[Whonix-devel] disabling apt-timer, sudo systemctl mask apt-timer sane?
adrelanos at riseup.net
Mon Feb 6 20:09:00 CET 2017
bancfc at openmailbox.org:
> On 2017-02-06 14:20, Patrick Schleizer wrote:
>> Is it an okay idea to disable apt-timer? I.e. 'sudo systemctl mask
>> apt-timer'? Or is there some adverse effect?
> Replying just to whonix-devel. It would be great to standardize
> overriding/disabling unsafe daemons that are shipped enabled so that
> these improvements can be applied on Debian hosts at some point and to
> simplify doing this in the future when new mal features come up.
Disabling daemons is quite convenient with systemd. Easy to do as a
distribution in a clean way.
Have some file.
i.e. if that file exists, the '!' results ConditionPathExists to be
false. That results in the daemon not being started.
For example we disable systemd-timesyncd. That unit file is where it
To do this we are shipping the following systemd drop-in snippet, which
is just a text file:
As long as /usr/lib/sdwdate exists, systemd-timesyncd won't start.
Even works for eventual legacy sysvinit scripts, I think.
Is this what you meant? What do you mean by standardize? systemd makes
disabling systemd unit files as simple and repetitive as it can get.
Also https://github.com/Whonix/pkg-manager-no-autoupdate is
'standardized'? I see no reason why it wouldn't work on any Debian host.
That package is so simple, I would really wonder if it did not work. One
could add Whonix repository to a Debian host and 'sudo apt-get install
pkg-manager-no-autoupdate', done. It's just not maintained. The
definition of maintainer in this context is this one:
More information about the Whonix-devel