Configuration of (lightweight) Whonix minimal flavor

Development
38

Is it in Debian? If not, how is it supposed to get updated? Doing the initial packaging and then keeping up with upstream? Perhaps I am over thinking it here.

That said, if you, Patrick, troubadour, whoever involved here, could afford the time to briefly test (maybe an hour or so) the Crunchbang Waldorf distribution from a desktop experience perspective and tell me how you feel this in contrast to Debian "lxde", that'd be really great.
Doesn't matter if I like it or not. I keep maintaining the KDE desktop. If you contribute and maintain something that you like, by all means, I am happy to include it into Whonix. Others might like it as well. I don't think it would be useful if I told you "I like KDE over LXDE over Openbox", "preferred LXDE over Openbox". (Which means, I always found Openbox most inconvenient - but this is again very subjective, perhaps I have just not clue about it.)
Speaking of fiddling a lightweight desktop together, may you please tell me how exactly whonixcheck + timesync + whonixsetup get autostarted, what's needed here, etc.? I mean, if you run a tty (without X), it runs upon autologin in CLI. If you start a desktop (e.g. KDE) it comes up with notifications and stuff. I would be interested how this all works together internally (also /etc/whonix.d/ ?) in order to come up with potential solutions of integrations into "lxde", "whonix-light", whatever. Hope that makes sense. Thanks!
Makes sense.

The great thing is, porting Whonix to Gnome would be trivial (in comparison, not in total), because Gnome supports as well as KDE, Unity(Screenshots of Common Whonix Activities), Xfce(Screenshots of Common Whonix Activities), Lxde(Screenshots of Common Whonix Activities) the xdg desktop standard. Other desktops might support it as well. No idea about Openbox.

[In Whonix source code folder in whonix_(shared/gateway/workstation)…]

Autostart by xdg standard: /etc/xdg/autostart (includes hook to start start msgdispatcher --x)

Start menu items by xdg standard: /usr/share/applications/whonix/

desktop icons (By xdg standard? Seems to be quite portable as well.): /usr/share/whonix/postinst.d/70_desktopicons

daemon autostart (sdwdate, whonixcheckd… independent form desktop environment as well): /etc/init.d/

msgdispatcher --cli gets started by the whonix_shared/etc/profile.d/40_msgdispatcher.sh hook. Independent from desktop environment. Depends on tty1 autologin.

sdwdate is a pure command line tool, which can run as daemon as well (default in Whonix). Daemon gets started by /etc/init.d hook.

timesync is a plugin for sdwdate (implemented in /etc/sdwdate.d). timesync supports gui + cli. timesync monitors sdwdate (checks bootclockrandomization and does timesanitycheck). timesync uses msgcollector to issue messages. msgdispatcher dispatches them.

So if your desktop environment support xdg, then there is nothing to do. Otherwise it’s up to you to re-implement /etc/xdg/autostart using the desktops native autostart capabilities and/or up to you to re-implement the start menu entries and eventually the desktop icons.

I hope I have nothing forgotten here and can elaborate when there are open questions.

39
Is it in Debian? If not, how is it supposed to get updated? Doing the initial packaging and then keeping up with upstream? Perhaps I am over thinking it here.
No worries. 1) It's all Debian Wheezy (besides the actual metapackage and some customizations), 2) I do not plan to use the #! desktop as is. I'm just considering it a very nice lightweight desktop implementation and wanted to share it with you, ask for opinions, take it as an inspiration.
Doesn't matter if I like it or not. I keep maintaining the KDE desktop. If you contribute and maintain something that you like, by all means, I am happy to include it into Whonix. Others might like it as well. I don't think it would be useful if I told you "I like KDE over LXDE over Openbox", "preferred LXDE over Openbox". (Which means, I always found Openbox most inconvenient - but this is again very subjective, perhaps I have just not clue about it.)
While this is - in general - correct, it actually does matter to me if you like the lightweight Desktop UX we're discussing here. Not comparing to KDE but your personal opinion is certainly valuable here.
The great thing is, porting Whonix to Gnome would be trivial (in comparison, not in total), because Gnome supports as well as KDE, Unity(https://www.whonix.org/wiki/Screenshots#On_Ubuntu), Xfce(https://www.whonix.org/wiki/Screenshots#On_Xfce), Lxde(https://www.whonix.org/wiki/Screenshots#On_LXDE) the xdg desktop standard. Other desktops might support it as well. No idea about Openbox.

