Page MenuHomePhabricator
Feed Advanced Search

Mar 21 2020

Patrick closed T908: copy Whonix VM images to Whonix-Host and set up during build as Invalid.

We actually ended up using Whonix KVM and placing images to:

Mar 21 2020, 11:44 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick updated the task description for T908: copy Whonix VM images to Whonix-Host and set up during build.
Mar 21 2020, 11:42 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick updated subscribers of T908: copy Whonix VM images to Whonix-Host and set up during build.
Mar 21 2020, 11:42 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick added a project to T908: copy Whonix VM images to Whonix-Host and set up during build: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix

Jun 27 2019

Patrick removed a project from T891: upgrade build_sources/rpi-preferences for Debian 10/ buster: Whonix 15.
Jun 27 2019, 10:35 AM · build, Whonix

Apr 23 2019

Patrick triaged T908: copy Whonix VM images to Whonix-Host and set up during build as Normal priority.
Apr 23 2019, 1:41 PM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix

Apr 6 2019

Patrick removed a project from T891: upgrade build_sources/rpi-preferences for Debian 10/ buster: Debian version 10 codename Buster.
Apr 6 2019, 5:20 PM · build, Whonix

Apr 4 2019

Patrick added a comment to T605: speed up libvirt tarball creation time.

Please kindly consider jointing the related discussion improving compression of Whonix image downloads:
https://forums.whonix.org/t/improving-compression-of-whonix-image-downloads/7086

Apr 4 2019, 8:17 PM · Whonix, build, KVM

Feb 15 2019

marmarek added a comment to T709: port Whonix package build process to Qubes package build process.

To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).

Feb 15 2019, 12:20 AM · security, Qubes, build, Whonix

Feb 14 2019

Patrick added projects to T709: port Whonix package build process to Qubes package build process: build, Qubes, security.
Feb 14 2019, 8:01 PM · security, Qubes, build, Whonix
Patrick updated the task description for T615: use Reproducible Builds Experimental Toolchain by Debian.
Feb 14 2019, 7:45 PM · Whonix, Verifiable Builds, build

Jan 20 2019

Patrick triaged T891: upgrade build_sources/rpi-preferences for Debian 10/ buster as Normal priority.
Jan 20 2019, 6:13 AM · build, Whonix

Dec 9 2018

Patrick lowered the priority of T605: speed up libvirt tarball creation time from High to Wishlist.
Dec 9 2018, 6:52 AM · Whonix, build, KVM

Dec 7 2018

Patrick closed T881: remove attempts to hide CPU information from VM in VirtualBox as Resolved.
Dec 7 2018, 12:09 PM · build, VirtualBox, Whonix 15, Whonix 14, Whonix
Patrick removed a project from T615: use Reproducible Builds Experimental Toolchain by Debian: Whonix 15.
Dec 7 2018, 12:03 PM · Whonix, Verifiable Builds, build
Patrick removed a project from T687: Supress VB error messages.: Whonix 15.
Dec 7 2018, 11:58 AM · build, VirtualBox, usability, Whonix

Dec 3 2018

HulaHoop added a comment to T881: remove attempts to hide CPU information from VM in VirtualBox.

There's been research showing that trying to hide CPU information in a virtualizer is futile.

Dec 3 2018, 7:07 PM · build, VirtualBox, Whonix 15, Whonix 14, Whonix

Nov 28 2018

Patrick triaged T881: remove attempts to hide CPU information from VM in VirtualBox as Normal priority.
Nov 28 2018, 7:43 AM · build, VirtualBox, Whonix 15, Whonix 14, Whonix

Aug 8 2018

Patrick closed T714: Whonix live mode / grub-live as Resolved.

It will still depend on the user looking out for this indicator. Easiest is probably something like notify-send with a high duration time so a user will see it and click it away. Could be made part of whonixcheck or maybe use whonixcheck itself instead.

Aug 8 2018, 10:27 AM · Whonix 15, Whonix, build

Jul 17 2018

Algernon added a comment to T714: Whonix live mode / grub-live.

I opened a small pull request for grub-live. Also the alternative version ro-mode-init lives at https://github.com/Algernon-01/ro-mode-init

Jul 17 2018, 11:29 PM · Whonix 15, Whonix, build

Jun 30 2018

Patrick closed T790: Reducing the size of raw files as Resolved.
Jun 30 2018, 12:34 PM · build, KVM, VirtualBox, Whonix, Whonix 15

Apr 30 2018

Onion_Knight added a comment to T790: Reducing the size of raw files.

virt-sparsify solution dropped because needs booting the image with qemu-system (not clean, to much unknown consequences, see attached ouptut).

