No connectivity in GW

entr0py · July 13, 2016, 8:47pm

These messages are not necessarily indicative of a malfunctioning gateway.

I’m just grasping at straws now… If you want to try something, try skipping sys-firewall and connect sys-whonix to sys-net directly. The Fedora template operates differently from Whonix-Gateway template in the way it interacts with Qubes firewall.

Patrick · July 13, 2016, 9:31pm

→

qubesdb-multiread /

(But not required at the moment.)

Dunno why that failed, but we are no longer using that since Whonix 13 anymore.

Dunno why that failed (should still work), but we are not using mirror.whonix.de in Whonix 13 anymore.

(Note to myself.) In conclusion you are still on Whonix 12, not Whonix 13. Which is to be expected, since Qubes R3.1 came with Whonix 12 on Qubes installer iso and I don’t think it has been updated in meanwhile. ( Redirecting to Google Groups )

To not bother with Whonix 12 already fixed issues and upgrading to Whonix 13, it may be best to reinstall Whonix from Qubes repository. See the following instructions.

How to Reinstall a TemplateVM

claudi8b6 · July 14, 2016, 8:17am

I reinstalled the GW template, created a new one, and nothing connects.

Patrick · July 14, 2016, 1:07pm

Did you emulate the fix containing waiting for tor@default?

claudi8b6 · July 14, 2016, 3:33pm

I emulated it now, and I got the same result.

EDIT: suddenly, for the first time, it seems to be working normally… I can’t explain that.
Only thing I can get to work is update the template, it doesn’t seem to connect to the proxyvm (connection refused), and yeah, I made sure whonix-gw template is set to use the GW network…
EDIT 2: When I do apt-get update Arm reports Rejecting SOCKS request for anonymous connection to private address [scrubbed].
It’s still connecting to Tor after much longer than non-whonix tor in Qubes (been running for an hour now and still no successful connection).
EDIT 3: been running for hours and no successful bootstrapping.
EDIT 4: I tried R3.2. Same result.

Any idea on how to debug this? Tor Browser is running just fine on another VM.

Patrick · July 18, 2016, 9:04pm

Thank you very much for still not having given up on this!

Please regard this:
Kicksecure Forums Usage Instructions, Best Practices and FAQ

R3.2 has additional complications. ( sys-firewall [sometimes] broken, does not function as ProxyVM in Qubes R3.2 RC1 )

Try connecting sys-whonix to sys-net rather than sys-firewall to exclude another possible source of issues.

Unrelated. Documented here:
Control and Monitor Tor

Compare with a Debian based ProxyVM running Tor.

Not easy. “UnWhonix”, i.e. make Whonix-Gateway more similar to a Debian VM running Tor.

How-to: "UnWhonix" - enable clearnet networking

Then Tor should bootstrap as quickly as in non-Whonix VMs. Then re-add what Whonix does.

claudi8b6 · July 20, 2016, 12:53pm

I did the UnWhonix guide and now tor connects. Another change I had to make was to set the NetVM to sys-net for WhonixGW (also in the fedora-23 VM’s to get networking).
Still confused…

Patrick · July 20, 2016, 3:24pm

After setting your NetVM to sys-net, Whonix was fine?

Then it could be the following Qubes upstream bug:

github.com/QubesOS/qubes-issues

sys-firewall broken, does not function as ProxyVM in R3.2 / xendriverdomain systemd service not enabled in Fedora

opened 03:28PM - 01 Jul 16 UTC

closed 11:53PM - 15 Jul 16 UTC

adrelanos

T: bug C: core r3.1-wheezy-cur-test r3.1-dom0-stable r3.1-fc21-stable r3.1-fc22-stable r3.1-fc23-stable r3.1-jessie-stable r3.1-wheezy-stable r3.1-stretch-stable r3.2-stretch-cur-test r3.2-fc23-stable r3.2-fc24-stable r3.2-dom0-stable r3.2-jessie-stable

#### Qubes OS version (e.g., `R3.1`): R3.2 (testing repository) #### Affected T…emplateVMs (e.g., `fedora-23`, if applicable): Probably any. --- ### Expected behavior: An arbitrary proxy VM with NetVM set to sys-firewall should just work. (ping, nslookup, wget, etc.) ### Actual behavior: An arbitrary proxy VM with NetVM set to sys-firewall does not work (ping, nslookup, wget, etc.). ### Steps to reproduce the behavior: Unclear, since it seems to be happening only to me. ### General notes: An arbitrary proxy VM (debian based) does not work behind sys-firewall. It however works behind sys-net. Although this breaks Whonix by default, this bug report has been produced independent from Whonix. (sys-whonix does not work with its NetVM set to sys-firewall but it does work fine when set to sys-net.) I have collected a ton of debug output. - https://www.whonix.org/wiki/Dev/Qubes#Qubes_R3.2_sys-firewall_broken_bug - http://archive.is/K9S0C --- #### Related issues: Perhaps https://github.com/QubesOS/qubes-issues/issues/1067.

