Page MenuHomePhabricator
Feed Advanced Search

Feb 4 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

If possible: it should only show Tor restart gui / anon-connection-wizard if these are installed. Otherwise not show such a menu entry.

Feb 4 2018, 11:02 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Have pushed an updated version with Restart Tor and Anon Connection Wizard commands from the menu, so you can have an idea of the look and feel. This is of course not written in stone. The standalone restart-tor-gui was updated for testing. https://github.com/troubadoour/restart-tor-gui

Feb 4 2018, 9:10 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Feb 4 2018, 4:48 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick edited projects for T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes), added: Whonix 15; removed Whonix 16.
Feb 4 2018, 3:16 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 3 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Feb 3 2018, 11:15 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 2 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Only small issues for now.

Feb 2 2018, 3:47 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

sdwdate-gui-qubes will be shortly ready for packaging.

There are files for the gateway, files for the workstations, none for non-qubes environment. At this stage, for review, it would be easier to make a standalone package before merging in sdwdate-gui.

It was actually easier to merge directly, if only for the new user sdwdate-gui created in postint.

Feb 2 2018, 1:47 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 1 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

sdwdate-gui-qubes will be shortly ready for packaging.

Feb 1 2018, 12:22 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 29 2018

marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Json handling looks fine. Not sure about using the data loaded from there - for example if self.message require sanitization. AFAIR some Qt widgets support html formatting, so it may be undesirable to allow that.

Jan 29 2018, 3:44 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Relevant code excerpt sdwdate.

Jan 29 2018, 3:37 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 26 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.

pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

How do you ensure that? Normally pickle.load would gladly deserialize any object, even if that results in executing code inside of it. See https://docs.python.org/3/library/pickle.html
Better use json or such if really a structure (rather than a single value) is needed.

Jan 26 2018, 9:11 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

What happens if a workstation is killed, and then later restarted?

Jan 26 2018, 8:52 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.

pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

Jan 26 2018, 6:49 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Probably no. But I,m not an expert in security or attacks.

Jan 26 2018, 5:12 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 25 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Then //pickle.load status-file

Jan 25 2018, 2:35 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Update.

The submenu commands are implemented. Looks nice and handy.

Jan 25 2018, 2:32 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

The submenu commands are implemented. Looks nice and handy.

Jan 25 2018, 12:21 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 22 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

>>! In T534#15414, @marmarek wrote:

Jan 22 2018, 10:52 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

troubadour

For now, the qrexec commands are issued from the workstations sdwdate-gui,
for practical reasons, the main one being that it's easy to restart sdwdate from there.
Obviously they'll have to be in sdwdate.

Patrick

Possibly, yes. Necessarily, maybe not. Keeping all the "if Qubes then"
logic outside of sdwdate may also be an option.

That would help a lot. There are not that many "if Qubes then" in sdwdate -- actually we also check if we are not in sys-whonix --, but when it comes to run the qrexec command in sdwdate, the problem begins. Have tried all sort of things to get the call, Popen or even os.system command working in sdwdate, to no avail, although call works in many other places.

Jan 22 2018, 10:42 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Obviously they'll have to be in sdwdate. They are some issues regarding the format of the argument in qrexec-client-vm sys-whonix whonix.test+"[argument]" when it reaches the target vm. It's sanitized, no problem there, it can be parsed, but it's truncated at 51 bytes, which limits what we can pass.

Jan 22 2018, 3:11 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Awesome progress! :)

Jan 22 2018, 2:53 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 20 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Some progress on this one. A summary without literature.

Jan 20 2018, 11:30 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jan 16 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Playing with tags.

Jan 16 2018, 1:12 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Dec 18 2017

Patrick closed T698: check Qubes-Whonix compatilbity with Qubes 4.0 as Resolved.

apt-get apt-transport-tor broken in Qubes R4 non-networked TemplateVMs #3403
https://github.com/QubesOS/qubes-issues/issues/3403

Dec 18 2017, 8:57 PM · Whonix 14, Whonix, Qubes

Dec 14 2017

entr0py added a comment to T732: whonix-gw-14 template fails to boot on Qubes 3.2.

Qubes R4 templates can not be started on Qubes 3.2

Dec 14 2017, 9:26 PM · Qubes, Whonix 14, Whonix
entr0py closed T732: whonix-gw-14 template fails to boot on Qubes 3.2 as Invalid.

