Jump to: navigation, search

Upgrading Whonix 8 to Whonix 9

Deprecated[edit]

Before you start[edit]

If you want to upgrade Whonix-Gateway as well as Whonix-Workstation[edit]

1. Backup your data. (Ideally have a copy of your VM, so you can try again.)
2. Consider running the optional #Sanity Tests.
3. Upgrade Whonix-Workstation.
4. Power off Whonix-Workstation.
5. Upgrade Whonix-Gatway.
6. Restart Whonix-Gateway.
7. Restart Whonix-Workstation

If you only want to upgrade Whonix-Workstation[edit]

1. Backup your data. (Ideally have a copy of your VM, so you can try again.)
2. Consider running the optional #Sanity Tests.
3. Upgrade Whonix-Workstation.
4. Power off Whonix-Workstation.
5. Get Whonix-Gatway 9.x.
6. Start Whonix-Gateway.
7. Start Whonix-Workstation

You can ignore the following errors.

Non-Critical Errors / Warnings[edit]

You may see the following non-crtiical errors / warnings. Those can be safely ignored.

/usr/lib/whonix/uwtwrapper: line 107: /usr/bin/apt-get: syntax error: operand expected (error token is "/usr/bin/apt-get")
dpkg: warning: while removing whonix-workstation-files, directory '/usr/share/whonix' not empty so not removed
dpkg: warning: while removing whonix-gateway-files, directory '/usr/share/whonix' not empty so not removed
line 7: /usr/share/whonix/postinst.d/pre.bsh: No such file or directory

Other warnings / errors should be reported.

Sanity Tests[edit]

sudo dpkg --audit ; echo $?

Expected output.

0
sudo dpkg --configure -a ; echo $?

Expected output:

0
sudo apt-get update
sudo apt-get dist-upgrade

Test wise install python-qt4.

sudo apt-get install python-qt4 ; echo $?
## ... successful installation of python-qt4 ...
0

Known Issues[edit]

whonixcheck / timesync might stall on first boot[edit]

If that happens, run.

sudo service msgcollector restart
sudo update-rc.d msgcollector defaults

Should only happen after first boot after upgrading. If this errors persists for you, please post in Whonix support forums.

Upgrading Whonix-Workstation[edit]

Downloading a new Whonix-Workstation will be probably easier than applying the following instructions for upgrading.

Consider doing the #Sanity Tests described above. They'll check if your system is affected by obvious grave issues, that you must fix before attemtping to upgrade. If your package manager is broken, for example because you mixed packages from Debian stable with packages from Debian testing, then the upgrade may fail in the middle leaving your system in a difficult to resolve situation.

Consider keeping the full terminal (Konsole) log. Even if everything apparently worked, there might be issues after reboot. In case of a bug report in the forums you would be asked to share the upgrading log so the issue can be investigated.

Make sure you read #Known Issues above.

Become root.

Consider doing the sanity tests as already described above in instructions for Whonix-Gateway.

Do a usual upgrade of your system's packages from Debian.

sudo su

Do a usual upgrade of your system's packages from Debian.

Temporarily disable uwtwrapper. [1]

echo uwtwrapper_global=0 > /etc/whonix.d/30_uwt_default

(It will be automatically enabled again after upgrading. No further action required. [2]

Enable Whonix's wheezy repository.

whonix_repository --enable --codename wheezy

Enable extensive debugging so reporting eventual bugs becomes easier.

export DEBDEBUG=1

Will be fixed after the upgrade.

Update your package lists.

apt-get update

Upgrade. (During the upgrade the packages whonix-workstation-files as well as whonix-shared-files will be removed. This is expected.) [3]

apt-get install whonix-workstation

Dist-upgrade.

apt-get dist-upgrade

Purge whonix-shared-files to get rid of deprecated config files. [4]

dpkg --purge whonix-shared-files ; echo $?

Purge whonix-workstation-files to get rid of deprecated config files.

dpkg --purge whonix-workstation-files ; echo $?

Remember to store the terminal (Konsole) log. (File -> Save Output As)

Power off.

poweroff

Your upgraded Whonix-Workstation will not be able to connect yet, because that requires either an upgraded Whonix-Gateway or a Whonix-Gateway 9.x. As soon you upgraded your Whonix-Gateway or downloaded a Whonix-Gateway 9.x, you should be able to connect.

Upgrading Whonix-Gateway[edit]

Downloading a new Whonix-Gateway will be probably easier than applying the following instructions for upgrading.

Warning: Your changes in /etc/tor/torrc will be lost! Backup your torrc [5] in case you care to restore your settings.

