- anon-apps-config
- anon-connection-wizard
-
anon-gw-anonymizer-config
- disable debsums during postinst since too slow
- show output of
debsums -ce | grep torrcduring postinst - /usr/lib/anon-gw-anonymizer-config/torrc-d-cleaner: fix Avoid moving
/etc/torrc.d/95_whonix.confto/etc/torrc.d/backup/95_whonix.conf.dpkg-newduringanon-gw-anonymizer-configpackage upgrades. - disable the following Tor stream isolation ports - privoxy 9112 - polipo 9113 - Tor Browser Updater by Whonix Developers gpg 9116 - TorChat 9119 - mixmaster update 9120 - mixmaster 9121 since deprecated applications in Whonix and no longer in use
- whonixcheck → systemcheck migration
- add anon-consensus-delete
- improve anon-log
- improve anon-log
- add anon-log anon-log is a user-friendly wrapper around the journalctl in Whonix to view Tor related log entries while filtering out irrelevant log output, non-issues.
- install no longer no longer required auditd by default https://phabricator.whonix.org/T537
-
anon-meta-packages
- move Kicksecure specific packages to https://gitlab.com/whonix/kicksecure-meta-packages
- actually not install orca by default due to extra services running (speech-dispatcher) needs more work https://www.whonix.org/wiki/Orca
- update package names
- whonixsetup → setup-dist
- missing dependencies for orca-screen-reader-support
- install orca by default in Non-Qubes-Whonix
- new meta package orca-screen-reader-support
- install vm-config-dist also in Qubes-Whonix to have
QMLSCENE_DEVICE=softwarecontextworkaround available - whonixcheck → systemcheck migration
- no longer install SecBrowser by default in Kicksecure https://www.whonix.org/wiki/Dev/Kicksecure_Default_Browser https://forums.whonix.org/t/chromium-browser-for-kicksecure-discussions-not-whonix/10388
- no longer install qtox by default Thanks to @madaidan for the suggestion! https://forums.whonix.org/t/tox-qtox-whonix-integration/1219/18
- anon-shared-build-apt-sources-tpo
- anon-ws-base-files
-
anon-ws-disable-stacked-tor
- disable the following port forwardings from Whonix-Workstation to Whonix-Gateway - 9153 (Tor Messenger default ControlPort) since deprecated applications in Whonix and no longer in use
- disable the following port forwardings from Whonix-Workstation to Whonix-Gateway - 9152 (Tor Messenger default SocksPort) - 11109 (TorChat default SocksPort) since deprecated applications in Whonix and no longer in use
-
apparmor-profile-dist
- Cannot use:
rPxAVC apparmor=“DENIED” operation=“exec” info=“no new privs” error=-1 profile=“/usr/lib/systemcheck/census” name=“/usr/bin/tor-circuit-established-check” Might be fixed in later kernel version. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1844186/usr/bin/tor-circuit-established-check rix, - fix, rCx → rPx
/usr/bin/tor-circuit-established-check rix,→rCx
- Cannot use:
-
apparmor-profile-everything
- Include init-systemd tunables (Thanks to madaidan!)
- Fixes (Thanks to madaidan!)
- Correct file name (Thanks to madaidan!)
- Add sys_pci and dev_ttys tunables (Thanks to madaidan!)
-
debug-misc
- allow unlimited core dumps by default
- simplify creation of coredump files config-package-dev hide /etc/security/limits.d/30_security-misc.conf
- add helper tool to cause a segfault for testing purposes.
segfault-buildcreatessegfault-run. Runningsegfault-runresults insegfault-runterminating with a segfault. This is useful to test if coredump files are being generated when an application crashes. sudo segfault-build > /usr/sbin/segfault-build: SUCCESS. You can now run: > segfault-run segfault-run > Segmentation fault (core dumped) echo $? > 139
- dist-base-files
-
genmkfile
- Revert “genmkfile install: use
cpwith--archive” This reverts commit 3a3fb75c3a32d6c00604fe6fdd91072736bd8ea0. - genmkfile install: use
cpwith--archiveto use same file permissions in installation folder than in source folder to fix sudo ./usr/bin/genmkfile install - hardened-malloc-kicksecure
manseccompworkaround https://forums.whonix.org/t/hardened-malloc-hardened-memory-allocator/7474/135
- Revert “genmkfile install: use
-
hardened-kernel
- Optionally enable kprobes/ftrace for LKRG support (Thanks to madaidan!)
