk drivers, the disks will appear as QEMU ATA disks.
-:warning: **Caution:** This change may lead Windows to declare that the hardware has changed and that in consequence, the activation is no longer valid, possibly complaining that the use of the software is no longer lawful. It should be possible to reactivate the software if a valid product key is provided.
+
+
+ **Caution:** This change may lead Windows to declare that the hardware has changed and that in consequence, the activation is no longer valid, possibly complaining that the use of the software is no longer lawful. It should be possible to reactivate the software if a valid product key is provided.
+
diff --git a/user/templates/windows/qubes-windows-tools-4-0.md b/user/templates/windows/qubes-windows-tools-4-0.md
index 830020c74..84470d0d3 100644
--- a/user/templates/windows/qubes-windows-tools-4-0.md
+++ b/user/templates/windows/qubes-windows-tools-4-0.md
@@ -32,16 +32,16 @@ Below is a breakdown of the feature availability depending on the windows versio
| Feature | Windows 7 x64 | Windows 10 x64 |
| ------------------------------------ | :------------: | :------------: |
-| Qubes Video Driver | + | - |
-| Qubes Network Setup | + | + |
-| Private Volume Setup (move profiles) | + | + |
-| File sender/receiver | + | + |
-| Clipboard Copy/Paste | + | + |
-| Application shortcuts | + | + |
-| Copy/Edit in Disposable VM | + | + |
-| Block device | + | + |
-| USB device | + | + |
-| Audio | - | - |
+| Qubes Video Driver | y | n |
+| Qubes Network Setup | y | y |
+| Private Volume Setup (move profiles) | y | y |
+| File sender/receiver | y | y |
+| Clipboard Copy/Paste | y | y |
+| Application shortcuts | y | y |
+| Copy/Edit in Disposable VM | y | y |
+| Block device | y | y |
+| USB device | y | y |
+| Audio | n | n |
Qubes Windows Tools are open source and are distributed under a GPL license.
@@ -79,9 +79,9 @@ This will allow you to install the Qubes Windows Tools on Windows 10 both as a S
certutil -hashfile C:\qubes-tools-4.0.1.3.exe SHA256
- And compare it the value to `148A2A993F0C746B48FA6C5C9A5D1B504E09A7CFBA3FB931A4DCF86FDA4EC9B1` (**it has to exactly match for security reasons**). If it matches, feel free to continue the installation. If not, repeat the download to make sure it was not corrupted due to a network problem. If keeps on not matching it might be an attacker attempting to do something nasty to your system -- Ask for support.
+ - And compare it the value to `148A2A993F0C746B48FA6C5C9A5D1B504E09A7CFBA3FB931A4DCF86FDA4EC9B1` (**it has to exactly match for security reasons**). If it matches, feel free to continue the installation. If not, repeat the download to make sure it was not corrupted due to a network problem. If keeps on not matching it might be an attacker attempting to do something nasty to your system -- Ask for support.
- **Note**: This is a workaround for installing the qubes windows tools on windows 10 since the standard way is broken.
+ - **Note**: This is a workaround for installing the qubes windows tools on windows 10 since the standard way is broken.
7. Install Qubes Windows Tools 4.0.1.3 by starting `qubes-tools-4.0.1.3.exe`, not selecting the `Xen PV disk drivers` and the `Move user profiles` (which would probably lead to problems in Windows, anyhow). If during installation, the Xen driver requests a reboot, select "No" and let the installation continue - the system will be rebooted later.
@@ -98,7 +98,9 @@ This will allow you to install the Qubes Windows Tools on Windows 10 both as a S
12. Lastly to enable file copy operations to a Windows 10 VM the `default_user` property should be set the `` that you use to login to the Windows VM. This can be done via the following command on a `dom0` terminal: *(where `` is the name of your Windows 10 VM)*
- `qvm-prefs default_user `
+ ```
+ qvm-prefs default_user
+ ```
**Note:** If this property is not set or set to a wrong value, files copied to this VM are stored in the folder
@@ -165,6 +167,7 @@ Installing Xen's PV drivers in the VM will lower its resources usage when using
2. installing Qubes Windows Tools (QWT), which bundles Xen's PV drivers.
Notes about using Xen's VBD (storage) PV driver:
+
- **Windows 7:** installing the driver requires a fully updated VM or else you'll likely get a BSOD and a VM in a difficult to fix state. Updating Windows takes *hours* and for casual usage there isn't much of a performance between the disk PV driver and the default one; so there is likely no need to go through the lengthy Windows Update process if your VM doesn't have access to untrusted networks and if you don't use I/O intensive apps. If you plan to update your newly installed Windows VM it is recommended that you do so *before* installing Qubes Windows Tools (QWT). If QWT are installed, you should temporarily re-enable the standard VGA adapter in Windows and disable Qubes' (see the section above).
- the option to install the storage PV driver is disabled by default in Qubes Windows Tools
- in case you already had QWT installed without the storage PV driver and you then updated the VM, you may then install the driver from Xen's site (xenvbd.tar).
@@ -317,8 +320,8 @@ To override global settings for a specific component, create a new key under the
Component-specific settings currently available:
-|**Component**|**Setting**|**Type**|**Description**|**Default value**|
-|:------------|:----------|:-------|:--------------|:----------------|
+| Component | Setting | Type | Description | Default value |
+|:--------------|:------------|:-----------|:------------------------------------------------|:------------------|
|qga|DisableCursor|DWORD|Disable cursor in the VM. Useful for integration with Qubes desktop so you don't see two cursors. Can be disabled if you plan to use the VM through a remote desktop connection of some sort. Needs gui agent restart to apply change (locking OS/logoff should be enough since qga is restarted on desktop change).|1|
Troubleshooting
@@ -332,11 +335,12 @@ If the VM is inaccessible (doesn't respond to qrexec commands, gui is not functi
Safe Mode should at least give you access to logs (see above).
**Please include appropriate logs when reporting bugs/problems.** Starting from version 2.4.2 logs contain QWT version, but if you're using an earlier version be sure to mention which one. If the OS crashes (BSOD) please include the BSOD code and parameters in your bug report. The BSOD screen should be visible if you run the VM in debug mode (`qvm-start --debug vmname`). If it's not visible or the VM reboots automatically, try to start Windows in safe mode (see above) and 1) disable automatic restart on BSOD (Control Panel - System - Advanced system settings - Advanced - Startup and recovery), 2) check the system event log for BSOD events. If you can, send the `memory.dmp` dump file from `c:\Windows`.
-Xen logs (/var/log/xen/console/guest-*) are also useful as they contain pvdrivers diagnostic output.
+Xen logs (`/var/log/xen/console/guest-*`) are also useful as they contain pvdrivers diagnostic output.
If a specific component is malfunctioning, you can increase its log verbosity as explained above to get more troubleshooting information. Below is a list of components:
-||
+| Component | Description |
+|:-----------|:-----------------------------------------------------------------------------------------------------------------------|
|qrexec-agent|Responsible for most communication with Qubes (dom0 and other domains), secure clipboard, file copying, qrexec services.|
|qrexec-wrapper|Helper executable that's responsible for launching qrexec services, handling their I/O and vchan communication.|
|qrexec-client-vm|Used for communications by the qrexec protocol.|
diff --git a/user/templates/windows/qubes-windows-tools-4-1.md b/user/templates/windows/qubes-windows-tools-4-1.md
index d02f2dbf7..8bf828416 100644
--- a/user/templates/windows/qubes-windows-tools-4-1.md
+++ b/user/templates/windows/qubes-windows-tools-4-1.md
@@ -48,20 +48,21 @@ Below is a breakdown of the feature availability depending on the windows versio
| Feature | Windows 7 x64 | Windows 8.1/10/11 x64 |
| ------------------------------------ | :------------: | :-------------------: |
-| Qubes Video Driver | + | - |
-| Qubes Network Setup | + | + |
-| Private Volume Setup (move profiles) | + | + |
-| File sender/receiver | + | + |
-| Clipboard Copy/Paste | + | + |
-| Application shortcuts | + | + |
-| Copy/Edit in Disposable VM | + | + |
-| Block device | + | + |
-| USB device | + | + |
-| Audio | + | + |
+| Qubes Video Driver | y | n |
+| Qubes Network Setup | y | y |
+| Private Volume Setup (move profiles) | y | y |
+| File sender/receiver | y | y |
+| Clipboard Copy/Paste | y | y |
+| Application shortcuts | y | y |
+| Copy/Edit in Disposable VM | y | y |
+| Block device | y | y |
+| USB device | y | y |
+| Audio | y | y |
Qubes Windows Tools are open source and are distributed under a GPL license.
**Notes:**
+
- Currently only 64-bit versions of Windows 7, 8.1, 10 and 11 are supported by Qubes Windows Tools. Only emulated SVGA GPU is supported (although [there has been reports](https://groups.google.com/forum/#!topic/qubes-users/cmPRMOkxkdA) on working GPU passthrough).
- This page documents the process of installing Qubes Windows Tools in version **R4.1**.
- *In testing VMs only* it's probably a good idea to install a VNC server before installing QWT. If something goes very wrong with the Qubes gui agent, a VNC server should still allow access to the OS.
@@ -79,7 +80,7 @@ In the future this step will not be necessary anymore, because we will sign our
The Xen PV Drivers bundled with QWT are signed by a Linux Foundation certificate. Thus Windows 10 and 11 do not require this security mitigation.
-**Warning:** it is recommended to increase the default value of Windows VM's `qrexec_timeout` property from 60 (seconds) to, for example, 300. During one of the first reboots after Windows Tools installation Windows user profiles are moved onto the private VM's virtual disk (private.img) and this operation can take some time. Moving profiles and, later on, updating a Windows installation, is performed in an early boot phase when `qrexec` is not yet running, so timeout may occur with the default value. To change the property use this command in `dom0`: *(where `` is the name of your Windows VM)*
+**Warning:** it is recommended to increase the default value of Windows VM's `qrexec_timeout` property from 60 (seconds) to, for example, 300. During one of the first reboots after Windows Tools installation Windows user profiles are moved onto the private VM's virtual disk (private.img) and this operation can take some time. Moving profiles and, later on, updating a Windows installation, is performed in an early boot phase when `qrexec` is not yet running, so timeout may occur with the default value. To change the property use this command in `dom0`: *(where* `` *is the name of your Windows VM)*
[user@dom0 ~] $ qvm-prefs qrexec_timeout 7200
@@ -137,7 +138,7 @@ Installing the Qubes Windows Tools on Windows 7, 8.1, 10 and 11 both as a Standa
5. After successful installation, the Windows VM must be shut down and started again, possibly a couple of times. On each shutdown, wait until the VM is really stopped, i.e. Qubes shows no more activity.
- 6. Qubes will automatically detect that the tools have been installed in the VM and will set appropriate properties for the VM, such as `qrexec_installed`, `guiagent_installed`, and `default_user`. This can be verified (but is not required) using the `qvm-prefs` command *(where `` is the name of your Windows VM)*:
+ 6. Qubes will automatically detect that the tools have been installed in the VM and will set appropriate properties for the VM, such as `qrexec_installed`, `guiagent_installed`, and `default_user`. This can be verified (but is not required) using the `qvm-prefs` command *(where* `` *is the name of your Windows VM)*:
[user@dom0 ~] $ qvm-prefs
@@ -173,7 +174,7 @@ Installing the Qubes Windows Tools on Windows 7, 8.1, 10 and 11 both as a Standa
If Windows is used in a TemplateVM / AppVM combination, this registry fix has to be applied to the TemplateVM, as the `HKLM` registry key belongs to the template-based part of the registry.
