ID: 576 PHID: PHID-TASK-a7oequn5mqph44smfwlv Author: Patrick Status at Migration Time: resolved Priority at Migration Time: Normal
Description
/etc/tor-controlport-filter.d folder does not work great with Whonix. It allows to drop yml files for Tails per applications level separation but we won’t have that level separation in Whonix.
What is not possible is extending an existing yml config (without touching that file).
Since porting to tor-controlport-filter by Tails, if multiple configs are matched it only uses one.
With legacy cpfpy it much more useful to tell users “drop a new file” which to extend the default config.
To give an example… In Whonix 13 with legacy cpfpy /etc/cpfpy.d/30_default.conf said
CONTROL_PORT_FILTER_WHITELIST=signal newnym
And in Whonix docs we could add:
create a new file /etc/cpfpy.d/50_user.conf and add
CONTROL_PORT_FILTER_WHITELIST=something"
That ability is lost since porting to tor-controlport-filter by Tails. As control-port-filter-python (now same as tor-controlport-filter by Tails) is implemented right now, we’d have to say open /etc/tor-controlport-filter.d/whonix.yml and fully replace it’s content, which is problematic. (hard to combine various configuration extensions, interactive dpkg conflict resolution dialogs during upgrading)
Does this issue description make sense? EDIT: If it does not but you know what I mean, please edit it to improve it. If it does not, please contact me by e-mail, so I can improve it. (To keep this ticket discussion clean.)