From 8741932d5936323a1fcbd7e4e20d44e14305b127 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 06:26:58 -0700 Subject: [PATCH 1/6] Generalize whonix-reinstall to apply to all templates --- managing-os/reinstall-template.md | 74 +++++++++++++++++++++++++++++++ privacy/whonix-reinstall.md | 54 ---------------------- 2 files changed, 74 insertions(+), 54 deletions(-) create mode 100644 managing-os/reinstall-template.md delete mode 100644 privacy/whonix-reinstall.md diff --git a/managing-os/reinstall-template.md b/managing-os/reinstall-template.md new file mode 100644 index 00000000..98c72bfc --- /dev/null +++ b/managing-os/reinstall-template.md @@ -0,0 +1,74 @@ +--- +layout: doc +title: How to Reinstall a TemplateVM +permalink: +redirect_from: +- /doc/whonix/reinstall/ +--- + +How to Reinstall a TemplateVM +============================= + +If you suspect your [TemplateVM] is broken, misconfigured, or compromised, +or if you wish to do a clean reinstall in order to upgrade to a new version, you +can reinstall any TemplateVM from the Qubes repository. In what follows, the +phrase "target TemplateVM" refers to whichever TemplateVM you want to reinsatll. +If you want to reinstall more than one TemplateVM, repeat these instructions for +each one. + +1. (Optional) Clone the existing target TemplateVM. + + This can be a good idea if you've customized the existing template and want + to keep your customizations. On the other hand, if you suspect that this + template is broken, misconfigured, or compromised, you may want to remove it + without cloning it. + +2. Create a temporary dummy template: + + mkdir /var/lib/qubes/vm-templates/dummy + touch /var/lib/qubes/vm-templates/dummy/{root.img,private.img} + qvm-add-template dummy + +3. Temporarily change all VMs based on the target TemplateVM to the new dummy + template, or remove them. + + This can be a good idea if you have user data in these VMs that you want to + keep. On the other hand, if you suspect that these VMs (or the templates on + which they are based) are broken, misconfigured, or compromised, you may + want to remove them instead. You can do this in Qubes Manager by + right-clicking on the VM and clicking **Remove VM**, or you can use the + command `qvm-remove ` in dom0. + + Using a dummy template as a temporary template is preferable to using another + real TemplateVM because you can't accidentally boot any VMs from the dummy + template. (There is no OS in the dummy template, so the boot will fail.) + +4. Uninstall the target TemplateVM from dom0: + + $ sudo yum remove + + For example, to uninstall the `whonix-gw` template: + + $ sudo yum remove qubes-template-whonix-gw + +5. Reinstall the target TemplateVM in dom0: + + $ sudo qubes-dom0-update --enablerepo= \ + + + For example, to install the `whonix-gw` template: + + $ sudo qubes-dom0-update --enablerepo=qubes-templates-community \ + qubes-template-whonix-gw + +6. If you temporarily changed all VMs based on the target TemplateVM to the + dummy template in step 3, change them back to the new target TemplateVM now. + If you instead removed all VMs based on the old target TemplateVM, you can + recreate your desired VMs from the newly reinstalled target TemplateVM now. + + At a minimum, you'll want a ProxyVM (conventionally called `sys-whonix`) + based on `whonix-gw` and an AppVM based on `whonix-ws` that uses `sys-whonix` + as its NetVM. + +[TemplateVM]: /doc/templates/ + diff --git a/privacy/whonix-reinstall.md b/privacy/whonix-reinstall.md deleted file mode 100644 index ba755a37..00000000 --- a/privacy/whonix-reinstall.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -layout: doc -title: Reinstall Whonix in Qubes -permalink: /doc/whonix/reinstall/ ---- - -Reinstall Whonix in Qubes -=========================== - -If you suspect your Whonix templates are broken, misconfigured, or compromised, -or if you wish to do a clean reinstall in order to upgrade to a new version, you -can reinstall the Whonix templates from the Qubes repository. This procedure -involves [uninstalling] your Whonix templates, then [installing] them again. - -1. (Optional) Clone your existing `whonix-gw` and `whonix-ws` templates. - - This can be a good idea if you've customized the existing templates and want - to keep them. On the other hand, if you suspect that these templates are - broken, misconfigured, or compromised, you may want to remove them - without cloning them. - -2. (Optional) Temporarily change all VMs based on `whonix-gw` and `whonix-ws` to - another template (e.g., the ones created in the previous step). - - This can be a good idea if you have user data in these VMs that you want to - keep. On the other hand, if you suspect that these VMs (or the templates on - which