Hi @entr0py !
I would like to confirm if you are proposing a potentially useful GUI application called Whonix Update Manager
which will work in dom0 for Qubes 4 and/or later?
I can definitely look into the problem but could you and @Patrick share some insights on these two questions first:
- Can this problem be solved alternatively than using a GUI application nicely?
- How long will this GUI application be useful aproximately?
Thank you so much!
It’s not clear to me users would notice there is a Qubes-Whonix Update GUI so we could still have this issue, even if an Qubes-Whonix Update GUI could make it easier to change the settings.
Would my suggestions
- add UpdateVM setting to qubes-vm-settings · Issue #3412 · QubesOS/qubes-issues · GitHub
- UpdateVM for templates always defaults to sys-net · Issue #3118 · QubesOS/qubes-issues · GitHub
be solve this and avoid a Qubes-Whonix Update GUI? Or are these just complementary?
@iry Thanks for checking in. I think @Patrick’s ideas would address my usability concerns and at the same time, be more consistent with the Qubes’ UX. We should save your talents for more important projects.
BTW, can anon-connection-wizard configure apt.sources to only use onion repos or clearnet repos? What’s the point of using onion repos if we’re downloading clearnet versions anyway? other than redundancy?
entr0py:
@iry Thanks for checking in. I think @Patrick’s ideas would address my usability concerns and at the same time, be more consistent with the Qubes’ UX. We should save your talents for more important projects.
Great!
BTW, can anon-connection-wizard configure apt.sources to only use onion repos or clearnet repos?
No, that’s not the right tool for it. anon-connection-wizard is more
like tor-connection-wizard (did you ask about the name change @iry?) so
no unrelated features should be mixed into it.
What’s the point of using onion repos if we’re downloading clearnet versions anyway? other than redundancy?
It’s a big change. With Whonix 14 we’re doing a big scale test if these
are working stable. If it is working stable, it will be onion only for
Whonix 15.
Hi @entr0py !
Patrick’s answer to this question is exactly what I thought. anon-connection-wizard
should be (only) in charge of connecting to the Tor network.
Yes. Here is the ticket: Apply Tor trademark for anon-connection-wizard (#23632) · Issues · Legacy / Trac · GitLab
No response received, though.
qubes-template-whonix-*
Might not work? Try qubes-template-whonix-gw
.
Could you try please…?
sudo qubes-dom0-update --enablerepo=qubes-dom0-unstable qubes-template-whonix-gw
sudo qubes-dom0-update --enablerepo=qubes-dom0-unstable qubes-template-whonix-ws
And if it doesn’t work create a ticket at
Issues · QubesOS/qubes-issues · GitHub?
I have several applications that had been failing to start in Whonix 14. Unsetting environmental variable XDG_CONFIG_DIRS seems to fix most of them.
TorMessenger is one such application.
CoyIM may have been another.
I am testing several communications applications in Qubes 3.2/Whonix 14. Including RetroShare, CoyIM, Ricochet, Riot.im, CoyIM, TorMessenger, etc etc
Several of these would not start, and I noticed that some were throwing segmentation fault errors. So, I found the posts about torbrowser crashing, and was able to apply the same advice.
I assume there are no security risks with unsetting this variable? It will just default to some order of searching config directories?
Any idea what is causing the crash? Directories listed that do not exist perhaps?
Environment variables will be fixed after installing upgrades (just now
uploaded) as well as reboot.
To development?
I am on testers, and just upgraded (several whonix packages including whonixcheck and whonix-legacy), but after rebooting all of Qubes, I am still Seg Faulting.
I still need to unset the variable in order to run.
user@host:~$ riot-web
Segmentation fault
user@host:~$ unset XDG_CONFIG_DIRS && riot-web
Starting auto update with base URL: https://riot.im/download/desktop/update/
Auto update not supported on this platform
Whonix 14?
Upgraded from stretch
repository? developers
, testers
and
proposed-updates
also but I don’t want users on developers.
Got whonix-legacy
4.2-1
? Check:
dpkg -l | grep whonix-legacy
Your /var/lib/dpkg/info/whonix-legacy.preinst
should look like this:
https://github.com/Whonix/whonix-legacy/blob/master/debian/whonix-legacy.preinst
Most important is this part:
https://github.com/Whonix/whonix-legacy/blob/master/debian/whonix-legacy.preinst#L402-L412
Is there file
/var/lib/whonix/do_once/thirteen_dot_x_to_fourteen_dot_x_version_5
or
similar?
