[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion

Will /etc/torrc.d/95_whonix.torrc be persistent?

All done:

Details:

• Fix obfs4 default bridges connectivity issue
• Distinguish bridge_type_with_comment from bridge_type
• Switch to /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc
• Put DisableNetwork line into 40_anon_connection_wizard.torrc
• Simplify tor_status.py
• Throughout update repair_torrc.py

iry:

Will /etc/torrc.d/95_whonix.torrc be persistent?

It already is yes, there since latest Whonix stretch upgrade.

iry:

Should we use /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc instead?

Certainly yes. Certainly /usr/local/etc/torrc.d/. Good Catch!

iry:

But does that mean when users would like to decide enable or disable Tor, they will modify 40_anon_connection_wizard.torrc manually?

Right, not covered at this point. But should be. I didn’t have these
users in mind.

Any suggestions?

Editing 40_anon_connection_wizard.torrc is not great - since machine
modified file. 50_user.torrc would be the place for that.

We extend the comment in /etc/tor/torrc and explain to add
DisableNetwork 0 to 50_user.torrc for users who wish to manually
enable Tor? /etc/tor/torrc will be the place where most users will be
looking anyhow since torrc.d is new.

I messed up something. My latest requests made anon-connection-wizard Whonix specific. But I guess there could be an “if Whonix, use /usr/local/etc/torrc.d…, otherwise use /etc/torrc.d”.

repair_torrc() function will be called when we want to gurantee the existence of:
-‘fixed_nothing’ if everything is good in torrc
…
/etc/tor/torrc is exactly the same with /etc/tor/torrc.anondist

.anondist ist anondist (in practice Whonix) specific.

/etc/tor/torrc is a symlink to /etc/tor/torrc.anondist.

shutil.copyfile('/etc/tor/torrc.anondist', '/etc/tor/torrc')

It should be a symlink. Not a copy. But only in Whonix.

To keep things simple and non-Whonix specific, I suggest to handle only /etc/tor/torrc, make sure it’s contents are correct and that’s about it. Not sure it is clever to try to restore the symlink since Whonix specific and… Dunno.

Instead of…

f.write("\
## Do not edit this file!\n\

Could you please add the files to anon-connectino-wizard /usr/share/anon-connection-wizard/etc/tor/torrc?

In other words… Let’s use

• /usr/share/anon-connection-wizard/etc/tor/torrc
• /usr/share/anon-connection-wizard/etc//torrc.d/95_whonix.torrc

so we don’t have to update the text in the python source but can simple copy from anon-gw-anonymizer-config to there?

Patrick Schleizer:

I messed up something. My latest requests made anon-connection-wizard Whonix specific. But I guess there could be an “if Whonix, use /usr/local/etc/torrc.d…, otherwise use /etc/torrc.d”.

No worry. I tried to make the code very generic so there will not be too
much work to make it Whonix non-specific.

repair_torrc() function will be called when we want to gurantee the existence of:
-‘fixed_nothing’ if everything is good in torrc
…
/etc/tor/torrc is exactly the same with /etc/tor/torrc.anondist

.anondist ist anondist (in practice Whonix) specific.

/etc/tor/torrc is a symlink to /etc/tor/torrc.anondist.

shutil.copyfile('/etc/tor/torrc.anondist', '/etc/tor/torrc')

It should be a symlink. Not a copy. But only in Whonix.

I agree. It will make the changes much easier.

To keep things simple and non-Whonix specific, I suggest to handle only /etc/tor/torrc, make sure it’s contents are correct and that’s about it. Not sure it is clever to try to restore the symlink since Whonix specific and… Dunno.

Instead of…

f.write("\
## Do not edit this file!\n\

Could you please add the files to anon-connectino-wizard /usr/share/anon-connection-wizard/etc/tor/torrc?

In other words… Let’s use

• /usr/share/anon-connection-wizard/etc/tor/torrc
• /usr/share/anon-connection-wizard/etc//torrc.d/95_whonix.torrc

so we don’t have to update the text in the python source but can simple copy from anon-gw-anonymizer-config to there?

Sounds great to me. I will do the pull request later today.

Patrick Schleizer:

iry:

But does that mean when users would like to decide enable or disable Tor, they will modify 40_anon_connection_wizard.torrc manually?

Right, not covered at this point. But should be. I didn’t have these
users in mind.

Any suggestions?

Editing 40_anon_connection_wizard.torrc is not great - since machine
modified file. 50_user.torrc would be the place for that.

We extend the comment in /etc/tor/torrc and explain to add
DisableNetwork 0 to 50_user.torrc for users who wish to manually
enable Tor? /etc/tor/torrc will be the place where most users will be
looking anyhow since torrc.d is new.

I agree we should keep DisableNetwork 0 in 50_user.torrc which can
both be modified by users and anon-connection-wizard. I changed the way
to write DisableNetwork 0 yesterday, so it may take a little bit time
(later today) to adjust the change.

What do you think will be the best (most used) approach to detect if we are in Whonix?

To make anon-connection-wizard not Whonix specific, repair_torrc() now only gurantee the existence of:

1. /etc/torrc.d/
2. /etc/tor/torrc
3. “%include /etc/torrc.d” line in /etc/tor/torrc file

With anon-connection-wizard installed, in Whonix, the parsing path will be:
/etc/tor/torrc --> /etc/torrc.d/ --> /etc/torrc.d/95_whonix.torrc --> /usr/local/etc/torrc.d --> /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc --> /usr/local/etc/torrc.d/50_user.torrc

With anon-connection-wizard installed, in Debian, the parsing path will be:
/etc/tor/torrc --> /etc/torrc.d/ --> /etc/torrc.d/40_anon_connection_wizard.torrc --> /etc/torrc.d/50_user.torrc

iry:

What do you think will be the best (most used) approach to detect if we are in Whonix?

anondist:
If file /usr/share/anon-gw-base-files/gateway exists.

