Whonix-Host Operating System (OS) ISO

Merged. And made installable. (Solved packaging issue of overwriting file by different package.) Included in Whonix 15.0.1.2.3-developers-only.

But that’s not an ideal solution yet. Might be better to use update-initramfs and stay as close to /usr/lib/x86_64-linux-gnu/calamares/modules/initramfs/main.py as possible?

Therefore…


File /usr/lib/x86_64-linux-gnu/calamares/modules/initramfs/README.md might be slightly outdated (but helpful nonetheless).

live-config debian/changelog says “Moving initramfs-tools scripts content to live-tools.” Alright, so lets look into package live-tools.

debian/live-tools.preinst does

dpkg-divert --package live-tools --quiet --add --rename --divert /usr/sbin/update-initramfs.orig.initramfs-tools /usr/sbin/update-initramfs

debian/live-tools.postrm does

dpkg-divert --package live-tools --quiet --remove --rename --divert /usr/sbin/update-initramfs.orig.initramfs-tools /usr/sbin/update-initramfs

Options:

  • (not preferred) modify /usr/lib/x86_64-linux-gnu/calamares/modules/initramfs/main.py to use /usr/sbin/update-initramfs.orig.initramfs-tools
  • (better but non-ideal) add uninstall live-tools before installing
  • running sudo sh -x /var/lib/dpkg/info/live-tools.postrm remove should work in theory but in practice the script is not idempotent (does not support re-running) therefore uninstallation during calamares package remove step would fail. Possibly a packaging but but that won’t be fixed before bullseye even if reported.
  • sudo apt --yes purge live-tools might help (but then calamares might might choke [1]) Run that command somehow automated after boot?
  • (ideally) Or we could have calamares have apt purge live-tools by modifying /etc/calamares/settings.conf? Module packages removes from chroot not from live disk, right? Invent our own calamars module for apt purge live-tools that runs early?
  • Or keep as is?

[1] We could change /etc/calamares/modules/packages.conf (packages.conf) from remove to try_remove. I.e. failing open rather than closed. Then calamares would be less picky about trying to remove package(s) that are already removed and not consider it a failure. Maybe would ease development?