Whonix ™ Source Code Introduction

From Whonix
< Dev
Jump to navigation Jump to search


This chapter is dedicated to give an introduction into the Whonix ™ source code. If you prefer to read and understand the source code just by reading scripts you may skip this optional chapter. It can be quite difficult to get started with hacking existing big complex projects.


This is a high level overview. Whonix ™-Example-Implementation can currently be build in nine steps. (There is also a whonix_build script, which automates these eight steps for your convenience.)

  • 1100_prepare-build-machine
  • 1150_export-libvirt-xml
  • 1200_create-debian-packages
  • 1300_create-raw-image
  • 1700_install-packages
  • 2300_run-chroot-scripts-post-d
  • 2400_convert-raw-to-qcow2
  • 2500_convert-raw-to-vdi
  • 2600_create-vbox-vm
  • 2700_export-vbox-vm
  • 2800_create-report


Boring methods, which are required by the build-steps above.

  • delete-vbox-vm
  • mount-raw
  • chroot-raw
  • unchroot-raw
  • unmount-raw
  • pre gets sourced by all other scripts.
  • variables gets sourced by all other scripts.


Is a script, which simply runs all other build-steps. Actually it is "optional". It has very little functionality besides running all other steps. You are free to run all steps one by one. That is useful for learning and for debugging purposes. In case you want to fix a bug or in case you want to upgrade the distribution or in case you want to switch the operating system or whatever you are better off running the steps manually. Run it with --help to see available switches.


  1. prepare-build-machine: installs build dependencies and applies a few other required settings for building from source.
  2. export-libvirt-xml: Copies files from libvirt folder to ~/whonix_binary folder and adds version numbers to them.
  3. create-debian-packages: Recursively works through packages folder, builds them one by one and adds them to a local APT repository.
  4. create-raw-image: grml-debootstrap creates virtual machine images in .raw image format. It keeps care of creating the image, the partition table, grub boot manager, minimal system debootstrap and apt installing all Whonix ™ packages. This step requires most time in the build process.
  5. install-packages: Installs meta .deb packages whonix-shared-packages-dependencies/recommended, desktop, desktop-kde, kde-accessibility and whonix-*-packages-dependencies/recommended and whonix-workstation-default-applications. Those only include dependencies and recommended packages which are pulled from Debian's apt repository.
  6. run-chroot-scripts-post-d: Post Chroot Scripts are applied.
  7. convert-raw-to-qcow2: Only having effect when using --qocw2 switch. The .raw image gets converted to a .qcow2 image. Actually not converted, a new file will be created and the old .raw remains available until cleanup is run or manually deleted or grml-debootstrap runs again. The .raw format is more "generic". VirtualBox does not support raw (.raw) images, but .vdi and .vmdk (and others).
  8. convert-raw-to-vdi: The .raw image gets converted to a .vdi image. (Actually not converted, as explained above.)
  9. create-vbox-vm: A virtual machine (VirtualBox) will be created and the .vdi image will be attached.


All steps could be easily replaced to add support for additional virtualizers, operating systems and so on. The numbers before the script names (20_..., 25_..., 30..., ...) are honored by whonix_build (using run-parts), which runs these steps in lexical order. Therefore you can easily add steps to the beginning or the end or even wretch steps in between.

File sizes:

Do not get shocked by file sized. Initially the .raw is created with a size of 100 GB, but it will actually only take a fraction of that space on the harddrive. This is because .raw .vdi and .vmdk are all sparse files, which means they do not take their maximum size, but only as much data as really is inside these images.

Chroot Scripts

  • packages/anon-*-build-*/usr/lib/anon-dist/chroot-scripts-post.d/


Thus, given the nature of the build step orientated scripts, you can easily work on the different aspects of Whonix ™. For example, once you have created a clean virtual machine with the operating system only, you can make a copy, run either the gateway or the workstation copy routine or Chroot Scripts as often as you need to test your changes and if something goes wrong, go back to backup. You don't have to build everything from scratch again. [1]

Another Introduction:

It is really not that difficult after all. If you like, you could read Manually Creating Whonix ™, which is a similar topic, which covers part of this in other words.


Stuff you may find helpful for debugging.

Build Configuration[edit]

See Build Configuration.

Building without whonix_build main script[edit]

most basic[edit]

Example using an apt cache (apt-cacher-ng) and building qcow2 images.

sudo apt install apt-cacher-ng
cd {{project_name_long}} 
sudo ./build-steps.d/1100_prepare-build-machine --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/1150_export-libvirt-xml --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/1200_create-debian-packages --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/1300_create-raw-image --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/1700_install-packages --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2300_run-chroot-scripts-post-d --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2400_convert-raw-to-qcow2 --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2500_convert-raw-to-vdi --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2600_create-vbox-vm --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2700_export-vbox-vm --build --target qcow2 --flavor whonix-gateway
sudo ./build-steps.d/2800_create-report --build --target qcow2 --flavor whonix-gateway


For example for a qcow2 build, the following steps can be safely skipped, since these would be doing nothing anyway.