Become root.

Do a usual upgrade of your system's packages from Debian.

sudo su

Temporarily disable uwtwrapper. [1]

echo uwtwrapper_global=0 > /etc/whonix.d/30_uwt_default

(It will be automatically enabled again after upgrading. No further action required. [2])

Enable Whonix's wheezy repository.

whonix_repository --enable --codename wheezy

Enable extensive debugging so reporting eventual bugs becomes easier.

export DEBDEBUG=1

Update your package lists. [6]

uwt -i 127.0.0.1 -p 9050 apt-get update

Upgrade. (During the upgrade the packages whonix-gateway-files as well as whonix-shared-files will be removed. This is expected.) [3]

uwt -i 127.0.0.1 -p 9050 apt-get install whonix-gateway

Dist-upgrade.

uwt -i 127.0.0.1 -p 9050 apt-get dist-upgrade

Purge whonix-shared-files to get rid of deprecated config files. [4]

dpkg --purge whonix-shared-files ; echo $?

Purge whonix-gateway-files to get rid of deprecated config files.

dpkg --purge whonix-gateway-files ; echo $?

Remember to store the terminal (Konsole) log. (File -> Save Output As)

Reboot required.

reboot

Recovery[edit]

Whonix-Workstation[edit]

If you upgraded using "apt-get dist-upgrade" and now getting the following error.

Errors were encountered while processing:
 /var/cache/apt/archives/tb-starter_3%3a0.2-2_all.deb
 /var/cache/apt/archives/whonix-base-files_3%3a0.2-2_all.deb

And want to fix this, then click on expand on the right.

Downloading a new Whonix-Workstation will be probably easier than applying the following instructions for upgrading.

sudo su
dpkg --purge whonix-workstation-files ; echo $?
dpkg --purge whonix-shared-files ; echo $?
apt-get install tb-updater

Be patient when you see about ~14 times.

sudo: unable to resolve host host

Will take a while.

If you use a Whonix 8 Gateway.

echo "nameserver 192.168.0.10" > "/etc/resolv.conf"

Or if you use a Whonix 9 Gateway.

echo "nameserver 10.152.152.10"  > "/etc/resolv.conf"
apt-get install whonix-workstation

Whonix-Gateway[edit]

In case you run "apt-get dist-upgrade" now having broken apt-get and want to fix it.

UNFINISHED Probably very difficult to fix.

Downloading a new Whonix-Gateway will be probably easier than applying the following instructions for upgrading.

sudo su

echo "GATEWAY_TRANSPARENT_TCP=1" >> /etc/whonix.d/60_temp
echo "GATEWAY_TRANSPARENT_DNS=1" >> /etc/whonix.d/60_temp

apt-get install -f
apt-get install whonix-gateway

dpkg --purge whonix-shared-files ; echo $?
dpkg --purge whonix-gateway-files ; echo $?

rm /etc/whonix_firewall.d/60_temp

Footnotes[edit]

  1. 1.0 1.1 This is related to Stream Isolation. Because during upgrade the following code would cause issues. (Because the marker file /usr/share/whonix/whonix_[gateway|workstation] gets removed.)
       if [ -f "/usr/share/whonix/whonix_workstation" ]; then
          uwtwrapper_gateway_ip="192.168.0.10"
       elif [ -f "/usr/share/whonix/whonix_gateway" ]; then
          uwtwrapper_gateway_ip="127.0.0.1"
       else
          error "/usr/bin/"$SCRIPTNAME" uwt wrapper could not determine if this is Whonix-Workstation or Whonix-Gateway."
          error "Please report this bug!"
       fi
    
  2. 2.0 2.1 After upgrading the uwt package will be installed, which will enable uwtwrapper again.
  3. 3.0 3.1 Upgrading using sudo apt-get dist-upgrade is not possible due to extensive changes on how Whonix is packaged. (The -files packages were split into multiple packages.) Not all packages are strictly required. For example the ...-build-... packages won't do anything. However, they don't hurt either. We're mimicking the behavior of the 1700_install-packages build step here to end up with a system that is as similar to Whonix 9.x as possible. This is useful to make eventual issues / differences of upgraded Whonix 8.x systems vs Whonix 9.x as unlikely as possible.
  4. 4.0 4.1 Otherwise old config files would interfere.
  5. sudo cp /etc/tor/torrc /etc/tor/torrc.mybackup
  6. We need to use uwt because the feature for transparent proxying Whonix-Gateway's own traffic is disabled by default.

Random News:

Do you know our Documentation, Technical Design and Developer Portal already?


Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.