Updated whonix templates
96 views
Skip to first unread message
Marek Marczykowski-Górecki
Mar 10, 2015, 8:32:19 PM3/10/15
to qubes-users, Jason M
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I've uploaded new template packages for Whonix on Qubes to
templates-community repo. Those packages include many improvements done
by nrgaway over past few months, as well updated qubes packages. Also
the package layout was improved so further updates will be much easier.
New packages are:
qubes-template-whonix-gateway-experimental
qubes-template-whonix-workstation-gnome
To install new packages, you need to remove old one first. This means
you need to temporary switch your Whonix AppVMs to some other template
(no need to start them in such configuration).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJU/40LAAoJENuP0xzK19csEfEH/29mygTWMhFJvi1frzLLsm3z
CTja94wkn8ShZYMjbnycEOsLzYJ4ITt8btcKYMe17cXZxccSbdk+9Ud9O6hQFLrq
IdIyXrz8teuP+kLU3PyXOaXeoCmirfxi7ZO2nv5EkgQKt7GI9pMhBIV8jhalBjqu
gaaQi0hpad1WpvjYdH0m7d2viNY7VX4Xr8tqkClhGd/aebJTK6zE9Rxcu5No3qjr
6VDOrj7082x4XBrfStAt+J5S9Mj/4JOxpjleqrBkCBoDvBIUSnRy87JwbyzwOzZf
WfLTSnjMuFfmEAIPFtOWUDCzvyQRec9zH9ctjBZsm8CPQIQxna4MQEXYwLa2hKM=
=MmDm
-----END PGP SIGNATURE-----
Hash: SHA1
Hi all,
I've uploaded new template packages for Whonix on Qubes to
templates-community repo. Those packages include many improvements done
by nrgaway over past few months, as well updated qubes packages. Also
the package layout was improved so further updates will be much easier.
New packages are:
qubes-template-whonix-gateway-experimental
qubes-template-whonix-workstation-gnome
To install new packages, you need to remove old one first. This means
you need to temporary switch your Whonix AppVMs to some other template
(no need to start them in such configuration).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJU/40LAAoJENuP0xzK19csEfEH/29mygTWMhFJvi1frzLLsm3z
CTja94wkn8ShZYMjbnycEOsLzYJ4ITt8btcKYMe17cXZxccSbdk+9Ud9O6hQFLrq
IdIyXrz8teuP+kLU3PyXOaXeoCmirfxi7ZO2nv5EkgQKt7GI9pMhBIV8jhalBjqu
gaaQi0hpad1WpvjYdH0m7d2viNY7VX4Xr8tqkClhGd/aebJTK6zE9Rxcu5No3qjr
6VDOrj7082x4XBrfStAt+J5S9Mj/4JOxpjleqrBkCBoDvBIUSnRy87JwbyzwOzZf
WfLTSnjMuFfmEAIPFtOWUDCzvyQRec9zH9ctjBZsm8CPQIQxna4MQEXYwLa2hKM=
=MmDm
-----END PGP SIGNATURE-----
WhonixQubes
Mar 11, 2015, 9:11:19 AM3/11/15
to qubes...@googlegroups.com
Awesome. Thanks!! :)
Mirrored to Whonix Qubes forum:
https://www.whonix.org/forum/index.php/topic,1012.0.html
Working on developing new official documentation on the Whonix wiki now:
https://www.whonix.org/wiki/Qubes
WhonixQubes
Mirrored to Whonix Qubes forum:
https://www.whonix.org/forum/index.php/topic,1012.0.html
Working on developing new official documentation on the Whonix wiki now:
https://www.whonix.org/wiki/Qubes
WhonixQubes
WhonixQubes
Mar 13, 2015, 1:07:57 AM3/13/15
to qubes...@googlegroups.com
Regarding Gnome based Whonix-Workstation...
What's the advantage of including Gnome by default in a Qubes VM?
I thought Qubes did not need or use the AppVM's desktop environment
anyway.
It seems to add considerable weight (+1GB) on top of the Whonix
template.
WhonixQubes
What's the advantage of including Gnome by default in a Qubes VM?
I thought Qubes did not need or use the AppVM's desktop environment
anyway.
It seems to add considerable weight (+1GB) on top of the Whonix
template.
WhonixQubes
Axon
Mar 13, 2015, 1:13:58 AM3/13/15
to WhonixQubes, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Maybe I'm severely misunderstanding something, but I'm pretty sure we
*do* use the AppVM's DE inside of AppVMs. By default, we're running
KDE in dom0 and Gnome in AppVMs.