Qubes reboot not required for sure btw. Only VM reboot required.
Yes, of course.
Yes, I am on Stretch-Testers.
ii whonix-legacy 3:4.2-1 all Prepare older Build Versions of Whonix for Upgrade
It does.
Got that.
Not in that location. That directory has only one file:
bind-dirs-legacy-function-version-1
rebooting Template and TemplateBassedAppVM didn’t correct issue, so I rebooted the entire machine.
This is a clean install of Whonix 14 from Qubes Repo, not an upgraded of Whonix 13. FWIW
Thanks! Good report, that helps a lot.
I think I sorted this.
Upgraded whonix-legacy package should be uploaded soon. When that happens, please upgrade. Then shutdown all Whonix VMs. Then restart the TemplateBasedVMs. (The usual process to make ṕackage upgrades take effect in TemplateBasedVMs.) Should be fixed by then.
To the Whonix-Testers repo? Or should I grab it from github?
I haven’t seen it in APT yet.
received a whonix-legacy update (4.3 I believe?) in my gateway, but not my workstation
actually, I just checked, and I have 4.3-1 installed in Workstation as well.
But still cannot open some applications without unsetting variable.
Please run and post the output of the latter command here.
sudo apt-get update
sudo DEBDEBUG=1 apt-get install --reinstall whonix-legacy
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
Need to get 17.6 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://deb.whonix.org stretch-testers/main amd64 whonix-legacy all 3:4.3-1 [17.6 kB]
Fetched 17.6 kB in 4s (4,014 B/s)
(Reading database ... 156965 files and directories currently installed.)
Preparing to unpack .../whonix-legacy_3%3a4.3-1_all.deb ...
+++ type -t errorhandlergeneral
++ '[' '' = function ']'
++ trap error_handler_pre ERR
++ bash -n /usr/lib/pre.bsh
++ bash -n /var/lib/dpkg/tmp.ci/preinst
++ own_filename=preinst
++ unset skip_script
+ set -e
+ true '
#####################################################################
## INFO: BEGIN: whonix-legacy preinst upgrade' 3:4.3-1 '3:4.3-1
#####################################################################
'
+ true '1: upgrade'
+ true '2: 3:4.3-1'
+ true 'INFO: Configuring whonix-legacy...'
+ get_build_version
+ whonix_build_version='Could not read Whonix Build Version File. (Code: 3) Please report this bug!'
+ local build_version_file
+ '[' -f /usr/share/whonix/build_version ']'
+ '[' -f /var/lib/anon-dist/build_version ']'
+ build_version_file=/var/lib/anon-dist/build_version
+ '[' /var/lib/anon-dist/build_version = '' ']'
+ '[' -f /var/lib/anon-dist/build_version ']'
++ cat /var/lib/anon-dist/build_version
+ whonix_build_version=3:2.4-1
+ '[' 3:2.4-1 = '' ']'
+ true 'whonix_build_version: 3:2.4-1'
+ command -v qubesdb-read
+ dpkg --compare-versions 3:2.4-1 le 3:2.5-1
+ thirteen_dot_x_to_fourteen_dot_x
+ '[' -f /var/lib/whonix/do_once/thirteen_dot_x_to_fourteen_dot_x_version_5 ']'
+ return 0
+ true 'INFO: End configuring whonix-legacy.'
+ true 'INFO: debhelper beginning here.'
+ true 'INFO: Done with debhelper.'
+ true '
#####################################################################
## INFO: END : whonix-legacy preinst upgrade' 3:4.3-1 '3:4.3-1
#####################################################################
'
+ exit 0
Unpacking whonix-legacy (3:4.3-1) over (3:4.3-1) ...
Setting up whonix-legacy (3:4.3-1) ...
What is in Whonix-Workstation the output of…?
env | grep XDG_CONFIG_DIRS
This…?
XDG_CONFIG_DIRS=/usr/share/torbrowser-default-browser/:/usr/share/security-misc/:/usr/share/kde-apper-no-autoupdate/:/usr/share/anon-ws-kde-startmenu/:/usr/share/anon-apps-config/:/usr/share/open-link-confirmation/:/etc/xdg
XDG_CONFIG_DIRS=/usr/share/torbrowser-default-browser/:/usr/share/security-misc/:/usr/share/kde-apper-no-autoupdate/:/usr/share/anon-ws-kde-startmenu/:/usr/share/anon-apps-config/:/usr/share/open-link-confirmation/:/etc/xdg