Hi HW42! HW42: > in Whonix tunneling apt directly through Tor is only disabled (so that > the update proxy can be reached) when the whonix-secure-proxy 'service' > is enabled [0]. What is the purpose of this? Why isn't the "standard" > updates-proxy-setup used?
The whonix-secure-proxy 'service' is automatically enabled, if connected to a torified updates proxy. The full mechanism is described here. [1] There was a Whonix 12 bug. "Templates incorrectly think they're not connected to a Whonix gateway." [2] Which also showed a warning popup. Did you see such a popup or hit that bug? "standard" updates-proxy-setup isn't used to prevent accidental non-torified, clearnet updates. (design decision [3]) > Context: On a fresh R3.2-rc1 install updating the Whonix templates > doesn't work since apt tries to reach the proxy via Tor. So the question > is whether the Whonix package or the template setup should be patched. The template setup, as in creating the whonix-secure-proxy 'service' should not be patched. > [0]: > https://github.com/Whonix/qubes-whonix/blob/master/etc/uwt.d/40_qubes.conf#L5 Cheers, Patrick [1] https://www.whonix.org/wiki/Dev/Qubes#Torified_Updates_Proxy [2] https://forums.whonix.org/t/templates-incorrectly-think-theyre-not-connected-to-a-whonix-gateway [3] https://github.com/QubesOS/qubes-issues/issues/1880 -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/6cc7f5d1-e7bb-f803-2443-e2eca024a2d9%40riseup.net. For more options, visit https://groups.google.com/d/optout.