Oops, should have tested plain Debian first. Doesn't work either.

Dec 14 2017, 8:40 PM · Qubes, Whonix 14, Whonix
Patrick added a comment to T732: whonix-gw-14 template fails to boot on Qubes 3.2.

Any idea about this one? @marmarek

Dec 14 2017, 12:43 PM · Qubes, Whonix 14, Whonix
Patrick triaged T732: whonix-gw-14 template fails to boot on Qubes 3.2 as Normal priority.
Dec 14 2017, 12:41 PM · Qubes, Whonix 14, Whonix

Dec 13 2017

entr0py added a comment to T732: whonix-gw-14 template fails to boot on Qubes 3.2.

Perhaps related to https://github.com/QubesOS/qubes-issues/issues/3187?

Dec 13 2017, 11:48 PM · Qubes, Whonix 14, Whonix
entr0py renamed T732: whonix-gw-14 template fails to boot on Qubes 3.2 from whonix-gw-14 fails to boot on Qubes 3.2 to whonix-gw-14 template fails to boot on Qubes 3.2.
Dec 13 2017, 11:21 PM · Qubes, Whonix 14, Whonix
entr0py created T732: whonix-gw-14 template fails to boot on Qubes 3.2.
Dec 13 2017, 11:20 PM · Qubes, Whonix 14, Whonix

Dec 3 2017

Patrick changed the status of T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix from Open to testing-in-next-build-required.

https://github.com/Whonix/qubes-whonix/commit/dac56daeb0fd607a57c0e8e0b85970d31ef6dcee

Dec 3 2017, 2:34 PM · Whonix 14, Whonix, anon-meta-packages, Qubes
Patrick added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

Not sure how to force installing pulseaudio-qubes on 3.2->4.0 upgrade (instead of keeping old qubes-gui-agent).

Dec 3 2017, 2:21 PM · Whonix 14, Whonix, anon-meta-packages, Qubes

Dec 2 2017

Patrick closed T658: Qubes-Whonix 14 timesync vs usabilty decision as Invalid.
Dec 2 2017, 8:27 PM · sdwdate, Whonix 14, Qubes, Whonix
Patrick added a comment to T658: Qubes-Whonix 14 timesync vs usabilty decision.

"Solution": for now, not enabling timesync fail closed neither in Qubes-Whonix nor Non-Qubes-Whonix since neither T636 nor T534 were finished in time.

Dec 2 2017, 8:26 PM · sdwdate, Whonix 14, Qubes, Whonix

Nov 4 2017

Patrick updated the task description for T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.
Nov 4 2017, 3:44 PM · security, Qubes, Whonix

Oct 29 2017

marmarek added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

(highest available version is 3.2.18-1+deb9u1)

Oct 29 2017, 5:53 PM · Whonix 14, Whonix, anon-meta-packages, Qubes
Patrick added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

True, my suggested solution might work for new builds but might not work
for R3.2 -> R4 upgrades.

Oct 29 2017, 3:21 PM · Whonix 14, Whonix, anon-meta-packages, Qubes

Oct 28 2017

marmarek added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

Will that really works for 4.0? There is also qubes-gui-agent package, so it isn't clear to me that pulseaudio-qubes will really be installed. Perhaps pulseaudio-qubes | qubes-gui-agent (<< 4.0.0)?

Oct 28 2017, 4:52 PM · Whonix 14, Whonix, anon-meta-packages, Qubes
Patrick added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

It fits well into package qubes-whonix-workstation-packages-recommended.

Oct 28 2017, 4:50 PM · Whonix 14, Whonix, anon-meta-packages, Qubes

Oct 20 2017

Patrick closed T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy as Resolved.
Oct 20 2017, 5:02 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick claimed T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.
Oct 20 2017, 4:58 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

tb-updater fix for Whonix 14 / master.

Oct 20 2017, 4:02 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

Backported to Whonix 13 tb-updater.

Oct 20 2017, 3:56 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

Here is the fix for tb-updater. Please have a look. Untested. Will test now. If it works, I will backport to Whonix 13 tb-updater.

Oct 20 2017, 3:43 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

Is that changing to 127.0.0.1 work on Qubes 3.2?

Oct 20 2017, 3:42 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
marmarek added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

Is that changing to 127.0.0.1 work on Qubes 3.2? Anyway, yes, it should be good enough for Qubes 4.0.

Oct 20 2017, 3:33 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick edited projects for T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy, added: Whonix 13, Whonix 14; removed Whonix 15.
Oct 20 2017, 3:28 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck
Patrick added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

is already using

Oct 20 2017, 3:27 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck

Oct 9 2017

Patrick closed T710: qubes-whonix build failure as Resolved.
Oct 9 2017, 9:32 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
Patrick closed T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues as Resolved.
Oct 9 2017, 9:29 AM · Whonix 13, Whonix 14, Whonix, Qubes

Oct 8 2017

Patrick added a comment to T710: qubes-whonix build failure.
> Just setting `tbb_version` or `tbb_hardcoded_version` variable isn't enough, because it isn't propagated through all the layers to postinst of tb-updater.
Oct 8 2017, 11:52 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

https://github.com/Whonix/qubes-template-whonix/pull/1

Just setting tbb_version or tbb_hardcoded_version variable isn't enough, because it isn't propagated through all the layers to postinst of tb-updater. But creating temporarily a configuration file works (in /etc/torbrowser.d).
Use tbb_version there, because tbb_hardcoded_version is unconditionally overridden by /usr/share/tb-updater/tbb_hardcoded_version. But later is ignored if tbb_version is already set.

Oct 8 2017, 10:56 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
Patrick reopened T710: qubes-whonix build failure as "Open".
Oct 8 2017, 1:13 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
Patrick added a comment to T710: qubes-whonix build failure.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

The problem is back again, 7.0.4 is no longer available at https://dist.torproject.org/torbrowser/
What is the easiest/elegant way to choose different version, without modifying tb-updater package? Some env variable? Some config file? I don't consider https://github.com/SimonSelg/qubes-template-whonix/blob/SimonSelg-fix-tb-updater/whonix-gateway/04_install_qubes_post.sh#L65-L79 elegant...
Oct 8 2017, 1:12 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Oct 7 2017

marmarek added a comment to T710: qubes-whonix build failure.

The problem is back again, 7.0.4 is no longer available at https://dist.torproject.org/torbrowser/
What is the easiest/elegant way to choose different version, without modifying tb-updater package? Some env variable? Some config file? I don't consider https://github.com/SimonSelg/qubes-template-whonix/blob/SimonSelg-fix-tb-updater/whonix-gateway/04_install_qubes_post.sh#L65-L79 elegant...

Oct 7 2017, 3:39 PM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Sep 27 2017

Patrick added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

jessie-proposed-updates repository merged into jessie repository and uploaded.

Sep 27 2017, 3:33 PM · Whonix 14, Whonix, Qubes

Sep 26 2017

marmarek added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

Out of curiosity, where is the R4.0 rc2 download for fresh install?

Sep 26 2017, 1:16 AM · Whonix 14, Whonix, Qubes

Sep 25 2017

cendragon added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

@marmarek The salt stuff helped a lot. It does force a strict naming convention though. And becomes more difficult to add my own cloned template of whonix-ws. But I figured out how to create my salt files and it worked out.

Sep 25 2017, 11:47 PM · Whonix 14, Whonix, Qubes

Sep 24 2017

marmarek added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

As for policy for updates proxy, see this: https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/commit/977362ee27ccc116512fc428c0807063600655cc

Sep 24 2017, 4:35 PM · Whonix 14, Whonix, Qubes
Patrick added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

Did you see the pull requests to the qubes-whonix package that Marek recently submitted which I then merged and uploaded to Whonix jessie-proposed-updates repository?

Sep 24 2017, 2:45 PM · Whonix 14, Whonix, Qubes
Patrick added a project to T698: check Qubes-Whonix compatilbity with Qubes 4.0: Whonix 14.
Sep 24 2017, 2:36 PM · Whonix 14, Whonix, Qubes
cendragon added a comment to T698: check Qubes-Whonix compatilbity with Qubes 4.0.

Well, after a lot of work, its ALIVE!
I can update the whonix-gw and whonix-ws templates through sys-whonix proxy
whonixcheck works in sys-whonix and anon-whonix
Tor browser works in anon-whonix

Sep 24 2017, 10:43 AM · Whonix 14, Whonix, Qubes

Sep 20 2017

marmarek added a comment to T491: port whonixcheck and tb-updater to Qubes qrexec based updates proxy.