As for whether this is *necessary*, it's probably not. However,
several users have noticed that trying to install KDE in a standard
TemplateVM runs into a conflict with a Qubes package, so maybe that's
why Gnome was chosen. (FWIW, the conflict can be worked around with
- --skip-broken, and the result seems to work fine.)
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVAnIGAAoJEJh4Btx1RPV81LwQAIHhsQLwzobm7a5Oo3awNfxA
7+MDiLVurpeBiWTqzFF/VYygwubZUm4lCPqgAdcnpd2ge0m504h6tcb0s9O4FvaI
/LIhJfmEvOHDO8XQmnc81OQd2A6krxrEYXFBBsVKk9FPZhRlQa10btxY6WQ3I6rP
Zq7JBXl9aOGzPRDucgzD54VACV5UxrqYPk7nkhy2Jz0lda/Zts4UcZxW9l+P+aey
Sq1Bg97G/+PDa9l2nW2c6+x0VBNwIqLy5iFAbb0Ux5d7ut9AVClwzE4NjcIbPkxy
Fjlbu8nSrO3HKnMhPnoD0UUlMo6FkpjBrh8hsw7pkP/t84tEW/2P7lsc0sf5UmOT
GP5EWLmRf3Q0IuCYiaVmmiIoyRuy2hR55rLxhcxfWE3b7t5wqDsdlDkW97+Er5V2
EOAMN5KcasVmiTDr4uGfwEDz9H4cMOlZAmoOqisx7z8EPCbB1ql6a8Doo/bII7U8
ledLXkW+Hp0SyLcB2woxtmyPR3FA27Iq2UEza9NpFUqhlBi8OlbbvhP7mOg2fYbG
OAg09wckUqNx02I9vQLquKwmRntqRn9c0NvuSV/m1usryDNJCle5pJnhbDKsmf4T
bx6PjMqA4Mdd6iCh99vVg5Lf+x7Z9GJLlRExjI3ktRNk1R1AS2B2y9h7RooOejMy
t7vChheF4IY2hFttS2ex
=sPIp
-----END PGP SIGNATURE-----
Hash: SHA512
*do* use the AppVM's DE inside of AppVMs. By default, we're running
KDE in dom0 and Gnome in AppVMs.
As for whether this is *necessary*, it's probably not. However,
several users have noticed that trying to install KDE in a standard
TemplateVM runs into a conflict with a Qubes package, so maybe that's
why Gnome was chosen. (FWIW, the conflict can be worked around with
- --skip-broken, and the result seems to work fine.)
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVAnIGAAoJEJh4Btx1RPV81LwQAIHhsQLwzobm7a5Oo3awNfxA
7+MDiLVurpeBiWTqzFF/VYygwubZUm4lCPqgAdcnpd2ge0m504h6tcb0s9O4FvaI
/LIhJfmEvOHDO8XQmnc81OQd2A6krxrEYXFBBsVKk9FPZhRlQa10btxY6WQ3I6rP
Zq7JBXl9aOGzPRDucgzD54VACV5UxrqYPk7nkhy2Jz0lda/Zts4UcZxW9l+P+aey
Sq1Bg97G/+PDa9l2nW2c6+x0VBNwIqLy5iFAbb0Ux5d7ut9AVClwzE4NjcIbPkxy
Fjlbu8nSrO3HKnMhPnoD0UUlMo6FkpjBrh8hsw7pkP/t84tEW/2P7lsc0sf5UmOT
GP5EWLmRf3Q0IuCYiaVmmiIoyRuy2hR55rLxhcxfWE3b7t5wqDsdlDkW97+Er5V2
EOAMN5KcasVmiTDr4uGfwEDz9H4cMOlZAmoOqisx7z8EPCbB1ql6a8Doo/bII7U8
ledLXkW+Hp0SyLcB2woxtmyPR3FA27Iq2UEza9NpFUqhlBi8OlbbvhP7mOg2fYbG
OAg09wckUqNx02I9vQLquKwmRntqRn9c0NvuSV/m1usryDNJCle5pJnhbDKsmf4T
bx6PjMqA4Mdd6iCh99vVg5Lf+x7Z9GJLlRExjI3ktRNk1R1AS2B2y9h7RooOejMy
t7vChheF4IY2hFttS2ex
=sPIp
-----END PGP SIGNATURE-----
WhonixQubes
Mar 13, 2015, 1:39:05 AM3/13/15
to ax...@openmailbox.org, qubes...@googlegroups.com
On 2015-03-13 5:13 am, Axon wrote:
> Maybe I'm severely misunderstanding something, but I'm pretty sure we
> *do* use the AppVM's DE inside of AppVMs. By default, we're running
> KDE in dom0 and Gnome in AppVMs.
