Whonix VirtualBox 15.0.0.0.7 - Debian buster based - Testers Wanted!

nurmagoz · June 5, 2019, 1:05pm

Apparmor failed to start (GW,WS)

Script Bug (Gone after restart)

Whonix firewall failed to load (happened multiple times - GW)

Full log:

ERROR: whonix_firewall failed to load! 

The whonix_firewall failed to load for some reason. This could be due to the firewall being mis-configured or race-condition. Try restarting the VM to see if this error persists. 

Failure file /var/run/anon-firewall/failed.status does not exist, ok. 

output of sudo systemctl status whonix-firewall: 

######################################## 
● whonix-firewall.service - Whonix firewall loader
Loaded: loaded (/lib/systemd/system/whonix-firewall.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2019-06-05 08:35:24 UTC; 33s ago
Docs: https://www.whonix.org/wiki/Whonix_Firewall
Process: 1503 ExecStart=/usr/lib/whonix-firewall/enable-firewall (code=exited, status=0/SUCCESS)
Main PID: 1503 (code=exited, status=0/SUCCESS)

Jun 05 08:35:22 host enable-firewall[1503]: OK: SDWDATE_USER: 108
Jun 05 08:35:22 host enable-firewall[1503]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:22 host enable-firewall[1503]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:35:24 host enable-firewall[1503]: OK: The firewall should not show any messages,
Jun 05 08:35:24 host enable-firewall[1503]: OK: besides output beginning with prefix OK:...
Jun 05 08:35:24 host sudo[2131]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:24 host enable-firewall[1503]: 2019-06-05 08:35:24 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:24 host systemd[1]: Started Whonix firewall loader. 
######################################## 

output of sudo journalctl -u whonix-firewall: 

######################################## 
-- Logs begin at Wed 2019-06-05 08:33:00 UTC, end at Wed 2019-06-05 08:35:57 UTC. --
Jun 05 08:35:03 host systemd[1]: Starting Whonix firewall loader...
Jun 05 08:35:03 host enable-firewall[258]: OK: Loading Whonix firewall...
Jun 05 08:35:05 host sudo[275]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:05 host sudo[275]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:05 host enable-firewall[258]: 2019-06-05 08:35:03 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 05 08:35:05 host sudo[275]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:05 host sudo[420]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:05 host sudo[420]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:05 host enable-firewall[258]: 2019-06-05 08:35:05 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 05 08:35:05 host sudo[420]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:05 host enable-firewall[258]: OK: TOR_USER: 105
Jun 05 08:35:05 host enable-firewall[258]: OK: CLEARNET_USER: 109
Jun 05 08:35:05 host enable-firewall[258]: OK: USER_USER: 1000
Jun 05 08:35:05 host enable-firewall[258]: OK: ROOT_USER: 0
Jun 05 08:35:05 host enable-firewall[258]: OK: TUNNEL_USER: 106
Jun 05 08:35:05 host enable-firewall[258]: OK: SDWDATE_USER: 108
Jun 05 08:35:05 host enable-firewall[258]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:05 host enable-firewall[258]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:33:03 host enable-firewall[258]: OK: The firewall should not show any messages,
Jun 05 08:33:03 host enable-firewall[258]: OK: besides output beginning with prefix OK:...
Jun 05 08:33:03 host sudo[800]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:33:03 host sudo[800]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:33:03 host enable-firewall[258]: 2019-06-05 08:33:03 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:33:03 host sudo[800]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:33:03 host systemd[1]: Started Whonix firewall loader.
Jun 05 08:35:22 host systemd[1]: whonix-firewall.service: Succeeded.
Jun 05 08:35:22 host systemd[1]: Stopped Whonix firewall loader.
Jun 05 08:35:22 host systemd[1]: Stopping Whonix firewall loader...
Jun 05 08:35:22 host systemd[1]: Starting Whonix firewall loader...
Jun 05 08:35:22 host enable-firewall[1503]: OK: Loading Whonix firewall...
Jun 05 08:35:22 host sudo[1517]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:22 host sudo[1517]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:22 host enable-firewall[1503]: 2019-06-05 08:35:22 - /usr/bin/whonix-gateway-firewall - OK: Skipping firewall mode detection since already set to 'full'.
Jun 05 08:35:22 host sudo[1517]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:22 host sudo[1522]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:22 host sudo[1522]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:22 host enable-firewall[1503]: 2019-06-05 08:35:22 - /usr/bin/whonix-gateway-firewall - OK: (Full torified network access allowed.)
Jun 05 08:35:22 host sudo[1522]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:22 host enable-firewall[1503]: OK: TOR_USER: 105
Jun 05 08:35:22 host enable-firewall[1503]: OK: CLEARNET_USER: 109
Jun 05 08:35:22 host enable-firewall[1503]: OK: USER_USER: 1000
Jun 05 08:35:22 host enable-firewall[1503]: OK: ROOT_USER: 0
Jun 05 08:35:22 host enable-firewall[1503]: OK: TUNNEL_USER: 106
Jun 05 08:35:22 host enable-firewall[1503]: OK: SDWDATE_USER: 108
Jun 05 08:35:22 host enable-firewall[1503]: OK: WHONIXCHECK_USER: 111
Jun 05 08:35:22 host enable-firewall[1503]: OK: NO_NAT_USERS: 109 106 105
Jun 05 08:35:24 host enable-firewall[1503]: OK: The firewall should not show any messages,
Jun 05 08:35:24 host enable-firewall[1503]: OK: besides output beginning with prefix OK:...
Jun 05 08:35:24 host sudo[2131]: root : TTY=unknown ; PWD=/ ; USER=sdwdate ; COMMAND=/usr/bin/tee -a /var/log/sdwdate.log
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session opened for user sdwdate by (uid=0)
Jun 05 08:35:24 host enable-firewall[1503]: 2019-06-05 08:35:24 - /usr/bin/whonix-gateway-firewall - OK: Whonix firewall loaded.
Jun 05 08:35:24 host sudo[2131]: pam_unix(sudo:session): session closed for user sdwdate
Jun 05 08:35:24 host systemd[1]: Started Whonix firewall loader. 
######################################## 

To see this for yourself... 
1. Open a terminal. (Start Menu -> System -> Terminal) 
2. Run. 
sudo systemctl status whonix-firewall

2. Also see. 
sudo journalctl -u whonix-firewall | cat

3. Try to manually start Whonix firewall. 
sudo whonix_firewall
If you know what you are doing, feel free to disable this check. Create a file /etc/whonix.d/50_whonixcheck_user.conf and add: 
whonixcheck_skip_functions+=" check_whonix_firewall_systemd_status "

When installing fresh version and trying to upgrade: (gone after restart)

Patrick · June 10, 2019, 2:54pm

TNT_BOM_BOM via Whonix Forum:

Whonix firewall failed to load (happened multiple times - GW)

firewall1280×748 262 KB

This is most likely just a whonixcheck race condition issue since the
output does not contain any actual failure. Should be fixed:

https://github.com/Whonix/whonixcheck/commit/57bf058d4a95d806a75a221d4459f50ea79c5d31

Otherwise there would be an error in journal.

sudo journalctl | cat

Patrick · June 10, 2019, 3:02pm

TNT_BOM_BOM via Whonix Forum:

Apparmor failed to start (GW,WS)

apparmor798×596 14.4 KB

This could be due to ricochet apparmor profile.

After upgrades, you ricochet can be removed (Whonix meta packages do no
longer depend on it.)

These commands might help:

sudo rm -f /etc/apparmor.d/usr.bin.ricochet.anondist
sudo rm -f /etc/apparmor.d/usr.bin.ricochet

Script Bug (Gone after restart)

scriptbug1278×694 87.3 KB

Likely due to anon-shared-helper-scripts → helper-scripts package
rename. If not happening after upgrade/reboot can be safely ignored.

nurmagoz · June 10, 2019, 3:57pm

Done them and restart , no success same error message.

Patrick · June 10, 2019, 4:08pm

Please provide.

sudo systemctl status apparmor

sudo journalctl -u apparmor | cat

nurmagoz · June 10, 2019, 4:47pm

user@host:~$ sudo systemctl status apparmor
● apparmor.service - Load AppArmor profiles
   Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset:
   Active: failed (Result: exit-code) since Mon 2019-06-10 15:49:44 UTC; 51min a
     Docs: man:apparmor(7)
           https://gitlab.com/apparmor/apparmor/wikis/home/
  Process: 262 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, sta
 Main PID: 262 (code=exited, status=1/FAILURE)

Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/appar
Jun 10 15:49:44 host apparmor.systemd[262]: Error: At least one profile failed t
Jun 10 15:49:44 host systemd[1]: apparmor.service: Main process exited, code=exi
Jun 10 15:49:44 host systemd[1]: apparmor.service: Failed with result 'exit-code
Jun 10 15:49:44 host systemd[1]: Failed to start Load AppArmor profiles.
user@host:~$ sudo journalctl -u apparmor | cat
-- Logs begin at Mon 2019-06-10 15:49:15 UTC, end at Mon 2019-06-10 16:40:58 UTC. --
Jun 10 15:49:42 host systemd[1]: Starting Load AppArmor profiles...
Jun 10 15:49:42 host apparmor.systemd[262]: Restarting AppArmor
Jun 10 15:49:42 host apparmor.systemd[262]: Reloading AppArmor profiles
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.bin.whonixcheck at line 5: Could not open 'abstractions/base'
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.bin.man at line 6: Could not open 'abstractions/base'
Jun 10 15:49:43 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime at line 8: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/usr.sbin.haveged at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/nvidia_modprobe at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/kde at line 12: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/nvidia_modprobe in /etc/apparmor.d/nvidia_modprobe at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/system_tor in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.man in /etc/apparmor.d/usr.bin.man at line 6: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.ricochet.anondist in /etc/apparmor.d/abstractions/kde at line 12: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.bin.whonixcheck in /etc/apparmor.d/usr.bin.whonixcheck at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime in /etc/apparmor.d/usr.lib.sdwdate.url_to_unixtime at line 8: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d/usr.sbin.haveged in /etc/apparmor.d/usr.sbin.haveged at line 5: Could not open 'abstractions/base'
Jun 10 15:49:44 host apparmor.systemd[262]: Error: At least one profile failed to load
Jun 10 15:49:44 host systemd[1]: apparmor.service: Main process exited, code=exited, status=1/FAILURE
Jun 10 15:49:44 host systemd[1]: apparmor.service: Failed with result 'exit-code'.
Jun 10 15:49:44 host systemd[1]: Failed to start Load AppArmor profiles.

Patrick · June 10, 2019, 5:55pm

TNT_BOM_BOM via Whonix Forum:

Jun 10 15:49:44 host apparmor.systemd[262]: AppArmor parser error for /etc/apparmor.d in /etc/apparmor.d/abstractions/tor at line 3: Could not open 'abstractions/base'

My mistake. Fixed.

Will be sorted with next apparmor-profile-anondist package upgrade. Not
yet available.

Patrick · June 27, 2019, 7:52am

Cannot reproduce in new build (Whonix VirtualBox 15.0.0.3.3 - Debian buster based - Testers Wanted!).

dpkg -l | grep geoclue

?

Was due to missing Name= (and Comment=) in /etc/xdg/autostart/*.desktop files by Whonix and will be fixed in next build (and after package upgrades).

https://github.com/Whonix/Whonix/commit/7dbbd31500faec0f2bf5bb4ca13af45090792362

Patrick · June 27, 2019, 7:58am

nurmagoz · June 30, 2019, 10:27pm

True not there anymore.

Patrick · August 16, 2019, 2:56pm

finally done:
Xfce theming - a few suggestions - #60 by Patrick