- 10. Lastly to enable file copy operations to a Windows VM, the `default_user` property of this VM should be set to the `` that you use to login to the Windows VM. This can be done via the following command on a `dom0` terminal: *(where `` is the name of your Windows VM)*
+ 10. Lastly to enable file copy operations to a Windows VM, the `default_user` property of this VM should be set to the `` that you use to login to the Windows VM. This can be done via the following command on a `dom0` terminal: *(where* `` *is the name of your Windows VM)*
`[user@dom0 ~] $ qvm-prefs default_user `
@@ -188,6 +189,7 @@ Installing the Qubes Windows Tools on Windows 7, 8.1, 10 and 11 both as a Standa
Installing Xen's PV drivers in the VM will lower its resources usage when using network and/or I/O intensive applications, but *may* come at the price of system stability (although Xen's PV drivers on a Windows VM are usually very stable). They can be installed as an optional part of Qubes Windows Tools (QWT), which bundles Xen's PV drivers.
**Notes** about using Xen's VBD (storage) PV driver:
+
- **Windows 7:** Installing the driver requires a fully updated VM or else you'll likely get a BSOD ("Blue Screen Of Death") and a VM in a difficult to fix state. Updating Windows takes *hours* and for casual usage there isn't much of a performance between the disk PV driver and the default one; so there is likely no need to go through the lengthy Windows Update process if your VM doesn't have access to untrusted networks and if you don't use I/O intensive apps or attach block devices. If you plan to update your newly installed Windows VM it is recommended that you do so *before* installing Qubes Windows Tools. Installing the driver will probably cause Windows 7 activation to become invalid, but the activation can be restored using the Microsoft telephone activation method.
- The option to install the storage PV driver is disabled by default in Qubes Windows Tools
- In case you already had QWT installed without the storage PV driver and you then updated the VM, you may then install the driver by again starting the QWT installer and selecting the change option.
@@ -267,7 +269,7 @@ Windows qubes can be used as disposables, like any other Linux-based qubes. On c
- Name the link, e.g. as `Command Prompt`.
- Close the Window with `OK`.
- Shut down this AppVM.
-- In the Qube Manager, refresh the applications of the newly created AppVM and select those applications that you want to make available from the disposable. Alternatively, in dom0 execute the command `qvm-sync-appmenus `, *where `` is the name of your windows qube*.
+- In the Qube Manager, refresh the applications of the newly created AppVM and select those applications that you want to make available from the disposable. Alternatively, in dom0 execute the command `qvm-sync-appmenus `, *where* `` *is the name of your windows qube*.
- In the Qube Manager, go to the "Advanced" tab and enable the option `Disposable template` for your Windows qube. Alternatively, in dom0 execute the commands `qvm-prefs template_for_dispvms True` and `qvm-features appmenus-dispvm 1`.
- Click `Apply`.
- Still in the Advanced tab, select your Windows qube as its own `Default disposable template`. Alternatively, in dom0 execute the command `qvm-prefs default_dispvm `.
@@ -277,7 +279,7 @@ Now you should have a menu `Disposable: ` containing the applications th
For further information on usage of disposables, see [How to use disposables](/doc/how-to-use-disposables/).
-**Caution:** *If a Windows-based disposable is used from another qube via the `Open/Edit in DisposableVM` command, this disposable may not close automatically, due to the command prompt window still running in this dispvm. In this case, the disposable has to be shut down manually.*
+**Caution:** *If a Windows-based disposable is used from another qube via the* `Open/Edit in DisposableVM` *command, this disposable may not close automatically, due to the command prompt window still running in this dispvm. In this case, the disposable has to be shut down manually.*
## Installation logs
@@ -311,8 +313,8 @@ To override global settings for a specific component, create a new key under the
Component-specific settings currently available:
-|**Component**|**Setting**|**Type**|**Description**|**Default value**|
-|:------------|:----------|:-------|:--------------|:----------------|
+| Component | Setting | Type | Description | Default value |
+|:--------------|:------------|:-----------|:------------------------------------------------|:------------------|
|qga|DisableCursor|DWORD|Disable cursor in the VM. Useful for integration with Qubes desktop so you don't see two cursors. Can be disabled if you plan to use the VM through a remote desktop connection of some sort. Needs gui agent restart to apply change (locking OS/logoff should be enough since qga is restarted on desktop change).|1|
## Troubleshooting
diff --git a/user/templates/windows/windows-qubes-4-0.md b/user/templates/windows/windows-qubes-4-0.md
index e1844e18b..919655ff2 100644
--- a/user/templates/windows/windows-qubes-4-0.md
+++ b/user/templates/windows/windows-qubes-4-0.md
@@ -16,11 +16,13 @@ title: How to install Windows qubes in Qubes OS 4.0
If you just want something simple and you can live without some features.