>
> As for whether this is *necessary*, it's probably not. However,
> several users have noticed that trying to install KDE in a standard
> TemplateVM runs into a conflict with a Qubes package, so maybe that's
> why Gnome was chosen. (FWIW, the conflict can be worked around with
> - --skip-broken, and the result seems to work fine.)
Maybe I too am severely misunderstanding something as well, but...
> Maybe I'm severely misunderstanding something, but I'm pretty sure we
> *do* use the AppVM's DE inside of AppVMs. By default, we're running
> KDE in dom0 and Gnome in AppVMs.
>
> As for whether this is *necessary*, it's probably not. However,
> several users have noticed that trying to install KDE in a standard
> TemplateVM runs into a conflict with a Qubes package, so maybe that's
> why Gnome was chosen. (FWIW, the conflict can be worked around with
> - --skip-broken, and the result seems to work fine.)
I don't see usage of Gnome's DE for seamless mode VMs, Whonix, Fedora,
or otherwise.
All I see is the Dom0 KDE that all VMs display their windows on via X.
Sure, a big number of extra Gnome apps are installed on the filesystem
of the AppVM, but the Gnome desktop doesn't seem to be utilized by
Qubes.
Maybe I'm fundamentally off base?
Wondering about reasons for choice of the double-sized Gnome based
Whonix.
Thanks!
WhonixQubes
Axon
Mar 13, 2015, 1:48:01 AM3/13/15
to WhonixQubes, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
WhonixQubes wrote:
Hash: SHA512
WhonixQubes wrote:
installing the "Gnome base"? That's how it seems to work with KDE.
When I needed to install a particular K* app in one of my templates, I
had to install practically all of KDE along with it as dependencies.
>
> Wondering about reasons for choice of the double-sized Gnome based
> Whonix.
>
>
> Thanks!
>
> WhonixQubes
>
iQIcBAEBCgAGBQJVAnoDAAoJEJh4Btx1RPV8VnwP/j4ArgAP/JOkC1nifIZdiCMW
xSYDFvsTHavNxwHJljd06xx8iEw1UWpsBzA4ZQ/pXtg0rvXqGSI4WGcnU0afuBf6
Sf39N0nle6g98gunkr0uHRA2K6eFfejt5mDC7jWuuK4Fse4GFQwcUDXCfRRELvSu
6K45jDUDfJs9zelE5+Dv5RqHKYefHbaJ+fELpGI9SvjXtTHNkWoHswf7Tp1L03ij
8FsygEjxORng5IwqP362I5Rh19hq35OD6RcCuXOl0u2XrPCDrjyMjFM484kruzc1
7O7a63Kj3f6HNV18AWPhM4etaJgvLepe1nnirQ0im+SDYedN6/pzwOFU6j4jYNTQ
UAVTsx7RoT+2AQoZvNvKuEhsrLK218GSimWekpUj6QM+Flt5RQp62wcddwPTLkJs
ZumkHWBQPWjTa9H/8y/QdXhWnoxXoDiSdieZt4nZNJh1y8flM2ErAMbp4nNN32pA
KMchbuKK6cBRhoLotHFxRSnMkpHlqrCcoZlDHDfICCiPjdwa4QwPS28YwDF9P5zB
mZn7STc0GmG9cy5SFj72k7E/7ix/Z14ngg3CoktzqTmlXporvb8GeBGcV1UyLzaZ
0HvP199LU7vZd7a3aQ7/S5b3bPw/SxXnD/LrNfBWdoEem3OfOPx8IsFezfULrvvO
bPMWvL2uku/e2FP4fjWI
=dcfd
-----END PGP SIGNATURE-----
WhonixQubes
Mar 13, 2015, 2:19:03 AM3/13/15
to ax...@openmailbox.org, qubes...@googlegroups.com
On 2015-03-13 5:47 am, Axon wrote:
> Hm... Well, isn't it possible to install those Gnome apps *only* by
> installing the "Gnome base"? That's how it seems to work with KDE.
> When I needed to install a particular K* app in one of my templates, I
> had to install practically all of KDE along with it as dependencies.
