Network fails to start after update

I’m quite new to Qubes and Whonix, so please forgive my cluelessness.
I’ve recently (today) updated the whonix-ws-16 (I think - it might’ve been the whonix-gw-16 too).
I’m not sure to which version, as I don’t know how to determine the currently installed versions.
Now everytime I start any Qube based on the Whonix-ws, I get legal information regarding Whonix, finishing with the info that a check will be run, which fails:

ERROR: check network interfaces Result: network     interface eth0 not up!
Recommendation:
Try to manually start Whonix networking. 
sudo systemctl restart networking 
Or reboot.

Debugging information:
Command sudo --non-interactive cat /sys/class/net/eth0/carrier failed.

If this error happens only during upgrading or is transient this error can be safely ignored. 
If you know what you are doing, feel free to disable this check. Create a file /etc/systemcheck.d/50_user.conf and add: 
systemcheck_skip_functions+=" check_network_interfaces "

Also, when I try to start a Whonix template (either gw or ws), I get the following error:

ERROR: whonix_firewall failed to load! 

The whonix_firewall failed to load for some reason. This could be due to the firewall being mis-configured or race-condition. Try restarting the VM to see if this error persists. 

Failure file /run/anon-firewall/failed.status does not exist, ok. 

output of sudo systemctl status whonix-firewall: 

######################################## 
● whonix-firewall.service
Loaded: masked (Reason: Unit whonix-firewall.service is masked.)
Active: inactive (dead) 
######################################## 

output of sudo journalctl --boot -u whonix-firewall: 

######################################## 
-- Journal begins at Tue 2022-01-25 17:30:51 UTC, ends at Thu 2022-01-27 16:12:13 UTC. --
-- No entries -- 
######################################## 

To see this for yourself... 
1. Open a terminal. (dom0 -> Start Menu -> Template: whonix-ws-16 -> Terminal) 
2. Run. 
sudo systemctl status whonix-firewall

2. Also see. 
sudo journalctl --boot -u whonix-firewall | cat

3. Try to manually start Whonix firewall. 
sudo whonix_firewall
If you know what you are doing, feel free to disable this check. Create a file /etc/systemcheck.d/50_user.conf and add: 
systemcheck_skip_functions+=" check_whonix_firewall_systemd_status "

The following happens when trying to apply the suggestions:

  • Manually start Whonix networking in WS-based Qube:
    user@host:~$ sudo systemctl restart networking
    Failed to restart networking.service: Unit networking.service is masked.
  • Restarting / rebooting (anything): No difference
  • Try to manually start Whonix firewall in template:
    user@host:~$ sudo whonix_firewall
    sudo: whonix_firewall: command not found

I’m not sure if it’s only me, but the error messages & suggestions don’t seem to be too helpful.
How can I resolve this issue? Or where can I find more information?

In case it’s helpful (it at least seems to contain some version numbers): Here’s the output of a verbose systemcheck on the qube based on whonix-ws-16:

user@host:~$ sudo systemcheck --verbose
[INFO] [systemcheck] EG | Whonix-Workstation | whonix-ws-16 TemplateBased AppVM | Thu 27 Jan 2022 08:26:46 PM UTCuser@host:~$ sudo systemcheck --verbose
[INFO] [systemcheck] EG | Whonix-Workstation | whonix-ws-16 TemplateBased AppVM | Thu 27 Jan 2022 08:26:46 PM UTC
[INFO] [systemcheck] Check sudo Result: OK
[INFO] [systemcheck] Whonix build version: 3:8.1-1
[INFO] [systemcheck] whonix-workstation-packages-dependencies-cli: 22.1-1
[INFO] [systemcheck] derivative_major_release_version /etc/whonix_version: 16
[INFO] [systemcheck] Whonix Support Status of this Major Version: Ok.
[WARNING] [systemcheck] Hardened Malloc: Disabled.
[INFO] [systemcheck] Spectre Meltdown Test: skipping since spectre_meltdown_check=false, ok.
[INFO] [systemcheck] Package Manager Consistency Check Result: Output of command dpkg --audit was empty, ok.
[INFO] [systemcheck] systemd journal check Result:
warnings:
########################################

########################################

failed:
########################################
Jan 27 20:11:00 host systemd[1]: apparmor.service: Failed with result 'exit-code'.
Jan 27 20:11:00 host systemd[1]: Failed to start Load AppArmor profiles.
Jan 27 20:11:00 host systemd-udevd[310]: eth0: Process '/usr/lib/qubes/setup-ip' failed with exit code 1.
Jan 27 20:11:00 host systemd-udevd[310]: eth0: Process '/usr/lib/qubes/setup-ip' failed with exit code 1.
Jan 27 20:13:28 host systemd[1]: qubes-sync-time.service: Failed with result 'exit-code'.
########################################

errors:
########################################
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 00, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 01, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 03, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 04, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 05, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 06, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 07, disabling event (20190816/evgpe-841)
Jan 27 20:11:00 host kernel: Error: Driver 'pcspkr' is already registered, aborting...
Jan 27 20:13:21 host systemd-xdg-autostart-generator[633]: Not generating service for XDG autostart app-qubes\x2dwhonixsetup-autostart.service, error parsing Exec= line: No such file or directory
########################################

denied:
########################################

########################################

ordering cycle:
########################################

########################################

To see this for yourself...
1. Open a terminal. (dom0 -> Start Menu -> ServiceVM: EG -> Terminal)
2. Run. sudo journalctl --boot | grep -i warn
3. Run. sudo journalctl --boot | grep -i fail
4. Run. sudo journalctl --boot | grep -i error
5. Run. sudo journalctl --boot | grep -i denied
6. Run. sudo journalctl --boot | grep -i "ordering cycle"

If you know what you are doing, feel free to disable this check.
Create a file /etc/systemcheck.d/50_user.conf and add:
systemcheck_skip_functions+=" check_journal "
[ERROR] [systemcheck] check network interfaces Result: network interface eth0 not up!