[In Whonix source code folder in whonix_(shared/gateway/workstation)…]

Autostart by xdg standard: /etc/xdg/autostart (includes hook to start start msgdispatcher --x)

Start menu items by xdg standard: /usr/share/applications/whonix/

desktop icons (By xdg standard? Seems to be quite portable as well.): /usr/share/whonix/postinst.d/70_desktopicons

daemon autostart (sdwdate, whonixcheckd… independent form desktop environment as well): /etc/init.d/

msgdispatcher --cli gets started by the whonix_shared/etc/profile.d/40_msgdispatcher.sh hook. Independent from desktop environment. Depends on tty1 autologin.

sdwdate is a pure command line tool, which can run as daemon as well (default in Whonix). Daemon gets started by /etc/init.d hook.

timesync is a plugin for sdwdate (implemented in /etc/sdwdate.d). timesync supports gui + cli. timesync monitors sdwdate (checks bootclockrandomization and does timesanitycheck). timesync uses msgcollector to issue messages. msgdispatcher dispatches them.

So if your desktop environment support xdg, then there is nothing to do. Otherwise it’s up to you to re-implement /etc/xdg/autostart using the desktops native autostart capabilities and/or up to you to re-implement the start menu entries and eventually the desktop icons.

I hope I have nothing forgotten here and can elaborate when there are open questions.


This actually is most valuable information here. Thanks a lot for a comprehensive overview. It already helped me to integrate whonixcheck & friends into Fluxbox today (even without modifying anything).

I’m currently most interested in a real featherweight Whonix desktop. Experimented with both Fluxbox and JWM today. To me, it’s most important to integrate Whonix specifics smoothly without modifying anything. That is to say: notifications, autostart, menus (ongoing), dislike icons here. Other than that, I found “suckless-tools” deb package most valuable - especially “dmenu” is a beast for a featherweight implementation. From my perspective, we’re reaching a situation where we desire light + featherweight. The former one may be lxde, xfce, something similar to #!. The latter one is most hard as I need to start from scratch - and I mean from scratch = WM, menus, launchers, integration, software selection (editor, image viewer, terminal emulator, file manager, etc, etc). I would like to achieve a minimum footprint here while still providing something useful - even for the “average joe”. This will be a lot of work (it already is) but this is my very personal first focus now = featherweight edition. Just to keep you in the loop.

40

This is really %5ZhofS§ :wink: I’m not there yet to reproduce (mainly time constraints - currently having to deal with some ongoing pretty unfortunate stuff + I could have better hardware to test efficiently). Are you sure that nothing went wrong with your Workstation build? I’m wondering why Gateway + LXDE works, Workstation + LXDE doesn’t. Just asking.[/quote]

The same workstation snapshots works with all Xfce flavors (and Openbox, Fluxbox, etc). No idea why LXDE doesn’t.

Also, I'm very much in favour of a lightweight + a featherweight desktop experience. The former could be LXDE, Xfce, custom, or even all of them. I don't think we need another heavyweight option (we'll see if someone steps up).

Agreed.

As of featherweight, Fluxbox or JWM or IceWM are my current favourites + dmenu.

Fluxbox (it supports tabbed windows) seems to be a potential drop-in replacement for Openbox for the lightweight flavour + the standalone for a featherweight setup (or JWM). To narrow it down somehow, I guess we should concentrate on floating WMs as opposed to tiling ones (just too geeky for the average user).

Why do you prefer Fluxbox over Openbox for the featherweight setup?

Application selection: What do we need? For a real custom desktop (light + featherweight, I mean)
  • Terminal Emulator: LXTerminal, Xfce4-Terminal, Terminator, uxrvt
  • Text Editor: Leafpad/Mousepad, Geany
  • File Manager: PacManFM, SpaceFM, Thunar
  • Menus: Basically there are XDG Menus (KDE for example) and non-XDG Menus (Fluxbox, Openbox, JWM). There are XDG Menu Generators for the latter ones if we want these.

We can discuss this in the future. We have very similar ideas about it anyway.

There is a lot more to think about certainly. In general I would vote for software with few dependency requirements, i.e.

I do not need to urgently pull half of Gnome or KDE to be able to write a txt file, browse my folders, etc.

Exactly.

Anything specific you found inconvenient?

I tried it but I don’t know what is #! and what default Openbox so I started from the basics - testing window managers. Memory use (free -m) is pretty much the same for all four (51-54MB) however *box are both around 10MB in size, and xWM both noticeably smaller at around 1MB.

I can’t see us using JWM. It’s looks older then Win95. My very last choice of the four.

I like IceWM better then JWM, mostly because of the panel but still Win98 at best.

Fluxbox’s multiple workspaces implementation is pretty great but since we’ll be using a panel it’s irrelevant. I don’t see much differences between Fluxbox and Openbox. Anything specific I should check out?

I prefer LXpanel over tint2. Coming from Windows, application menu & a quick launch area are a must for me.

41
Why do you prefer Fluxbox over Openbox for the featherweight setup?
I do not necessarily. I actually prefer to use JWM for the featherweight (see below). Still, Fluxbox is more "complete" - compared to Openbox - as a standalone (ships a taskbar for example, besides other things). That's why I was saying this.
We can discuss this in the future. We have very similar ideas about it anyway.
Great. I got somewhat further here, i.e. I made at least some decisions (for me personally). Applies to both feather- and lightweight. That is to say:

Was working/discussing with Patrick yesterday to get Pidgin and KeePassX integrated into Whonix by default, i.e. desktop independent. We also talked about Thunderbird+Torbirdy - this is difficult though due to the availability of Torbirdy for Wheezy.

I tried it but I don't know what is #!
#! is just short for "crunchbang". So, how do you like it? The overall desktop UX, I mean.
I don't see much differences between Fluxbox and Openbox. Anything specific I should check out?
Tabbed windows in Fluxbox. Definitely check it out. Please also checkout dmenu (Alt+F3 in #!).
I prefer LXpanel over tint2. Coming from Windows, application menu & a quick launch area are a must for me.
Haven't tinkered with tint2 too much so far, but I'm pretty sure this is a matter of configuration. tint2 is very popular.
I started from the basics - testing window managers.
Try LinuxBBQ "Gangbang edition" - 53 WMs on a LiveCD(Sid). EDIT: Check this out > http://crunchbang.org/forums/viewtopic.php?id=18273
I can't see us using JWM. It's looks older then Win95. My very last choice of the four.

I like IceWM better then JWM, mostly because of the panel but still Win98 at best.


I left this for the end :wink: Speaking of featherweight here (my current personal focus), not lightweight: JWM actually is my favourite, don’t be fooled by the look of it (we’ll “paint” it). My reasoning:

  • it’s FAST (fastest stacking WM around - according to Arch Wiki + my own testing)
  • Memory footprint: 3MB
  • it follows the traditional, i.e. Windows desktop (root menu, pager, quicklaunch, taskbar, clock) - all in one package. Less alien than Fluxbox.
  • Both Damn Small Linux and Puppy Linux ship it as a default
  • Its configuration is straight forward XML. Just one conf file ~/.jwmrc
  • It’s actively developed.

Theming is somewhat non-existent with JWM (just colors, fonts, sizes) but I’m going to put lipstick on it anyways (deviantart encourages). Also a good thing, i.e less bloat. I’m pretty sure that we could integrate/theme it and you’d like it then. For lightweight such radical measures (like JWM) aren’t needed (not advertised by me).

Other than JWM (and IceWM) for featherweight - /me hides - I’m (again) much in favour of what the guys over at http://suckless.org/ are doing. First and foremost “dmenu”. Debian ships “suckless-tools” which also includes http://st.suckless.org/ and tools | suckless.org software that sucks less

42

I agree that various IM and password managers should be Whonix default but again, future topic since it’s a huge topic.

You misunderstood my point about #!. I don’t know what in Crunchbang is actually Crunchbang’s work and not just Openbox default, so I started by installing only Openbox.

I would prefer if #! would have a panel and less items in the pipe menu.

Alt+F3 disables the right click menu and adds a console at the bottom?

We shouldn’t disregard all visual improvements since 1995 as bloat. We don’t need flashy eyecandy OK but rounded edges would be great. Default JWM looks old to me. Puppy implementation on the other hand looks really good.

Using 3MB vs. 13MB (for example) is not really a problem. After all we will be operating with at least 512MB making ram use less important if both are below, I don’t know, 20?

43
I agree that various IM and password managers should be Whonix default but again, future topic since it's a huge topic.
Sure. We nailed it anyways already (yesterday on IRC). Both pidgin (with evil protocols disabled, see Tails) and KeePassX will be shipped by dist-upgrade to Whonix 8 soon. That is, if I understood Patrick correctly.
You misunderstood my point about #!. I don't know what in Crunchbang is actually Crunchbang's work and not just Openbox default, so I started by installing only Openbox. Regarding Crunchbang, my first thought is that it's nice but nothing that would really impress me.
I'm sorry. Just yesterday, I outed myself as another German :P So, I most likely was lost in translation here. Thanks for your estimation on #! - as I see, opinions can differ significantly.
Alt+F3 disables the right click menu and adds a console at the bottom?
As long as "dmenu" is activated by Alt+F3 it has the focus, so yes. You terminate it by pressing Esc. Basically, it is a launcher for everything in $PATH - very convenient imho. Just (for example) type "torb", press enter and Torbrowser is there, type "VB", press enter and VBox is there. Reminds me of Gnome Do, tab completion on steroids.
We shouldn't disregard all visual improvements since 1995 as bloat. We don't need flashy eyecandy OK but rounded edges would be great. Default JWM looks horrible. Puppy implementation on the other hand looks really good.

Using 3MB vs. 13MB is not really a problem. After all we will be operating with at least 512MB. If you think that JWM is better then X, great, let’s use it but if it’s better only because it uses 3MB and Openbox uses 13MB then I don’t see the point.


I’m with you here. I’d just like to use JWM for the featherweight (my personal pet project) - I see this as another topic as the lightweight Whonix. For the lightweight setup, I also would do more compromises. That said, I’m actually sorry for hijacking your lightweight thread with my featherweight setup. I guess the latter one will be a one-man show anyways. Maybe I should start a new thread?

As of Slacko 5.6: I have it running here and, as you said, Puppy developers did a pretty good job in customizing/prettifying JWM, companion software, etc. So, as you see (for featherweight) we actually can care about 3 VS 13 MB Ram and still ship something nice.

Making a lean, mean Whonix machine is pointless if no one will use it. Mixing Win95 with other modern programs that will be part of the edition will create an even bigger display of the conflicting looks.
If ok for you, let's discuss mainly lightweight here and let me tinker with featherweight (your input is certianly more than welcome). Again, I'm sorry for mixing things up. To me, currently, featherweight is most important, i.e. I'll do it anyways (for me) and if it turns out to be great, I'm going to redistribute it - contributing to people's options/convenience. For lightweight, such compromises (fastest, lightest, real minimal footprint, squeeze out the last MB of Ram) isn't needed - I'm perfectly on the same page here.
44

If ok for you, let’s discuss mainly lightweight here and let me tinker with featherweight (your input is certianly more than welcome). Again, I’m sorry for mixing things up.[/quote]

No problem. Feather and lightweight are very connected, only the elements will change but in-Whonix implementation will be similar. Looking forward to your progress.

45
That said, if you, Patrick, troubadour, whoever involved here, could afford the time to briefly test (maybe an hour or so) the Crunchbang Waldorf distribution from a desktop experience perspective and tell me how you feel this in contrast to Debian "lxde", that'd be really great.

I could afford to test Crunchbang or whatever you might see fit. But before, I’d like to put my oar in the thread. I think one should have a look around before discussing the preferences of one or another. It seems that Xfce4 is becoming a sort of standard in the lightweight desktop environments. Debian is considering shipping it as the default DE in jessie, decision in August from what I could read. I believe it comes already in testing/jessie. I can check.

I have installed Qubes OS (R2). They install lightdm and propose KDE4 Plasma AND Xfce4 as standard. I know Qubes is not a widely used distribution, but we cannot ignore their choice, it must have been seriously weighted.

I do not think openbox alone is fighting in the lightweight category, it is definitely featherweight. What you get is a blank screen and a right-click menu…

A personal like. Xfce4 lets the user activate the windows on the desktop with the mouse wheel. Say you have two terminals, one editor and a browser open. When switching between windows, this mode preserves the cursor position and whatever was highlighted previously. Once you get use to it, it is difficult to go back to the standard click to activate. I had a look in LXDE, I could not find the same feature.

46

@troubadour

You actually do not need to convince me of Xfce :wink: I’m using it on and off (parallel to Gnome2) since early 4.0 beta/RC releases. Since Gnome developers completely lost their brains (think Gnome3), I switched to Xfce as my daily/main working environment. So, I’m completely with you!

The reason I had a bias towards LXDE is due to the fact that I’m (personally and specifically for Whonix) in need of something even lighter than Xfce … and LXDE actually is just that (slightly at least).

But: Even LXDE is too bloated for what I (personally) need it, so I went on and i’m putting together “Whonix Featherweight” now - basically building a “DE” from scratch. I’m making progress (mostly discussing this at #Whonix on irc.oftc.net these days) but it’s a whole lot of work, tendious but fun - that said, i’d like to get it just right, so it needs time. The result is - so far - well worth the effort. That is to say, it’s flying.

