What should whonixcheck do when it detects being run inside a TemplateVM?

What should whonixcheck do when it detects being run inside a TemplateVM?

Skip all tests that require networking?

Do nothing, i.e. explain to not run whonixcheck in a TemplateVM?

Skip anonymity leak tests?

Other ideas?

I would say to have it check for networking first. As I remember, when first setting the Whonix templates up I was instructed to set the whonix-gateway as the net-vm for the Whonix templates. That is how I continue to have it set up.

Can you please explain why it shouldn’t be run in the TemplateVMs? Wouldn’t it be nice to know that everything was working as expected considering we are Torifying APT? And also, regarding the related thread, wouldn’t we need to know about new versions of TB?

FYI

[hr]

What should Tor Browser Updater (Whonix) do in a TemplateVM?
--> https://forums.whonix.org/t/what-should-tor-browser-updater-whonix-do-in-a-templatevm

[hr]

Tor Browser Updater (Whonix) latest development status:
https://phabricator.whonix.org/T400

[hr]

whonixcheck Tor Browser update check:

Tor Browser update check has been deprecated, because local version detection code was broken since Tor Browser got its own internal updater. Also since Tor Browser now automatically updates itself without asking, there is less need for this test.
https://phabricator.whonix.org/T400
And also, regarding the related thread, wouldn't we need to know about new versions of TB?
No, see above.
I would say to have it check for networking first. As I remember, when first setting the Whonix templates up I was instructed to set the whonix-gateway as the net-vm for the Whonix templates. That is how I continue to have it set up.
Worth checking. This is already implemented in qubes-whonix: - https://github.com/Whonix/qubes-whonix/blob/105efc3c7cd9a3c59b5c81bb2cd7ef43faf636ec/usr/lib/qubes-whonix/qubes-whonixsetup#L50-L58 - https://github.com/Whonix/qubes-whonix/blob/105efc3c7cd9a3c59b5c81bb2cd7ef43faf636ec/usr/lib/qubes-whonix/messages.yaml#L10-L17
Can you please explain why it shouldn't be run in the TemplateVMs? Wouldn't it be nice to know that everything was working as expected considering we are Torifying APT?
whonixcheck already works in whonix-ws TemplateVMs.

whonixcheck does not yet work in whonix-gw TemplateVMs. Because the tests checking Tor fail, because Tor does not get started within the TemplateVM. It’s possible to fix this. To make it run “more like in a workstation VM”. I was wondering if that’s worth the effort. It probably is.

I agree. It is better to have the templateVMs work as a unit.

The following ticket will have major influence on this topic.

The solution will probably be whonixcheck running in TemplateVMs should skip all tests that require networking.