Whonix image builds - new git tags

New forum thread to discuss announce new Whonix image builds.

Now attempting to build 16.0.5.3-developers-only. With become the next point release. Comes with:

• updated deb.torproject.org signing key → Tor integration in Whonix - #23 by Patrick
• tor 0.4.7.8 security fix → Tor integration in Whonix - #24 by Patrick
• Tor Browser 11.0.14 → Tor Browser Integration - #15 by Patrick
• Complete changelog if this becomes the next point release in the usual release announcement.

Build successful. Upload in process. Release announcement pending.

Whonix 16.0.5.3 - for VirtualBox - Point Release!

Am I going to need to build this one instead of 5.1?

16.0.5.3 of course. Why build 16.0.5.1, a later version if there is a newer version 16.0.5.3 with a corresponding stable release from yesterday? Did I somehow create confusion to imply that?

I asked this because I had had already built the now obsolete point releases, but it’s all done now.

Created update issue - fasttrack repository issue for it.

Down the dependency chain, this currently breaks the Whonix build process.

Build 16.0.8.9 succeeded and will likely become the next stable point release.

Actually no, there are some issues to be ironed out.

Build 16.0.9.0 succeeded and will likely become the next stable point release.

Indeed. Whonix 16.0.9.0 - for VirtualBox - Point Release!

17.0.6.9: developers repository as of now.

I don’t know if the tb-updater would still fail during the Qubes build process. For test builds could use --tb open to avoid a failing Tor Browser downloading breaking the build process but then Tor Browser might not be including Tor Browser. tb-updater however should work in the resulting image.

There are many improvements in the developers repository but also a very few remaining unstable things. So not yet in testers.

Building Qubes-Whonix from the testers repository would result in upgraded Debian and Qubes packages. None of the developers repository package upgrades are security critical. Only enhancements.

I planned to attempt a new Qubes-Whonix build once everything is stablized.

All of this was resolved.

Resurrecting this forum thread now.

Major earlier improvements:

• All build dependencies are now automatically installed. There are no more build dependencies the user must install before being able to run derivative-maker. (Except the tool to download the source code, most likely git.)
• derivative-delete command no longer required, because:
  • VirtualBox VMs are now created under Linux user account dm-vbox-temp to avoid conflicts with already existing user VMs.
• dm-prepare-release command no longer required because running it has been automated.

17.2.0.4-developers-only:

• Downgraded stray loop devices sanity test from error to warning to avoid false-positive error complaining about /var/swapfile loop device.
• Updated Tor Project repository signing key.
• Automatically create local signing key if none exists yet, so dm-prepare-release can be run equally in all situations (official builds, CI builds, user custom builds), therefore:
  • Unified images VirtualBox ova are added to ~/derivative-binary folder for better usability as it was done in the previous stable release.

Build documentation has been updated accordingly.

The build has not completed yet. In this case, you can check if the CI build succeeded. Check here:

CI build status: Workflow runs · Whonix/derivative-maker · GitHub

If it did, chances are good, that also builds by users would succeed.

(related CI forum discussion: Derivative Maker Automated CI Builder)

2 posts were split to a new topic: derivative-maker: dependency handling?

Build success.

A post was split to a new topic: derivative-maker: missing /usr/libexec/helper-scripts/get_colors.sh

17.2.0.5-developers-only: