Hey @unman, I gave a try your instructions (GitHub - unman/qubes-sync: Simple syncin between qubes over qrexec) for using rsync between VMs with socat and qrexec, and it’s not working either for me in 4.1. After copying the rsync.conf, qubes.Rsync and the systemd files in a template, making an allow policy in dom0, and trying to call rsync, what I get is this
# rsync --port=837 localhost::shared
rsync: server sent "2022/04/24 xx:32:06 socat[1071] E connect(5, AF=2 127.0.0.1:873, 16): Connection refused" rather than greeting
rsync error: error starting client-server protocol (code 5) at main.c(1814) [Receiver=3.2.3]
However, I think this might be because I don’t have an rsync service to enable despite having installed the rsync package. Maybe the instructions there are out of date. The important thing is that I think socat might be working properly because if I run wireshark in the server VM, I can see a SYN and a RST,ACK reply to/from port 837 when I run the rsync command in the client!
This is not the case when I try the trezor setup. No packets appear in the server (sys-usb). I think I might be able to figure out from your git repo how to make the trezor work for me, but I’m not sure I understand how you have it set up. It seems like instead of running socat on the client, you use a systemd socket that listens on 837 and then calls qrexec-client-vm. Then the server doesn’t use the systemd service/socket, and only runs socat to handle the rsync call. I can’t rap my head around how the qubes.Rsync socat call works though.
Also I think I see now that there isn’t any network connection between the qubes. socat just routes the packets through a qrexec call so that each VM sees them as coming from the stdio on localhost, right?