Apr 30 2018, 3:50 PM · build, KVM, VirtualBox, Whonix, Whonix 15
Onion_Knight added a comment to T790: Reducing the size of raw files.
Apr 30 2018, 11:54 AM · build, KVM, VirtualBox, Whonix, Whonix 15

Apr 26 2018

Patrick triaged T790: Reducing the size of raw files as Normal priority.
Apr 26 2018, 9:25 AM · build, KVM, VirtualBox, Whonix, Whonix 15

Mar 7 2018

Patrick closed T505: do not use tput if variable TERM is empty as Resolved.
Mar 7 2018, 1:24 AM · Whonix, build, whonix-initializer, rads, whonixsetup, curl-scripts, whonix-base-files, msgcollector, Whonix 14, bug
Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.
Mar 7 2018, 1:11 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 12 2018

Algernon added a comment to T714: Whonix live mode / grub-live.

It will still depend on the user looking out for this indicator. Easiest is probably something like notify-send with a high duration time so a user will see it and click it away. Could be made part of whonixcheck or maybe use whonixcheck itself instead.

Jan 12 2018, 2:50 PM · Whonix 15, Whonix, build

Jan 9 2018

Patrick added a comment to T714: Whonix live mode / grub-live.

What would be useful is some sort of indication on the desktop that system is running in live mode vs persistent mode.

Jan 9 2018, 3:43 PM · Whonix 15, Whonix, build

Jan 7 2018

Patrick added a comment to T714: Whonix live mode / grub-live.

Merged.

Jan 7 2018, 12:59 PM · Whonix 15, Whonix, build

Jan 6 2018

Algernon added a comment to T714: Whonix live mode / grub-live.

ip=frommedia needs to be added to the kernel command line otherwise the network interfaces won't be configured in live mode. I uploaded the changes to the repo.

Jan 6 2018, 8:35 PM · Whonix 15, Whonix, build

Dec 21 2017

Patrick raised the priority of T714: Whonix live mode / grub-live from Low to Normal.
Dec 21 2017, 9:50 PM · Whonix 15, Whonix, build
Patrick renamed T714: Whonix live mode / grub-live from Whonix live mode to Whonix live mode / grub-live.
Dec 21 2017, 9:50 PM · Whonix 15, Whonix, build

Dec 17 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Sure, I'll add instructions for the installation and some general remarks around live mode to the Whonix live wiki entry.

Dec 17 2017, 1:11 PM · Whonix 15, Whonix, build

Dec 15 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

Added to https://github.com/Whonix/Whonix/tree/master/packages, build, and uploaded to Whonix (14) developers repository.

Dec 15 2017, 9:26 PM · Whonix 15, Whonix, build

Dec 12 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

Test wise installed the package.

Dec 12 2017, 3:21 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

Hmm, odd it did not work for you. I tested it with the whonix build script and also the upgrade from 13 to 14 with the local packages repo. Both produced the correct GRUB menu with all options.
What did you do, just copying 11_linux to /etc/grub.d/ and running update-grub I guess?

Dec 12 2017, 12:34 AM · Whonix 15, Whonix, build

Dec 11 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

Fixed.

Dec 11 2017, 5:49 PM · Whonix 15, Whonix, build
Patrick added a comment to T714: Whonix live mode / grub-live.
Dec 11 2017, 5:40 PM · Whonix 15, Whonix, build
Patrick added a comment to T714: Whonix live mode / grub-live.

Perfect!

Dec 11 2017, 2:57 PM · Whonix 15, Whonix, build

Dec 10 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Made the file somewhat smaller:
https://github.com/Algernon-01/grub-live/commit/c8f8a24dbac305cdbbff0d2d53d14b699cc4a2b4

Dec 10 2017, 10:02 PM · Whonix 15, Whonix, build

Dec 9 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

/etc/grub.d/11_linux_live is still a lot code duplication.

Dec 9 2017, 11:25 PM · Whonix 15, Whonix, build
Patrick added a comment to T714: Whonix live mode / grub-live.

Should boot=live union=overlay plainroot be injected at line https://github.com/adrelanos/grub-live/blob/master/etc/grub.d/11_linux_live#L353 as well?

Dec 9 2017, 10:39 PM · Whonix 15, Whonix, build
Patrick added a comment to T714: Whonix live mode / grub-live.

Changes for initramfs-tools based live system:

https://github.com/Whonix/anon-meta-packages/pull/7

Dec 9 2017, 10:19 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

Changes for initramfs-tools based live system:

Dec 9 2017, 12:59 AM · Whonix 15, Whonix, build

Dec 4 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Most of them don't seem to interact with the normal boot process, right?

Dec 4 2017, 9:52 PM · Whonix 15, Whonix, build
Patrick added a comment to T714: Whonix live mode / grub-live.

Algernon (Algernon):> Packages would be: live-boot, live-config-systemd,

live-config-initramfs-tools, live-tools.

Dec 4 2017, 9:36 AM · Whonix 15, Whonix, build

Dec 3 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Packages would be: live-boot, live-config-systemd, live-config-initramfs-tools, live-tools.
I'm wondering if then there really needs to be an extra package for the other files. Currently only the apparmor config for the new home and alias as well as the grub config file would be in there. I think the apparmor related edits could also be merged with the files in the apparmor-profile-anondist. There are some packages for grub but they all have a quite specific name. So either make a dedicated grub-live package or make the live patch package as before or merge the grub config file somewhere else.

Dec 3 2017, 9:50 PM · Whonix 15, Whonix, build

Dec 2 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

As stated here: https://forums.whonix.org/t/replacing-initramfs-tools-with-dracut-for-live-systems/4487
there is still option 5 if you feel uncomfortable with dracut in general.

Dec 2 2017, 8:17 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

As stated here: https://forums.whonix.org/t/replacing-initramfs-tools-with-dracut-for-live-systems/4487
there is still option 5 if you feel uncomfortable with dracut in general.
A "normal" live system with overlayfs should be possible without patches. We would mostly need to pull in some debian live packages.
Copying the whole filesystem to RAM would not work without patches. Of course there is no possibility to use device mapper though maybe most end users won't care about that.
Some minor edits to the grub config file and apparmor stuff would be required.

Dec 2 2017, 12:39 AM · Whonix 15, Whonix, build

Nov 30 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

For reference:

Nov 30 2017, 11:35 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

I changed the patches so the dracut version from stretch is now used and therefore no apt pinning and changes to the sources.list is required.
It also seems like the stretch version, in contrast to same version from upstream, can use overlayfs since the debian package maintainer added some (undocumented) parameters.
Appending "rootovl" to the kernel commandline and using root=UUID=... (so without the "live:") will mount an overlayfs filesystem over / . So not too much loss compared to the version in testing.

Nov 30 2017, 7:31 PM · Whonix 15, Whonix, build

Nov 21 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

Attached is the more or less final patch with only minor changes mostly related to apparmor profiles.

Nov 21 2017, 6:36 PM · Whonix 15, Whonix, build

Nov 20 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Attached is the more or less final patch with only minor changes mostly related to apparmor profiles.
The bindp package was also missing for i386, this is required when upgrading from 13 to 14 and reinstalling non-qubes-whonix-workstation. Therefore the architecture in the control file was changed from "any" to "all. I'll add the new instructions to the wiki and submit a pull request.
A minor issue might be the swap file creator. At the moment it runs at each boot, creates a new swap file and shreds it at shutdown. This takes of course some seconds more. The other option would be to keep the old swap-file-generator but this will always occupy 512MB RAM more when you boot the live system which could be spend for more useful things. Both cases are not optimal but I don't see any other options.

Nov 20 2017, 7:46 PM · Whonix 15, Whonix, build

Nov 13 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

As it looks now, it will be easily possible to upgrade Whonix 13 i386 to
Whonix 14 i386. New Whonix 14 builds will be amd64. Looks pretty final.
I don't think it will change for Whonix 14. (That is for
Non-Qubes-Whonix.) (For Qubes-Whonix none of this matters, it always has
been amd64.)

Nov 13 2017, 8:53 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

Just figured out Whonix 13 is still i386 and I only tested builds for amd64 up to now. Therefore I also couldn't make any tests upgrading from 13 to 14.
But I was wondering if upgrading Whonix 13 will be supported or work at all.
Reading this :
https://phabricator.whonix.org/T688#13700
https://www.whonix.org/wiki/Upgrading_Whonix_13_to_Whonix_14
https://forums.whonix.org/t/state-of-offical-64-bit-builds/399/16

Nov 13 2017, 7:45 PM · Whonix 15, Whonix, build

Nov 11 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

Algernon (Algernon):

Algernon added a comment.

