I have just installed Qubes 4.2 on two different computers (NUC 5 and NUC 10, both with I5 CPU) and it basically works.
Nevertheless, I have encountered a major problem:
If I want to attach files (no matter if jpg, doc, pdf etc.) to a mail in Qubes-Whonix in a corresponding APP-VM and a normal e-mail program (upload from the Thunar file manager), an error message appears after some time that the file cannot be attached to the mail. With another mail program, attaching the file deletes the entire text including metadata.
I have tested it on several freshly created Whonix instances or clones and it is always the same error.
It is not due to different formats or settings in the mail programs such as PlainText or html. I can send a simple mail without an attachment.
I don’t know whether the problem is with Qubes 4.2, Whonix-17, Tor or Debian-12. That’s why I’m posting in both forums.
Has anyone had similar experiences or an idea where the error could lie?
It’s probably apparmor related; try putting the file into the Downloads folder or if your mail program has its own downloads folder try putting it there.
If that doesn’t work, switch the program’s apparmor profile to complain mode and try that way…if that fixes it then you may want to notify the maintainers of that program about this issue so they can fix the apparmor profiles for their program with the next update.
Thx for answering. I´ve tried this with the download-folder but it´s the same failure. But perhaps your´re right with apparmor. I´ll try to switch into complain-mode and then I´ll post the result.
I don’t know what is “a mail in Qubes-Whonix in a corresponding APP-VM”, but if you use Tor browser, put the file in /home/user/.tb/tor-browser/Browser/Downloads/ folder actually.
I have done some tests and think I have found the solution. If anyone would like to forward this to the developers of apparmor - please do.
I initially switched off all profiles in apparmor in Whonix-workstation-17. The error was fixed and file attachments were possible.
Then I set everything to enforce mode and only in the VM based on the whonix-workstation-17 with the mail program did I switch the profiles to “complain”, where I suspected the highest probability of the error:
“home.tor-browser.firefox” and “system_tor”
This produced no result, the error was still there.
Then I did the same in whonix-workstation-17 and the error was fixed by running the following command in /etc/apparmor.d:
If your “mail program” is a website that you access using Tor Browser, then my above recommendation (putting the file into the app’s download folder) should work.
What this specifically means in the case of Tor Browser was elucidated by user @tempmail who pointed out the location of that particular app’s download folder.
So to be as precise as possible:
In the VM where you run Tor Browser and want to upload a file (lets’ say myfile.txt), first execute:
Yes that’s right, I did the same thing earlier and left the Apparmor settings on “enforced” and then loaded the test file into the download directory of the Tor browser and then it works fine.
However, since in whonix-16 or Qubes 4.1 it was possible for any browser-based mail program to access the actual download folder in whonix and I believe this is a habit for most users, I thought it would be userful to configure AppArmor so that this works again.
Patrick from whonix has suggested testing it with Thunderbird. I will do that and then report back.