Introduction[edit]

If the following warning appears.

WARNING: Execution of /usr/bin/apt-get prevented by /etc/uwt.d/40_qubes.conf because no torified Qubes updates proxy found.

If the warning message is transient, it can be safely ignored. Otherwise, try one of the fixes below.

Update dom0[edit]

Launch a dom0 terminal.
Click the Qubes App Launcher (blue/grey "Q") → Open the Terminal Emulator (Xfce Terminal)

Upgrade Qubes dom0. This step is mandatory. ^[1]

• Qubes R4.0:
  sudo qubes-dom0-update
• Qubes R4.1 ^[2]:
  sudo qubes-dom0-update --show-output --console

Templates[edit]

Error Resolution Methods[edit]

The following fixes are listed in order of preference.

Salt Fix[edit]

In dom0.

Use qubesctl to setup dom0 settings. ^[3]

Next, check if the problem has been corrected. Run the following command in Whonix ™ Template.

Then try to update / use apt again.

If there are still problems, try the manual fix below.

Manual Fix[edit]

## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect

## Please use a single # to start your custom comments

# Upgrade all Templates through {{project_name_gateway_vm}}.
#$type:Template $default allow,target={{project_name_gateway_vm}}

# Upgrade {{project_name_long}} templateVMs through {{project_name_gateway_vm}}.
$tag:whonix-updatevm $default allow,target={{project_name_gateway_vm}}

# Deny {{project_name_long}} templateVMs using UpdatesProxy of any other VM.
$tag:whonix-updatevm $anyvm deny

# Default rule for all Templates - direct the connection to sys-net
$type:Template $default allow,target=sys-net

$anyvm $anyvm deny

Reinstallation Fix[edit]

If the salt and manual fix attempts both fail, then follow the steps to Reinstall Qubes-Whonix ™ Templates. If reinstallation also fails, then ask for support in the Whonix ™ forums.

dom0[edit]

Qubes dom0 does not use Qubes UpdatesProxy. ^[4] Therefore file /etc/qubes-rpc/policy/qubes.UpdatesProxy does not influence which VM will be used by dom0 for fetching updates.

For completeness sake, see below on how to configure the Qubes dom0 UpdateVM setting.

To force dom0 updates over Tor, set Qubes' dom0 UpdateVM to sys-whonix. ^[5]

• Qube Manager → System → Global Settings → Dom0 UpdateVM: sys-whonix → OK

To revert this change, set Qubes' dom0 UpdateVM to sys-firewall or another preferred VM. ^[6]

• Qubes Manager → System → Global Settings → Dom0 UpdateVM: sys-firewall → OK

Development[edit]

The following Qubes-Whonix ™ and Whonix ™ GitHub development resources are recommended for interested readers:

• 40_qubes.conf
• qubes-whonix-torified-updates-proxy-check.service
• torified-updates-proxy-check
• qubes.UpdatesProxy.policy
• uwt

Footnotes[edit]

Whonix ™ The most watertight privacy operating system in the world.

Donate

Follow us on social media

FREE  ·  PLUS  ·  PREMIUM Support

At Whonix we believe in freedom and trust. That's why we fully support Open Source and Freedom Software. Learn more.

Whonix ™ is supported by Evolution Host DDoS Protected VPS.

Whonix is the most watertight privacy operating system in the world

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole. By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service , Privacy Policy , Cookie Policy , E-Sign Consent , DMCA , Imprint Whonix ™ © ENCRYPTED SUPPORT LP, 2022

×

Whonix is free from corporate interest by being user funded. Thank you so much!

Scan the QR code or use the wallet address below.

 

Close

Did you know that anyone can edit the Whonix wiki to improve it?