I am trying to test restoring a backup file I’ve just created. Because of [the same] errors I had trying to do this earlier, I have fully shut down my laptop, then started it again. After this shutdown, I started my laptop at approximately 20:25 on Jan 2 local time (this may be relevant, see screenshot).
After starting up, I created a new backup file on a USB drive attached to my Vault VM. Then, I tried [again] to test restoring this backup file, and have hit the same strange error, which saying something like:
unable to read the qubes backup file… Fatal error: Copying file vm4/private.img.405.enc: Error reading (error type: Input/output error)… Partially restored files left in /var/tmp/restore_*, investigate them
So I have investigated /var/tmp
and cannot find any files in a /var/tmp/restore_*
directory. However, there are several strange directories (almost all seemingly created right after I started by laptop). There are several /var/tmp/systemd-private-*
directories, freshly created on dom0 (each time I start up my laptop!). They are also created in all of my AppVMs, including my Vault VM! These directories are also in this dispVM I am using exclusively to create this post. I have a persistent AppVM named private
, but have not even started that VM after booting my laptop. All of these directories seem to be empty. For example, /var/tmp/systemd-private-...-rtkit-daemon.service-trTUr8/tmp
is empty. Still, this seems very fishy. I’m beginning to get very concerned, as though my machine is compromised.
Incidentally, there is also a directory called /var/tmp/dnf-user-*
, which only exists on dom0 as far as I can tell. This is also empty.
What steps should I take next? Can I start by safely deleting these directories from dom0 and trying all over?
Please see my screenshot, it has virtually all the above information: