Could you please keep running
sudo journalctl -f
while this issue is happening? Hopefully systemd journal will tell more.
No.
You’ve already located security-misc/etc/apt/apt.conf.d/40sandbox at master · Kicksecure/security-misc · GitHub which is the only thing that I am aware of. There should be no other sandboxing.
There’s a feature to unblock your issue based on:
helper-scripts/usr/libexec/helper-scripts/pre.bsh at master · Kicksecure/helper-scripts · GitHub
Commands:
sudo mkdir -p /etc/dist-base-files.d/*.conf
echo "set +e" | sudo tee /etc/dist-base-files.d/50_user.conf
It disables bash error checking.
(You most likely know that but my answers are supposed to compatible with users too that don’t speak /bin/bash too.)
Developer discussion:
Adding || true to the adduser command in the script to ignore this might not be a great idea… Similar to disabling error checking. Would reset password, re-add groups which might be unwanted.
If adduser fails, skip the rest of the code path? But if really fails during Whonix build process, could leak to lots of strange follow-up issues.