Hello everyone, I woke up to a sad morning today just finding out that Monero is no more included by default in Whonix-16 in my Qubes. Stupid me I run sudo apt autoremove thinking it will just take out the gui, but it killed whole Monero package… Whole of my Wallet isolation setup is gone now. I tried everything that is possible in my powers but I cannot make it work.
This is now not working with the recommended flatpack installation:
http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Monero_Wallet_Isolation
My question is if there is a possibility to bring Monero back to /usr/bin as before. What God should be praised and how?
This time I was for the first time of my Whonix usage seriously considering to look for options other than Whonix. I don’t have time and resources to troubleshoot and maintain the OS I use so much. My productivity goes to hell and honeestly I cannot use Monero now without breaking my security model.
How should I proceed now if the available options don’t work now?
You can extract the Monero archive from upstream and move/copy to /usr/bin.
So I just download the Linux 64-bit package, tar xjf and move it to /usr/bin and it should work? I could do that directly in the monerod-ws and monero-wallet-ws AppVMs directly instead of Template?
It seems to be working now. What differs from the Wallet isolation guide is following:
-
Unpacked folder monero-x86_64-linux-gnu-v0.18.2.2 resides in /home/user
-
monerod and monero-wallet-cli need to be started manually with ./monerod and ./monero-wallet-cli from within the folder.
-
Where “NOTE: When using Qubes-Whonix ™, this needs to be done inside the Template.” is stated in the guide I did it directly in both AppVMs monerod-ws and monero-wallet-ws respectively. No need to do any changes in the Template.
-
journalctl --boot --user -f -u monerod doesn’t seem to work
I am not sure if this is ok from a security perspective and/or if any improvements can be done, but this setup at least makes the beast somehow working. If this is setup is ok, can we change the guide in the Whonix wiki to make it available to others as well?
Any comments much appreciated!
/usr/bin isn’t persistent in Qubes unlesd using bind-dirs which I guess makes no sense here.
I don’t see any issues if it works.
Why monerod doesn’t work? error? how you start it?
monerod is actually working once executed from the monero-x86_64-linux-gnu-v0.18.2.2 folder with ./monerod. Just the command that is mentioned in the Monitoring part of the Wallet isolation guide above doesn’t work.
All seems to work well. Just the monitoring part is not. Command executed in monerod-ws AppVM:
user@host:~$ journalctl --boot --user -f -u monerod
– Journal begins at Thu 2022-11-17 13:03:17 UTC. –
Jun 26 07:56:00 host systemd[789]: monerod.service: Scheduled restart job, restart counter is at 4.
Jun 26 07:56:00 host systemd[789]: Stopped Monero Full Node.
Jun 26 07:56:00 host systemd[789]: Started Monero Full Node.
Jun 26 07:56:00 host systemd[789]: monerod.service: Main process exited, code=exited, status=1/FAILURE
Jun 26 07:56:00 host systemd[789]: monerod.service: Failed with result ‘exit-code’.
Jun 26 07:56:00 host systemd[789]: monerod.service: Scheduled restart job, restart counter is at 5.
Jun 26 07:56:00 host systemd[789]: Stopped Monero Full Node.
Jun 26 07:56:00 host systemd[789]: monerod.service: Start request repeated too quickly.
Jun 26 07:56:00 host systemd[789]: monerod.service: Failed with result ‘exit-code’.
Jun 26 07:56:00 host systemd[789]: Failed to start Monero Full Node.
The ./monerod command works well and the node in monerod-ws AppVM synchronizes nicely.
The wallet in monero-wallet-ws (offline) AppVM connects to the node in monerod-ws well. Sending and receiving payments seems to work too.
Probably just needs opening the monerod.service and adjust the path.
Also for debugging try manually running the command which monerod.service would execute.
Not sure how to do that Patrick. I am a bit noobish in here.
In ~/.config/systemd/user/monerod.service there is this content:
[Unit]
Description=Monero Full Node
After=network.target
[Service]
Type=simple
PIDFile=/home/user/.bitmonero/monerod.pid
KillSignal=SIGKILL
Environment=DNS_PUBLIC=tcp
Environment=TORSOCKS_ALLOW_INBOUND=1
ExecStart=torsocks monerod --data-dir=/home/user/.bitmonero
–no-igd --hide-my-port --pidfile=/home/user/.bitmonero/monerod.pid
–log-file=/home/user/.bitmonero/bitmonero.log --p2p-bind-ip=127.0.0.1
–non-interactive
Restart=always
PrivateTmp=true
[Install]
WantedBy=default.target
Unpacked Monero .tar.bz2 sits in /home/user in monerod-ws and in monero-wallet-ws AppVMs (Template for the AppVMs is whonix-16-ws vanilla). Monerod files and downloaded blockchain is in /home/user/.bitmonero/
If I execute ./monerod it looks like the monerod.service is not executed, right?
Full guide is here: http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Monero_Wallet_Isolation#qubes-whonix-
I possibly found the issue here. In the monerod.service there is this command to be executed:
ExecStart=torsocks monerod --data-dir=/home/user/.bitmonero
–no-igd --hide-my-port --pidfile=/home/user/.bitmonero/monerod.pid
–log-file=/home/user/.bitmonero/bitmonero.log --p2p-bind-ip=127.0.0.1
–non-interactive
After the change in Whonix it seems that the monerod.pid in /home/user/.bitmonero/ is missing somehow. I am sure prior the Whonix change it must have been there otherwise it wouldn’t work.
Also the PIDFile=/home/user/.bitmonero/monerod.pid points to that now non-existing file.
Any ideas how to solve it?
Wrong path. You need to copy monerod to /usr/bin as I already told you or use the full path.
Sorry I am, I am noob in this. Could you be more specific please?
There is the unpacked folder of monero-x86_64-linux-gnu-v0.18.2.2 in /home/user.
There is the .bitmonero folder in the /home/user.
What you mean by the copying monerod to the /usr/bin? Which par needs to be copied there - the monerod file in /home/user/monero-x86_64-linux-gnu-v0.18.2.2/ ?
I appreciate you help, still learning.
Option 1 /usr/bin
monerod from the downloaded archive needs to become /usr/bin/monerod
copy it there
Option 2 full path
ExecStart=torsocks /home/user/monerod …
Obviously adjust path as per actual file location.
I will try to do that, thank you.
There is also the issue with the monerod.pid file that I cant find anywhere but it is mentioned in the monerod.service. The monerod.service points 2 times to the monerod.pid in /home/user/.bitmonero/ but the file is not on this address. Should this be adjusted somehow? See below please:
PIDFile=/home/user/.bitmonero/monerod.pid
ExecStart=torsocks monerod --data-dir=/home/user/.bitmonero
–no-igd --hide-my-port --pidfile=/home/user/.bitmonero/monerod.pid
–log-file=/home/user/.bitmonero/bitmonero.log --p2p-bind-ip=127.0.0.1
–non-interactive
Thank you again for your support!
The pidfile you cannot find because it is supposed to be created by systemd.
The pidfile might not be important anyhow. Certainly not security relevant. Therefore feel free to out-comment that.
Wrong path.
See previous post by @extraextra.
Copying the monerod to /usr/bin/ is not persistent if done within the monerod-ws AppVM. Should this be done in the Template instead (unpacking the monero package in the Template)?