Why not use https://github.com/Whonix/Whonix/blob/master/build-steps.d/1300_create-raw-image during the qubes-whonix build process?
That is how Whonix raw images are usually build.
Anything wrong with it?
Because Qubes Builder somehow expects using the Qubes base Debian base image and doesn’t like a “I do all the base image creation, mounting and whatever else until competition” for you way?
I haven’t looked at all the details in code, but the QubesBuilder is taking care of a number of things to make paravirtualized TemplateVMs that are seamless with Qubes OS.
I believe the QubesBuilder now has a Plugin API architecture, where the Qubes Debian template build configuration comes from a Debian Plugin and then a Whonix Plugin build configuration extends on top of that.
QubesBuilder: GitHub - QubesOS/qubes-builder: Qubes Builder
QubesBuilder Debian Plugin: GitHub - QubesOS/qubes-builder-debian: Qubes component: builder-debian
QubesBuilder Whonix Plugin: GitHub - QubesOS/qubes-template-whonix
So the current method is probably getting its own Debian image, configuring it for Qubes, then later the Whonix install-to-root stuff is done on it.
I see. Makes sense.
[quote=“Patrick, post:1, topic:1047”]Why not use https://github.com/Whonix/Whonix/blob/master/build-steps.d/1300_create-raw-image during the qubes-whonix build process?
That is how Whonix raw images are usually build.
Anything wrong with it?
Because Qubes Builder somehow expects using the Qubes base Debian base image and doesn’t like a “I do all the base image creation, mounting and whatever else until competition” for you way?[/quote]
That’s funny. I was just thinking the same thing yesterday when I was having package dependency issues for Whonix 11. Since I solved the issue by installing Whonix first, I did not need to proceed any further.
Since I figured you may be interested in the complete build process, I have provided most of the scripts that are called in order of being called to create Whonix template. I authored all of them except prepare_image and qubeize_image:
Shared Libraries:
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/vars.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/vars.sh[/url]
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/distribution.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/distribution.sh[/url]
[url=https://github.com/nrgaway/qubes-linux-template-builder/blob/master/functions.sh]https://github.com/nrgaway/qubes-linux-template-builder/blob/master/functions.sh[/url]
Prepare Image:
[url=https://github.com/nrgaway/qubes-linux-template-builder/blob/master/prepare_image]https://github.com/nrgaway/qubes-linux-template-builder/blob/master/prepare_image[/url]
Manage snapshots
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/00_prepare.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/00_prepare.sh[/url]
Install Debootstrap
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/01_install_core.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/01_install_core.sh[/url]
Install Extra Debian Packages
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/02_install_groups_jessie.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/02_install_groups_jessie.sh[/url]
Install Whonix. 02_install_groups_pre.sh is what I used for Whonix 11, 02_install_groups_wheezy.sh for Whonix 9.6 and 10
[url=https://github.com/nrgaway/qubes-template-whonix/blob/Whonix11/whonix-gateway/02_install_groups_pre.sh]https://github.com/nrgaway/qubes-template-whonix/blob/Whonix11/whonix-gateway/02_install_groups_pre.sh[/url]
[url=https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/02_install_groups_wheezy.sh]https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/02_install_groups_wheezy.sh[/url]
Install any specific package that are for distribution (Since certain distros may need special handling… These routines can build wheezy, jessie, whonix, trusty, utopic and vivid at the moment)
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/02_install_groups_jessie.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/02_install_groups_jessie.sh[/url]
Create a copy of prepared image to add qubes components and settings. Kind of a snapshot so the above does not need to be re-run if only updating Qubes packages.
[url=https://github.com/nrgaway/qubes-linux-template-builder/blob/master/qubeize_image]https://github.com/nrgaway/qubes-linux-template-builder/blob/master/qubeize_image[/url]
Actual script to install packages, modify settings
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/04_install_qubes.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/04_install_qubes.sh[/url]
Whonix script; restores apt-get, etc back to Whonix state
[url=https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh]https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh[/url]
Cleanup steps
[url=https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/09_cleanup.sh]https://github.com/nrgaway/qubes-builder-debian/blob/master/template_debian/09_cleanup.sh[/url]
[url=https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/09_cleanup_post.sh]https://github.com/nrgaway/qubes-template-whonix/blob/master/whonix-gateway/09_cleanup_post.sh[/url]
[quote=“MemoryLost, post:1, topic:1046”]in fact…
IMHO we should disclose a good old unmaintained version through regular community / public template system;
and have a nice secured anonymous hardened etc etc version accessible to developers .
guess my point her?.. ;)[/quote]
Split here:
Brought up a similar suggestion.
rely on existing tool for Debian base image creationhttps://github.com/QubesOS/qubes-issues/issues/1055