[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

How to update Qubes Whonix from source?

I have both of the Qubes repos disabled from the command line. Qubes still shows them as having updates, though. Do I need to do more to clear those? Not used to Debian systems.

The documentation does not list a Qubes compile target. Do I just want to compile for qcow2?

Other than that. How should I approach keeping my compile environment secure? Download source code to a Qube, and then copy it over to the Whonix compile environment, which does not have networking?

After I finish compilation I just overwrite the Whonix Qubes VMs?

Qubes-Whonix doesn’t have any source code interacting with that mechanism. Needs to be reported on Qubes issues. As per What to post in this Qubes-Whonix forum and what not..

I am not sure what you want to do, but try doing this for Debian templates first.

This is sufficient:

What Qubes dom0 is saying in the graphical user interface (GUI) could be a bug. Often you can trust the command line interface (CLI) tool output more. GUI is mostly just showing what it can gather from CLI. Hence more vulnerable to such kind of bugs.

Nowhere that complicated.

I’m trying to compile my Qubes Whonix template from source, rather than using the repo provided. I don’t see a target for Xen in the documentation. I want to verify the source code prior to building.

That is a very good question. I’ve written a new wiki chapter on this issue just now:

Builds from Source Code versus Builds including Binary Packages

Please let me know if that answers your question.

That answers it more or less. If Whonix switched to Gentoo. I think it would be a solution for the difficult parts. But, that might break everything else.

In terms of building the Qubes template I managed to get to the point of verifying the signed tag. However, I cannot verify tag 19a3a1517d9703ea45bf9a6da05a7ca501e31a37. I added your key to my pgp keyring, and gave it ultimate signing authority. But, I’m still failing on that tag. I also believe I have all of the required Qubes developer signatures imported.

For qubes-template-whonix?

At time of writing…

Latest commit is this:

1ce16d7e343b2c9d22d1db1e643b6849379030a7

Latest git tag is this:

git describe 

adrelanos_1ce16d7e343b2c9d22d1db1e643b6849379030a7


related:


Templates build was success.

There is no need for such manual action as far as I know. Also I would guess own keyring is ignore by qubes-builder.

Build logs for Qubes-Whonix 16 first version template build are linked here:

No gpg issues. And maybe from there you can find out how to build it.

I don’t maintain qubes-builder and I am not an expert for it. That’s done by Qubes project.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]