To provide some insight into ongoing “Whonix Featherweight/building a “DE” from scratch” project: I try to be very “anal retentive” here. Caring about every little detail/component, squeezing as much performance out of it as possible while trying to come up with something both user-friendly + minimalist - (noticable) faster than both LXDE and Xfce.

Some sneak peak:

Still some things are undecided yet (needs more research, testing): archive manager, file search, scrot (most likely “scrot”), system monitor (most definitely htop) and lots of others i cannot remember just yet (just too much) :slight_smile:

Other than that (goals):

  • Not at all touching Whonix base
  • Providing a meta-package for easy install + pre-configuration
  • /etc/xdg/autostart integration (either GitHub - paultag/fbautostart: Fluxbox XDG Autostart-er or custom-coded wrapper) > whonixcheck/timesync (msgdispatcher)
  • /etc/xdg/menus > JWM menu (custom-coded and/or puppy linux components, tbd)
  • fit together everything, i.e. components into a “DE” > visual appearance + overall “DE”-logic, etc.

Suggestions/Feedback welcome!

47

Qubes system requirements are high, definitely not a light-weight system. I reckon they choose KDE because it is popular and not because it’s better security wise then DE X.

https://groups.google.com/forum/#!searchin/qubes-devel/xfce/qubes-devel/U-86_FnT3jw/M4lZdDbIx3cJ

You do make a good point about Xfce becoming the de facto light DE. The differences between LXDE and Xfce are quite minimal as Cerberus already said, so from my angle Xfce is a good choice for light-weight Whonix flavor.

Great, just great :slight_smile:

Have you perhaps created a list of (some of) the components that need to be included? I’m bad at general testing, better at specific testing.

48

I have installed Qubes to try running Whonix on top of it, certainly not for its lightness. First the iso is 2.4GB… Then each WM uses a lot of RAM (I’ll check exactly how much). I just wanted to stress Xfce seemingly becoming a standard light DE.

Off topic.
I had a look at Google Groups, and it’s part of my problem. The whole discussion about Qubes seems to be only there. I’d have some questions to ask to the Qubes developers, so I’d have to create an account. Considering the amount of personal information required, I am reluctant.

49

[quote=“troubadour, post:48, topic:84”]Off topic.
I had a look at Google Groups, and it’s part of my problem. The whole discussion about Qubes seems to be only there. I’d have some questions to ask to the Qubes developers, so I’d have to create an account. Considering the amount of personal information required, I am reluctant.[/quote]
You don’t need a google account. Any e-mail account will allow you do participate on their list. See also:
http://qubes-os.org/trac/wiki/QubesLists#HowtoSubscribeandPost1

50
You don't need a google account. Any e-mail account will allow you do participate on their list. See also: http://qubes-os.org/trac/wiki/QubesLists#HowtoSubscribeandPost1

Thank you. I have joined.

@Occq
About the DEs in Qubes, I cannot resist a comment. They may have chosen KDE because Gnome 3 is a disaster. In my humble opinion, this piece of software looks and feels as if it had been designed by a bunch of depressive developers. :cry:

51

I agree.

52

Wayland (http://wayland.freedesktop.org/) instead of X?

Figaro’s Password Manager 2 instead of KeePassX?

A few links with applications lists for different distros. Might come in handy.

http://puppylinux.org/wikka/SoftwareIndex
http://www.osnews.com/story/24936/Damn_Small_Linux_Still_Damn_Fun

http://crunchbanglinux.org/wiki/applications
https://wiki.ubuntu.com/Lubuntu/Applications/Process%20Documentation
https://wiki.archlinux.org/index.php/List_of_Applications

53

Whonix is an awesome setup for using Tor. It’s got Tor isolation, and stream isolation, and it’s ready to use with virtually no setup needed. Not only that, the documentation is mind-boggling. The instructions and scripts are sufficient for anyone with middling Linux skills to setup a build machine, and build Whonix VMs. I know because I’ve just done it, and I simply followed instructions. Y’all totally rock :slight_smile:

Still, as Patrick has discussed on Wilders, many potential users complain that it’s too complicated. They want something like Tails or even TBB. My focus has been VPNs, and I’ve recommended Whonix as a drop-in setup for using Tor. It would be far better to have a LiveDVD with VirtualBox and the Whonix VMs, and also a VPN client in the host for obscuring Tor use. I’ve played with that off and on for the past year or so, but I’ve always been stopped by the challenge of fitting three OSes in one LiveDVD.