-
helper-scripts
- hardened-malloc-type-test
- add hardened-malloc-enabled-test
- improve onion-time-pre-script
- add new tool apparmor-watch
- whonixcheck → systemcheck migration
- anondate-get: do not show time earlier than minimum-unixtime-show
- anondate-set: do not set time earlier than minimum-unixtime-show
- add minimum-time-check
- give up on anondate-set for now https://www.whonix.org/wiki/Dev/TimeSync#Fixing_Time_based_on_Tor_Consensus
- new file: usr/bin/minimum-unixtime-show
- handle case when 100% Tor bootstrap done but still no Tor circuit established yet
- [ -n “$LC_TIME” ] || export LC_TIME=C [ -n “$TZ” ] || export TZ=UTC
- add tor-circuit-established-check apparmor profile
- renamed: usr/lib/helper-scripts/tor_circuit_established_check.py → usr/bin/tor-circuit-established-check
- prevent bash
<<<to prevent creation of temporary file to simplify creation of apparmor profiles Use of<<<results in use of temporary files by bash. https://unix.stackexchange.com/questions/429285/cannot-create-temp-file-for-here-document-permission-denied - new file: usr/lib/helper-scripts/sanitize_variable
- show exit code and its meaning
- renamed: usr/lib/helper-scripts/te_pe_tb_check → usr/lib/helper-scripts/onion-time-pre-script
- new file: usr/lib/helper-scripts/restart-tor
- dependencies
- add debian install file (generated using “genmkfile debinstfile”)
- fix time using anondate
- work on fixing time using anondate
- non-UTC fix
- port to /run/qubes/this-is-templatevm
- also provide Tor bootstrap information on Non-Whonix
- no man pages for anondate for now
- move anondate scripts to /usr/sbin folder
- work on anondate
- cannot use ulimit -v yet https://superuser.com/questions/472587/why-does-limiting-my-virtual-memory-to-512mb-with-ulimit-v-crash-the-jvm
- add support for environment variable
maxmemrefactoring - adjust for limit-medium
- same as limit-low
- improve limit-low
- port limit-low to ulimit, ionice and nice
- import changes from limit-low
- systemctl -user import-environment
- add manpages
- add
limit-medium - add
limit-low- constrained system resources program starter wrapper https://forums.whonix.org/t/constrained-system-resources-program-starter-wrapper/10914 - also show apparmor
DENIEDmessages https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/42 - make sure
/etc/ld.so.preloadexistsld-system-preload-disablefails if/etc/ld.so.preloaddoes not exists. > bwrap: Can’t create file at /etc/ld.so.preload: Permission denied Therefore ensure that at least and empty/etc/ld.so.preloadexists. - apparmor-info: exit non-zero if there are DENIED messages https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/30
- do not hardcode sudo https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/29
- add man/apparmor-info.8.ronn
- chmod +x usr/sbin/apparmor-info
- Space (Thanks to madaidan!)
- Create apparmor-info (Thanks to madaidan!)
- kicksecure-base-files
-
live-config-dist
- config-package-dev displace /etc/calamares/modules/bootloader https://forums.whonix.org/t/whonix-host-operating-system/3931/296
- Merge branch ‘onion_knight_2-master-patch-15461’ into ‘master’ Add new file bootloader.conf. Default debian calamares file, with line… See merge request whonix/live-config-dist!1
- Add new file bootloader.conf. Default debian calamares file, with line “efiBootloaderId:” uncommented and added “Debian” to solve “Minimal BASH-like editing…” / “grub>” at boot. See https://forums.whonix.org/t/whonix-host-operating-system/3931/296 (Thanks to Onion Knight!)
-
monero-gui
- monero-gui-linux-x64-v0.17.1.9.tar.bz2 https://web.archive.org/save/https://github.com/monero-project/monero-gui/releases/tag/v0.17.1.9 https://web.archive.org/web/20210109043524/https://www.getmonero.org/downloads/hashes.txt https://web.archive.org/web/20210109043529/https://downloads.getmonero.org/gui/monero-gui-linux-x64-v0.17.1.9.tar.bz2
- delete for upcoming update
-
onion-grater
- Improve systemd sandboxing (Thanks to madaidan!)
- simplify 40_bitcoind.yml (Thanks to qubenix!)
- update 40_bitcoind.yml to work with bitcoind v0.21 (Thanks to qubenix!)