The fix for it is currently only available in the Qubes testing repository. You might want to get that update or wait until it flows to stable.

claudi8b6 · July 20, 2016, 7:30pm

It wasn’t all I did, I both UnWhonix’d the Gateway, AND set the NetVM to sys-net.
Now I’m trying to see which change exactly made it work, but it’s not so easy, sometimes when I restart Gateway it reverts back to the old configuration files…

EDIT: it’s now working with NetVM set to sys-net and a flushed iptables, but I get a warning Could not check for software udpates (apt-get has same error in the TemplateVM as well ).
How can it be it’s working for others but not for me in this case?

Patrick · August 1, 2016, 2:22am

That is a bug. Reference:

github.com/QubesOS/qubes-issues

bind-dirs.sh legacy function broken

opened 09:29PM - 21 Jul 16 UTC

closed 05:15PM - 04 Aug 16 UTC

adrelanos

T: bug P: critical C: Whonix

R3.2 with testing repository There is a problem with the whonix-gw template. Pe…rhaps a release critical bug. The symptom is starting with a fresh Tor data dir and Whonix Setup Wizard popping up again since /etc/tor/torrc settings get lost. Perhaps more. The cause is a bug in [`bind-dirs.sh`](https://github.com/marmarek/qubes-core-agent-linux/blob/master/vm-systemd/bind-dirs.sh) in the `legacy` function. Both, legacy folders `/rw/srv/qubes-whonix/` and `/rw/srv/qubes/` contained a folder `var`. ``` Jul 21 19:12:31 host mount-dirs.sh[484]: mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty ``` ``` user@host:~$ sudo ls /rw/srv/whonix/var cache lib user@host:~$ sudo ls /rw/bind-dirs/ etc var user@host:~$ sudo mv /rw/srv/whonix/var /rw/bind-dirs/ mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty ``` ``` user@host:/rw/srv$ find . . ./qubes-whonix ./qubes-whonix/var ./qubes-whonix/var/cache ./qubes-whonix/var/cache/qubes-whonix ./qubes-whonix/var/cache/qubes-whonix/whonix-ip-gateway ./whonix ./whonix/var ./whonix/var/cache ./whonix/var/cache/anon-base-files ./whonix/var/cache/whonix-setup-wizard ./whonix/var/cache/whonix-setup-wizard/status-files ./whonix/var/cache/whonix-setup-wizard/status-files/first_use_check.skip ./whonix/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip ./whonix/var/cache/whonix-setup-wizard/status-files/disclaimer.skip ./whonix/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip ./whonix/var/cache/tb-updater ./whonix/var/lib ./whonix/var/lib/tor find: `./whonix/var/lib/tor': Permission denied ./whonix/var/lib/whonix ./whonix/var/lib/whonix/whonixblog ./whonix/var/lib/whonix/initial-packages ./whonix/var/lib/whonix/sources_temp_list.d ./whonix/var/lib/whonix/do_once ./whonix/var/lib/whonix/do_once/timesync_apparmor_profile_delete ./whonix/var/lib/whonixcheck ./whonix/var/lib/whonixcheck/write_lock ./whonix/var/lib/whonixcheck/whonixcheck_lastrun ./whonix/etc ./whonix/etc/tor ./whonix/etc/tor/torrc ./whonix/etc/tor/torrc.anondist-orig ./whonix/etc/tor/torrc.examples ./whonix/etc/tor/torrc.anondist ./whonix/etc/tor/torsocks.conf ``` ``` -- Logs begin at Thu 2016-07-21 19:09:37 UTC, end at Thu 2016-07-21 19:16:12 UTC. -- Jul 21 19:09:43 host systemd[1]: Starting Initialize and mount /rw and /home... Jul 21 19:09:44 host mount-dirs.sh[484]: tune2fs 1.42.12 (29-Aug-2014) Jul 21 19:09:44 host mount-dirs.sh[484]: Setting reserved blocks percentage to 0% (0 blocks) Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /usr/lib/qubes-bind-dirs.d' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /usr/lib/qubes-bind-dirs.d ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + for file_name in '"$source_folder/"*".conf"' Jul 21 19:12:31 host mount-dirs.sh[484]: + bash -n /usr/lib/qubes-bind-dirs.d/40_qubes-whonix.conf Jul 21 19:12:31 host mount-dirs.sh[484]: + source /usr/lib/qubes-bind-dirs.d/40_qubes-whonix.conf Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/tor') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/whonix') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/whonixcheck') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/whonix-setup-wizard') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/anon-base-files') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/qubes-whonix') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/tb-updater') Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/etc/tor') Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /etc/qubes-bind-dirs.d' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /etc/qubes-bind-dirs.d ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + continue Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /rw/config/qubes-bind-dirs.d' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /rw/config/qubes-bind-dirs.d ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + continue Jul 21 19:12:31 host mount-dirs.sh[484]: + main Jul 21 19:12:31 host mount-dirs.sh[484]: + prerequisite Jul 21 19:12:31 host mount-dirs.sh[484]: ++ qubesdb-read /qubes-vm-persistence Jul 21 19:12:31 host mount-dirs.sh[484]: + qubes_vm_persistence=rw-only Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' rw-only = rw-only ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -f /var/run/qubes-service/qubes-dvm ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + init Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + rw_dest_dir=/rw/bind-dirs Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_max=10 Jul 21 19:12:31 host mount-dirs.sh[484]: + mkdir --parents /rw/bind-dirs Jul 21 19:12:31 host mount-dirs.sh[484]: + shopt -s nullglob Jul 21 19:12:31 host mount-dirs.sh[484]: + shopt -s dotglob Jul 21 19:12:31 host mount-dirs.sh[484]: + legacy Jul 21 19:12:31 host mount-dirs.sh[484]: + local item Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*' Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/qubes-whonix/var /rw/bind-dirs/ Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*' Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/whonix/etc /rw/bind-dirs/ Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*' Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/whonix/var /rw/bind-dirs/ Jul 21 19:12:31 host mount-dirs.sh[484]: mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in /rw/srv/qubes-whonix /rw/srv/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /rw/srv/qubes-whonix ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + rmdir /rw/srv/qubes-whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in /rw/srv/qubes-whonix /rw/srv/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /rw/srv/whonix ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + rmdir /rw/srv/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: rmdir: failed to remove ‘/rw/srv/whonix’: Directory not empty Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + bind_dirs Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/tor ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/tor is not a symlink' Jul 21 19:12:31 host mount-dirs.sh[484]: + break Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/tor' Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/tor Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/tor Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/tor ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/tor /rw/bind-dirs Jul 21 19:12:31 host mount-dirs.sh[484]: /var/lib -> /rw/bind-dirs/var/lib Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor’ -> ‘/rw/bind-dirs/var/lib/tor’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor/state’ -> ‘/rw/bind-dirs/var/lib/tor/state’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor/lock’ -> ‘/rw/bind-dirs/var/lib/tor/lock’ Jul 21 19:12:31 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/tor /var/lib/tor Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/whonix ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/whonix is not a symlink' Jul 21 19:12:31 host mount-dirs.sh[484]: + break Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/whonix' Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/whonix ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/whonix /rw/bind-dirs Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix’ -> ‘/rw/bind-dirs/var/lib/whonix’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/initial-packages’ -> ‘/rw/bind-dirs/var/lib/whonix/initial-packages’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/whonixblog’ -> ‘/rw/bind-dirs/var/lib/whonix/whonixblog’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/sources_temp_list.d’ -> ‘/rw/bind-dirs/var/lib/whonix/sources_temp_list.d’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once/twelve_dot_x_to_thirteen_dot_x_version_6’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once/twelve_dot_x_to_thirteen_dot_x_version_6’ Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once/timesync_apparmor_profile_delete’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once/timesync_apparmor_profile_delete’ Jul 21 19:12:31 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/whonix /var/lib/whonix Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/whonixcheck ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/whonixcheck is not a symlink' Jul 21 19:12:31 host mount-dirs.sh[484]: + break Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/whonixcheck' Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/whonixcheck Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/whonixcheck Jul 21 19:12:31 host mount-dirs.sh[484]: + true Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/whonixcheck ']' Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/whonixcheck /rw/bind-dirs Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/lib/whonixcheck’ -> ‘/rw/bind-dirs/var/lib/whonixcheck’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/lib/whonixcheck/write_lock’ -> ‘/rw/bind-dirs/var/lib/whonixcheck/write_lock’ Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/whonixcheck /var/lib/whonixcheck Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/whonix-setup-wizard ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/whonix-setup-wizard is not a symlink' Jul 21 19:12:32 host mount-dirs.sh[484]: + break Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/whonix-setup-wizard' Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/whonix-setup-wizard Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/whonix-setup-wizard Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/whonix-setup-wizard ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/cache/whonix-setup-wizard /rw/bind-dirs Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/first_use_check.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/first_use_check.skip’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/disclaimer.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/disclaimer.skip’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip’ Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/cache/whonix-setup-wizard /var/cache/whonix-setup-wizard Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/anon-base-files ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/anon-base-files is not a symlink' Jul 21 19:12:32 host mount-dirs.sh[484]: + break Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/anon-base-files' Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/anon-base-files Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/anon-base-files Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/anon-base-files ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/cache/anon-base-files /rw/bind-dirs Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/anon-base-files’ -> ‘/rw/bind-dirs/var/cache/anon-base-files’ Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/anon-base-files/first-boot-skel.TemplateVM.done’ -> ‘/rw/bind-dirs/var/cache/anon-base-files/first-boot-skel.TemplateVM.done’ Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/cache/anon-base-files /var/cache/anon-base-files Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/qubes-whonix ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/qubes-whonix is not a symlink' Jul 21 19:12:32 host mount-dirs.sh[484]: + break Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/qubes-whonix' Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/qubes-whonix Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/qubes-whonix Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/qubes-whonix ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -f /var/cache/qubes-whonix ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/qubes-whonix is neither a directory nor a file or does not exist, skipping.' Jul 21 19:12:32 host mount-dirs.sh[484]: + continue Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/tb-updater ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/tb-updater is not a symlink' Jul 21 19:12:32 host mount-dirs.sh[484]: + break Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/tb-updater' Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/tb-updater Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/tb-updater Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/tb-updater ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -f /var/cache/tb-updater ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/tb-updater is neither a directory nor a file or does not exist, skipping.' Jul 21 19:12:32 host mount-dirs.sh[484]: + continue Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}' Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0 Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /etc/tor ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/etc/tor is not a symlink' Jul 21 19:12:32 host mount-dirs.sh[484]: + break Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /etc/tor' Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/etc/tor Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /etc/tor Jul 21 19:12:32 host mount-dirs.sh[484]: + true Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /etc/tor ']' Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /etc/tor /rw/bind-dirs Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/etc/tor /etc/tor Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'OK: END.' Jul 21 19:12:32 host systemd[1]: Started Initialize and mount /rw and /home. ``` Do you know how to properly merge/move these folders? Perhaps I should just abandon the generic approach and do it manually for the 8 legacy folders? I.e. ``` mv /rw/srv/whonix/var/lib/tor /rw/bind-dirs/var/lib/tor ``` etc.?

