From Whonix

< Dev

similar to [archive] but for any (Debian) Linux which is booted without root access

deactivate malware after reboot from non-root compromise

notes, scratch pad


  • run at boot before mounting /home
  • allow root to modify file and commit
  • file same as /etc/skel (root location) is ok
  • carantaine
  • delete
  • diff
  • init
  • commit
  • show
  • extra file
  • changed file
  • whitelisting of files such as for netvm
  • file by tag
  • qubes root compromise with protected root image /usr/local /rw
  • move anything not skel
  • after pam?
  • what if dotfile does not exist -> note to log that it does not exist
  • Don't bother with root protections in template or standalone.
  • Don't bother when root.
  • deploy
  • duplicate files for later diff

Because Tor Browser in home folder:

  • snapshot binaries with:
  • find . -executable -type f
  • upgrade mode to allow changing executables

command line interface:

  • --path
    • home folder can be in any location such as
    • --path /home/user
    • --path /rw/home/user
    • --path /path/to/chroot/folder/home/user
  • --simulate - do nothing but output what would be done
  • --protect - remove(?) important files after reboot
  • --unprotect - disable
  • --immutable - make important files immutable (cannot be written to)
  • --mutable
  • --reset-to-skel - reset important files as if created from /etc/skel
  • --skel /path/to/skel (default to /etc/skel)


  • first boot
  • subsequent boot
  • what if new file gets added to config?


text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png

Want to help create awesome, up-to-date screenshots for the Whonix ™ wiki? Help is most welcome!

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.