tb-updater (in Qubes)

Qubes-Whonix
1

From Tor Browser Essentials

When a Qubes-Whonix-Workstation AppVM is booted for the first time, in essence, the systemd unit file /lib/systemd/system/tb-updater-first-boot.service runs /usr/lib/tb-updater/first-boot-home-population. That script copies /var/cache/tb-binary to /home/user.

IIUC if I

  1. create new AppVM
  2. rm -r /home/user/.tb
  3. reboot
    then, /home/user/.tb should not exist on next boot.

But it keeps coming back even though /rw/srv/whonix/var/cache/tb-updater/first-boot-home-population.done exists. What am I missing?

2 Likes
2

Your steps are correct.

Bug confirmed.

The done / lock file mechanism is broken due to limitations in bind-dirs and due to a bug that is now fixed in tb-updater git master.

( Redirecting to Google Groups )

To fix, you could try this…

In AppVM.

sudo rm -r /rw/srv/whonix/var/cache/tb-updater

Shut down AppVM.

Start whonix-ws TemplateVM.

Then emulate the following git commit in the whonix-ws TemplateVM.

From then, your steps should work. Please test.

1 Like
3

(Aha, Dir didn’t exist in template!) Sorry to bring it up. Hate to add legacy code for non-essential functionality that will be obsolete in 3.2 anyway…

Working!

1 Like