- open-link-confirmation
-
qubes-whonix
- census → canary
- renamed: usr/share/setup-dist/status-files/whonix_repository.skip → usr/share/setup-dist/status-files/repository-dist.skip
- renamed: var/cache/whonix-setup-wizard/status-files/placeholder → var/cache/setup-dist/status-files/placeholder
- whonix-setup-wizard → setup-dist
- binds+=( ‘/var/lib/sdwdate’ ) Time Replay Protection /var/lib/sdwdate/time-replay-protection-utc-unixtime https://www.whonix.org/wiki/Sdwdate#sdwdate_Time_Replay_Protection
- whonixcheck → systemcheck migration
- no more whonixcheck systemd service
- remove /run/updatesproxycheck/status since not required
- port to /run/qubes/this-is-templatevm
- /run/qubes/this-is-appvm
- port from qubesdb-read to /run/qubes/this-is-templatevm to be more robust during upgrades when qubesdb is updated
- Run torified-updates-proxy-check under user
updatesproxycheck. No longer use sudo insidetorified-updates-proxy-check. No longer runtorified-updates-proxy-checkas root. This is to avoid some corner cases with authentication / PAM. Thanks to @marmarek for the suggestion! https://phabricator.whonix.org/T1001 - simplify removal of package
qubes-core-agent-passwordless-root(through packagedummy-dependency)
-
sandbox-app-launcher
- Move some setup code into postinst script (Thanks to madaidan!)
- Remove wx_whitelist (Thanks to madaidan!)
- improve invocation of grep https://forums.whonix.org/t/system-wide-sandboxing-framework-sandbox-app-launcher/9008/331
- Better wording (Thanks to madaidan!)
- Include fs.h and wireless.h (Thanks to madaidan!)
- Permit FICLONE and SIOCGIWMODE ioctls (Thanks to madaidan!)
- Use useradd on non-Debian systems (Thanks to madaidan!)
- fix, sandbox → sal https://github.com/Whonix/sandbox-app-launcher/pull/53
- Unneeded whitespace (Thanks to madaidan!)
- Add option to remove app data (Thanks to madaidan!)
- create /etc/machine-id if not existing https://forums.whonix.org/t/system-wide-sandboxing-framework-sandbox-app-launcher/9008/311
- fix permissions if messed up by something (such as Qubes home folder implementation or after restoration of backup) use sudo long instead of short parameters fix setup already done check: https://forums.whonix.org/t/system-wide-sandboxing-framework-sandbox-app-launcher/9008/310
- Add 20software_rendering_in_vms (Thanks to madaidan!)
- Fix issue when creating directories (Thanks to madaidan!)
-
sdwdate
- sandboxing
- disable sandboxing due to issue https://forums.whonix.org/t/apply-systemd-sandboxing-by-default-to-some-services/7590/50
- systemd sandboxing enhancements Thanks to @madaidan! https://forums.whonix.org/t/apply-systemd-sandboxing-by-default-to-some-services/7590/49
- Improve systemd sandboxing (Thanks to madaidan!)
- sdwdate legacy home folder migration
- increase timeout to 120 seconds due to slow onions
- user
sdwdatelegacy home folder migration - fix, set stdout to
emptyif empty - port to python secrets
- try except decode
- timeout on read
- sys.dont_write_bytecode = True to simplify apparmor profiles
- avoid Popen Shell=true
- autopep8 --in-place --aggressive --aggressive
- show timeout status
- move usr/bin/sdwdate to usr/lib/python3/dist-packages/sdwdate/sdwdate.py
- new file: usr/lib/python3/dist-packages/sdwdate/init.py
- show how long sdwdate will sleep in minutes for better sdwdate-gui and log readability
- fix; refactoring
- refactoring; fix
- fix; refactoring
- refactoring; debugging
- remove no longer required dependency python3-gevent
- Depends: python3-requests
- add dw.com
- create /var/run/sdwdate/fail file in case of failure to set time
- refactoring; improve log output
- improve log output
- add taz,de, themarkup.org, freedom.press / securethe.news
- add privacytools.io
- add duckduckgo
- improve log output
- improve log output
- round took_time to two digits for better readability
- lower debugging
- rename SDWDATE_POOL_ONE, SDWDATE_POOL_TWO, SDWDATE_POOL_THREE to SDWDATE_POOL_ZERO, SDWDATE_POOL_ONE, SDWDATE_POOL_TWO this helps with code simplification since python starts counting at arrays at zero
- static time sanity test: check minimum-unixtime-show
- sanity test
- sdwdate home folder migration
-
Update 30_default.conf changed the archived links according to patrick request:
https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/173 (Thanks to @nurmagoz!) - Update 30_default.conf (Thanks to @nurmagoz!)
- added: systemli main website, security in a box website (Thanks to @nurmagoz!)
