[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Tor controller GUI (tor-control-panel). Testers wanted.


#1

Some screenshots.

Screenshot_1

Screenshot_7

Screenshot_4

For Whonix 14 only, all virtualizers.

Installation instructions.
In whonix-gw-14 for Qubes, in Whonix-Gateway for VirtualBox or KVM.

  • Install the software for building the package

    sudo apt-get install git genmkfile ruby-ronn debhelper build-essential python3-ipy
    
  • Get the package
    Qubes users:
    To be able to get the package from github, full networking has to be allowed in the template.
    In whonix-gw-14 --> Qubes Settings --> Networking, select sys-whonix instead of (none).
    This setup should be temporary, as it is recommended against allowing networking in Qubes
    templates.
    Revert to (none) after installation.

    All users:
    In /home/user/:

    git clone https://github.com/troubadoour/tor-control-panel.git
    
  • Install the package

    cd tor-control-panel
    make deb-icup
    

The package should be installed.

Qubes users should shutdown the template and restart sys-whonix, After refreshing the applications
in Qubes Settings, the program can be run from Start Menu --> sys-whonix --> tor-control-panel

Other users should be able to run it from Start Menu --> Applications --> tor-control-panel.

Alternatively, in a sys-whonix or Whonix-Gateway terminal, run:

kdesudo tor-control-panel &

#2

Fantastiche. Great layout and pleasant looking. Please also notify upstream to get more hands to help also potentially a GSoC grant?


#3

A beautiful thing - well done. I’ll borrow your screenshots for the wiki, with attribution. Cheers


#4

Could you please add the license header to all the python files?

Then I can build and upload this very soon to Whonix repository to simplify installation.

//cc @iry


#5

Awesome work, @troubadour !

This looks really fantastic!


I find a minor bug when testing: When Tor is stopped and we hit the “New Identity” button, the tor-control-panel will crash

This is because new identity try to use the Tor control socket /var/run/tor/control which is missing when Tor is stopped.

Solution could be either:

  1. Disable New Identity button when Tor is stopped.
  2. Or let tor-control-panel never use systemd to stop Tor. Instead, we can use: self.tor_controller.set_conf('DisableNetwork', '1') to control Tor. In this way, since Tor is actually running (just not speaking to the Tor network), /var/run/tor/control should always be available.

I personally prefer the second solution as Tor controller ought to speak with Tor control socket. What do you think? :slight_smile:


#6

Except when ti’s not. :wink: For example due to user misconfiguration and Tor failing to start. So crashing when it’s not available is bad.


#7

I agreed!


#8

Done.

Good catch. :slight_smile:

But after Patrick’s comment and my own blurred understanding of what DisableNetwork 1 is exactly achieving, I chose the first solution. The newnym button is disabled if Tor is not running.

BTW, thanks for the work with snowflake. It was ported right away in tor-control-panel. Not sure it should be left at this time. It could be disabled until Tor Browser 9 becomes stable.


#9

Yes! It should be disabled until we make snowflake-client available in Whonix-Gateway. We don’t have to wait until Tor Browser 9 to become stable, I just need to somehow get it into Whonox-Gateway.


#10

Minor: man page needs author.


There is a diff between:

Could you please have a look if there are any enhancements from ACW that should be forward ported to tor-control-panel?


#11

Testing this on plain Debian.



tor-control-panel 
Traceback (most recent call last):
  File "/usr/bin/tor-control-panel", line 3, in <module>
    from tor_control_panel import tor_control_panel
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 15, in <module>
    from . import tor_status, tor_bootstrap, torrc_gen, info
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_status.py", line 9, in <module>
    from anon_connection_wizard import repair_torrc
ImportError: No module named 'anon_connection_wizard'

So we either need to depend on ACW, merge that ACW code into tor-control-panel or move that code into anon-shared-helper-scripts (if that makes sense) and depend on that.


tor-control-panel 
QLayout: Attempting to add QLayout "" to QFrame "", which already has a layout
tail: cannot open '/var/run/tor/log' for reading: No such file or directory
Traceback (most recent call last):
  File "/usr/bin/tor-control-panel", line 4, in <module>
    tor_control_panel.main()
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 743, in main
    tor_controller.refresh(True)
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 709, in refresh
    self.refresh_user_configuration()
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 664, in refresh_user_configuration
    self.bridges_type.setText(args[0])
TypeError: 'NoneType' object is not subscriptable

#12

Testing in Whonix. Starting as non-root.

tor-control-panel
QLayout: Attempting to add QLayout "" to QFrame "", which already has a layout
NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 587, in configure
    torrc_gen.gen_torrc(args)
  File "/usr/lib/python3/dist-packages/tor_control_panel/torrc_gen.py", line 66, in gen_torrc
    with open(torrc_file_path, "w") as f:
PermissionError: [Errno 13] Permission denied: '/usr/local/etc/torrc.d/40_anon_connection_wizard.conf'
Aborted

Could you please mimic ACW?

anon-connection-wizard
ERROR: This must be run as root!
Use "kdesudo".

#13

A batch of commits.

Minor:

  • merge “fix lintian warnings”
  • check if run as root
  • author in man page

The last one should fix some bigger issues.

@iry Could you review ?

The package does not longer depends on ACW.

tor-control-panel is running in plain Debian. Still having a problem with Tor log. There is no /run/tor/log neither /var/tor/log. The log output should probably be set to a file in torrc (Log notice err File somefile). Had no time test further.


#14

Debian’s Tor default log:

/usr/share/tor/tor-service-defaults-torrc

Log notice file /var/log/tor/log

But user user cannot access it due to access rights.


This is a problem:

torrc_file_path = '/etc/torrc.d/40_tor_control_panel.conf'

When ACW created /etc/torrc.d/40_anon_connection_wizard.conf earlier, these settings will conflict with each other. So perhaps just stick with /etc/torrc.d/40_anon_connection_wizard.conf?

That brings us to a related point. What is the future of ACW? We’ll still need it at first boot? So let’s just put the code for enabling/disabling Tor / bridges into anon-shared-helper-scripts package?


#15

Or perhaps easier: we merge ACW into tor-control-panel?


#16

tor-control-panel uploaded to all stretch repositories.


#17

#18

#19

I was ready to change this, because it seems to be conflicting with anon-gw-anonymizer-config.

Changed the path in the others files.


#20

A couple of commits.