Whonix 14 build error regarding cowbuilder

I’m having trouble building the latest version of Whonix from source. I keep getting an error about cowbuilder and 1100_prepare-build-machine. I thought someone like @Patrick might know what’s wrong. The people I heard from on IRC say they don’t build Whonix and can’t help.

Here is the part within the pound symbols:

############################################################
ERROR in ././build-steps.d/1100_prepare-build-machine detected!
anon_dist_build_version:
(whonix_build_error_counter: 1)
(benchmark: 01:39:27)
trap_signal_type_previous: unset
trap_signal_type_last : ERR
process_backtrace_result:
1: : /sbin/init
2: : kdeinit5: Running…
3: : /usr/bin/ksmserver
4: : /usr/bin/plasmashell --shut-up
5: : /usr/bin/konsole
6: : /bin/bash
7: : sudo REPO_PROXY=http://127.0.0.1:3142 /home/user/Whonix/whonix_build --flavor whonix-gateway-xfce --target virtualbox --build
8: : /bin/bash /home/user/Whonix/whonix_build --flavor whonix-gateway-xfce --target virtualbox --build
9: : /bin/bash ././build-steps.d/1100_prepare-build-machine
function_trace_result:
main (line number: 425)
main (line number: 421)
cowbuilder_setup (line number: 144)
errorhandlergeneral (line number: 334)
errorhandlerprocessshared (line number: 169)
last_failed_bash_command: $COWBUILDER_PREFIX cowbuilder --create --configfile “$whonix_build_pbuilder_config_file” --distribution “$whonix_build_apt_stable_release” --mirror “$whonix_build_apt_sources_mirror” --extrapackages “sudo devscripts debhelper strip-nondeterminism fakeroot apt-transport-tor python $eatmydata_maybe_install”
last_failed_exit_code: 1
ERROR in ././build-steps.d/1100_prepare-build-machine detected!
############################################################

If anyone needs more console log, I can provide it.

More output required indeed.

There were several hundred lines of packages being installed, basically things like:

[goes back hundreds of lines]
I: Configuring apt…
I: Configuring cpp-6…
I: Configuring cpp…
I: Configuring libgcc-6-dev:amd64…
I: Configuring libstdc+±6-dev:amd64…
I: Configuring gcc-6…
I: Configuring g+±6…
I: Configuring gcc…
I: Configuring g++…
I: Configuring build-essential…
I: Configuring libc-bin…

Here’s what came after that, and probably pertains more to the problem:

I: Base system installed successfully.
I: debootstrap finished
I: copying local configuration
I: Installing apt-lines
I: Refreshing the base.tgz
I: upgrading packages
I: mounting /proc filesystem
I: mounting /sys filesystem
I: creating /{dev,run}/shm
I: mounting /dev/pts filesystem
I: redirecting /dev/ptmx to /dev/pts/ptmx
I: installing dummy policy-rc.d
Ign:1 Index of /debian stretch InRelease
Hit:2 Index of /debian stretch Release
Reading package lists…
FATAL → Failed to fork.
I: unmounting dev/ptmx filesystem
I: unmounting dev/pts filesystem
I: unmounting dev/shm filesystem
I: unmounting proc filesystem
I: unmounting sys filesystem
E: pbuilder create failed
I: forking: rm -rf /var/cache/pbuilder/base.cow
++ retry_last_failed_bash_command_exit_code=1
++ true
++ ‘[’ 1 = 0 ‘]’
++ true ‘INFO: Retry failed. exit code of last_failed_bash_command: 1 ’
++ last_failed_exit_code=1
++ last_failed_bash_command=’$COWBUILDER_PREFIX cowbuilder --create --configfile “$whonix_build_pbuilder_config_file” --distribution “$whonix_build_apt_stable_release” --mirror “$whonix_build_apt_sources_mirror” --extrapackages “sudo devscripts debhelper strip-nondeterminism fakeroot apt-transport-tor python $eatmydata_maybe_install”’
++ ‘[’ ‘!’ ‘’ = ‘’ ‘]’
++ true ‘INFO: Skipping whonix_build_dispatch_after_retry (–retry-after), because empty, ok.’
++ ‘[’ 1 = 0 ‘]’
++ errorhandlerprocessshared ‘NONE_(called_by_errorhandlerretry)’
++ last_script=././build-steps.d/1100_prepare-build-machine
++ trap_signal_type_previous=ERR
++ ‘[’ ERR = ‘’ ‘]’
++ trap_signal_type_last=‘NONE_(called_by_errorhandlerretry)’
++ whonix_build_error_counter=2
+++ benchmarktimeend 1547854207
++++ date +%s
+++ benchmarktimeend=1547860396
+++ benchmark_took_seconds=6189
++++ convertsecs 6189
++++ local h m s
++++ (( h=6189/3600 ))
++++ (( m=(6189%3600)/60 ))
++++ (( s=6189%60 ))
++++ printf ‘%02d:%02d:%02d\n’ 1 43 9
+++ echo 01:43:09
++ benchmark_took_time=01:43:09
++ processbacktracefunction
++ true ‘INFO: BEGIN: processbacktracefunction’
++ ‘[’ -o xtrace ‘]’
++ set +x
++ true ‘INFO: END : processbacktracefunction’
++ functiontracefunction
++ true ‘INFO: BEGIN: functiontracefunction’
++ ‘[’ -o xtrace ‘]’
++ set +x
++ true ‘INFO: END : functiontracefunction’
++ output_cmd_set
++ ‘[’ -o xtrace ‘]’
++ output_cmd=true
++ true ’
############################################################
ERROR in ././build-steps.d/1100_prepare-build-machine detected!
anon_dist_build_version:
(whonix_build_error_counter: 2)
(benchmark: 01:43:09)
trap_signal_type_previous: ERR
trap_signal_type_last : NONE_(called_by_errorhandlerretry)
process_backtrace_result:
1: : /sbin/init
2: : kdeinit5: Running…
3: : /usr/bin/ksmserver
4: : /usr/bin/plasmashell --shut-up
5: : /usr/bin/konsole
6: : /bin/bash
7: : sudo REPO_PROXY=http://127.0.0.1:3142 /home/user/Whonix/whonix_build --flavor whonix-gateway-xfce --target virtualbox --build
8: : /bin/bash /home/user/Whonix/whonix_build --flavor whonix-gateway-xfce --target virtualbox --build
9: : /bin/bash ././build-steps.d/1100_prepare-build-machine
function_trace_result:
main (line number: 425)
main (line number: 421)
cowbuilder_setup (line number: 144)
errorhandlergeneral (line number: 334)
errorhandlerprocessshared (line number: 220)
errorhandlerretry (line number: 154)
errorhandlerprocessshared (line number: 169)
errorhandlerprocessshared (line number: 169)
errorhandlergeneral (line number: 334)
cowbuilder_setup (line number: 144)
main (line number: 421)
main (line number: 425)
last_failed_bash_command: $COWBUILDER_PREFIX cowbuilder --create --configfile “$whonix_build_pbuilder_config_file” --distribution “$whonix_build_apt_stable_release” --mirror “$whonix_build_apt_sources_mirror” --extrapackages “sudo devscripts debhelper strip-nondeterminism fakeroot apt-transport-tor python $eatmydata_maybe_install”
last_failed_exit_code: 1
ERROR in ././build-steps.d/1100_prepare-build-machine detected!
############################################################
’
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = INT ‘]’
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = TERM ‘]’
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = ERR ‘]’
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = ‘NONE_(called_by_errorhandlerretry)’ ‘]’
++ true ‘INFO: trap_signal_type_last: NONE_(called_by_errorhandlerretry), considering auto retry…’
++ ‘[’ ‘!’ 1 = 0 ‘]’
++ ‘[’ 2 = ‘’ ‘]’
++ ‘[’ -n 1 ‘]’
++ ‘[’ -n 5 ‘]’
++ local first
++ read -r first _
++ ‘[’ ‘$COWBUILDER_PREFIX’ = error_ ‘]’
++ ‘[’ 2 -gt 1 ‘]’
++ true 'INFO: Auto retried (–retry-max) already 1 times. No more auto retry. ’
++ unset whonix_build_auto_retry_counter
++ true
++ ignore_error=false
++ answer=
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = ERR ‘]’
++ ‘[’ ‘NONE_(called_by_errorhandlerretry)’ = ‘NONE_(called_by_errorhandlerretry)’ ‘]’
++ true 'INFO: whonix_build_non_interactive: ’
++ ‘[’ ‘’ = true ‘]’
++ ‘[’ -t 0 ‘]’
++ true ‘INFO: stdin connected to terminal, using interactive error handler.’
++ true ’ ERROR in ././build-steps.d/1100_prepare-build-machine detected!
Please have a look above (the block within ###…), note the command that failed, last_failed_exit_code and its output (further above).

