Hello.
I have created a guide to install OpenBSD as a Whonix-Custom-Workstation: ( /wiki/Other_Operating_Systems#Whonix_.E2.84.A2-OpenBSD-Workstation ) (cannot post links). I will update the guide once 6.7 is released, which should be soon.
What remains to be done is instructions to install Tor Browser. There is a tor-browser package in OpenBSD ports tree, but apparently an update to Rust broke it as I found here ( https : // www. reddit. com/r/openbsd/comments/dkuz7u/tor_browser/ ), so it currently canât be installed using pkg_add.
Hopefully the issue will be resolved in 6.7.
I am currently trying to build Whonix packages on OpenBSD. Here is a summary of my progress so far:
Installed necessary packages for building: gcc gmake git
Started with genmkfile, because it is required to build all the other packages.
Since master branch of genmkfile does not have a Makefile, I cloned the Whonix13 branch.
Since OpenBSD paths are different, I changed all instances of /bin/bash to /usr/local/bin/bash.
All instances of /usr/bin/make must be replaced with /usr/local/bin/gmake.
After that, running
sudo gmake install
works fine.
I have built several packages partially; dist-base-files, helper-scripts, bootclockrandomization and attempted to build sdwdate.
Here is a synopsis of what needs to be done:
Installing the coreutils package, because the code uses some commands and flags absent in OpenBSD utilities; I did not want to make intrusive changes to the code. Then changing the code so it uses coreutils, synopsis:
chmod >> gchmod
chown >> gchown
cp >> gcp
date >> gdate
mkdir >> gmkdir
mkfifo >> gmkfifo
mktemp >> gmktemp
rm >> grm
timeout >> gtimeout
And so on.
After that, I cloned dist-base-files.
Replaced all instances of /bin/bash with /usr/local/bin/bash.
Saved the old Makefile from genmkfile in the directory and ran
sudo gmake install
This seems to have worked fine and the files were updated.
Cloned bootclockrandomization.
Changed bash paths, changed /run/ to /var/run/, date to gdate.
Wrote an /etc/rc.d bootclockrandomization script.
Then modified rc.conf.local to include bootclockrandomization in pkg_scripts.
But that did not make bootclockrandomization recognized by rc and using rcctl enable bootclockrandomization fails (service does not exist).
Not sure what to do with this yet. It seems it has to be installed as a package for pkg_scripts and rcctl to work.
Running the scripts clock-random-manual-cli and /usr/share/bootclockrandomization/start was successful with no errors after adding the line
gmkdir "$DIR"
to start (because first attempt reported missing directory).
Then I tried to build one of the most important Whonix packages, sdwdate.
Installed the dependencies found in debian/control.
pkg_add python3 py3-stem py3-dateutil py3-gevent py3-socks gbc
Then cloned python-guimessages, since it is a dependency.
Replaced all instances of /usr/bin/python3 with /usr/local/bin/python3.
Since Python modules are also stored elsewhere on OpenBSD, I moved all the files from
usr/lib/python/dist-files/guimessages/ to
usr/local/lib/python3.7/guimessages/
Just to make sure, I also made a copy of the directory usr/local/lib/python3.7/guimessages/ as usr/local/lib/python3.6/guimessages/.
Copied the old Makefile again and installed the modules.
Cloned helper-scripts.
Change bash and python paths as usual.
Change all commands to coreutils.
Change all the paths of /run/ to /var/run/
in te_pe_tb_check
comment line
source /usr/lib/helper-scripts/pkg_manager_running_check
in usr/lib/helper-scripts/tor_bootstrap_check.bsh:
added custom code to ensure the IP is correct
if [ -f "/etc/mygate" ]; then
GATEWAY_IP="`cat /etc/mygate`"
fi
if [ "$gateway_control_port" = "" ]; then
gateway_control_port="9051"
fi
Cloned sdwdate.
Once again, started with replacing the bash and python paths.
In usr/bin/sdwdate, I commented all lines related to sdnotify, including all instances of n.notify, as systemd-related code wonât work and does not seem to be critical to sdwdateâs functionality (except starting it at boot).
In usr/lib/sdwdate/restart_fresh
Change rm to grm and change systemctl to rcctl, remove its flags, and comment the line. rcctl wonât work yet as mentioned.
Change all the instances of coreutils in all files to their OpenBSD equivalents.
Comment the line related to systemd in suspend-post.
Change instances of systemctl to rcctl and remove the flags.
Change paths of /run/sdwdate to /var/run/sdwdate and update the paths elsewhere as well.
In /usr/bin/sdwdate
Change /bin/date to /usr/local/bin/gdate
Change mktemp to gmktemp
Then sudo gmake install
Error related to translation code. Comment all lines related to translations, because non-critical.
After reinstalling it, sdwdate started, but wasnât able to connect:
bash-5.0$ sdwdate
2020-04-28 22:51:28 - sdwdate - INFO - sdwdate started. PID: 49391
2020-04-28 22:51:28 - sdwdate - INFO - create temp_dir: /tmp/tmp.Z6JXBEqSaH
2020-04-28 22:51:28 - sdwdate - INFO - Tor socks host: 10.152.152.10 Tor socks port: 9050
2020-04-28 22:51:28 - sdwdate - INFO - Running sdwdate main loop. iteration: 1 / 10000
2020-04-28 22:51:28 - sdwdate - INFO - WARNING - Tor Bootstrap Result: Torâs Control Port could not be reached.
Did you start Gateway beforehand?
Unexpected error: <class âFileNotFoundErrorâ>
^CTraceback (most recent call last):
File â/usr/bin/sdwdateâ, line 604, in
prerequisite_check()
File â/usr/bin/sdwdateâ, line 558, in prerequisite_check
time.sleep(prerequisite_check_sleep_seconds)
KeyboardInterrupt
bash-5.0$
Tried to manually run Tor-related helper-scripts.
tor_bootstrap_check, tor_circuit_established_check, and tor_signal_newnym report:
Unable to connect to tor. Are you sure itâs running?
It seems the problem is helper-scripts trying to connect to local Tor daemon which is disabled, instead of the Whonix-Gateway, despite adding the custom code earlier to ensure the IP settings are correct.
I looked through the code, but I am at a loss as to how to resolve this. Building anon-ws-disable-stacked-tor could help, but it seems to rely on systemd.
I do not know how much interest there will be in an OpenBSD port. It is a potential consideration for: /wiki/Dev/Operating_System#Criteria_for_Choosing_a_Base_Distribution , but OpenBSD was addressed already.
However, I will update on my progress. If anyone knows how to resolve these issues, help will be appreciated.