Hi @ and thank you very much to the developers for the great job you are doing.
I upgraded my Whonix 14 to the current version following the instructions in the Wiki.
Unfortunately I get some errors while starting the Gateway running on Oracle VirtualBox.
Please see following capture :
Is that alarming ? How can I fix that ?
Thank you once again for all your work and your amazing support.
Best regards,
Cottonwoodhill
Patrick
September 10, 2019, 5:20pm
#2
Hello, welcome back!
It’s a bug that will break various things (Tor Browser new identity, whonixcheck, sdwdate) but not an indicator of compromise.
Malware, Computer Viruses, Firmware Trojans and Antivirus Scanners - Kicksecure
Debugging and fixing that may be possible. Would require several times going back and forth most likely. But more easy to start with a newly downloaded Whonix-Gateway.
If you like to debug…
sudo journalctl -f
And in another terminal emulator tab.
sudo systemctl restart onion-grater.service
Post the output here. Will try to see if there are any DENIED
messages (apparmor issue) or ANOM_ABEND
messages (seccomp).
1 Like
Patrick
September 10, 2019, 5:35pm
#3
Also make sure you followed these instructions Release Upgrade - Whonix
1 Like
Patrick
September 10, 2019, 5:36pm
#4
Dear Patrick
,
Thank you so much for your fast answer and for caring.
output for sudo journalctl -f
is :
> -- Logs begin at Tue 2019-09-10 18:28:10 UTC. --
> sep 10 18:30:03 host sudo[2441]: pam_exec(sudo:auth): Calling /usr/lib/security-misc/pam_tally2-info ...
> sep 10 18:30:03 host sudo[2411]: pam_tally2(sudo:auth): user user (1000) tally 9, deny 100
> sep 10 18:30:09 host audit[2411]: USER_AUTH pid=2411 uid=1000 auid=1000 ses=1 subj==unconfined msg='op=PAM:authentication grantors=pam_exec,pam_exec,pam_tally2,pam_permit acct="user" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'
> sep 10 18:30:09 host audit[2411]: USER_ACCT pid=2411 uid=1000 auid=1000 ses=1 subj==unconfined msg='op=PAM:accounting grantors=pam_tally2,pam_permit acct="user" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'
> sep 10 18:30:09 host sudo[2411]: user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/bin/journalctl -f
> sep 10 18:30:09 host audit[2411]: USER_CMD pid=2411 uid=1000 auid=1000 ses=1 subj==unconfined msg='cwd="/home/user" cmd=6A6F75726E616C63746C202D66 terminal=pts/0 res=success'
> sep 10 18:30:09 host sudo[2411]: pam_unix(sudo:session): session opened for user root by user(uid=0)
> sep 10 18:30:09 host audit[2411]: CRED_REFR pid=2411 uid=0 auid=1000 ses=1 subj==unconfined msg='op=PAM:setcred grantors=pam_tally2,pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'
> sep 10 18:30:09 host sudo[2462]: pam_exec(sudo:session): Calling /usr/lib/security-misc/permission-lockdown ...
> sep 10 18:30:09 host audit[2411]: USER_START pid=2411 uid=0 auid=1000 ses=1 subj==unconfined msg='op=PAM:session_open grantors=pam_permit,pam_unix,pam_exec acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success
output for sudo systemctl restart onion-grater.service
is :
> Job for onion-grater.service failed because the control process exited with error code.
> See "systemctl status onion-grater.service" and "journalctl -xe" for details.
> user@host:~$ sudo systemctl restart onion-grater.service
> Job for onion-grater.service failed because the control process exited with error code.
> See "systemctl status onion-grater.service" and "journalctl -xe" for details.
Hope it helps you to find out what the issue is. (If there is one)
In the meantime, I remain to your disposal for any further tests.
Best regards & thanks again.
Fixed with :
sudo unlink /usr/local/etc/onion-grater-merger.d/* ; echo “$?”
Following by :
sudo rm /usr/local/etc/onion-grater-merger.d/40_bisq.yml ; echo “$?”
As described in the Wiki
Sorry for taking your time @Patrick . Hopefully it will help some other users.
Chears
1 Like
0brand
September 11, 2019, 9:42am
#7
Hi Cottonwoodhill
!
Good to see you again!
Your always most welcome on the Whonix forum!
2 Likes