[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion

This whole part of qubes-whonix/qubes-whonixsetup at master · Whonix/qubes-whonix · GitHub …

# Gateway
elif [ -e /usr/share/anon-gw-base-files/gateway ]; then

    # Display alert that 'whonix-tor-disable' service flag is set and it will need to
    # to manually unset if user wants to be able to boot with Tor enabled.
    if [ -e /var/run/qubes-service/whonix-tor-disable ]; then
        /usr/lib/qubes-whonix/alert tor-disabled /usr/lib/qubes-whonix/messages.yaml
        exit 0
    fi

    ## Check if Tor is disabled.
    if grep "^#DisableNetwork 0$" /etc/tor/torrc; then
        ## Tor is disabled, therefore start whonix-setup-wizard in quick mode.
        kdesudo whonix-setup-wizard quick

        ## Check if Tor is still disabled.
        if grep "^#DisableNetwork 0$" /etc/tor/torrc ; then
           true "Tor is still disabled, therefore take no action."
        else
           ## Tor is enabled now, most likely the user enabled it using whonix-setup-wizard.

           ## When whonixcheck is automatically started at boot, while Tor is disabled
           ## in /etc/tor/torrc, whonixcheck exits silently.
           ## (whonixcheck does this because it is assumed, that in these cases Whonix
           ## Setup starts.) (Most likely happens at first boot.)
           ## If Tor has been enabled, restart whonixcheck daemon so whonixcheck will
           ## check Tor's bootstrap status among other things.

           ## Check if whonixcheck daemon is even running before attempting to
           ## restart it. This aids systems where whonixcheck is not installed
           ## or disabled by the user.
           if sudo --non-interactive systemctl --no-pager status whonixcheck ; then
               sudo --non-interactive systemctl --no-pager restart whonixcheck || true
           fi
        fi
    fi

fi

… is no longer up to date. grep "^#DisableNetwork 0$" /etc/tor/torrc won’t work anymore in the age of torrc.d. I would like to get rid of the whole part.

For Qubes-Whonix should be all done like Non-Qubes-Whonix in https://github.com/Whonix/whonix-setup-wizard/blob/master/usr/lib/whonix-setup-wizard/whonixsetup_check_for_start. Do you think you could integrate /usr/lib/qubes-whonix/qubes-whonixsetup into /usr/lib/whonix-setup-wizard/whonixsetup_check_for_start?

The status file in /var/cache/whonix-setup-wizard/status-files/whonixsetup.skip qubes-whonix package is currently preventing autostart of whonix-setup-wizard in Qubes-Whonix. Therefore,

• /var/cache/whonix-setup-wizard/status-files/whonixsetup.skip should be removed from qubes-whonix package
• therefore whonix-legacy package should create /var/cache/whonix-setup-wizard/status-files/whonixsetup.done so whonix-setup-wizard will not autostart for Qubes-Whonix 13 → Qubes-Whonix 14 upgraded systems

Do you think you could work on that?

Sure, I removed part of them, probably not all of them. I will work on that carefully later when:

1. it is ported from GUI message to gettext
2. after sorting out the integration with anon-connection-wizard

Done:
https://github.com/Whonix/whonix-setup-wizard/pull/3

Now, all the things left in whonix-setup-wizard are:

1. a not elegant integration with anon-connection-wizard
2. locale_settings
3. bootstrap of whonixcheck script

I am wondering if we still use whonix-setup-wizard as an unified place to present user all the configurations? If so, I can help to see how we can elegantly integrate it with other actually standalone applications (anon-connection-wizard, whonix-repository-wizard for example).

Tested all the options and all of them works perfect to me!

Great job, @troubadour !

I find some potential UX improvement which may include:

1. use bigger fonts?
2. Hide the conceal button which conceal button is disabled (one tip for UX to share: when something is not usable to users, do not even show it. )
3. some group line crosses the text (a problem caused by porting it to PyQt5 probably)

Are you interested in fixing some of them, @troubadour ? If not, I can definitely work on that!

Yes I can start on that.

Regarding whonix-setup-wizard, the GUI with the big button Launch Anon Connection Wizard seems to be redundant. The script is left whit too possible arguments.

Why not the following:

• if argument = setup → run anon-connection-wizard directly, run whonixcheck on completion.
• if argument = locale_settings → run kcmshell, and possibly run whonixcheck on completion.

whonix-setup-wizard code could be stripped down to a minimum.

troubadour:

Why not the following:

• if argument = setup → run anon-connection-wizard directly, run whonixcheck on completion.
• if argument = locale_settings → run kcmshell, and possibly run whonixcheck on completion.

whonix-setup-wizard code could be stripped down to a minimum.

Thank you so much for your suggestions!

I will be working on that!

Great!

Minor nitpick…

whonixcheck on completion, maybe unexpected / not needed?

I am implementing /usr/local/etc/torrc.d as per

[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion - #388 by Patrick

It’s actually almost done. Just needs testing.

Qubes-Whonix vs whonix-setup-wizard autostart is sorted as per

[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion - #422 by Patrick

https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/torrc.d/95_whonix.torrc

It could use better documentation in the files.

A ton of related commits today done. Also merged all besides restart-tor-gui, let’s do that for Whonix 15 please.

TODO anon-connection-wizard:

• repair function of /etc/tor/torrc as per anon-gw-anonymizer-config/torrc.anondist at master · Whonix/anon-gw-anonymizer-config · GitHub
• repair function /etc/torrc.d/95_whonix.torrc as per https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/torrc.d/95_whonix.torrc
• write DisableNetwork 0 into /etc/torrc.d/40_anon_connection_wizard.torrc instead
• no other places for DisableNetwork 0
• generally check for torrc and check what is being written there is still up to date

A few commits in whonix-repository (whonix-repository-wizard).

• add usr/lib/whonix-repository-wizard/whonix-repository-wizard
  implements “xhost +local:root” for virtualbox/kvm

• add usr/share/applications/whonix-repository-wizard.desktop

• GUI improvements
  window width, position of group box in first page

I am not sure about the fonts. Using the default font should be consistent for all users, whatever the screen size/resolution.

Hiding the Cancel button on the last page: it is something I had been looking at earlier, it did not seem easy. Will look again.

Looks like I independently reinvented these today. Sorry about that.

Actually I was wrong. Was mergeable.

I, I am sorry about that. I commited yesterday, but did not push before an hour ago or so.

I was also not well enough to notify about intentions to changes and commit notifications. Never mind.

I’ve added a new option that was lost during import. whonix-repository wizard stable-proposed-updates.

Could you please fix the window size? Now it is a bit too small due to the new option.

Will do.

Done.

Perfect!

But does that mean when users would like to decide enable or disable Tor, they will modify 40_anon_connection_wizard.torrc manually?

Should we use /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc instead? Otherwise, /etc/torrc.d/40_anon_connection_wizard.torrc is still not persistent in templateBased VMs?