Whonix host operating system ISO

Sir @onion_knight we need you, Whonix Host needs you, Freedom needs you.

1 Like

@HulaHoop Thanks for your kind message! :slight_smile:
Sorry if you have the feeling that I let you down. I was indeed less involved with the project lately. I want back and I also want this thing to succeed, but I guess that I won’t be able to do it alone due to my limited abilities as a developper.
All right, let me at least catch up with the new topics and try to build anew from scratch a Whonix Host Operating machine, and see where we stand with this project, what works, what doesn’t, and what still needs to be done.



No worries. Your previous contributions were instrumental in moving this project forward! I don’t think we’d have the iso generation code without your original research and implementation and much more. If you can keep up with as you did previously, that would already be a big help!

1 Like

Building (sudo ~/Whonix/whonix_build --build --target iso --flavor whonix-host-xfce --freedom false) fails at 1700_install-packages step:

Depends: security-misc but it is not going to be installed

And then installation of security-misc fails, because:

+ export IFS
+ '[' '!' '' = yes ']'
+ echo '/var/lib/dpkg/tmp.ci/preinst: ERROR: No user is a member of group '\''sudo'\''. Installation aborted.'
/var/lib/dpkg/tmp.ci/preinst: ERROR: No user is a member of group 'sudo'. Installation aborted.
+ echo '/var/lib/dpkg/tmp.ci/preinst: ERROR: You probably want to run:'
/var/lib/dpkg/tmp.ci/preinst: ERROR: You probably want to run:
+ echo ''

I chose to ignore the error and continue the build for the moment.

1 Like

Because of this error dpkg was interrupted and I had to chroot inside the raw file and apt install -f to finish the dpkg process by hand.
Furthermore, the following packages were not properly installed and automatically removed:

kicksecure-cli kicksecure-dependencies-cli kicksecure-xfce
  whonix-host-xfce-kvm-freedom whonix-host-xfce-kvm-nonfreedom

Anyway the resulting disk image is completely broken.

I’ll try it again from scratch once this error has been fixed… Unless someone has a proven method of building Whonix-Host.

1 Like

It’s related to the old discussion on how user user should be created.
( Whonix Desktop Installer with Calamares - field report - #81 by Patrick )

For Non-Qubes-Whonix VM builds user user is created by anon-base-files postinst script.


For Whonix Host builds this code does not run. This was a result of the discussion how user user (and user groups) should be created.

Nowadays security-misc disabled root login for better security (among a ton of other security hardening).

Since security-misc is also used outside of Whonix, there is a check to not install if there are no users in group sudo. This check is implemented in security-misc preinst.

security-misc/security-misc.preinst at master · Kicksecure/security-misc · GitHub

Meanwhile perhaps remove security-misc from anon-meta-packages debian/control?

anon-meta-packages/control at master · Whonix/anon-meta-packages · GitHub

In that case (easiest), add to build command

--allow-untagged true --allow-uncommitted true

That should help avoiding issues some sudo/root access issues security-misc can be figured out later.

I think I suggested to avoid live-config so we don’t involve any of its user user creation code.

Whonix Desktop Installer with Calamares - field report - #124 by Patrick

I’ll try to fix the build.

Could you please check package live-config? Maybe it’s mostly about the scripts in /lib/live/config/. What stuff we need?

Perhaps we can get rid of live-config or re-implement the few bits that we do need.

I try to use “standard” anon-base-files for user user and groups creation and dropping live-config. Seems the less complex solution to this issue.

As far as I remember, we need at least a script for user creation during boot, and probably some other small stuff that I don’t remember of yet.

From man live-config:

       live-config can be easily customized for downstream projects or local usage.

   Adding new config components
       Downstream projects can put their components into /lib/live/config and do not need to do anything else, the components will be called automatically during boot.

       The components are best put into an own debian package. A sample package containing an example component can be found in /usr/share/doc/live-config/examples.

   Removing existing config components
       It is not really possible to remove components itself in a sane way yet without requiring either to ship a locally modified live-config package  or  using  dpkg-divert.  However,  the  same  can  be
       achieved  by  disabling the respective components through the live-config.nocomponents mechanism, see above. To avoid to always need specifying disabled components through the boot parameter, a con‐
       figuration file should be used, see above.

       The configuration files for the live system itself are best put into an own debian package. A sample package containing an example configuration can be found in /usr/share/doc/live-config/examples.

       live-config currently features the following components in /lib/live/config.

           allows one to apply arbitrary preseed files placed on the live media or an http/ftp server.

           configures /etc/hostname and /etc/hosts.

           adds a live user account.

           grants sudo privileges to the live user.

           configures locales.

           configures locales-all.

           configures /etc/timezone.

           configures autologin in gdm3.

       kdm configures autologin in kdm.

           configures autologin in lightdm.

           configures autologin in lxdm.

           configures autologin in nodm.

           configures autologin in slim.

           configures autologin with xinit.

           configures the keyboard.

           configures systemd autologin.

           configures sysvinit.

           configures sysv-rc by disabling listed services.

           disables lastlog.

           disables apport.

           disables lock button for the screen.

           disables hibernation.

           disables the screensaver locking the screen.

           disables KDE migration wizard (squeeze and newer).

           disables some unwanted KDE services (squeeze and newer).

           grant user privilegies through policykit.

           regenerating ssl snake-oil certificates.

           disables anacron.

           disables util-linux' hwclock.

           disables lastlog.

           configures xserver-xorg.

           configures broadcom-sta WLAN drivers.

           recreates openssh-server host keys.

           configures xfce4-panel to default settings.

           disables the screensaver locking the screen.

           allows one to run arbitrary commands from a file placed on the live media or an http/ftp server.

I guess better if re-implemented. A quick search looks like Tails also stopped using live-config.

/usr/lib/whonix-libvirt/install is currently breaking the build on a host system that has VirtualBox installed. During virsh -c qemu:///system net-start "default" it freezes everything.

Maybe it would be better to not do this during build inside chroot? Would be ok too if /usr/lib/whonix-libvirt/install was executed during first boot using a systemd unit file?

Great, would you mind sharing the links? Couldn’t find anything.

Meanwhile I did that and managed to complete the build without errors. Some did get wrong though, as the ISO file kernel panics on boot…

1 Like


site:tails.boum.org "live-config"

(Search only on domain tails.boum.org for exact string live-config.)

Thanks, will have a look.
My newly built Host VM (.raw file) also kernel panics when booting into live mode:

line 244: can't open '/scripts/live' : No such file or directory
1 Like

this https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831637 ?

Or we don’t have initramfs or dracut installed?


no, but package live-boot was not installed during the build… After installing it, it works.

1 Like

Quite possible. I commented out pkg-add-to-install-list live-config. (In a later tag that I didn’t mention yet.)

live-boot is needed? I guess, yes. Then I’ll add to build-steps.d/1700_install-packages now that live-config is gone?

(live-config probably pulled live-boot as a dependency.)

Yes, live-boot is needed. Oddly enough, live-config was installed, but not live-boot.
Did you comment out live-boot for kicksecure only or for all builds?

1 Like

This was the only related thing I did:


There was no live-boot explicitly written anywhere.

(Well, pacakge grub-live depends on live-boot but I am not sure that gets installed for Whonix Host ISO builds (yet).)