Qubes-Whonix version 14 (Debian stretch based) can be upgraded to version 15 (Debian buster based). - Testers Wanted!

  • Thunar issue resolved by installing libexo-1-0
  • Update Qubes onion repos to the new one:
1 Like
1 Like

I noticed that there are two entries in Qubes-Settings > Applications for “Xfce Terminal” for the gateway and workstation. One is the actual terminal and the other is the terminal preferences. They even have the same icon.

The root of the problem is that /usr/share/applications/xfce4-terminal{,-settings}.desktop both have the entries Name=Xfce4 Terminal and Icon=utilities-terminal.

2 Likes

qubenix via Whonix Forum:

I noticed that there are two entries in Qubes-Settings > Applications for “Xfce Terminal” for the gateway and workstation. One is the actual terminal and the other is the terminal preferences. They even have the same icon.

The root of the problem is that /usr/share/applications/xfce4-terminal{,-settings}.desktop both have the entries Name=Xfce4 Terminal and Icon=utilities-terminal.

Qubes Debian buster bug. Could you report it to Qubes please?

Reported here: Debian Buster template has two identical application entries for "Xfce Terminal" · Issue #4993 · QubesOS/qubes-issues · GitHub

2 Likes

There are differences with whonix 14 and whonix 15 intigration with Qubes helping tools like opening files in disposableVM , Transfer/Copy Files between VMs … look at the images:

  • Normal options for file.txt inside Qubes-Debian:

whonix-qubes

  • Options missed in Whonix 15:

whonix-qubes1


⚓ T912 qubes integration tools missing

1 Like

Probably also missing in Qubes Debian buster templates, right? If yes, could you report a Qubes bug please?

1 Like

Not yet ported into Qubes stable repos, so i will wait until then and i will check it

1 Like

Its mostly because of missing package which cant be installed:

user@host:~$ sudo apt install qubes-core-agent-thunar 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  qubes-core-agent-thunar
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/26.2 kB of archives.
After this operation, 50.2 kB of additional disk space will be used.
(Reading database ... 52500 files and directories currently installed.)
Preparing to unpack .../qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb ...
Unpacking qubes-core-agent-thunar (4.0.45-1+deb10u1) ...
dpkg: error processing archive /var/cache/apt/archives/qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb (--unpack):
 trying to overwrite '/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar.xml', which is also in package security-misc 3:2.9-1
Errors were encountered while processing:
 /var/cache/apt/archives/qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
user@host:~$

qubes-core-agent-thunar : This package provides integration with the thunar file manager (without it, items like “copy to VM/open in disposable VM” will not be shown in thunar). Source Link

1 Like
  • Feature Request: Add “Exit” option to sdwdate without effecting its reading/time synchronization: (This is useful to see the graphical icon and then hide it without filling qubes taskbar with it , specially if someone uses multiple gatways)

sdwdate

-Error When opening Whonix 15 GW (gone after restart)

ERROR: Tor Config Check Result: 
Your Tor config file contains at least one error. 
(Tor exit code: 1) 
Tor concise reports (below warns and errors must be fixed before you can use Tor): 
Jun 05 12:36:00.308 [warn] Failed to parse/validate config: If you set UseBridges, you must specify at least one bridge.
Jun 05 12:36:00.308 [err] Reading config failed--see warnings above. 
Tor full reports: 
Jun 05 12:36:00.305 [notice] Tor 0.3.5.8 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1b, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8.
Jun 05 12:36:00.306 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 05 12:36:00.306 [notice] Read configuration file "/etc/tor/torrc".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 2: "/usr/local/etc/torrc.d/40_tor_control_panel.conf".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 2: "/usr/local/etc/torrc.d/50_user.conf".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 1: "/etc/torrc.d/95_whonix.conf".
Jun 05 12:36:00.308 [warn] Failed to parse/validate config: If you set UseBridges, you must specify at least one bridge.
Jun 05 12:36:00.308 [err] Reading config failed--see warnings above.
Try to look at this report yourself by running. dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Terminal 
sudo -u debian-tor tor --verify-config 
To try to fix this, please open your Tor config file. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Torrc 
or in Terminal: sudo nano /usr/local/etc/torrc.d/50_user.conf 
Please restart Tor after fixing this error. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Restart Tor 
or in Terminal: sudo service tor@default restart 
Restart whonixcheck after fixing this error. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Whonix Check 
or in Terminal: whonixcheck 
If you know what you are doing, feel free to disable this check. Create a file /etc/whonix.d/50_whonixcheck_user.conf and add: 
whonixcheck_skip_functions+=" check_tor_config "

TNT_BOM_BOM via Whonix Forum:

Its mostly because of missing package which cant be installed:

user@host:~$ sudo apt install qubes-core-agent-thunar 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  qubes-core-agent-thunar
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/26.2 kB of archives.
After this operation, 50.2 kB of additional disk space will be used.
(Reading database ... 52500 files and directories currently installed.)
Preparing to unpack .../qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb ...
Unpacking qubes-core-agent-thunar (4.0.45-1+deb10u1) ...
dpkg: error processing archive /var/cache/apt/archives/qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb (--unpack):
 trying to overwrite '/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar.xml', which is also in package security-misc 3:2.9-1
Errors were encountered while processing:
 /var/cache/apt/archives/qubes-core-agent-thunar_4.0.45-1+deb10u1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
user@host:~$

qubes-core-agent-thunar : This package provides integration with the thunar file manager (without it, items like “copy to VM/open in disposable VM” will not be shown in thunar). Source Link

Thanks, this will be solved!

1 Like

TNT_BOM_BOM via Whonix Forum:

  • Feature Request: Add “Exit” option to sdwdate without effecting its reading/time synchronization: (This is useful to see the graphical icon and then hide it without filling qubes taskbar with it , specially if someone uses multiple gatways)

sdwdate

Would be cool but requires a python gui programmer.

-Error When opening Whonix 15 GW (gone after restart)

ERROR: Tor Config Check Result: 
Your Tor config file contains at least one error. 
(Tor exit code: 1) 
Tor concise reports (below warns and errors must be fixed before you can use Tor): 
Jun 05 12:36:00.308 [warn] Failed to parse/validate config: If you set UseBridges, you must specify at least one bridge.
Jun 05 12:36:00.308 [err] Reading config failed--see warnings above. 
Tor full reports: 
Jun 05 12:36:00.305 [notice] Tor 0.3.5.8 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1b, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8.
Jun 05 12:36:00.306 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 05 12:36:00.306 [notice] Read configuration file "/etc/tor/torrc".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 2: "/usr/local/etc/torrc.d/40_tor_control_panel.conf".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 2: "/usr/local/etc/torrc.d/50_user.conf".
Jun 05 12:36:00.308 [notice] Included configuration file or directory at recursion level 1: "/etc/torrc.d/95_whonix.conf".
Jun 05 12:36:00.308 [warn] Failed to parse/validate config: If you set UseBridges, you must specify at least one bridge.

Possible this is the actual cause indeed?

Jun 05 12:36:00.308 [err] Reading config failed--see warnings above.

Could you please try the following parts?

Try to look at this report yourself by running. dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Terminal 
sudo -u debian-tor tor --verify-config 
To try to fix this, please open your Tor config file. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Torrc 
or in Terminal: sudo nano /usr/local/etc/torrc.d/50_user.conf 
Please restart Tor after fixing this error. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Restart Tor 
or in Terminal: sudo service tor@default restart 
Restart whonixcheck after fixing this error. 
dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Whonix Check 
or in Terminal: whonixcheck 

Possible there is really an issue in /usr/local/etc/torrc.d/50_user.conf?

Same firewall error happened in here:

ERROR: whonix_firewall failed to load! 

The whonix_firewall failed to load for some reason. This could be due to the firewall being mis-configured or race-condition. Try restarting the VM to see if this error persists. 

Failure file /var/run/anon-firewall/failed.status does not exist, ok. 

output of sudo systemctl status whonix-firewall: 

######################################## 
● whonix-firewall.service - Whonix firewall loader
Loaded: loaded (/lib/systemd/system/whonix-firewall.service; enabled; vendor preset: enabled)
Active: active (exited) since Mon 2019-06-10 15:55:19 UTC; 31s ago
Docs: https://www.whonix.org/wiki/Whonix_Firewall
Process: 3599 ExecStart=/usr/lib/whonix-firewall/enable-firewall (code=exited, status=0/SUCCESS)
Main PID: 3599 (code=exited, status=0/SUCCESS)

Jun 10 15:55:18 host enable-firewall[3599]: OK: SDWDATE_USER: 110
Jun 10 15:55:18 host enable-firewall[3599]: OK: WHONIXCHECK_USER: 109
Jun 10 15:55:18 host enable-firewall[3599]: OK: NO_NAT_USERS: 106 107 112
Jun 10 15:55:19 host enable-firewall[3599]: OK: The firewall should not show any messages,
Jun 10 15:55:19 host enable-firewall[3599]: OK: besides output beginning with prefix OK:...
Jun 10 15:55:19 host sudo[3857]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:55:19 host sudo[3857]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:55:19 host enable-firewall[3599]: 2019-06-10 15:55:19 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 10 15:55:19 host sudo[3857]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:55:19 host systemd[1]: Started Whonix firewall loader. 
######################################## 

output of sudo journalctl -u whonix-firewall: 

######################################## 
-- Logs begin at Mon 2019-06-10 15:54:56 UTC, end at Mon 2019-06-10 15:57:25 UTC. --
Jun 10 15:54:56 host systemd[1]: Starting Whonix firewall loader...
Jun 10 15:54:56 host enable-firewall[338]: OK: Loading Whonix firewall...
Jun 10 15:54:56 host sudo[360]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:54:56 host sudo[360]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:54:56 host enable-firewall[338]: 2019-06-10 15:54:56 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 10 15:54:56 host sudo[360]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:54:56 host sudo[385]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:54:56 host sudo[385]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:54:56 host enable-firewall[338]: 2019-06-10 15:54:56 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 10 15:54:56 host sudo[385]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:54:56 host enable-firewall[338]: OK: TOR_USER: 112
Jun 10 15:54:56 host enable-firewall[338]: OK: CLEARNET_USER: 106
Jun 10 15:54:56 host enable-firewall[338]: OK: USER_USER: 1000
Jun 10 15:54:56 host enable-firewall[338]: OK: ROOT_USER: 0
Jun 10 15:54:56 host enable-firewall[338]: OK: TUNNEL_USER: 107
Jun 10 15:54:56 host enable-firewall[338]: OK: SDWDATE_USER: 110
Jun 10 15:54:56 host enable-firewall[338]: OK: WHONIXCHECK_USER: 109
Jun 10 15:54:56 host enable-firewall[338]: OK: NO_NAT_USERS: 106 107 112
Jun 10 15:57:03 host enable-firewall[338]: OK: The firewall should not show any messages,
Jun 10 15:57:03 host enable-firewall[338]: OK: besides output beginning with prefix OK:...
Jun 10 15:57:03 host sudo[757]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:57:03 host sudo[757]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:57:03 host enable-firewall[338]: 2019-06-10 15:57:03 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 10 15:57:03 host sudo[757]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:57:03 host systemd[1]: Started Whonix firewall loader.
Jun 10 15:55:18 host systemd[1]: whonix-firewall.service: Succeeded.
Jun 10 15:55:18 host systemd[1]: Stopped Whonix firewall loader.
Jun 10 15:55:18 host systemd[1]: Stopping Whonix firewall loader...
Jun 10 15:55:18 host systemd[1]: Starting Whonix firewall loader...
Jun 10 15:55:18 host enable-firewall[3599]: OK: Loading Whonix firewall...
Jun 10 15:55:18 host sudo[3617]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:55:18 host sudo[3617]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:55:18 host enable-firewall[3599]: 2019-06-10 15:55:18 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 10 15:55:18 host sudo[3617]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:55:18 host sudo[3632]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:55:18 host sudo[3632]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:55:18 host enable-firewall[3599]: 2019-06-10 15:55:18 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 10 15:55:18 host sudo[3632]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:55:18 host enable-firewall[3599]: OK: TOR_USER: 112
Jun 10 15:55:18 host enable-firewall[3599]: OK: CLEARNET_USER: 106
Jun 10 15:55:18 host enable-firewall[3599]: OK: USER_USER: 1000
Jun 10 15:55:18 host enable-firewall[3599]: OK: ROOT_USER: 0
Jun 10 15:55:18 host enable-firewall[3599]: OK: TUNNEL_USER: 107
Jun 10 15:55:18 host enable-firewall[3599]: OK: SDWDATE_USER: 110
Jun 10 15:55:18 host enable-firewall[3599]: OK: WHONIXCHECK_USER: 109
Jun 10 15:55:18 host enable-firewall[3599]: OK: NO_NAT_USERS: 106 107 112
Jun 10 15:55:19 host enable-firewall[3599]: OK: The firewall should not show any messages,
Jun 10 15:55:19 host enable-firewall[3599]: OK: besides output beginning with prefix OK:...
Jun 10 15:55:19 host sudo[3857]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 10 15:55:19 host sudo[3857]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 10 15:55:19 host enable-firewall[3599]: 2019-06-10 15:55:19 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 10 15:55:19 host sudo[3857]: pam_unix(sudo:session): session closed for user sdwdate
Jun 10 15:55:19 host systemd[1]: Started Whonix firewall loader. 
######################################## 

