Whonix VirtualBox 15.0.0.0.7 - Debian buster based - Testers Wanted!

how? it got fixed or it just worked with you?

1 Like

I just used it normally and clicked register account and it works as expected. Just did it again now.

The hanging connection to the server you saw might be a network connectivity problem at the exit node, or a request throttling done to prevent spammers from that exit’s IP.

EDIT:

Let’s try to connect with coyIM too because there was a bug in the version in Stretch which kept making coy forget added contacts.

1 Like

well this is my tested results (impossible to continue)

1 Like

OK, finally got a Whonix 15 running.

First thing I notice is both Gateway and Workstation have a GUI whonixcheck error right after first-run wizards finish:

WARNING: Debian Package Update Check Result: Could not check for software updates! (Timeout reached.) (apt-get code: 124)
Please manually check:
(Open a terminal, Start Menu → System → Terminal.)

Manual apt update / dist-upgrade commands work fine in terminal though.


BTW, should we move from apt-get to apt?

I read last week that the Debian world is moving in the direction of suggesting apt by default and that best practice is such that apt-get should only be used if necessary for a function that apt itself can’t provide (similar to aptitude does over apt-get). It would be neater and less daunting for the user to work with.

1 Like

AnonymousUser via Whonix Forum:

BTW, should we move from apt-get to apt?

I read last week that the Debian world is moving in the direction of suggesting apt by default and that best practice is such that apt-get should only be used if necessary for a function that apt itself can’t provide (similar to aptitude does over apt-get). It would be neater and less daunting for the user to work with.

Citation would be useful. We can consider this after Whonix 15 stable
release.

Yeah I couldn’t find it that time, but found it now. It was this article:

So it seems apt is a little more user-friendly (in general) and is in Debian by default.

It shows in a table that apt-get dist-upgrade → becomes → apt full-upgrade.

Annoying that apt, apt-get and aptitude are all slightly different with different pros vs. cons, but at least we have choice for different situations. I had to use the deluxe aptitude to install a particularly difficult-to-install package that required sid repo dependencies on a Tails Debian the other week.

Further links that look useful:

https://debian-handbook.info/browse/stable/sect.apt-get.html

On a new fresh pair of 15.0.0.0.7 VMs, the above error doesn’t happen. Perhaps it was a connection issue.

There are new stuff Questionable and Bug:

  • Geoclue Demo agent? i dunno is this needed ?
  • null is a process by whonix but it would be better to be named if possible

  • I dunno why only Desktop directory there , but no others like Downloads,Public …etc (Bug)

prefapp

  • Its better to have both of them filled , as TBB & Thunderbird or at least TBB.

⚓ T913 bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time

2 Likes
1 Like
  • Apparmor failed to start (GW,WS)

  • Script Bug (Gone after restart)

  • Whonix firewall failed to load (happened multiple times - GW)

Full log:

ERROR: whonix_firewall failed to load! 

The whonix_firewall failed to load for some reason. This could be due to the firewall being mis-configured or race-condition. Try restarting the VM to see if this error persists. 

Failure file /var/run/anon-firewall/failed.status does not exist, ok. 

output of sudo systemctl status whonix-firewall: 

######################################## 
● whonix-firewall.service - Whonix firewall loader
Loaded: loaded (/lib/systemd/system/whonix-firewall.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2019-06-05 08:35:24 UTC; 33s ago
Docs: https://www.whonix.org/wiki/Whonix_Firewall
Process: 1503 ExecStart=/usr/lib/whonix-firewall/enable-firewall (code=exited, status=0/SUCCESS)
Main PID: 1503 (code=exited, status=0/SUCCESS)

Jun 05 08:35:22 host enable-firewall[1503]: OK: SDWDATE_USER: 108
Jun 05 08:35:22 host enable-firewall[1503]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:22 host enable-firewall[1503]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:35:24 host enable-firewall[1503]: OK: The firewall should not show any messages,
Jun 05 08:35:24 host enable-firewall[1503]: OK: besides output beginning with prefix OK:...
Jun 05 08:35:24 host sudo[2131]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:24 host enable-firewall[1503]: 2019-06-05 08:35:24 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:24 host systemd[1]: Started Whonix firewall loader. 
######################################## 

output of sudo journalctl -u whonix-firewall: 

######################################## 
-- Logs begin at Wed 2019-06-05 08:33:00 UTC, end at Wed 2019-06-05 08:35:57 UTC. --
Jun 05 08:35:03 host systemd[1]: Starting Whonix firewall loader...
Jun 05 08:35:03 host enable-firewall[258]: OK: Loading Whonix firewall...
Jun 05 08:35:05 host sudo[275]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:05 host sudo[275]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:05 host enable-firewall[258]: 2019-06-05 08:35:03 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 05 08:35:05 host sudo[275]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:05 host sudo[420]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:05 host sudo[420]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:05 host enable-firewall[258]: 2019-06-05 08:35:05 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 05 08:35:05 host sudo[420]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:05 host enable-firewall[258]: OK: TOR_USER: 105
Jun 05 08:35:05 host enable-firewall[258]: OK: CLEARNET_USER: 109
Jun 05 08:35:05 host enable-firewall[258]: OK: USER_USER: 1000
Jun 05 08:35:05 host enable-firewall[258]: OK: ROOT_USER: 0
Jun 05 08:35:05 host enable-firewall[258]: OK: TUNNEL_USER: 106
Jun 05 08:35:05 host enable-firewall[258]: OK: SDWDATE_USER: 108
Jun 05 08:35:05 host enable-firewall[258]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:05 host enable-firewall[258]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:33:03 host enable-firewall[258]: OK: The firewall should not show any messages,
Jun 05 08:33:03 host enable-firewall[258]: OK: besides output beginning with prefix OK:...
Jun 05 08:33:03 host sudo[800]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:33:03 host sudo[800]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:33:03 host enable-firewall[258]: 2019-06-05 08:33:03 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:33:03 host sudo[800]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:33:03 host systemd[1]: Started Whonix firewall loader.
Jun 05 08:35:22 host systemd[1]: whonix-firewall.service: Succeeded.
Jun 05 08:35:22 host systemd[1]: Stopped Whonix firewall loader.
Jun 05 08:35:22 host systemd[1]: Stopping Whonix firewall loader...
Jun 05 08:35:22 host systemd[1]: Starting Whonix firewall loader...
Jun 05 08:35:22 host enable-firewall[1503]: OK: Loading Whonix firewall...
Jun 05 08:35:22 host sudo[1517]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:22 host sudo[1517]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:22 host enable-firewall[1503]: 2019-06-05 08:35:22 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 05 08:35:22 host sudo[1517]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:22 host sudo[1522]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:22 host sudo[1522]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:22 host enable-firewall[1503]: 2019-06-05 08:35:22 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 05 08:35:22 host sudo[1522]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:22 host enable-firewall[1503]: OK: TOR_USER: 105
Jun 05 08:35:22 host enable-firewall[1503]: OK: CLEARNET_USER: 109
Jun 05 08:35:22 host enable-firewall[1503]: OK: USER_USER: 1000
Jun 05 08:35:22 host enable-firewall[1503]: OK: ROOT_USER: 0
Jun 05 08:35:22 host enable-firewall[1503]: OK: TUNNEL_USER: 106
Jun 05 08:35:22 host enable-firewall[1503]: OK: SDWDATE_USER: 108
Jun 05 08:35:22 host enable-firewall[1503]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:22 host enable-firewall[1503]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:35:24 host enable-firewall[1503]: OK: The firewall should not show any messages,
Jun 05 08:35:24 host enable-firewall[1503]: OK: besides output beginning with prefix OK:...
Jun 05 08:35:24 host sudo[2131]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:24 host enable-firewall[1503]: 2019-06-05 08:35:24 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:24 host systemd[1]: Started Whonix firewall loader. 
######################################## 

To see this for yourself... 
1. Open a terminal. (Start Menu -> System -> Terminal) 
2. Run. 
sudo systemctl status whonix-firewall

2. Also see. 
sudo journalctl -u whonix-firewall | cat

3. Try to manually start Whonix firewall. 
sudo whonix_firewall
If you know what you are doing, feel free to disable this check. Create a file /etc/whonix.d/50_whonixcheck_user.conf and add: 
whonixcheck_skip_functions+=" check_whonix_firewall_systemd_status "
  • When installing fresh version and trying to upgrade: (gone after restart)

1 Like

TNT_BOM_BOM via Whonix Forum:

  • Whonix firewall failed to load (happened multiple times - GW)

This is most likely just a whonixcheck race condition issue since the
output does not contain any actual failure. Should be fixed:

https://github.com/Whonix/whonixcheck/commit/57bf058d4a95d806a75a221d4459f50ea79c5d31

Otherwise there would be an error in journal.

sudo journalctl | cat
2 Likes

TNT_BOM_BOM via Whonix Forum:

  • Apparmor failed to start (GW,WS)

This could be due to ricochet apparmor profile.

After upgrades, you ricochet can be removed (Whonix meta packages do no
longer depend on it.)

These commands might help:

sudo rm -f /etc/apparmor.d/usr.bin.ricochet.anondist
sudo rm -f /etc/apparmor.d/usr.bin.ricochet
  • Script Bug (Gone after restart)

Likely due to anon-shared-helper-scripts → helper-scripts package
rename. If not happening after upgrade/reboot can be safely ignored.

1 Like

Done them and restart , no success same error message.

1 Like

Please provide.

sudo systemctl status apparmor

sudo journalctl -u apparmor | cat
1 Like
user@host:~$ sudo systemctl status apparmor
● apparmor.service - Load AppArmor profiles
   Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset:
   Active: failed (Result: exit-code) since Mon 2019-06-10 15:49:44 UTC; 51min a
     Docs: man:apparmor(7)
           https://gitlab.com/apparmor/apparmor/wikis/home/
  Process: 262 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, sta
 Main PID: 262 (code=exited, status=1/FAILURE)

Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: Error: At least one profile failed t
Jun 10 15:49:44 host systemd[1]: apparmor.service: Main process exited, code=exi
Jun 10 15:49:44 host systemd[1]: apparmor.service: Failed with result 'exit-code
Jun 10 15:49:44 host systemd[1]: Failed to start Load AppArmor profiles.
user@host:~$ sudo journalctl -u apparmor | cat
-- Logs begin at Mon 2019-06-10 15:49:15 UTC, end at Mon 2019-06-10 16:40:58 UTC. --
Jun 10 15:49:42 host systemd[1]: Starting Load AppArmor profiles...
Jun 10 15:49:42 host apparmor.systemd[262]: Restarting AppArmor
Jun 10 15:49:42 host apparmor.systemd[262]: Reloading AppArmor profiles
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.bin.whonixcheck at line 5: Could not open 'abstractions/base'
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.bin.man at line 6: Could not open 'abstractions/base'
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime at line 8: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.sbin.haveged at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/nvidia_modprobe at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/kde at line 12: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/nvidia_modprobe in /etc/apparmor.d/nvidia_modprobe at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/system_tor in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.man in /etc/apparmor.d/usr.bin.man at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.ricochet.anondist in /etc/apparmor.d/abstractions/kde at line 12: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.whonixcheck in /etc/apparmor.d/usr.bin.whonixcheck at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime in /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime at line 8: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.sbin.haveged in /etc/apparmor.d/usr.sbin.haveged at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: Error: At least one profile failed to load
Jun 10 15:49:44 host systemd[1]: apparmor.service: Main process exited, code=exited, status=1/FAILURE
Jun 10 15:49:44 host systemd[1]: apparmor.service: Failed with result 'exit-code'.
Jun 10 15:49:44 host systemd[1]: Failed to start Load AppArmor profiles.

TNT_BOM_BOM via Whonix Forum:

Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'

My mistake. Fixed.

Will be sorted with next apparmor-profile-anondist package upgrade. Not
yet available.

1 Like

Cannot reproduce in new build (Whonix VirtualBox 15.0.0.3.3 - Debian buster based - Testers Wanted!).

dpkg -l | grep geoclue

?

Was due to missing Name= (and Comment=) in /etc/xdg/autostart/*.desktop files by Whonix and will be fixed in next build (and after package upgrades).

https://github.com/Whonix/Whonix/commit/7dbbd31500faec0f2bf5bb4ca13af45090792362

1 Like
1 Like

True not there anymore.

1 Like

finally done:
Xfce theming - a few suggestions - #60 by Patrick