- fix parallel execution
- indent
- implement time replay protection abolish shorter sleep on error counters below 3 because preparation() now takes care of that output refactoring
- show median pool lag cleaned diff
- show lag cleaned time diff in fetch summary
- output, refactoring
- show lag cleaned time diff
- correctly calculate took time
- show how much time a request took time
- also check and show exit code of url_to_unixtime
- make sure to not test same failed URL twice refactoring
- allow allowed failures to be 0
- allow running sdwdate with only 1 pool member per pool prevent python exception when sdwdate gets stopped while sleep process is running output refactoring
- fix check_clock_skew
- always use exit_handler
- create file /run/sdwdate/sleep_long when sleeping longer than 10 seconds
- fix minimum sleep time in case of repeated error
- fix maximum sleep time in case of repeated error
- improve exit handler
- improve exit handler
- avoid python3 shell=True in remote_times.py
- print debug and errors to stderr
- collect stderr from url_to_unixtime to allow debugging
- os.environ[‘LC_TIME’] = ‘C’
- disable systemd hardening incompatible with apparmor profile AVC apparmor=“DENIED” operation=“exec” info=“no new privs” error=-1 profile=“/usr/bin/sdwdate” name=“/usr/bin/url_to_unixtime” pid=17091 comm=“sdwdate” requested_mask=“x” denied_mask=“x” fsuid=125 ouid=0 target=“/usr/bin/url_to_unixtime”
- home folder /home/user/sdwdate vs /run/sdwdate when run under user vs sdwdate
- add globaleaks
- add new sdwdate time sources from securedrop list
- move from one pool to another to balance out number of pool members
- prevent sdwdate getting started as root
- create sdwdate_status_files_folder if not existing
- no longer hardcode /run/sdwdate
- improve status file handling
- renamed: usr/lib/sdwdate/restart_fresh → usr/sbin/sdwdate-clock-jump
- dh $@ --with python3
- avoiding sudoers exception
- allow sdwdate to request restart of Tor through creation of file
/run/sdwdate/request_tor_restartthis is an alternative to avoid having to weaken sdwdate systemd hardening to allow restart of Tor - anodate
- new file: usr/share/sdwdate/test-clock-fast new file: usr/share/sdwdate/test-clock-slow
- no longer randomize time by default add
RANDOMIZE_TIME=truefeature output refactoring - https: propublica / privacy international
- modified: usr/share/sdwdate/onion_test_https_manual
- add usr/share/sdwdate/onion_test_https_manual
- add /usr/share/sdwdate/onion_list_all
- remove onions with invalid TLS certificates “http://ltcpool5brio2gaj.onion#https://www.litecoinpool.org/help https://web.archive.org/web/20161114095946/https://www.litecoinpool.org/help” “http://cyphdbyhiddenbhs.onion#Cyph - Encrypted Messenger https://www.cyph.com https://web.archive.org/web/20160827040234/https://www.cyph.com/”
- usatoday onion https
- add http:// prefix to onions
- temporary folder creation no longer required
- “addgroup sdwdate systemd-journal” still required even if apparmor confined
- undo “addgroup sdwdate systemd-journal” better use separate apparmor profiles instead
- allow sdwdate access to systemd journal (required for anondate) anondate code simplification
- fix time using anondate
- set /etc/apparmor.d/usr.bin.url_to_unixtime to complain mode recent changes require profile additions
- rm_conffile /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime
- renamed: etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime → etc/apparmor.d/usr.bin.url_to_unixtime
- restore proxy settings support
- python 3.7 fix if host timezone is set to something other than UTC
- remove grouping if only one member
- add onion v3, https://danwin1210.me and https://ctemplar.com
- update intercept link to onion v3
- update securedrop link to onion v3
- Update 30_default.conf removed non-working links, fixed some other links. (Thanks to @nurmagoz!)
- sdwdate-gui
-
security-misc
- hide-hardware-info: allow unrestricting selinuxfs On SELinux systems, the /sys/fs/selinux directory must be visible to userspace utilities in order to function properly. (Thanks to Kenton Groombridge!)
- skip counting failed login attempts from dovecot Failed dovecot logins should not result in account getting locked. revert “use pam_tally2 only for login”
- use pam_tally2 only for login to skip counting failed login attempts over ssh and mail login
- new file: README_generic.md
- Overhaul documentation (Thanks to madaidan!)