To see this for yourself... 
1. Open a terminal. (dom0 -> Start Menu -> Domain: Whonix-GW-SocialMedia -> Terminal) 
2. Run. 
sudo systemctl status whonix-firewall

2. Also see. 
sudo journalctl -u whonix-firewall | cat

3. Try to manually start Whonix firewall. 
sudo whonix_firewall
If you know what you are doing, feel free to disable this check. Create a file /etc/whonix.d/50_whonixcheck_user.conf and add: 
whonixcheck_skip_functions+=" check_whonix_firewall_systemd_status "

And the output of sudo journalctl | cat

http://bcloud2suoza3ybr.onion/dl/URI:CHK:6yzcajii2sndg5et7i7q4p42vq:uz4oii7f3yek4lbdfot5tlhlwnqyeombkf4malovjr3gpwrf5dba:3:10:505384/journal.txt

answer Whonix VirtualBox 15.0.0.0.7 - Debian buster based - Testers Wanted! - #22 by Patrick applies.

Generally - if I don’t say upgraded packages in repository XYZ - chances are there’s not yet an upgraded package available in the repository.

(Git commits are posted beforehand for reference and review by others (and reminder to myself).)

Thanks, I don’t see anything too bad in that log. Probably just be Whonix VirtualBox 15.0.0.0.7 - Debian buster based - Testers Wanted! - #22 by Patrick indeed.

1 Like

/usr/local/etc is an empty directory

1 Like

That is strange.

Output of…?

sudo systemctl status anon-gw-anonymizer-config
1 Like

Also it would be good if you could read, understand and compare with git each of these files:

/etc/tor/torrc
/etc/torrc.d/95_whonix.conf
/usr/local/etc/torrc.d/40_tor_control_panel.conf
/usr/local/etc/torrc.d/50_user.conf

I guess you used ACW?

By looking at all of these files, that error should be explainable or at least point to some bug.

1 Like

sorry my mistake the directory working but the 50_user.conf is empty

by empty i mean like this reading:

meaning all good readings.

yes correct

1 Like

But…

/usr/local/etc/torrc.d/40_tor_control_panel.conf

has contents?

Could you please check all of these 4 files? Any of these files mentioning UseBridges? Should really be /usr/local/etc/torrc.d/40_tor_control_panel.conf anyhow if ACW was used.

In theory if only ACW was used and no manual use then /usr/local/etc/torrc.d/40_tor_control_panel.conf might show a bug and that file might be incomplete / no longer compatible with Tor so it might be an ACW bug.

1 Like

Another useful tool to run in case you’re still having issues. Please try. And please post the output here in case you think this could be a Whonix issue still.

anon-verify
1 Like