• Please enter c and press enter to ignore the error and continue building. (Recommended against!)
• Please press r and enter to retry.
• Please press s and enter to open an chroot interactive shell.
• Please press a and enter to abort.’
  ++ read -p 'Answer? ’ answer
  Answer?

I don’t have a great answer for this.

Whonix build script automates running programs that originate from regular Debian packages. One of them is cowbuilder. The command cowbilder that is failing would very most likely also fail if run manually by you.

Please scroll up to the cowbuilder command and run it manually (as root, with sudo) - very most likely the same error would happen. If that is the case, then “not a Whonix bug”.

The issue further complicates since cowbuilder internally uses apt-get. So it’s hard to pinpoint the culprit.

I can’t reproduce the issue so I likely will not be able to help much with debugging and fixing it.

Search in search engines for:

"FATAL -> Failed to fork."

If you want this fixed you might have to contact the cowbuilder and/or apt-get maintainers and work with them to debug this issue.

Possibly causes:

• Build inside Debian? Required as per build documentation.

• Low RAM issue. Add more RAM to your build machine or build VM.

Possible workarounds:

• Try a different file system such as ext4.

The log is saying that some of the packages involving network and dhcp are unsigned, but so far it’s compiling. Is that okay?

Thank you very much, @Patrick. Your advice about increasing RAM was part of the solution. I also had to allow untagged and uncommitted changes. After those fixes, I was able to compile a 32-bit version of the latest Whonix from the repo. Is there anything wrong with using an untagged release even though it’s the latest?

No.

Should only be used if you know what you’re doing and since you don’t know, then you’re doing something wrong.

I’ll change to a tagged release then, but why are there no “-stable” releases for Whonix 14? I see two stable ones for Whonix 13. Would you recommend version “14.0.0.9.9-developers-only”?

Forgotten. Created.

Thanks for helping me out, @Patrick. I’ll try compiling a tagged release and see if it complains about unsigned packages again.

I built both the gateway and workstation, and I have the full log of the workstation’s build process. After searching for “unsigned”, I see that many packages have lines like this:

I: Extracting source
dpkg-source: warning: extracting unsigned source package (anon-gw-anonymizer-config_5.0-1.dsc)
dpkg-source: info: extracting anon-gw-anonymizer-config in anon-gw-anonymizer-config-5.0

I used --connection onion and did not allow untagged or uncommitted changes, so I’m not sure what these lines mean.

I was thinking of distributing my custom build but I don’t know if it’s a good idea since I don’t understand those warnings. Based on the warning I showed above, would you say this is still unsafe, despite the command-line options I used? @Patrick

That one is new, and can be safely ignored. Added to documentation just now. See Expected Build Warnings

Check if the warning is listed on Expected Build Warnings and if not please post it here for triage.

dpkg-source: warning: extracting unsigned source package isn’t unsafe.

Enable Whonix repository or not enable Whonix repository? Up to you but up for consideration.

export WHONIX_APT_REPOSITORY_OPTS='--enable --repository stable'

I will slightly update Dev/Redistribution - Whonix for more clarity now. Update soon.

See if this helps.

Thank you for the detailed reply. It’s good to hear that my build is most likely secure.