-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Patrick Schleizer: > Hi HW42! > > HW42: >> in Whonix tunneling apt directly through Tor is only disabled (so that >> the update proxy can be reached) when the whonix-secure-proxy 'service' >> is enabled [0]. What is the purpose of this? Why isn't the "standard" >> updates-proxy-setup used? > > The whonix-secure-proxy 'service' is automatically enabled, if connected > to a torified updates proxy. The full mechanism is described here. [1]
Ah, ok. I did not expected an internal generated file in the qubes-service directory. > There was a Whonix 12 bug. "Templates incorrectly think they're not > connected to a Whonix gateway." [2] Which also showed a warning popup. > Did you see such a popup or hit that bug? Ok, that's probably this bug. I think I did not see the popup the first time (since this was only a test install I did not pay that much attention so my memory might be wrong). But it did not had an internet connection when booting the template. I now removed the manual added whonix-secure-proxy service and now I see the popup. So this is pretty sure this bug. Will try to update the Whonix template. > "standard" updates-proxy-setup isn't used to prevent accidental > non-torified, clearnet updates. (design decision [3]) > >> Context: On a fresh R3.2-rc1 install updating the Whonix templates >> doesn't work since apt tries to reach the proxy via Tor. So the question >> is whether the Whonix package or the template setup should be patched. > > The template setup, as in creating the whonix-secure-proxy 'service' > should not be patched. This is now clear. >> [0]: >> https://github.com/Whonix/qubes-whonix/blob/master/etc/uwt.d/40_qubes.conf#L5 > > Cheers, > Patrick > > [1] https://www.whonix.org/wiki/Dev/Qubes#Torified_Updates_Proxy > [2] > https://forums.whonix.org/t/templates-incorrectly-think-theyre-not-connected-to-a-whonix-gateway > [3] https://github.com/QubesOS/qubes-issues/issues/1880 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXhrdaAAoJEOSsySeKZGgW7I4QALqS0gN7RGnG6P8w3ebyzWPI 3IfXzjF+DyeNwiN4WFnpKb7MQ6/07hgo8c/if9fMZD7SrVqXbsnmU1BiOVnGNC3e evc97cRp350ao8zMGiiCqZSmqvNeov/PU/pAVeLwjR+bgTYJnfE0uSIUs5CWu0hv pfowJQ6gb0Wmb8EY760iH7DOq0HOn1gzn9SO04al4KaYSULbhdlwVRyeOjmp9g/C Xj3gUYT/BaEkTSD3RshyQsZrpTQNtg5tzbM0ZMsZxmKVibTdLNyMATD8dYXxlHWA whPRl5W0JRHgrm9jfMj/BAqdwYctU5a+3kLWgzhEGtPg63aovBsZSw1mCOuTyHDl GY4GH5pmC5qHu2IDB9wDq0/cEA6A4eu/aeJu3EATiTesw2sx9//8WJJavFSXxp7G Jn1GkNzh5MnVaAFDrTTryU/BSC1mjj8RJSE8PqegwR2yDWxaTqiyDHRlpNsSl824 cXlyIGCO19+R2mfQj3kLArMMXCFFmDb0/aIP8ApSewaVI53HPmFivb6XdZuQ7fsr KROayNM2m3yME8HGMAnomywtxMBhmOKa0lQYiHLypF0YrgLb3Y3rMUZukRpDD/at oYoBOZ8XgxEXDkzBvC9SJk0Rtlew7MvEeq9j1VfRjac4l6sH/YUiBTnLVIsepUfZ gS6LjQwTFoZU4HZBH3Ry =lbn/ -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ab7cb2a3-ae79-c61b-cb1a-8052aee8c74e%40ipsumj.de. For more options, visit https://groups.google.com/d/optout.