Whonix:
If file /usr/share/whonix/marker exists.

Since /usr/local/etc/torrc.d is configured in package
anon-gw-anonymizer-config, /usr/share/anon-gw-base-files/gateway is
appropriate.

iry:

To make anon-connection-wizard not Whonix specific, repair_torrc() now only gurantee the existence of:

1. /etc/torrc.d/
2. /etc/tor/torrc
3. “%include /etc/torrc.d” line in /etc/tor/torrc file

With anon-connection-wizard installed, in Whonix, the parsing path will be:
/etc/tor/torrc → /etc/torrc.d/ → /etc/torrc.d/95_whonix.torrc → /usr/local/etc/torrc.d → /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc → /usr/local/etc/torrc.d/50_user.torrc

With anon-connection-wizard installed, in Debian, the parsing path will be:
/etc/tor/torrc → /etc/torrc.d/ → /etc/torrc.d/40_anon_connection_wizard.torrc → /etc/torrc.d/50_user.torrc

Perfect!

iry:

I agree we should keep DisableNetwork 0 in 50_user.torrc which can
both be modified by users and anon-connection-wizard.

I don’t think _user should be modified by a program. It could detect it,
parse all files, and report, but should stick to its own files.
Otherwise we start mixing things.

The user should decide. Manual or by tool.

Hi Patirck!

Currently, all anon-connection-wizard does to 50_users.torrc is remove or add the # to the DisableNetwork 0. I think it should be fine as long as we keep the operation as the operation to 50_users.torrc ?

Because removing or adding the # is kind of still the decision from users?

Another advantage of making 50_users.torrc the only place containing DisableNetwork 0 is all the user should have 50_users.torrc but only anon-connection-wizard users will have 40_anon_connection_wizard.torrc file. It does not make much sense for a user who does not use anon-connectoin-wiezard to put DisableNetwork 0 in 40_anon_connection_wizard.torrc.

What do you think?

Thank you so much, Patrick!

Done. Now anon-connection-wizard will use different paths according to wether in Whonix or not.

• anon-connection-wizard should have different behavior on Whonix and non-Whonix now
• Move DisableNetwork line to 50_user.torrc
• Better error information when Tor fails to start

I think the only TODO left for anon-connection-wizard so far is:

• use gettext for translation

Would anyone please help me to do some testing on anon-connection-wizard to make sure it works perfectly in Whonix 14 please? I really appreciate the help!

Please fetch and merge, made some changes. Fortunately we had no merge conflict.

There is a bug.

cat /usr/local/etc/torrc.d/40_anon_connection_wizard.torrc 
# This file is generated by and should ONLY be used by anon-connection-wizard.
# User configuration should go to /usr/local/etc/torrc.d/50_user.torrc, not here. Because:
#    1. This file can be easily overwritten by anon-connection-wizard.
#    2. Even a single character change in this file may cause error.
# However, deleting this file will be fine since a new plain file will be generated the next time you run anon-connection-wizard.
DisableNetwork 0
UseBridges 1
ClientTransportPlugin meek_lite exec /usr/bin/obfs4proxy
bridge meek_lite 0.0.2.0:3 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com

Traceback (most recent call last):
  File "/usr/bin/anon-connection-wizard", line 4, in <module>
    anon_connection_wizard.main()
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 1606, in main
    wizard = AnonConnectionWizard()
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 1043, in __init__
    self.bridge_wizard_page_2 = BridgesWizardPage2()
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 312, in __init__
    self.setupUi()
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 382, in setupUi
    self.comboBox.setCurrentIndex(self.bridges.index(Common.bridge_type_with_comment))
ValueError: 'obfs4 (works in China)' is not in list

That is for sure.

• Users should only touch 50_user.torrc and leave 40_anon_connection_wizard.torrc aside (at maximum delete it)
• anon-connection-wizard should only touch 40_anon_connection_wizard.torrc

What I want here is a clean separation. Some files are written to by users only but not by tools.

Imagine some user claiming “Whonix enabled Tor for me but I didn’t want to”. Claiming it was a bug. If we don’t mention 50_user.torrc literally in the source code with write access, such claims are easily refuted.

The only way 50_user.torrc should be used is read-only by anon-connection-wizard. Not with special read code but with the normal code for parsing all the Tor config files looking for DisableNetwork 1 or 0.

By default there won’t be an adding/removing anymore since 50_users.torrc does not exist by default. However, any Tor config file equal or higher 50_ should only be touched by the user, not by tools, so always the user’s wish is respected as last word with no surprises.

Users who don’t with to use anon-connection-wizard to enable Tor have very, very low priority. These can be very, very vocal users as well, while other “engineers degree people” still don’t manage to use Whonix. These geeks are only a few and it’s not worth to exhaust ourselves to handle such corner cases. Their freedom isn’t restricted which is great but we also don’t need to improve usability for them.

To disable Tor, the anon-connection-wizard tool can also be used. All reasonable use cases are covered by gui and still very easily accessible by cli as well. Either manual or by sudo whonixsetup (cli) (updated today).

Thank you for your advice! I will remember that!

Sorry for my carelessness. Fixed in one line:

No worries, Almost no one writes bug free software. New bug.

Job for tor@default.service failed because the control process exited with error code.
See "systemctl status tor@default.service" and "journalctl -xe" for details.
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 1293, in next_button_clicked
    sys.stderr.write('tor_status: ' + self.tor_status + self.tor_status_code)
TypeError: Can't convert 'int' object to str implicitly