Since https://github.com/Whonix/qubes-whonix/commit/01964e3c8c53b49aa14e56f7924fce5e88b5a448, other places can simply source /usr/lib/qubes-whonix/utility_function.sh and use PROXY_SERVER variable to get appropriate proxy address.

Sep 20 2017, 10:43 PM · Whonix 14, Whonix 13, tb-updater, Whonix, Qubes, whonixcheck

Sep 14 2017

marmarek added a comment to T463: Qubes-Whonix-Workstation DispVM Support.

https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/pull/5

Sep 14 2017, 2:36 AM · Whonix, Qubes
marmarek added a comment to T463: Qubes-Whonix-Workstation DispVM Support.

qubes-devel discussion: https://groups.google.com/d/msgid/qubes-devel/0f80b2a7-af84-fe3c-db9b-5d9bbeedfea6%40riseup.net

Sep 14 2017, 2:24 AM · Whonix, Qubes

Sep 12 2017

Patrick closed T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0 as Resolved.
Sep 12 2017, 2:55 PM · anon-meta-packages, Whonix 14, Qubes, Whonix
marmarek added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.
In T697#14525, @Patrick wrote:

Merged.

Note that I've created PR against Whonix13 branch instead of master intentionally. While it should be mergeable to master too, it would be good to have it in Whonix13. The current version from master branch is already incompatible with Whonix 13.

I couldn't merge / cherry-pick it. Manually emulated.

https://github.com/Whonix/qubes-whonix/commit/9a8d4b94865efceec7928d5498260a44241d96b2

Could you check please the master branch has it all? (Because that will go into Whonix 14.)

Whonix13 branch i.e. qubes-whonix 5.7.2.1-1 uploaded to Whonix jessie-proposed-updates repository.

Sep 12 2017, 3:12 AM · anon-meta-packages, Whonix 14, Qubes, Whonix
Patrick added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.
In T697#14525, @Patrick wrote:

Whonix13 branch i.e. qubes-whonix 5.7.2.1-1 uploaded to Whonix jessie-proposed-updates repository.

Sep 12 2017, 2:58 AM · anon-meta-packages, Whonix 14, Qubes, Whonix
Patrick added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.
Sep 12 2017, 2:57 AM · anon-meta-packages, Whonix 14, Qubes, Whonix

Sep 11 2017

marmarek added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.

Done: https://github.com/Whonix/qubes-whonix/pull/5
Note that I've created PR against Whonix13 branch instead of master intentionally. While it should be mergeable to master too, it would be good to have it in Whonix13. The current version from master branch is already incompatible with Whonix 13.

Sep 11 2017, 9:45 PM · anon-meta-packages, Whonix 14, Qubes, Whonix
Patrick added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.
Sep 11 2017, 6:42 PM · anon-meta-packages, Whonix 14, Qubes, Whonix
marmarek added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.

According to debian policy, << is the syntax for "strictly older than".

Sep 11 2017, 2:59 PM · anon-meta-packages, Whonix 14, Qubes, Whonix
Patrick added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.

From part (<< 4.0.0-1) what does << do?

Sep 11 2017, 2:53 PM · anon-meta-packages, Whonix 14, Qubes, Whonix
marmarek added a comment to T697: sort out meta packages compatiblity with Qubes 3.2 and Qubes R4.0.

https://github.com/Whonix/qubes-whonix/pull/4

Sep 11 2017, 2:25 AM · anon-meta-packages, Whonix 14, Qubes, Whonix

Aug 30 2017

Patrick closed T710: qubes-whonix build failure as Resolved.
Aug 30 2017, 10:40 PM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Aug 28 2017

Patrick added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

Fixed package uploaded to jessie-proposed-updates.

Aug 28 2017, 1:52 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 26 2017

marmarek added a comment to T710: qubes-whonix build failure.

Yes, it works now: https://travis-ci.org/marmarek/qubes-template-whonix/builds/263033873

Aug 26 2017, 1:38 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Aug 25 2017

marmarek added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

The idea was to keep X newest entries. not oldest, right? So the first order is right (the code skip X "first" directories). Also, I'd trust more file names, not modification time - the later is easy to mess up (and a consequence will be removing wrong directory - possibly containing just modified data).

Aug 25 2017, 7:46 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 24 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater with updated hardcoded Tor Browser version is now available in Whonix jessie-proposed-updates repository. Could you try a build please? Quite likely it will go past that issue now.