I switched to config-package-dev instead of forking so no worries.
Next I'm going to try an update from Whonix 13 to 14 and see if something breaks.
Nov 11 2017, 10:55 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

I switched to config-package-dev instead of forking so no worries.
Next I'm going to try an update from Whonix 13 to 14 and see if something breaks.
I guess the official Whonix repo will be used when users would upgrade to the live version.
From looking at the aptrepo_local which gets created during building it seems to be more or less the same as the online repo? So I could use the local repo for the update tests or is there anything else to look out for?

Nov 11 2017, 9:42 PM · Whonix 15, Whonix, build

Nov 8 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

I'm currently trying to add a custom dracut build to the whonix temporary repository.
I cloned the dracut repository at https://anonscm.debian.org/gitweb/?p=collab-maint/dracut.git and added the changes we need for the live systems.
Then added the folder to the packages directory of the whonix source, renamed it to dracut-whonix and also changed the control file so that packages with the name dracut-whonix-* are created.

Nov 8 2017, 5:24 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

I'm currently trying to add a custom dracut build to the whonix temporary repository.
I cloned the dracut repository at https://anonscm.debian.org/gitweb/?p=collab-maint/dracut.git and added the changes we need for the live systems.
Then added the folder to the packages directory of the whonix source, renamed it to dracut-whonix and also changed the control file so that packages with the name dracut-whonix-* are created.
In 1200_create-debian-packages I added:

Nov 8 2017, 4:01 PM · Whonix 15, Whonix, build

Nov 3 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

The patch was not meant to be integrated already in the official Whonix source. More like: $interested_person can get an idea how a 14.0.0.5.2 live image would build and look in the end.

Nov 3 2017, 3:10 PM · Whonix 15, Whonix, build
Algernon added a comment to T714: Whonix live mode / grub-live.

The patch was not meant to be integrated already in the official Whonix source. More like: $interested_person can get an idea how a 14.0.0.5.2 live image would build and look in the end.

Nov 3 2017, 1:15 PM · Whonix 15, Whonix, build

Nov 2 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

I can see you know your way around in Whonix source code and found a lot. :) Gave it a quick review. Looks mostly good for me except...

Nov 2 2017, 9:33 PM · Whonix 15, Whonix, build

Nov 1 2017

Algernon added a comment to T714: Whonix live mode / grub-live.

Attached is the diff against 14.0.0.5.2-developers-only. It contains minor changes to the original Whonix source and some new files for the dracut live system. I removed some changes which should be only relevant on my side. If it doesn't build I can add them.
With this patch the raw gateway and workstation boot in normal, live and live toram mode. You can choose in the grub menu what option you want to boot. I didn't check each application but I don't see a reason why some app shouldn't work due to running live. Exception is currently Apparmor confined stuff which will complain when booted with overlayfs (currently default). So either the profiles have to be adapted or I'll change the default mode to device-mapper.
If you want to boot without overlayfs and use device-mapper instead just remove rd.live.overlay.overlayfs from the grub menu for the normal live mode. For the toram mode you have to use "rd.live.plainroot" instead of "rd.live.mksquashfs rd.live.overlay.overlayfs" .

Nov 1 2017, 7:00 PM · Whonix 15, Whonix, build

Oct 9 2017

Patrick closed T710: qubes-whonix build failure as Resolved.
Oct 9 2017, 9:32 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Oct 8 2017

Patrick added a comment to T710: qubes-whonix build failure.
> Just setting `tbb_version` or `tbb_hardcoded_version` variable isn't enough, because it isn't propagated through all the layers to postinst of tb-updater.
Oct 8 2017, 11:52 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

https://github.com/Whonix/qubes-template-whonix/pull/1

Just setting tbb_version or tbb_hardcoded_version variable isn't enough, because it isn't propagated through all the layers to postinst of tb-updater. But creating temporarily a configuration file works (in /etc/torbrowser.d).
Use tbb_version there, because tbb_hardcoded_version is unconditionally overridden by /usr/share/tb-updater/tbb_hardcoded_version. But later is ignored if tbb_version is already set.