Works:
+
- display (1440x900 or 1280x1024 are a nice fit onto FHD hw display)
- keyboard (incl. correct mapping), pointing device
- network (emulated Realtek NIC)
Does not work:
+
- copy & paste (the qubes way)
- copying files into / out of the VM (the qubes way)
- assigning USB devices (the qubes way via the tray applet)
@@ -29,6 +31,7 @@ Does not work:
- all other features/hardware needing special tool/driver support
Installation procedure:
+
- Have the Windows 10 ISO image (I used the 64-bit version) downloaded in some qube.
- Create a new Qube:
- Name: Win10, Color: red
@@ -219,6 +222,7 @@ At that point you should have a functional and stable Windows VM, although witho
## Windows as a template
Windows 7 and 10 can be installed as TemplateVM by selecting
+
~~~
qvm-create --class TemplateVM --property virt_mode=HVM --property kernel='' --label black Windows-template
~~~
@@ -231,6 +235,7 @@ when creating the VM. To have the user data stored in AppVMs depending on this t
For Windows 10, configuration data like those stored in directories like `AppData` still remain in the TemplateVM, such that their changes are lost each time the AppVM shuts down. In order to make permanent changes to these configuration data, they have to be changed in the TemplateVM, meaning that applications have to be started there, which violates and perhaps even endangers the security of the TemplateVM. Such changes should be done only if absolutely necessary and with great care. It is a good idea to test them first in a cloned TemplateVM before applying them in the production VM.
AppVMs based on these templates can be created the normal way by using the Qube Manager or by specifying
+
~~~
qvm-create --class=AppVM --template=
~~~
diff --git a/user/templates/windows/windows-qubes-4-1.md b/user/templates/windows/windows-qubes-4-1.md
index 4d38a4bbe..bfd3a10f6 100644
--- a/user/templates/windows/windows-qubes-4-1.md
+++ b/user/templates/windows/windows-qubes-4-1.md
@@ -46,6 +46,7 @@ For better integration, a set of drivers and services, called Qubes Windows Tool
However, if you are an expert or want to do it manually you may continue below.
**Notes:**
+
- The instructions may work on other versions than Windows 7, 8.1, 10 and 11 x64 but haven't been tested.
- Qubes Windows Tools (QWT) only supports Windows 7, 8.1, 10 and 11 x64. For installation, see [Qubes Windows Tools](/doc/templates/windows/qubes-windows-tools-4-1).
@@ -61,46 +62,49 @@ Unofficial “debloated” ISOs from projects like reviOS 18 or ameliorated 10 c
Create a VM named WindowsNew in [HVM](/doc/hvm/) mode (Xen's current PVH limitations precludes from using PVH). This can be done in either of two ways:
-- Using Qube Manager
-
- In order to create the new qube, select the command Qube -> New Qube in the Qube Manager::
- - Name: `WindowsNew`, Color: `orange` (for a standalone qubes, `black` for a template)
- - Type: `StandaloneVM (fully persistent)` or `TemplateVM (template home, persistent root)`
- - Template: `(none)`
- - Networking: `sys-firewall (default)`
- - Launch settings after creation: check
- - Click "OK".
-
- - Settings:
- - Basic:
- - System storage: 60.0+ GB
- - Advanced:
- - Include in memory balancing: uncheck
- - Initial memory: 4096+ MB
- - Kernel: `(none)`
- - Mode: `HVM`
- - Click "Apply".