Recommendation:
Try to manually start Whonix networking.

sudo systemctl restart networking

Or reboot.

Debugging information:
Command sudo --non-interactive cat /sys/class/net/eth0/carrier failed.

If this error happens only during upgrading or is transient this error can be safely ignored.

If you know what you are doing, feel free to disable this check.
Create a file /etc/systemcheck.d/50_user.conf and add:
systemcheck_skip_functions+=" check_network_interfaces "

[INFO] [systemcheck] Check sudo Result: OK
[INFO] [systemcheck] Whonix build version: 3:8.1-1
[INFO] [systemcheck] whonix-workstation-packages-dependencies-cli: 22.1-1
[INFO] [systemcheck] derivative_major_release_version /etc/whonix_version: 16
[INFO] [systemcheck] Whonix Support Status of this Major Version: Ok.
[WARNING] [systemcheck] Hardened Malloc: Disabled.
[INFO] [systemcheck] Spectre Meltdown Test: skipping since spectre_meltdown_check=false, ok.
[INFO] [systemcheck] Package Manager Consistency Check Result: Output of command dpkg --audit was empty, ok.
[INFO] [systemcheck] systemd journal check Result:
warnings:
########################################

########################################

failed:
########################################
Jan 27 20:11:00 host systemd[1]: apparmor.service: Failed with result 'exit-code'.
Jan 27 20:11:00 host systemd[1]: Failed to start Load AppArmor profiles.
Jan 27 20:11:00 host systemd-udevd[310]: eth0: Process '/usr/lib/qubes/setup-ip' failed with exit code 1.
Jan 27 20:11:00 host systemd-udevd[310]: eth0: Process '/usr/lib/qubes/setup-ip' failed with exit code 1.
Jan 27 20:13:28 host systemd[1]: qubes-sync-time.service: Failed with result 'exit-code'.
########################################

errors:
########################################
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 00, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 01, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 03, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 04, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 05, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 06, disabling event (20190816/evgpe-841)
Jan 27 20:10:59 host kernel: ACPI Error: No handler or method for GPE 07, disabling event (20190816/evgpe-841)
Jan 27 20:11:00 host kernel: Error: Driver 'pcspkr' is already registered, aborting...
Jan 27 20:13:21 host systemd-xdg-autostart-generator[633]: Not generating service for XDG autostart app-qubes\x2dwhonixsetup-autostart.service, error parsing Exec= line: No such file or directory
########################################

denied:
########################################

########################################

ordering cycle:
########################################

########################################

To see this for yourself...
1. Open a terminal. (dom0 -> Start Menu -> ServiceVM: EG -> Terminal)
2. Run. sudo journalctl --boot | grep -i warn
3. Run. sudo journalctl --boot | grep -i fail
4. Run. sudo journalctl --boot | grep -i error
5. Run. sudo journalctl --boot | grep -i denied
6. Run. sudo journalctl --boot | grep -i "ordering cycle"

If you know what you are doing, feel free to disable this check.
Create a file /etc/systemcheck.d/50_user.conf and add:
systemcheck_skip_functions+=" check_journal "
[ERROR] [systemcheck] check network interfaces Result: network interface eth0 not up!

Recommendation:
Try to manually start Whonix networking.

sudo systemctl restart networking

Or reboot.

Debugging information:
Command sudo --non-interactive cat /sys/class/net/eth0/carrier failed.

If this error happens only during upgrading or is transient this error can be safely ignored.

If you know what you are doing, feel free to disable this check.
Create a file /etc/systemcheck.d/50_user.conf and add:
systemcheck_skip_functions+=" check_network_interfaces "

Some more notes:

  • I’ve done all the steps from the “Essential Connectivity Troubleshooting”, none helped.
  • The network in another qube, which uses a whonix-gw-16 qube (e.g. sys-whonix) as network does work - so it’s clearly the workstation that has problems, isn’t it?
  • anon-info gives the following:
    user@host:~$ anon-info
    INFO: /etc/apt/sources.list.d/torproject.list does not exist.
    INFO: version of the ‘tor’ package: 0.4.6.9-1~d11.bullseye+1

Then the whonix-firewall package is no longer installed.

guess: Since nobody else reported this issue… Some custom installed package caused on upgrade the Whonix meta package as well as whonix-firewall package and probably other packages to be removed.

See:

I suggest to re-install the template.

To investigate the update log would be required. File: /var/log/apt/history.log

1 Like

You’re absolutely right!
In the history.log I saw that whilst accidently uninstalling iptables (that’s another story…) I also uninstalled a few whonix packages.

1 Like