they are based) are broken, misconfigured, or compromised, you may - want to remove them instead. You can do this in Qubes Manager by - right-clicking on the VM and clicking **Remove VM**, or you can use the - command `qvm-remove ` in dom0. - -3. Uninstall the Whonix templates from dom0: - - $ sudo yum remove qubes-template-whonix-gw - $ sudo yum remove qubes-template-whonix-ws - -4. Reinstall the Whonix templates in dom0: - - $ sudo qubes-dom0-update --enablerepo=qubes-templates-community \ - qubes-template-whonix-gw qubes-template-whonix-ws - -5. If you followed step 2, change the VMs from step 2 back to the new - `whonix-gw` and `whonix-ws`. If you instead removed all VMs based on the old - `whonix-gw` and `whonix-ws`, simply create your desired VMs from the new - templates. - - At a minimum, you'll want a ProxyVM (conventionally called `sys-whonix`) - based on `whonix-gw` and an AppVM based on `whonix-ws` that uses `sys-whonix` - as its NetVM. - - -[uninstalling]: /doc/whonix/uninstall/ -[installing]: /doc/whonix/install/ - From b633b720337f83d3c2731433b54b03705a16cde4 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 10:47:43 -0700 Subject: [PATCH 2/6] Remove old Whonix-specific sentence --- managing-os/reinstall-template.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/managing-os/reinstall-template.md b/managing-os/reinstall-template.md index 98c72bfc..8479a71f 100644 --- a/managing-os/reinstall-template.md +++ b/managing-os/reinstall-template.md @@ -66,9 +66,5 @@ each one. If you instead removed all VMs based on the old target TemplateVM, you can recreate your desired VMs from the newly reinstalled target TemplateVM now. - At a minimum, you'll want a ProxyVM (conventionally called `sys-whonix`) - based on `whonix-gw` and an AppVM based on `whonix-ws` that uses `sys-whonix` - as its NetVM. - [TemplateVM]: /doc/templates/ From 61407aec0a2a479383e17093ee08e42947d64430 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 10:53:03 -0700 Subject: [PATCH 3/6] Set permalink --- managing-os/reinstall-template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/managing-os/reinstall-template.md b/managing-os/reinstall-template.md index 8479a71f..975cbd39 100644 --- a/managing-os/reinstall-template.md +++ b/managing-os/reinstall-template.md @@ -1,7 +1,7 @@ --- layout: doc title: How to Reinstall a TemplateVM -permalink: +permalink: /doc/reinstall-template/ redirect_from: - /doc/whonix/reinstall/ --- From 967765281085c70d64ce7ec5900f5b9569b3948e Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 10:53:28 -0700 Subject: [PATCH 4/6] Add link to Reinstall page --- managing-os/templates.md | 1 + 1 file changed, 1 insertion(+) diff --git a/managing-os/templates.md b/managing-os/templates.md index 6837e739..39c09d60 100644 --- a/managing-os/templates.md +++ b/managing-os/templates.md @@ -27,6 +27,7 @@ available only as source code, which can be built using are available in source code form only. Take a look at the [Qubes Builder documentation](/doc/qubes-builder/) for instructions on how to compile them. +To reinstall a currently installed TemplateVM, see [here](/doc/reinstall-template/). ITL Supported templates ----------------------- From 485bd1d7f7ae3554495aa9ecf32c3b04017dbe12 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 10:53:51 -0700 Subject: [PATCH 5/6] Remove link to old Reinstall page --- privacy/whonix.md | 1 - 1 file changed, 1 deletion(-) diff --git a/privacy/whonix.md b/privacy/whonix.md index dd60d58c..06565e86 100644 --- a/privacy/whonix.md +++ b/privacy/whonix.md @@ -32,7 +32,6 @@ To install Whonix, you must have a working Qubes machine already. ## Customizing, Reinstalling, & Uninstalling Whonix * [Customizing Whonix](/doc/whonix/customize/) -* [Reinstall Whonix in Qubes](/doc/whonix/reinstall/) * [Uninstall Whonix from Qubes](/doc/whonix/uninstall/) *The following links are on Whonix's website and are technical.* From 4a50b0179ef715c51869644ed1dc482da3be7b27 Mon Sep 17 00:00:00 2001 From: Andrew David Wong Date: Sun, 12 Jun 2016 10:54:07 -0700 Subject: [PATCH 6/6] Add ToC entry for new Reinstall page --- doc.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc.md b/doc.md index 4060e4c1..cbfdcbd8 100644 --- a/doc.md +++ b/doc.md @@ -63,6 +63,7 @@ Managing Operating Systems within Qubes * [Templates: Archlinux](/doc/templates/archlinux/) * [Templates: Ubuntu](/doc/templates/ubuntu/) * [Templates: Whonix](/doc/whonix/) + * [How to Reinstall a TemplateVM](/doc/reinstall-template) * [Installing and Using Windows-based AppVMs (Qubes R2 Beta 3 and later)](/doc/windows-appvms/) * [Creating and Using HVM and Windows Domains (Qubes R2+)](/doc/hvm/) * [Advanced options and troubleshooting of Qubes Tools for Windows (R3)](/doc/windows-tools-3/)