It is fixed in Qubes R3.2rc2 and qubes-whonix 5.7-1 (currently only in Whonix jessie-proposed-updates and testers repository).

claudi8b6 · August 1, 2016, 8:32pm

Thanks Patrick.
Any idea why it works for everyone else but me?
I could try eliminating the iptables rules for the buggy line, but it still bugs me why it happens only to me…

Patrick · August 4, 2016, 8:30pm

No. Could perhaps be hardware related.

Thank you a lot for your patience and persistence!

The upcoming version of Qubes-Whonix stable maintenance release will be much more robust against race conditions. When it is out, please try it. (Might be a few days.)

github.com/QubesOS/qubes-issues

build Qubes-Whonix 13.0.0.1.0 templates for R3.2 final

opened 08:23PM - 04 Aug 16 UTC

closed 08:40PM - 11 Aug 16 UTC

adrelanos

T: task C: Whonix

Please build Qubes-Whonix 13.0.0.1.0 templates for R3.2 final (or next RC should… there be also R3.2r3). qubes-template-whonix tag 13.0.0.1.0 It's supposed to be a stable upgrade. Containing all upgrades mentioned in https://www.whonix.org/blog/testers-wanted-repo-upgrades and would also come without any #2191 issues. After it has been build, I need to verify it's working fine before it can become the new latest stable.

Patrick · August 5, 2016, 7:33pm

Qubes-Whonix 13.0.0.1.2 TemplateVMs - Testers Wanted!

claudi8b6 · August 7, 2016, 4:38pm

I installed the same Qubes in a different machine, but behind the same router, and had the same problem. Does it mean the router could be causing this somehow? When I clear the iptables rules it works, so this is odd.

Patrick · August 8, 2016, 3:24pm

Maybe. I once heard such a report that it was all the router’s fault but that reporter did not go into details.

claudi8b6 · August 15, 2016, 6:43pm

Should I just flush the iptables and allow everything considering I’m behind a router (with NAT)?
Which rules should I include?

Patrick · August 15, 2016, 7:18pm

No.

claudi8b6 · August 23, 2016, 5:59pm

I’d like to debug this further, but I have to use a usb wifi adapter. I couldn’t find any instructions on how to use a usb wifi in Qubes - do you have any links to help with that?

Thanks

Patrick · August 23, 2016, 6:16pm

No, never tried that myself. Please try the Qubes help (probably mailing list).

Found something that could help.

claudi8b6 · August 25, 2016, 9:17am

OK. When I used a different modem it connected.
This is bewildering, I don’t have any such problems with VritualBox Whonix.
What could possibly be causing this?