+- Using Qube Manager: In order to create the new qube, select the command Qube -> New Qube in the Qube Manager:
+
+ - Name: `WindowsNew`, Color: `orange` (for a standalone qubes, `black` for a template)
+ - Type: `StandaloneVM (fully persistent)` or `TemplateVM (template home, persistent root)`
+ - Template: `(none)`
+ - Networking: `sys-firewall (default)`
+ - Launch settings after creation: check
+ - Click "OK".
+ - Settings:
+ - Basic:
+ - System storage: 60.0+ GB
+ - Advanced:
+ - Include in memory balancing: uncheck
+ - Initial memory: 4096+ MB
+ - Kernel: `(none)`
+ - Mode: `HVM`
+ - Click "Apply".
After creation, set `qvm-prefs WindowsNew qrexec_timeout 7200` via CLI in a dom0 terminal.
- Using CLI in a dom0 terminal
- This can also be done via the following CLI commands in dom0, for a standalone qube:
- ~~~
- qvm-create --class StandaloneVM --label orange --property virt_mode=hvm WindowsNew
- ~~~
- and for a template:
- ~~~
- qvm-create --class TemplateVM --label black --property virt_mode=hvm WindowsNew
- ~~~
+
+ ~~~
+ qvm-create --class StandaloneVM --label orange --property virt_mode=hvm WindowsNew
+ ~~~
+
+ and for a template:
+
+ ~~~
+ qvm-create --class TemplateVM --label black --property virt_mode=hvm WindowsNew
+ ~~~
+
- After creation, set the following parameters via CLI in a dom0 terminal:
- ~~~
- qvm-volume extend WindowsNew:root 60g
- qvm-prefs WindowsNew memory 4096
- qvm-prefs WindowsNew maxmem 4096
- qvm-prefs WindowsNew kernel ''
- qvm-prefs WindowsNew qrexec_timeout 7200
- ~~~
+
+ ~~~
+ qvm-volume extend WindowsNew:root 60g
+ qvm-prefs WindowsNew memory 4096
+ qvm-prefs WindowsNew maxmem 4096
+ qvm-prefs WindowsNew kernel ''
+ qvm-prefs WindowsNew qrexec_timeout 7200
+ ~~~
These parameters are set for the following reasons:
@@ -109,13 +113,14 @@ These parameters are set for the following reasons:
- Setting memory to 4096MB may work in most cases, but using 6144MB (or even 8192MB) may reduce the likelihood of crashes during installation, especially for Windows 10 or 11. This is important as Windows qubes have to be created without memory balancing, as requested by the parameter settings described above.
- The Windows' installer requires a significant amount of memory or else the VM will crash with such errors:
- ~~~
- /var/log/xen/console/hypervisor.log:
+ ~~~
+ /var/log/xen/console/hypervisor.log:
- p2m_pod_demand_populate: Dom120 out of PoD memory! (tot=102411 ents=921600 dom120)
- (XEN) domain_crash called from p2m-pod.c:1218
- (XEN) Domain 120 (vcpu#0) crashed on cpu#3:
- ~~~
+ p2m_pod_demand_populate: Dom120 out of PoD memory! (tot=102411 ents=921600 dom120)
+ (XEN) domain_crash called from p2m-pod.c:1218
+ (XEN) Domain 120 (vcpu#0) crashed on cpu#3:
+ ~~~
+
So, increase the VM's memory to 4096MB (memory = maxmem because we don't use memory balancing), or 6144MB / 8192MB, as recommended above.
- Disable direct boot so that the VM will go through the standard cdrom/HDD boot sequence. This is done by setting the qube's kernel to an empty value.
@@ -135,6 +140,7 @@ These parameters are set for the following reasons:
- Click "OK" to boot into the windows installer.
This can also be done via the following CLI command in dom0 (assuming that the Windows installer ISO is stored in the directory `/home/user/` in the AppVM `untrusted`):
+
~~~
qvm-start --cdrom=untrusted:/home/user/windows_install.iso WindowsNew
~~~
@@ -154,10 +160,14 @@ These parameters are set for the following reasons:
- Position to this key and create 3 DWORD values called `BypassTPMCheck`, `BypassSecureBootCheck` and `BypassRAMCheck` and set each value to `1`.
- Close the registry editor and console windows.
- In the setup window, hit the left arrow in the left upper corner. You will then return into the setup, which will continue normally and install Windows 11 without TPM 2.0.
-
- :warning: **Caution:** This temporary patch may cease to work if it so pleases Microsoft some time.
+
+
+
+ **Caution:** This temporary patch may cease to work if it so pleases Microsoft some time.
+
+
- The installation of Windows 11 may require an internet connection to grab a Microsoft ID. This is currently true only for the home addition, but will probably extend to the Pro edition, too. A workaround to bypass the internet connection requirements of the Windows 11 setup has been published that currently works for version 21H2 but may be blocked some time in the future by Microsoft:
+ - The installation of Windows 11 may require an internet connection to grab a Microsoft ID. This is currently true only for the home addition, but will probably extend to the Pro edition, too. A workaround to bypass the internet connection requirements of the Windows 11 setup has been published that currently works for version 21H2 but may be blocked some time in the future by Microsoft:
- When you reach the “Let’s Connect You To A Network” page, type Shift-F10 to open a console window.
- Here you type `taskmgr` to start the Task Manager window so you can see all running processes.
@@ -165,7 +175,7 @@ These parameters are set for the following reasons:
- Select this process and then hit the “End Task” button.
- Now you can close these newly opened windows and return to the Windows 11 setup, where you will enter local account information.
- For Windows 11 version 22H2, the following sequence of actions to use a local account instead of a Microsoft account has been published:
+ - For Windows 11 version 22H2, the following sequence of actions to use a local account instead of a Microsoft account has been published:
- Enter `no@thankyou.com` (or some other senseless address) as the email address and click `Next` when Windows 11 setup prompts you to log into your Microsoft account.
- Enter any text you want in the password field and click `Sign in`. If this method works, you'll get a message saying "Oops, something went wrong."
@@ -175,8 +185,10 @@ These parameters are set for the following reasons:
- On systems shipped with a Windows license, the product key may be read from flash via root in dom0:
+
`strings < /sys/firmware/acpi/tables/MSDM`
+
Alternatively, you can also try a Windows 7 license key (as of 2018/11 they are still accepted for a free upgrade to Windows 10).
- The VM will shutdown after the installer completes the extraction of Windows installation files. It's a good idea to clone the VM now (eg. `qvm-clone WindowsNew WindowsNewbkp1`). Then, (re)start the VM via the Qubes Manager or with `qvm-start WindowsNew` from a dom0 terminal (without the `--cdrom` parameter!).
@@ -186,9 +198,11 @@ These parameters are set for the following reasons:
**After Windows installation**
- From the Windows command line, disable hibernation in order to avoid incomplete Windows shutdown, which could lead to corruption of the VM's disk.
+
~~~
powercfg -H off
~~~
+
Also, recent versions of Windows won’t show the CD-ROM drive after starting the qube with `qvm-start vm --cdrom ...` (or using the GUI). The solution is to disable hibernation in Windows with this command. (That command is included in QWT’s setup but it’s necessary to run it manually in order to be able to open QWT’s setup ISO/CD-ROM in Windows).
- In case you switch from `sys-firewall` to `sys-whonix`, you'll need a static IP network configuration, DHCP won't work for `sys-whonix`. Sometimes this may also happen if you keep using `sys-firewall`. In both cases, proceed as follows:
@@ -202,6 +216,7 @@ These parameters are set for the following reasons:
- Given the higher than usual memory requirements of Windows, you may get a `Not enough memory to start domain 'WindowsNew'` error. In that case try to shutdown unneeded VMs to free memory before starting the Windows VM.
+
At this point you may open a tab in dom0 for debugging, in case something goes amiss:
~~~
@@ -234,6 +249,7 @@ For additional information on configuring a Windows qube, see the [Customizing W
As described above Windows 7, 8.1, 10 and 11 can be installed as TemplateVM. To have the user data stored in AppVMs depending on this template, the option `Move User Profiles` has to be selected on installation of Qubes Windows Tools. For Windows 7, before installing QWT, the private disk `D:` has to be renamed to `Q:`, see the QWT installation documentation in [Qubes Windows Tools](/doc/templates/windows/qubes-windows-tools-4-1).
