Qubes ticket:
Available for Qubes current-testing.
1 Like
Please first https://www.whonix.org/wiki/Update as usual since many fixes are in the repository such as Tor Browser in DispVM preinstallation.
This one every tester might like to test.
Installs ‘anon-whonix’ AppVM.
sudo qubesctl state.sls qvm.anon-whonix
This one every tester might like to test.
Installs ‘whonix-ws-dvm’ AppVM as a base for Disposable VMs.
sudo qubesctl state.sls qvm.whonix-ws-dvm
This depends on your personal preference.
Setup UpdatesProxy to always use sys-whonix all TemplateVMs are upgraded over Tor.
sudo qubesctl state.sls qvm.updates-via-whonix
1 Like
Updated to latest testing and sudo qubesctl state.sls qvm.anon-whonix and sudo qubesctl state.sls qvm.whonix-ws-dvm work now.
sudo qubesctl state.sls qvm.updates-via-whonix is still glitchy. For example, if the first line of qubes.UpdatesProxy is $type:TemplateVM $default allow,target=sys-net, running the Salt command results in it prepending $type:TemplateVM $default allow,target=sys-whonix to the file. It’s first match so technically will work, but not very clean.
Is there also a Salt command to update sys-whonix to 14, or does that just need a template change to whonix-gw-14?
Can Salt search for the first (not commented out) $type:TemplateVM $default allow,target= in the file, then update it instead? Not really sure of its capabilities.
I confirmed qubesctl state.sls qvm.anon-whonix will create a sys-whonix with the -14 template if it does not already exist, but not update it to -14 if it does. Guess this would be difficult to automate because it would have to search out everything set to use the old sys-whonix and temporarily disable it before it could update to new.
I guess so. Could you open a qubes-issue please?
What about salt commenting out the offending ones rather then keeping them?
You mean this one…?
https://github.com/QubesOS/qubes-issues/issues/4177
Added Whonix settings to Qubes base file versions:
1 Like