GNUnet in sid chroot

With alternative packaging solutions no longer options for getting GNUnet. I thought of something else which someone also suggested on SE: What if there is a sid minimalist chroot to safely install the latest version? Debootstrap or something better for the task (see more in the lInk) could be used for this. Some directories like home could be mounted so gnunet and related whonix tools could interact.

Pros: No longer have to wait for major steps by upstream projects for packaging. No extra package management solutions need to be added updated.

Cons: Chroot may need many packages. Needs to be tested if the concept is sound.

https://wiki.debian.org/Debootstrap

That’s a rather hacky solution. Why not port whole Whonix to sid… Due
to the flood of upgrades and breakage. Something that works for an
advanced user that can be fun but not something that can be done as a
stable distribution.

True porting the distro to sid is terrible. The chroot was a compromise between both worlds. Sort of a docker lite which is the rage these days but with verifiability and more flexibility for working with the OS outside the jail.

The whole plan may be a pipe dream at this point but that’s a shorter way to get there.

Any news about GNUnet?

It is currently packaged in Debian but the rapid development cycle makes the versions packaged in stable obsolete and incapable of connecting to the network.

Is this still the case?

• Debian sid has gnunet 0.10.1.
• Debian experimental has gnunet 0.11.0.

Perhaps lets start by documenting how to use GNUnet (in a sid chroot)?

On https://www.whonix.org/wiki/GNUnet I started documenting how to create a Debian sid based chroot using mmdebstrap, systemd-nspawn. Why choose these tools? For rationale, see… I recently got more interested in chroot… See:

I failed to create a Debian experimental based chroot probably due to upstream issues with Debian experimental.

Towards the end of 2019 they released a major milestone 0.12 which is incompatible with the 0.11 network.

https://gnunet.org/en/news/2019-0.12.0.html

So they are moving fast even in comparison to Debian experimental. I’ll have to find out if there is a n external install source that actually works.

I went ahead and built the latest release from source following the steps on their site.

The daemons successfully start but no connections to peers ever happen. Doesn’t matter if over Tor or VPN.

It might be a masterpiece, but 20 years after starting the developers must have a lot of patience.

How about these later versions now available - worth trying?

Current package details:

• Buster - 0.10.1-5.1
• Bullseye - 0.13.1-2
• Sid - 0.13.1-2
• Experimental - 0.14.0-5

Do we just follow your instructions on the GNUNet page for chroot and then install it from sid or experimental to play with it?

It would be good to have some wiki instructions that are actually useful i.e. can at least connect to the network in Whonix with the current versions available.

I see they have a large manual: https://docs.gnunet.org/handbook/gnunet.html Chapter 5 onwards looks relevant once it is installed?

Although in Chapter 4 it does state you need a minimal configuration file before you can start:

GNUnet needs a configuration file to start (see Config file format). For the single-user setup an empty file is sufficient:

$ touch ~/.config/gnunet.conf

For the multi-user setup we need an extra config file for the system services. The default location is /etc/gnunet.conf. The minimal content of that file which activates the system services roll is:

[arm]
START_SYSTEM_SERVICES = YES
START_USER_SERVICES = NO

The config file for the user services (~/.config/gnunet.conf) needs the opposite configuration to activate the user services roll:

[arm]
START_SYSTEM_SERVICES = NO
START_USER_SERVICES = YES

There is also a shortened guide version:

https://gnunet.org/en/use.html

It all looks pretty mysterious i.e. a lot of config and stuff around involved for basic use.

[torjunkie] torjunkie https://forums.whonix.org/u/torjunkie
April 5

It might be a masterpiece, but 20 years after starting the developers
must have a lot of patience.

How about these later versions now available - worth trying?

Yes definitely. Please do. I’ve tried them over Tor for years now and it
never seemed to work. It’s really powerful and capable under the hood,
but its UX is a little muddled.