- tb-starter
-
tb-updater
- tbb_hardcoded_version=“10.0.15”
- tbb_hardcoded_version=“10.0.14”
- tbb_hardcoded_version=“10.0.13”
- alpha tbb_hardcoded_version=“10.5a11”
- tbb_hardcoded_version=“10.0.12”
- deprecate SecBrowser
- deprecate https://www.whonix.org/wiki/SecBrowser
- tbb_hardcoded_version=“10.0.10”
- fix changelog
- rename to systemcheck
- alpha tbb_hardcoded_version=“10.5a8”
- tbb_hardcoded_version=“10.0.9”
- whonixcheck → systemcheck migration
- tbb_hardcoded_version=“10.0.8”
- port to /run/qubes/this-is-templatevm
- update signing key https://web.archive.org/web/20201223120236/https://support.torproject.org/tbb/how-to-verify-signature/ https://web.archive.org/web/20201223120229/https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf
-
timesanitycheck
- export TZ=UTC
- export TZ=UTC
- fix, export LC_TIME=C
- genmkfile debinstfile
- export LC_LANG=C
- add apparmor profile
- no man page for now
- renamed: usr/share/timesanitycheck/start → usr/bin/timesanitycheck
- new file: usr/share/timesanitycheck/minimum_unixtime
- modified: usr/share/timesanitycheck/date-minium-file-create
- new file: usr/share/timesanitycheck/date-minium-file-create
- use hardcoded minimum time file instead of build time
- non-UTC fix
- tor-control-panel
-
usability-misc
- add /usr/bin/apt-get-reset
- stop using apt-key since deprecated https://forums.whonix.org/t/apt-2-2-changes/11240/1
- improve orca-kill-at-shutdown.service
- add preset disabled by default systemd unit
orca-kill-at-shutdown.servicesends signal sigterm to the orca screenreader at shutdown https://www.whonix.org/wiki/orca supposed to be enabled througheasyorca(part ofsetup-dist - repo-add-dist
- whonix_repository → repository-dist
- manpage
- add orca-enable-autostart
- update description no longer does anything related to auditd
-
vm-config-dist
- vbox-guest-installer: set correct kernel version inside chroot
- remove no longer required dependency virt-what
- fix, do not create folder /mnt/shared outside of VMs or in Qubes VMs
- do not run inside Qubes VM if not needed
- remove no longer required sudoers exception
- port to systemd-detect-virt since it does not require root/sudo virt-what does require root/sudo
- fix, run vbox-guest-installer only on installation and when triggered Otherwise vbox-guest-installer needlessly runs every this this pacakge is upgraded. Compiling VirtualBox guest additions might fail under some conditions such as low RAM.
- Revert “fix, run vbox-guest-installer only on installation and when triggered” This reverts commit 2dd4ed2a37b0e7cf2801ced2a4fe622d9d73fd19.
- fix, run vbox-guest-installer only on installation and when triggered Otherwise vbox-guest-installer needlessly runs every this this pacakge is upgraded. Compiling VirtualBox guest additions might fail under some conditions such as low RAM.
-
whonix-base-files
-
Fix typos Fixed some typos and inconsistencies that I have noticed after running
/usr/bin/whonix. Please let me know if these are not appropriate. (Thanks to Martin Gul!) - update-grub
- Replaces: whonixsetup, whonix-setup-wizard, whonixcheck, whonix-repository for legacy comparability symlinks
- overwrite lintian warning
- add legacy compatibility symlinks /usr/bin/whonixsetup /usr/sbin/setup-dist /usr/bin/whonix-setup-wizard /usr/bin/setup-wizard-dist /usr/bin/whonix_repository /usr/bin/repository-dist /usr/bin/whonix-repository-wizard /usr/bin/repository-dist-wizard /usr/bin/whonixcheck /usr/bin/systemcheck
- whonixcheck → systemcheck migration
-
Fix typos Fixed some typos and inconsistencies that I have noticed after running
-
whonix-developer-meta-files
- renamed: release/qubes-templates-offical-build-commands → release/qubes-templates-official-build-commands
- stop using apt-key since deprecated https://forums.whonix.org/t/apt-2-2-changes/11240/1
- re-create canary folder every time
- add canary.txt.embed.sig to upload script
- create embed signify-openbsd canary.txt.embed.sig
- re-enable bbc in proof_of_freshness_generator since available again
- add unixtime to proof_of_freshness_generator
- add
gpg--clearsigned andopenbsd-signifysigned version to canary upload script - create signify signature for canary
- create additional canary.txt.clearsign.asc
- whonixcheck → systemcheck migration
- whonix-firewall
- whonix-legacy
- whonix-welcome-page
- whonix-xfce-desktop-config
1 Like
Looks great! So the sandbox-app-launcher and apparmor-profile-everything is getting an official release?