Oct 8 2017, 10:56 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
Patrick reopened T710: qubes-whonix build failure as "Open".
Oct 8 2017, 1:13 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
Patrick added a comment to T710: qubes-whonix build failure.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

The problem is back again, 7.0.4 is no longer available at https://dist.torproject.org/torbrowser/
What is the easiest/elegant way to choose different version, without modifying tb-updater package? Some env variable? Some config file? I don't consider https://github.com/SimonSelg/qubes-template-whonix/blob/SimonSelg-fix-tb-updater/whonix-gateway/04_install_qubes_post.sh#L65-L79 elegant...
Oct 8 2017, 1:12 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Oct 7 2017

marmarek added a comment to T710: qubes-whonix build failure.

The problem is back again, 7.0.4 is no longer available at https://dist.torproject.org/torbrowser/
What is the easiest/elegant way to choose different version, without modifying tb-updater package? Some env variable? Some config file? I don't consider https://github.com/SimonSelg/qubes-template-whonix/blob/SimonSelg-fix-tb-updater/whonix-gateway/04_install_qubes_post.sh#L65-L79 elegant...

Oct 7 2017, 3:39 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Sep 15 2017

Patrick updated the task description for T714: Whonix live mode / grub-live.
Sep 15 2017, 1:57 PM · Whonix 15, Whonix, build

Sep 5 2017

Patrick added a comment to T714: Whonix live mode / grub-live.

A tar.xz is not a great source for source code. Could you publish this using git please?

Sep 5 2017, 2:54 PM · Whonix 15, Whonix, build

Aug 31 2017

JasonJAyalaP closed T700: Build instructions, exim4 errors as Resolved.

Ok. If there's no objection, I'll close this issue and wherever I find "apt-get install genmkfile" in our documentation I will add no install recommends.

Aug 31 2017, 12:22 AM · Whonix 14, build, Whonix

Aug 30 2017

Patrick added a comment to T700: Build instructions, exim4 errors.

Whonix's build script (as well as Qubes-Whonix build) always assumes --no-install-recommends. If something was missing, it would be a missing dependency bug. So using --no-install-recommends when installing genmkfile should be fine.

Aug 30 2017, 10:42 PM · Whonix 14, build, Whonix
Patrick closed T710: qubes-whonix build failure as Resolved.
Aug 30 2017, 10:40 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
JasonJAyalaP added a comment to T700: Build instructions, exim4 errors.

Whonix gateway 14.0.2.6 upgraded with developers repo:

Aug 30 2017, 9:40 PM · Whonix 14, build, Whonix

Aug 26 2017

marmarek added a comment to T710: qubes-whonix build failure.

Yes, it works now: https://travis-ci.org/marmarek/qubes-template-whonix/builds/263033873

Aug 26 2017, 1:38 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Aug 25 2017

Algernon created T714: Whonix live mode / grub-live.
Aug 25 2017, 7:43 PM · Whonix 15, Whonix, build
Algernon added a comment to T700: Build instructions, exim4 errors.

I can't reproduce this issue on my side. Tested it with the gateway and workstation 14.0.0.2.6 and with a self build gateway on 14.0.0.4.1. Installing genmkfile works in each case.
However, it depends on the version of genmkfile if exim + a lot of other packages are installed. There are two versions of genmkfile, the latest one is only present in the whonix developers repo. This version requires several packages (see Depends in the control file). One of those packages is devscripts which has the package "at" as recommends which again has some mta like exim as recommends.
The version of genmkfile in jessie, jessie-proposed-updates and testers does not depend on any package. This is also the reason why JasonJAyalaP saw no exim being installed on debian stretch with the whonix jessie repository.
So if you don't want exim etc. to be installed AND you want to use the latest genmkfile version then: use --no-install-recommends.
Otherwise use the whonix jessie repo. Not sure about the differences between the genmkfile versions though.
As already said, for me it also works with the recommended packages and whatever repo, no exim errors.
@JasonJAyalaP can you still reproduce this error on your side?

Aug 25 2017, 12:53 PM · Whonix 14, build, Whonix

Aug 24 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater with updated hardcoded Tor Browser version is now available in Whonix jessie-proposed-updates repository. Could you try a build please? Quite likely it will go past that issue now.

Aug 24 2017, 5:17 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Aug 10 2017

marmarek added a comment to T710: qubes-whonix build failure.