AppVMs based on these templates can be created the normal way by using the Qube Manager or by specifying
+
~~~
qvm-create --class=AppVM --template=
~~~
@@ -243,6 +259,7 @@ On starting the AppVM, sometimes a message is displayed that the Xen PV Network
**Caution:** These AppVMs must not be started while the corresponding TemplateVM is running, because they share the TemplateVM's license data. Even if this could work sometimes, it would be a violation of the license terms.
Furthermore, if manual IP setup was used for the template, the IP address selected for the template will also be used for the AppVM, as it inherits this address from the template. Qubes, however, will have assigned a different address to the AppVM, which will have to changed to that of the template (e.g. 10.137.0.x) so that the AppVM can access the network, vis the CLI command in a dom0 terminal:
+
~~~
qvm-prefs WindowsNew ip 10.137.0.x
~~~
diff --git a/user/troubleshooting/installation-troubleshooting.md b/user/troubleshooting/installation-troubleshooting.md
index 2a0c19360..6e2eae8b9 100644
--- a/user/troubleshooting/installation-troubleshooting.md
+++ b/user/troubleshooting/installation-troubleshooting.md
@@ -61,19 +61,20 @@ If that doesn't help, then disable one and try the other.
Visit the [UEFI Troubleshooting guide](/doc/uefi-troubleshooting/) if other errors arise during UEFI booting.
These errors may also occur due to an incompatible Nvidia graphics card. If you have one, follow the following instructions:
+
1. Disable secure/fast boot and use legacy mode
2. Enter GRUB, move the selection to the first choice, and then press the Tab key.
3. Now, you are in edit mode. Move the text cursor with your arrow key and after ``kernel=`` line, add:
- ```
- nouveau.modeset=0 rd.driver.blacklist=nouveau video=vesa:off
- ```
+ ```bash
+ nouveau.modeset=0 rd.driver.blacklist=nouveau video=vesa:off
+ ```
- If the above code doesn't fix the problem, replace it with:
+ If the above code doesn't fix the problem, replace it with:
- ```
- noexitboot=1 modprobe.blacklist=nouveau rd.driver.blacklist=nouveau --- intitrd.img
- ```
+ ```bash
+ noexitboot=1 modprobe.blacklist=nouveau rd.driver.blacklist=nouveau --- intitrd.img
+ ```
For more information, look at the [Nvidia Troubleshooting guide](https://forum.qubes-os.org/t/19021#disabling-nouveau).
diff --git a/user/troubleshooting/uefi-troubleshooting.md b/user/troubleshooting/uefi-troubleshooting.md
index 35e33877f..890fa091e 100644
--- a/user/troubleshooting/uefi-troubleshooting.md
+++ b/user/troubleshooting/uefi-troubleshooting.md
@@ -23,6 +23,7 @@ If you've installed successfully in legacy mode but had to change some kernel pa
04. Install using your modified boot entry
**Change xen configuration directly in an iso image**
+
01. Set up a loop device (replacing `X` with your ISO's version name): `losetup -P /dev/loop0 Qubes-RX-x86_64.iso`
02. Mount the loop device: `sudo mount /dev/loop0p2 /mnt`
03. Edit `EFI/BOOT/BOOTX64.cfg` to add your params to the `kernel` configuration key
diff --git a/user/troubleshooting/update-troubleshooting.md b/user/troubleshooting/update-troubleshooting.md
index 5cbcf0815..60cc2feca 100644
--- a/user/troubleshooting/update-troubleshooting.md
+++ b/user/troubleshooting/update-troubleshooting.md
@@ -43,5 +43,6 @@ This can usually be fixed by updating via the command line.
In dom0, open a terminal and run `sudo qubes-dom0-update`.
Depending on your operating system, open a terminal in the templates and run:
+
* Fedora: `sudo dnf upgrade`
* Debian: `apt-get update && apt-get dist-upgrade`