  • 2500_convert-raw-to-vdi
  • 2700_export-vbox-vm
  • 2800_create-report (not in use currently)

When first creating a gateway build and then building a workstation build (or vice versa) the following steps do not need to be repeated:

  • 1100_prepare-build-machine
  • 1200_create-debian-packages

Mount and inspect images[edit]

Mount and inspect images

Less Important Goodies[edit]

Unpacking .ova images[edit]

If you want for some reason to unpack an .ova, for example to get the .vdmk image, you can use tar.

tar -xvf Whonix-Gateway.ova

Will show:

Whonix-Gateway.ovf Whonix-Gateway-disk1.vmdk

Converting .vmdk images to .raw images[edit]

#qemu-img info Whonix-Gateway-disk1.vmdk

qemu-img convert Whonix-Gateway-disk1.vmdk -O raw Whonix-Gateway.raw

#qemu-img info Whonix-Gateway.raw

Build Script Features[edit]

Each item in the following lists (essential, non-essential, undecided) is currently supported by the Whonix ™ build script.


  • does not use non-deterministic binary base boxes (VM images) (which if compromised would compromise the resulting Whonix ™ image)
  • does not download anything that does not get gpg verified (apt, tb-updater do gpg verify everything)
  • prospective support to create deterministic images (once this is generally possible, Whonix ™ build script can also learn this)
  • supports using APT Cache to speed up builds
  • exit code checking everywhere
  • APT unreliable exit code checking workaround
  • --target virtualbox build VirtualBox ova images
    • custom virtualbox VM settings (VBoxManage modifyvm "$VMNAME" --synthcpu on... etc.)
  • --target qcow2 build KVM images
    • xz archive creation
    • adding whonix-libvirt xml files to the xz
  • build Whonix-Gateway ™
  • build Whonix-Workstation ™
  • install Tor Browser by default inside Whonix-Workstation ™
  • default login user account creation, user "user" / password "changeme"


  • step based, build steps case be run manually to speed up development
  • injection of custom build steps
  • building Whonix ™ images that do not come with a desktop environment
  • building Whonix ™ images that do not come with Whonix ™ default applications


  • easy to implement creating other image types (raw images etc.)
  • creation of hash sum verification and gpg signatures
  • automatically installs all required build dependencies on the host system
  • cleanup command removing temporary files and/or images
  • --arch parameter support (--arch amd64 or --arch i386)
  • --kernel and --headers parameter support (--kernel linux-image-amd64 --headers linux-headers-amd64)
  • build from local apt repository rather than from deterministic remote repository
  • install Whonix ™ packages from own custom remote repository
  • interactive error handler to repeat commands, open a shell or ignore them
  • optional build step skipping feature
  • --target root (for physical isolation)
  • --target raw build raw images
  • custom VM settings during build (these can of course be manually changed by the user anyhow), supported parameters with examples:
    • --vmram 128
    • --vram 12
    • --vmsize 200G
  • build image that never had Whonix ™ repository enabled
  • build and install all Whonix ™ packages during Whonix ™ image build
  • protection from bad build surprises
    • break or do not break when uncommitted changes are found
    • break or do not break from non-tag
  • --confdir /path/to/config/dir
  • --tb none|closed|open
    • none: Do not install Tor Browser.
    • closed: Fail closed if Tor Browser cannot be installed.
    • open: Fail open if Tor Browser cannot and installed.
  • use onion apt sources for building
  • install different packages for virtualbox (virtualbox-guest-x11) and kvm (spice...)
  • Separate VirtualBox / KVM builds [2] using --target virtualbox or --target qcow2.


sudo ~/Whonix/packages/whonix-developer-meta-files/debug-steps/interactive-chroot-raw --target raw --flavor whonix-host-xfce --build --freedom false

Why not Replace grml-debootstrap with 'X'?[edit]

Whonix ™ developers are not remotely close to exhausting grml-debootstrap's extensive feature-set yet. [3]

There are two sorts of VM image creation tools:

  • [A] Those that use virtualization, boot the image and perform actions.
  • [B] Those that use chroot (or maybe systemd-spawn).

[A] is incompatible with Whonix ™ design principles due to files being created during boot, such as entropy seeds. This is a less clean method and is not suitable for redistribution. Similar to Distro Morphing vs Builds.

In either case it would be necessary to compare:

  1. The image created by grml-debootstrap versus the new tool.
  2. Create an image twice using the new tool and inspect the diff.


See Also[edit]


  1. If something would go wrong, you would have to reinstall the whole operating system every time again. That's why we use separate steps.
  2. https://forums.whonix.org/t/non-qubes-whonix-13-0-0-1-0-x-issues/2443/4
  3. https://forums.whonix.org/t/replacing-grml-debootstrap-debos-build-platform/5582/3