Actions

Dev/Redistribution

< Dev

Introduction[edit]

Developers only!

These are notes for producing official downloadable binary Whonix images.

Tests[edit]

/usr/share/whonix-ws-firewall/unit_tests/stream_isolation_test

Pre Building[edit]

Only required if you want to redistribute (official) Whonix builds.

Clean source code

  • [1]
  • [2]
  • You can get a list of unwanted files with git clean -dfxn and remove them with git clean -dfx.
  • Update Whonix debian package repository.
  • add your own default-key to your own /home/user/.gnupg/gpg.conf
  • Check that all packages point to a signed git commit and signed git tag.
~/Whonix/packages/whonix-developer-meta-files/debug-steps/packaging-helper-script pkg_verify_signed_commit_and_tag
  • push the source code to github
git push origin master
  • Check, that the current git commit is a signed.
## You might wish using a git or bash alias to safe typing.
git log --show-signature HEAD^..HEAD

Or use the generic makefile as a shortcut.

make git-commit-verify
  • Create an OpenPGP signed git tag. This will also be used as Whonix version number.
git tag -s version
  • Make sure the current git head is a signed git commit and signed git tag.

To simplify this, you could use the generic makefile.

make git-verify
  • Push the OpenPGP signed git tag to github.
git push origin version
  • Enable Whonix stable repository by default.
export WHONIX_APT_REPOSITORY_OPTS='--enable --repository stable'
  • And use sudo -E so above environment is kept.
  • Remember to build both ova images as well as qcow2 images by using these build script command line arguments.
--target qcow2 --target virtualbox

Building[edit]

export WHONIX_APT_REPOSITORY_OPTS='--enable --repository stable'
sudo -E ./whonix_build --build --target virtualbox --target qcow2 --flavor whonix-gateway
sudo -E ./whonix_build --build --target virtualbox --target qcow2 --flavor whonix-workstation

Post Building[edit]

Only required if you want to redistribute (official) Whonix builds.

  • OpenPGP sign the images.
~/Whonix/packages/whonix-developer-meta-files/release/prepare_release --flavor whonix-gateway --target virtualbox --build
~/Whonix/packages/whonix-developer-meta-files/release/prepare_release --flavor whonix-workstation --target virtualbox --build
~/Whonix/packages/whonix-developer-meta-files/release/prepare_release --flavor whonix-custom-workstation --target virtualbox --build
cd ~/Whonix/packages/whonix-developer-meta-files/release/news

Edit the files.

  • OpenPGP sign, verify, transfer Whonix News Files.
~/Whonix/packages/whonix-developer-meta-files/release/upload_whonix_news_v4
  • Upload the images.
~/Whonix/packages/whonix-developer-meta-files/release/upload_images

Testing[edit]

  • At least a few testers should test final releases before posting a news. Testers may be found by posting a news.
  • LeakTests!
  • Test the images before final release! (Testers-only releases can be uploaded straight away.)

Wiki Page Updates[edit]

Misc[edit]

Announcement[edit]

  • Finally announce: Post a news. (Not nagging external lists. Common sense. Mostly only final releases.)


    • In Whonix Important and Feature Blog.





    • full-disclosure@lists.grok.org.uk


Footnotes[edit]

  1. get rid of .directory files inside the source code:
    dolphin -> preferences -> general -> behavior -> use common view properties for all folders
    
  2. get rid of ~backup files:
    find ./ -name '*~' | xargs trash-put
    

Random News:

Want to get involved with Whonix? Check out our Contribute page.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)