Aug 24 2017, 5:17 PM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
Patrick added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

The version with that fix is now available from jessie-proposed-updates.

Aug 24 2017, 5:15 PM · Whonix 13, Whonix 14, Whonix, Qubes
Patrick added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

That works better. But still not sufficient. It's in the wrong order.

Aug 24 2017, 11:17 AM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 15 2017

marmarek added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

I've tried glob, but I need reversed order and failed to do that with glob. ls -dr should do. Unless $tb_browser_folder itself contains spaces...

Aug 15 2017, 8:03 PM · Whonix 13, Whonix 14, Whonix, Qubes
Patrick added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

Thank you very much for the PR!

Aug 15 2017, 7:31 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 12 2017

marmarek added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

Proposed fix here: https://github.com/Whonix/tb-updater/pull/1

Aug 12 2017, 12:49 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 10 2017

marmarek added a comment to T710: qubes-whonix build failure.

Indeed, TEMPLATE_OPTIONS variable wasn't properly propagated. Fixing this fixes whonix-gateway build:
https://travis-ci.org/marmarek/qubes-template-whonix/builds/263033866

Aug 10 2017, 1:16 PM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Aug 9 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater must not be installed on Whonix-Gateway at all cost. It's a blocker, since that messes up a carefully selected and package selection.

Aug 9 2017, 9:54 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
SimonSelg added a comment to T710: qubes-whonix build failure.
Aug 9 2017, 2:36 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

Also, it worked before (when tor browser 7.0 was still downloadable)... See builds history on travis (https://travis-ci.org/marmarek/qubes-template-whonix/builds).

Aug 9 2017, 2:28 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

In above linked travis job, workstation build (17.6) fails with:

(Debugging information: curl_status_message: [22] - [HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above. This return code only appears if -f, --fail is used.])

Probably package installation order is non-deterministic here...

Aug 9 2017, 2:23 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
SimonSelg added a comment to T710: qubes-whonix build failure.

In whonix-ws the package is called anon-ws-dns-conf . Yes I'm sure about that. The build log explicitly says "Couldn't resolve host".

Aug 9 2017, 2:11 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

Are you sure about that? According to build log, the issue with whonix-ws is missing 7.0.0 version on server. anon-gw-dns-conf is not installed in whonix-ws

Aug 9 2017, 2:07 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
SimonSelg added a comment to T710: qubes-whonix build failure.
Aug 9 2017, 1:59 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

Ah, you're right. So the second line in my comment _is_ a blocker too.

Aug 9 2017, 1:56 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
SimonSelg added a comment to T710: qubes-whonix build failure.
Aug 9 2017, 1:45 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
marmarek added a comment to T710: qubes-whonix build failure.

I prefer the proper fix, which is a chain of three tickets in total: https://phabricator.whonix.org/T671#14310
Independently (not a blocker), it would be good to find out why tb-updater is installed in whonix-gw.

Aug 9 2017, 1:42 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix
SimonSelg added a comment to T710: qubes-whonix build failure.

I tested the build whonix-gw and whonix-ws templates I build using my patch to qubes-template-whonix and my patch to qubes-builder and everything works just fine (on 4.0 RC1).

Aug 9 2017, 1:24 AM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix

Aug 8 2017

Patrick added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

What exactly is the use case when removing old `/var/cache/tb-binary/.tb/tor-browser.old.*` is bad?
Aug 8 2017, 2:04 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 7 2017

marmarek added a comment to T671: old Tor Browser versions in /var/cache/tb-binary/.tb/ accumulate in Qubes-Whonix, users run into full up disk error issues.

What exactly is the use case when removing old /var/cache/tb-binary/.tb/tor-browser.old.* is bad?
IIUC this ticket is blocking tb-updater stable upgrade (T690), which would fix qubes-whonix build failure (T710). Which is a blocker for having Whonix templates for Qubes 4.0.

Aug 7 2017, 10:41 PM · Whonix 13, Whonix 14, Whonix, Qubes

Aug 6 2017

Patrick added a comment to T710: qubes-whonix build failure.

tb-updater should not be installed on Whonix-Gateway anyhow. That's
strange. That's the root cause to be fixed.

Aug 6 2017, 10:54 PM · tb-updater, build, Whonix 14, Whonix 13, Qubes, Whonix