Awesome!

Yes, worth it. I guess lots of people are going to try Whonix-Host inside a virtual machine before considering installation on real hardware. That's why I even would like to have ability to run Whonix-Host inside VirtualBox.

Please post new tickets in forums as per:
https://forums.whonix.org/t/abolishing-whonix-phabricator-issue-tracker-moving-issue-tracking-to-forums-migrating-phabricator-whonix-org-to-forums-whonix-org/7112

But forgot to add sudo install_package_list+=" debug-misc "...

Just built 15.0.1.3.6-developers-only

Great! Will try to build tomorrow and report back... asap :)

Please add your build commands to Whonix wiki Dev/Whonix-Host, then I can add suggestion there how to improve these.

Not sure what you mean here?

That's probably because of T950. You'd need to remove both:

quiet loglevel=0

I see. But I won't lose time trying to debug this particular build, I will just try a new one and see if the problem persists. Had some problems with lack of space on the VM I am building with, maybe related. Not worth debugging if it's a one time thing. We'll see.

In T914#20017, @onion_knight2 wrote:

Seems I have quite a flexible notion of "asap" :)...

Seems I have quite a flexible notion of "asap" :)...

xfce4-power-manager is installed on Whonix-Host in 15.0.1.3.2-developers-only.

Great news! I am rebuilding the whole package Host+gw+ws now, excited to test it out! Will report asap.

echo "options overlay metacopy=on" > /etc/modprobe.d/overlay.conf 
update-initramfs -u

That would be OK but this is not my preferred solution. Reason: an unclean shutdown in Whonix installed persistent mode would with a subsequent boot into live mode would result in a failed reboot into Whonix installed live mode.

Awesome analysis and description!

Some progress made as of Whonix-Host 15.0.1.2.7:

[1] There is currently no trigger (systemd unit file) to execute /usr/lib/whonix-libvirt/persistent-mode-to-read-write.

As of 15.0.1.0.7, the following behavior is observed:

Do you know how to run calamares hook scripts? I think I saw this before but I can't find it anymore. Or we have to invent our own mini calamares module similar to how package calamares-settings-debian invented new calamares modules?

In T914#19541, @onion_knight2 wrote:

I don't know. Not implemented yet. Currently installed (persistent) Whonix-Host does not have live-boot option.

I think that is only here:
https://github.com/Whonix/Whonix/blob/master/build-steps.d/1800_copy_vms_into_raw#L35

I agree that a solution would probably to run some kind of script at the end of the Calamares installtion to revert ro to rw.

There are two read-only parameters:

I guess images will be set to kvm images read-only when booted in live iso mode (and probably live mode too). But once installed, images are still set to live mode. That would be probably kvm images read-only is set when run in iso live mode, cached in RAM and then installed to local disk?

Good catch! Merged.

Fixed by adding

I added whoami in the script and it confirmed it runs as root.

Yes, it should be run by root. Maybe it is run by root but somehow the changes don't take place as they should. More debugging could help.

Pretty sure it is run by root.

It seems that https://github.com/Whonix/whonix-libvirt/blob/master/usr/lib/whonix-libvirt/live-mode-to-read-only is not ran by root. Thus it cannot get the virsh list --all (returns void) nor change the VM xml configuration file.

https://github.com/Whonix/anon-meta-packages/commit/9550d47959e37cb8cca508e169c121dc65cde342

https://forums.whonix.org/t/whonix-host-calamares-branding-suggestion/7772/8

• https://github.com/Whonix/whonix-xfce-desktop-config/blob/master/usr/share/livecheck/livecheck.sh
• https://github.com/Whonix/whonix-xfce-desktop-config/blob/master/etc/skel/.config/xfce4/panel/genmon-12.rc

Works well in Non-Qubes-Whonix. Solution was this one:

Should work on manual invocation.

For the record, this is the diff being generated.

By default, the VMs do not start because the virtual disks are not set to readonly. This is only needed when using the ISO though. Might stay this way as long as the user is correctly advised to change to set the disk to readonly mode.

In T913#18744, @Patrick wrote:

Do you see any issues with "create home directory on first login" in Qubes?

In T913#18743, @marmarek wrote:

Can you give some more context here?

Can you give some more context here? Is it the problem that user is created too early (before /etc/skel is fully populated)? Or is it a problem that it's created at all? Should there be a difference between Qubes and non-Qubes case?