Now I’m taking another shot. So far, this is my plan:

[ul][li]Host: Debian 7.4 x86 (network install plus xorg etc, and fluxbox) plus VirtualBox and dependencies; 1.66 GB.[/li]
[li]Tor Gateway: pfSense 2.1 x86 plus latest FreeBSD Tor port: 0.22 GB[/li]
[li]Whonix 8.1 Workstation: the best that fits in a 2.1 GB VM[/li][/ul]

I’ve written more on Wilders < What's needed is a LiveDVD like Tails, with Tor isolation like Whonix, and VPN clients too | Wilders Security Forums > that I won’t repeat here.

Some may object to using a pfSense VM in place of the Whonix Gateway. However, for a LiveDVD usable on machines with 8 GB RAM, the total uncompressed content must (as far as I know) fit in a 4 GB ramdisk. Given that, the total for Tor gateway and workstation is ~2.3 GB, and that’s implausible for two Debian VMs.

FreeBSD Freshports < FreshPorts -- security/tor: Anonymizing overlay network for TCP > is up to date (Tor-0.2.4.21). I’ve used torrc from Whonix 8.1, and almost everything seems to work with stock Whonix 8.1 Workstation. I don’t have ControlPort working yet. I’m guessing that it’s a permissions thing, with tor user being unable to do what it needs. I believe that it’s secure enough, with no outbound route from LAN, and LAN access blocked to everything except Tor ports. If anyone wants to test, I’ll provide either the VM or setup instructions.

Where I’m stuck is optimizing Whonix 8.1 Workstation in a VM that’s 2.1 GB or less. So far, I’ve built a Whonix 8.1 Workstation, terminal-only with no default apps. It’s just 1.5 GB, so I have 0.6 GB for a usable desktop. I was planning to go with minimal fluxbox, and that’s what brought me to this thread. Perhaps this should be a separate thread, but I’ll leave that to y’all.

I’ve tested the minimal Whonix 8.1 Workstation with a stock Whonix 8.1 Gateway VM, and it seems to do expected things such as checking Tor status, etc. Using wget, < http://check.torproject.org/ > tells me that wget is “configured to use Tor”. And so I’m guessing that everything needed to interact with the gateway is present. Is that correct?

I welcome advice about adding the best, most-usable desktop in 0.6 GB or less.

54

Update

sudo apt-get update && sudo apt-get dist-upgrade -y
sudo apt-get install xorg
sudo apt-get install xbase-clients
sudo apt-get install gksu
sudo apt-get install fluxbox

That increases the workstation VMDK from 1.5 GB to 1.8 GB.

Running “startx” loads fluxbox :slight_smile:

[fluxbox]
terminal
wget https://www.torproject.org/dist/torbrowser/3.5.4/tor-browser-linux32-3.5.4_en-US.tar.xz [24 MB]
tar -xvJf tor-browser-linux32-3.5.4_en-US.tar.xz
cd tor-browser_en-US
./start-tor-browser
“XPCOMGlueLoad error for file /home/user/tor-browser_en-US/Browser/libxul.so:
libasound.so.2; cannot open shared object file: no such file or directory:
Couldn’t load XPCOM.”
find / libasound*
“find: ‘libasound*’: No such file or directory”
aptitude search libasound

libasound2

sudo apt-get install libasound2
./start-tor-browser
“Congratulations. This browser is configured to use Tor.”

The workstation VMDK is now at 1.9 GB. I’d appreciate opinions about other key packages.

55

Correction: The VMDK is at 1.76 GB. I forgot to convert properly.

56

I suggest reviewing Whonix’s package list.

Technically meta packages, i.e. what packages to install, are configured in debian/control, see:
https://github.com/Whonix/Whonix/blob/Whonix8/debian/control

A justification / explanation, why package X gets installed can be found here:
https://github.com/Whonix/whonix-developer-meta-files/tree/master/package_documentation

Packages marked “## recommended” don’t have to be installed, maybe some packages marked “## dependency” could become “## recommended” after review and some if/then/else magic. (For example it wouldn’t be difficult to omit the vrms package for custom builds and with a little more code also for redistributable builds.)

However, I am buried in tasks, so I welcome help here.

As for how to create a minimal desktop environment, Occq and Cerberus have spent some thought here in this thread, I think.

57

When finally task https://github.com/Whonix/Whonix/issues/40 is done, I hope understanding Whonix’s internals gets much simpler. Also creating custom builds or Live DVD’s etc. should become much simpler, since then you can decide which of Whonix’s additions you like to use.