https://github.com/Whonix/Whonix/commit/21e53c63fd85fb0bdb16c937730103bab3698269
https://github.com/Whonix/Whonix/commit/4dad36875fe3b8d2b6f0a5024fc3626688332cc5
https://github.com/Whonix/Whonix/commit/21e53c63fd85fb0bdb16c937730103bab3698269
https://github.com/Whonix/Whonix/commit/4dad36875fe3b8d2b6f0a5024fc3626688332cc5
freedom vs nonfreedom build siwtches are now implemented.
Example pure build only containing Freedom Software.
sudo ./whonix_build --target qcow2 --flavor whonix-host-xfce --freedom true --build --redistribute
results in installation of package whonix-host-xfce-kvm-freedom
vs Example containing nonfreedom software.
sudo ./whonix_build --target qcow2 --flavor whonix-host-xfce --freedom false --build --redistribute
results in installation of package whonix-host-xfce-kvm-nonfreedom
https://github.com/Whonix/Whonix/commit/d74ec50c6da27cdf066cacd87ce903b39306e9f1
https://github.com/Whonix/Whonix/commit/006dfd933e7902a5cbecc386171ea777d1c5c987
https://github.com/Whonix/Whonix/commit/26802c5566ae9a97cb05d8c01c712fe486e2c354
I’ll be moving as much as possible from the two new build steps to packages. First was vboxsf group issue, next done is package insatllation.
https://github.com/Whonix/Whonix/commit/7897954192072c7b7e7228a29c60195268da6866
I plan on moving as much as possible from function configure-kvm()
to package GitHub - Kicksecure/libvirt-dist: Libvirt XML Files for Derivative Linux Distributions KVM - https:/www.kicksecure.com/wiki/KVM / https://www.whonix.org/wiki/KVM.
https://github.com/Whonix/Whonix/commit/4a03bbe9662a92ebb6d83fddd357c8eb63c5d713
https://github.com/Whonix/whonix-libvirt/blob/master/usr/lib/whonix-libvirt/install
/usr/lib/whonix-libvirt/install
is currently not (yet?) idempotent, meaning
Not yet added to postinst but soon.
I am not sure what’s best. It could be easily made idempotent but then we would keep re-running its commands on each time whonix-libvirt
gets upgraded. I guess the best solution is to make it idempotent but run it only at initial installation. That’s what I’ll be going for unless there are better suggestions.
https://github.com/Whonix/Whonix/commit/597875c6700909cf1e8cd021be0f37d956da68ab
and intend style changes that hopefully did not break anything.
https://github.com/Whonix/Whonix/commit/5e8fc7a31db91dbf6a58a9a1b5bb84a0d98820da
https://github.com/Whonix/Whonix/commit/2306b25846cec9cc6f2acd1b34ad64e7db9bd4e5
This was to make whonix-initializer install on hardened debian / whonix host builds too, so the cleanup chroot script runs there too.
https://github.com/Whonix/Whonix/commit/400827e09b3158618686b151229684f6e4fe7e85
https://github.com/Whonix/Whonix/commit/54fa6e8d1d02912c5328b619eb973e79fd83c674
In whonix-stuff/2950_create_iso_sketch at master · onions-knight/whonix-stuff · GitHub why did you put some commands into ( )
?
For example
(cd $RAW_DIRECTORY/image/ && \
cp /usr/lib/ISOLINUX/isolinux.bin isolinux/ && \
cp /usr/lib/syslinux/modules/bios/menu.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/hdt.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/ldlinux.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/libutil.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/libmenu.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/libcom32.c32 isolinux/ && \
cp /usr/lib/syslinux/modules/bios/libgpl.c32 isolinux/ && \
cp /usr/share/misc/pci.ids isolinux/ && \
cp /boot/memtest86+.bin live/memtest
)
What is the first (
and last )
used for?
I don’t remember. I don’t think they are necessary.
Great. Therefore simplified the code https://github.com/Whonix/Whonix/commit/9b5cfadc82cca8c615ccec51112d7544f6d2cd85 (and hopefully not introduced any bugs).
Wondering about these 3 [and fortunately only] generated source files now.
Is there a more suitable place for grub-embedded.cfg
other than the root /
directory?
Would /image/boot/grub/grub-embedded.cfg
be a good place?
Can we drop /image
from path to be compliant with FHS?
Would it be appropriate if these 3 files were shipped by some package?
Just recognized that /boot/grub/grub.cfg
is not a great idea to be owned by a package that stays installed. That would break the usual upgrade-grub mechanism during apt dist-upgrades.
/image/boot
however (or otherwise) would be ok?
haven’t seen any results on that. Worth trying then see if package changes break anything.