Dev/OnionShare

From Whonix
< Dev

OnionShare Logo

Ambox warning pn.svg.png Developers only! Risk of Tor over Tor!

Notes[edit]

  • Qubes-Whonix ™ users should consider creating a separate, cloned whonix-ws-16-onionshare Template before installing OnionShare/flatpak.
  • OnionShare from the Debian stable repository is suitable for most users. Flatpak can be utilized for later OnionShare versions; v2.4 is packaged at the time of writing. [1]

Flatpak OnionShare Installation[edit]

Install onionshare via flatpak.

1. Add flathub repository. [2]

Non-Qubes-Whonix ™:

flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

Qubes-Whonix ™ (in the anon-whonix App Qube):

flatpak --user remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

2. Install the flatpak onionshare package.

Non-Qubes-Whonix ™:

flatpak install flathub org.onionshare.onionshare

Qubes-Whonix ™ (in the anon-whonix App Qube):

flatpak --user install flathub org.onionshare.onionshare

Done. The procedure of installing onionshare is complete.

3. Upgrades notice.

Note: this procedure will not keep the software up-to-date. How to update installation installed by flatpak is also documented on the Operating System Software and Updates wiki page.

Issue[edit]

Flatpak installed OnionShare does not listen on all network interfaces but 127.0.0.1 only. It is therefore unreachable from Whonix-Gateway ™. This is because file /usr/share/anon-ws-base-files/workstation does not exist inside the Flatpak folder.

related: https://github.com/onionshare/onionshare/blob/develop/cli/onionshare_cli/web/web.py#L360_L364

Does the following help?

sudo mkdir /var/lib/flatpak/app/org.onionshare.OnionShare/current/active/files/share/anon-ws-base-files

sudo touch /var/lib/flatpak/app/org.onionshare.OnionShare/current/active/files/share/anon-ws-base-files/workstation

flatpak breaks application's Whonix detection #4640

Debugging[edit]

To see what's happening "under the hood". When using Debian package installed OnionShare version only. This does not work for Flatpak installed OnionShare version.

uwtwrapper_verbose=1 onionshare

View listener.

netstat -tulpen

Should show Local Address 0.0.0.0, meaning listening on all interfaces which is required in case of Whonix ™ so onionshare running inside Whonix-Workstation ™ can be reached from Whonix-Gateway. (As opposed to onionshare running on a host without Whonix ™ where it should listen on localhost 127.0.0.1 onl.y

Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
[...]
tcp        0      0 0.0.0.0:17605           0.0.0.0:*               LISTEN      1000       30959      4009/python3

uwt and bindp is no longer required since Whonix ™ 16 (Debian bullseye based).

/usr/bin/onionshare.anondist-orig a

Footnotes[edit]