I had the misfortune to update whonix-gateway-18 by accident. I cannot afford it until TCP is merged (this is not a request).
The result is rather unexpected.
After purging ACW (because of privleap conflict), building and installing the package from kicksecure, sdwdate-gui crash on a strict_config_parser module not found.
I compared kicksecure and arraybolt3 packages. arraybolt3 is 9 commits behind kicksecure, but strict_config_parser is not there. After forking, building and installing arraybolt3 version, it works like a charm.
Yes, but why were they not updated ? I had to use apt install -āreinstall to get the ante last version (3:48.2-1). The latest version is 3:48.4-1. Probably not merged yet.
While processing the newnym signal, the button is grayed, and is enabled back after itās completed. You can check that when custom bridges are used, it takes more time.
While trying a solution to avoid tor_config_sane, I discovered that it depends on helper-scripts, which is called in anon-gw-anonymizer-config/tor-config-sane.
That looks like tor a tortuous way to write a pseudo torrc when /usr/local/etc/torrc.d/40_tor_control_panel.conf is missing.
The way around: in both TCP and ACW, we write a proper torrc template (including DisableNetwork 0) at the very start of of the applications. This is five lines of code. Thus it is transparent to the user and we can remove the redundant if torrc_path_exists in the whole package (firstly, i was astonished by their number).
I cannot see any security issue with this solution, but you are better judges than me.
tor-config-sane has a lot more functionality than writing 1 configuration file. These are stable bash scripts which arenāt easily rewritten in python without introducing new bugs.
repair-torrc makes sure /etc/tor/torrc file and /etc/torrc.d/usr/local/etc/torrc.d exists, creates missing configuration files and fixes existing configuration files if these lack %include lines. Itās also fixing file permissions and file ownership.
If you want to make TCP work with non-Whonix, whatās the plan for adding an %include line to /etc/tor/torrc?
These scripts shouldnāt be trashed for the sake of rewriting them in python.
Instead, if it sounds useful, and if your goal is non-Whonix supportā¦
Could you move these scripts to TCP;
Use different file paths (not including helper-scripts);
Rename them if needed;
Make them compatible with non-Whonix;
Then call these scripts from python?
If TCP gained non-Whonix support, that would be cool, because then it would gain Kicksecure support.
If bash sounds too complicated, we would probably be able to do this.
TCP at the moment has a lot of GUI dependencies. So it would not be ideal for a CLI / server version. But I think we would be able to deal with this on the packaging level. The single 1 source code repository TCP could generate 2 packages. 1 packages which shipping all files (including scripts such as tor-config-sane and repair-torrc) (tor-control-panel-files) and 1 package (tor-control-panel) shipping no files but Depends: tor-control-panel-files and all GUI dependencies.