Yeah, I've had similar experiences with individual apps being dependent
> Hm... Well, isn't it possible to install those Gnome apps *only* by
> installing the "Gnome base"? That's how it seems to work with KDE.
> When I needed to install a particular K* app in one of my templates, I
> had to install practically all of KDE along with it as dependencies.
upon full DEs.
But, for example, the previous ITL compiled Whonix-Workstation 2.1.7
(whonix-workstation-experimental) did also have Gnome's Nautilus file
manager installed, but not the full GDM package, and was less than half
the size as this 2.1.8 (whonix-workstation-gnome) one's RPM package.
0.9 to 2.1 GB increase.
WhonixQubes
Jason M
Mar 13, 2015, 3:15:33 AM3/13/15
to qubes...@googlegroups.com, ax...@openmailbox.org, whoni...@riseup.net
@Unman has created a more minimal template for Debian that I am also going to try to apply to Whonix as well when I get some time to work on it again.
The full gnome desktop environmnet is not installed, doing so would increase the file size to about 4GB as it does with Wheezy and Jessie. The file size may have grown since I switched the method of installing the base packages to the same used by Debian as well as some additional packages that existed in a regular gnome installation but not the Debian based templates. The reasons behind this was to provide greater reliability, especially when it cam to the graphics rendering which tended to display graphic artifacts on some types of video hardware.
I did do a lot of research into the mattes I mentioned and it could be that the file-size of the template became collateral damage. So here's hoping the more minimal template helps with this.
WhonixQubes
Mar 13, 2015, 6:27:31 AM3/13/15
to nrg...@gmail.com, qubes...@googlegroups.com
On 2015-03-13 7:15 am, Jason M wrote:
> @Unman
>
> *has created a more minimal template for Debian that I am also going to
Thanks,
WhonixQubes
> @Unman
>
> *has created a more minimal template for Debian that I am also going to
> try
> to apply to Whonix as well when I get some time to work on it
> again.*The
> to apply to Whonix as well when I get some time to work on it
> full gnome desktop environmnet is not installed, doing so would
> increase
> the file size to about 4GB as it does with Wheezy and Jessie. The file
> size may have grown since I switched the method of installing the base
> packages to the same used by Debian as well as some additional packages
> that existed in a regular gnome installation but not the Debian based
> templates. The reasons behind this was to provide greater reliability,
> especially when it cam to the graphics rendering which tended to
> display
> graphic artifacts on some types of video hardware.
>
> I did do a lot of research into the mattes I mentioned and it could be
> that
> the file-size of the template became collateral damage. So here's
> hoping
> the more minimal template helps with this.
Sounds good.
> increase
> the file size to about 4GB as it does with Wheezy and Jessie. The file
> size may have grown since I switched the method of installing the base
> packages to the same used by Debian as well as some additional packages
> that existed in a regular gnome installation but not the Debian based
> templates. The reasons behind this was to provide greater reliability,
> especially when it cam to the graphics rendering which tended to
> display
> graphic artifacts on some types of video hardware.
>
> I did do a lot of research into the mattes I mentioned and it could be
> that
> the file-size of the template became collateral damage. So here's
> hoping
> the more minimal template helps with this.
Thanks,
WhonixQubes
Marek Marczykowski-Górecki
Mar 13, 2015, 6:14:49 PM3/13/15
to WhonixQubes, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hash: SHA1
gnome tools), but first I need to finish QubesBuilder changes (mentioned
on qubes-devel ML). And make some free space on my disk...
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
aaAR1LIgfIpULhUDKZ4Ltw/B1QReiDMl6+bd+tXknNRdz6C54dBgMv4wSMUjLC0i
UTPtrGiAq7GjoFHUVSJPDLXO4ahaUozpr6JteeAiq78AIV+1xio/dARLMhGvlJfi
x1G4tkRkiii+aVM0NvplmrbkJjOZmrwmbzYoeLhxff8YQe6p+trpX2N2bWdcIkq2
Q8Cn39c+/YZxHR9Ros/T7UwusYYppQFHAzSnHX4INkbrL632R3UVp0eAqD91FDbn
qYqkaHDo913i7aPMXaphtxdCNcIP9ArG8gkcAE7miM2BYsk+L8YuPY03h3pHJM4=
=RGPv
-----END PGP SIGNATURE-----
WhonixQubes
Mar 13, 2015, 6:25:11 PM3/13/15
to marm...@invisiblethingslab.com, qubes...@googlegroups.com
sound nice!
WhonixQubes
Reply all
Reply to author
Forward
0 new messages