Indeed, TEMPLATE_OPTIONS variable wasn't properly propagated. Fixing this fixes whonix-gateway build:
https://travis-ci.org/marmarek/qubes-template-whonix/builds/263033866

Aug 10 2017, 1:16 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Aug 9 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater must not be installed on Whonix-Gateway at all cost. It's a blocker, since that messes up a carefully selected and package selection.

Aug 9 2017, 9:54 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

K interesting. I'll check this out, thanks.

Aug 9 2017, 2:36 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

Also, it worked before (when tor browser 7.0 was still downloadable)... See builds history on travis (https://travis-ci.org/marmarek/qubes-template-whonix/builds).

Aug 9 2017, 2:28 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

In above linked travis job, workstation build (17.6) fails with:

(Debugging information: curl_status_message: [22] - [HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above. This return code only appears if -f, --fail is used.])

Probably package installation order is non-deterministic here...

Aug 9 2017, 2:23 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

In whonix-ws the package is called anon-ws-dns-conf . Yes I'm sure about that. The build log explicitly says "Couldn't resolve host".

Aug 9 2017, 2:11 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

Are you sure about that? According to build log, the issue with whonix-ws is missing 7.0.0 version on server. anon-gw-dns-conf is not installed in whonix-ws

Aug 9 2017, 2:07 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

Nope, tb-updater getting installed in whonix-gw doesn't cause this issue.

Aug 9 2017, 1:59 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

Ah, you're right. So the second line in my comment _is_ a blocker too.

Aug 9 2017, 1:56 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

IMO the chain doesn't solve the issue of tb-updater not getting any internet connectivity during postinst, which is the root cause of this issue ("Couldn't resolve host. The given remote host was not resolved").

Aug 9 2017, 1:45 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
marmarek added a comment to T710: qubes-whonix build failure.

I prefer the proper fix, which is a chain of three tickets in total: https://phabricator.whonix.org/T671#14310
Independently (not a blocker), it would be good to find out why tb-updater is installed in whonix-gw.

Aug 9 2017, 1:42 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

I tested the build whonix-gw and whonix-ws templates I build using my patch to qubes-template-whonix and my patch to qubes-builder and everything works just fine (on 4.0 RC1).

Aug 9 2017, 1:24 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Aug 6 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater should not be installed on Whonix-Gateway anyhow. That's
strange. That's the root cause to be fixed.

Aug 6 2017, 10:54 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
SimonSelg added a comment to T710: qubes-whonix build failure.

I did further debugging. It appears that by the time the postinst task of tb-updater runs inside the whonix-gw chroot, /etc/resolv.conf looks like this:

Aug 6 2017, 2:06 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Jul 31 2017

Patrick added a comment to T710: qubes-whonix build failure.

What does it mean in practice?

Jul 31 2017, 12:50 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Jul 30 2017

marmarek added a comment to T710: qubes-whonix build failure.

What does it mean in practice?
Also "Couldn't resolve host" doesn't look like file removed from torproject's download server...

Jul 30 2017, 12:20 AM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Jul 29 2017

Patrick added a comment to T710: qubes-whonix build failure.

The build was done using jessie-proposed-updates, which is still at tbb_hardcoded_version="7.0.0", that download version was removed from torproject's download server. tbb_hardcoded_version wasn't updated to prevent more breakage due unresolved T671.

Jul 29 2017, 5:40 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes
Patrick triaged T710: qubes-whonix build failure as High priority.
Jul 29 2017, 4:00 PM · tb-updater, build, Whonix 14, Whonix 13, Whonix, Qubes

Jul 13 2017

Patrick added a comment to T700: Build instructions, exim4 errors.

JasonJAyalaP (Jason J. Ayala P.):

JasonJAyalaP added a comment.

How did install genmkfile lead to installing a mail program like exim?
Jul 13 2017, 11:52 PM · Whonix 14, build, Whonix
JasonJAyalaP added a comment to T700: Build instructions, exim4 errors.

How did install genmkfile lead to installing a mail program like exim?

Jul 13 2017, 8:14 PM · Whonix 14, build, Whonix
Patrick added a comment to T700: Build instructions, exim4 errors.

Look into the postinst script. /var/lib/dpkg/exim something .postinst.
(Or another extension but probably .postinst.) See what that maintainer
script is doing and what might fail.

Jul 13 2017, 2:55 PM · Whonix 14, build, Whonix