The issue is that setup-wizard-dist (which starts ACW) cannot start because passwordless sudo was disabled. Since ACW didn’t autostart and since the user didn’t enable Tor, sdwdate didn’t proceed because it cannot without Tor being enabled.
I added a comment on how to accomplish autostart of setup-wizard-dist but I won’t enable it by default since that would be counter to the user original goals, which is sudo hardening.
While the Qubes developers support the statement above, some Qubes users may wish to enable user/root isolation in VMs anyway. We do not support it in any of our packages, but of course nothing is preventing the user from modifying his or her own system. A list of steps to do so is provided here without any guarantee of safety, accuracy, or completeness. Proceed at your own risk. Do not rely on this for extra security.
for what purpose has Whonix decided to modify qubes-core-agent-passwordless-root and its dependencies with how its installed?
it’s now impossible to uninstall it without also uninstalling packages such as grub-common, qubes-core-agent-thunar
this is not the case outside of Whonix, so why make passwordless root depend on gui integration?
this should be rectified, it’s not so much supporting root hardening, but not going out of your way to break it when no other template does and it’s completely unnecessary
user@host:~$ sudo apt remove qubes-core-agent-passwordless-root
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
busybox grub-common grub2-common hardened-malloc initramfs-tools
initramfs-tools-core klibc-utils libefiboot1 libefivar1 libklibc linux-base
qubes-core-agent-thunar qubes-input-proxy-sender qubes-kernel-vm-support
qubes-usb-proxy
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
dummy-dependency
The following packages will be REMOVED:
qubes-core-agent-passwordless-root qubes-whonix-shared-packages-recommended
The following NEW packages will be installed:
dummy-dependency
0 upgraded, 1 newly installed, 2 to remove and 0 not upgraded.
Need to get 74.4 kB of archives.
After this operation, 36.9 kB disk space will be freed.
Do you want to continue? [Y/n]
next time you run autoremove gui integration will be broken, this happens only in Whonix
i assume you are saying “uninstall, run autoremove, then install individually all packages again as long as they are not the ones listed on this page”?
you have to be more clear, i don’t know what accepted means. i am not requesting you to not install it, but to not install it in such a way that it breaks other packages
why not take it out of that meta package, also the dummy-dependency and install it during build?
aptInstall qubes-core-agent-passwordless-root or add it to the packages.list individually to install here
in fact, i don’t remember it being like this in qubes 4.1, and neither any other templates. it was a baseless accusation to say that this is a whonix only issue, sorry about that. but as i remember it now, uninstalling passwordless root in any template before qubes 4.2 did not take the gui with it and i only noticed it with whonix at first now with 4.2 i did not verify elsewhere
Autoremove is not the second step. There are detailed steps on that wiki page.
Understood.
Accepted means, it accepted to implement this ticket, which is Qubes sudo / su / root Hardening.
No longer having qubes-core-agent-passwordless-root installed by default is planned.
Not planned. Too much complexity (maintainability) distracting from the final goal of hardening, which is no longer having qubes-core-agent-passwordless-root installed by default, which requires
writing user documentation,
migration (not auto removing the package for existing, old templates)
Non-Qubes-Whonix users will be able to boot into user or admin and,
Qubes-Whonix users will need to use a dom0 terminal to open a console with administrative rights. If usability can be better than that (a default start menu entry for a console with administrative rights access) is yet to be determined.
And of course, there will be documentation on how to revert to passwordless sudo for user user, which will probably remain simple.
once passwordless package going to be removed by default from whonix, lets see what causing your issue. or sure if you can debug further that would be good as well.
Check if that crash error has been reported to the Tor Project, the developers of Tor Browser. If no bug was reported, please report one and share the link to the report in this forum. Otherwise such bugs most likely will not be fixed.
Why does the opinions of developers for non-Whonix templates matter for Whonix? The minimal templates do not have passwordless root which Whonix is built on, so therefore Whonix is still adding it by their own accord.
Whonix already ships code to Dom0. The easiest method may be 1) not installing passwordless root 2) generating a desktop entry for root terminal (similar to what Tails does, see bottom of page).
From reading that discussion thread, it seems that there are still ways to escalate to root that wouldn’t be possible on non-Qubes-Whonix, but there is always a way, and as of now root access is given away for free.
What’s stopping this solution?
More simply put:
Generate root terminal entry, document or notify Qubes-Whonix users of the change, remove passwordless root.