Network Interface Down in AppQube

I have a Kali Linux AppVM (not an HVM) that I created based on a tutorial about two years ago. So far it has been working but recently my eth0 shows as down and I have no idea where to start.

The initial symptom was DNS not resolving. Tried attaching it directly to sys-firewall (originally it routes through VPN, which is where I suspected the error): No change. Then noticed from the command line that eth0 is actually listed as DOWN:

user@pentest:~$ sudo ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:16:3e:5e:6c:00 brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:ff:91:71:7f brd ff:ff:ff:ff:ff:ff
user@pentest:~$ 

I strongly suspect the issue to be in the AppVM itself as all other AppVMs are working.

What component inside the VM would bring up the interface? Read that parameters such as IP-Address and Resolvers are passed in via qubesdb, but what component receives that info and acts on it?

You certainly not have installed qubes-core-agent-networking related components.

That is where it gets interesting: I do.

user@pentest:~$ dpkg -l qubes-* | grep net
ii  qubes-core-agent-network-manager   4.2.36-1+deb12u1 amd64        NetworkManager integration for Qubes VM
ii  qubes-core-agent-networking        4.2.36-1+deb12u1 amd64        Networking support for Qubes VM

I’ll have a look at the files it contains and see if I find and systemd untis leading me to journal-entries.

Also, you can install working template of Kali from community repository :slight_smile:

I know of its existence (wasn’T there when I created that qube) but was unsure about the differences to my (so far) working AppQube.

Looks like I found the culprit

user@pentest:~$ sudo systemctl status qubes-network*
× qubes-network-uplink.service - Qubes network uplink wait
     Loaded: loaded (/usr/lib/systemd/system/qubes-network-uplink.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Wed 2024-08-07 13:06:10 CEST; 1h 42min ago
 Invocation: 55eb52bd9b8845c8977013126e6b2826
   Main PID: 530 (code=exited, status=1/FAILURE)

Aug 07 13:06:10 pentest systemd[1]: Starting qubes-network-uplink.service - Qubes network uplink wait...
Aug 07 13:06:10 pentest systemd[1]: qubes-network-uplink.service: Main process exited, code=exited, status=1/FAILURE
Aug 07 13:06:10 pentest systemd[1]: qubes-network-uplink.service: Failed with result 'exit-code'.
Aug 07 13:06:10 pentest systemd[1]: Failed to start qubes-network-uplink.service - Qubes network uplink wait.

× qubes-network-uplink@eth0.service - Qubes network uplink (eth0) setup
     Loaded: loaded (/usr/lib/systemd/system/qubes-network-uplink@.service; static)
     Active: failed (Result: exit-code) since Wed 2024-08-07 13:06:10 CEST; 1h 42min ago
 Invocation: c6ed17b24da547a39c5e2f2b5d0e1f36
   Main PID: 617 (code=exited, status=127)

Aug 07 13:06:10 pentest systemd[1]: Starting qubes-network-uplink@eth0.service - Qubes network uplink (eth0) setup...
Aug 07 13:06:10 pentest setup-ip[649]: /usr/lib/qubes/setup-ip: line 30: /sbin/ip: No such file or directory
Aug 07 13:06:10 pentest systemd[1]: qubes-network-uplink@eth0.service: Main process exited, code=exited, status=127/n/a
Aug 07 13:06:10 pentest systemd[1]: qubes-network-uplink@eth0.service: Failed with result 'exit-code'.
Aug 07 13:06:10 pentest systemd[1]: Failed to start qubes-network-uplink@eth0.service - Qubes network uplink (eth0) setup.

Some part of the setup-ip script expects the ip command to live in /sbin, which under Kali it does not. The following fixed it for me:

sudo ln -s `which ip` /sbin/ip

I am however not entirely sure about the consequences or what introduced the breaking change.
For now it works. I’ll give the kali template a go though.

Related issue: