[Whonix-devel] misc qubes-whonix 11 code review

Patrick Schleizer adrelanos at riseup.net
Thu Jun 4 13:41:19 CEST 2015

Hi Jason!

Was looking at your progress:

>     # Make sure we remove whonixsetup.done if Tor is not enabled
>     # to allow choice of repo and prevent whonixcheck errors
>     grep "^DisableNetwork 0$" /etc/tor/torrc || {
>         sudo rm -f var/cache/whonix-setup-wizard/status-files/whonixsetup.done
>     }

Unless I am missing something, this won't work. There is a bug. 'var' ->

Drop sudo? Runs as root anyhow?

Also not sure it's needed at all, because if
- /var/cache/whonix-setup-wizard/status-files/whonixsetup.done exists +
- /etc/tor/torrc contains 'DisableNetwork 0',
then on Whonix-Gateway by Whonix / whonix-setup-wizard default, the
following is started anyhow:
'whonix-setup-wizard setup'

>     # Repository setup should only be run in template
>     if [ ! -e /var/cache/whonix-setup-wizard/status-files/whonix_repository.done ]; then
>         sudo touch /var/cache/whonix-setup-wizard/status-files/whonix_repository.done
>     fi

Drop sudo? Runs as root anyhow?

Any reason for not
'/var/cache/whonix-setup-wizard/status-files/whonix_repository.done' ->

Also rather than 'touch
/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip' I
think it would be best just ship the file
var/cache/whonix-setup-wizard/status-files/whonix_repository.skip in the

>From usr/lib/qubes-whonix/qubes-whonixsetup you would still be able to
run /usr/bin/whonix-setup-wizard repository as you're doing now. [No
modification of usr/lib/qubes-whonix/qubes-whonixsetup required for this.]

> usr/lib/qubes-whonix/init/qubes-whonix-sysinit

Drop sudo? Runs as root anyhow?

> subprocess.call(['systemctl', 'reload', 'tor'])

'reload' -> 'restart'? I guess that would be better due to this
non-systemd-related(!) issue with 'reload' in upstream Tor:

> /usr/lib/qubes-whonix/init/qubes-whonix-sysinit

Contains two times sudo. Drop sudo? Runs as root anyhow?

> license headers

Not all scripts contain license headers.


More information about the Whonix-devel mailing list