mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-29 09:16:22 -05:00
Remove deprecated Whonix pages (see #703)
This commit is contained in:
parent
fedfd94fe6
commit
c99f5d1662
@ -1,91 +0,0 @@
|
|||||||
---
|
|
||||||
layout: doc
|
|
||||||
title: Customizing Whonix
|
|
||||||
permalink: /doc/whonix/customize/
|
|
||||||
redirect_from: /doc/privacy/customizing-whonix/
|
|
||||||
---
|
|
||||||
|
|
||||||
Customizing Whonix
|
|
||||||
==================
|
|
||||||
|
|
||||||
There are numerous ways to customize your Whonix install. All require a degree of technical knowledge and comfort with the command line.
|
|
||||||
|
|
||||||
### Enabling AppArmor
|
|
||||||
|
|
||||||
This is an optional security enhancement (for testers-only). If you're technical & interested, proceed, but do so *at your own risk!*
|
|
||||||
|
|
||||||
Note, if you want to use [Tor bridges](https://www.whonix.org/wiki/Bridges), AppArmor has been known in the past to cause problems with `obfsproxy` [see this issue](https://github.com/Whonix/Whonix/issues/67)
|
|
||||||
|
|
||||||
You will want to complete the following instructions in both the **Whonix-Gateway** referred to in Qubes VM Manager as `whonix-gw` and the **Whonix-Workstation** or `whonix-ws`. You only need to apply these settings to the TemplateVMs before creating any template based VMs from these Whonix templates.
|
|
||||||
|
|
||||||
(This is because, [since Qubes Q3, TemplateBasedVMs inherit the kernelopts setting of their TemplateVM](https://github.com/QubesOS/qubes-issues/issues/1091).)
|
|
||||||
|
|
||||||
### Configuring Whonix-Gateway
|
|
||||||
|
|
||||||
Launch the `dom0` terminal app `Konsole (konsole)`or `Terminal Emulator (xfce4-terminal)` from your Qubes App Launcher. Then get a list of current kernel parameters.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -g whonix-gw kernelopts
|
|
||||||
~~~
|
|
||||||
|
|
||||||
In Qubes 3.2 and 4.0, this will show: `nopat`
|
|
||||||
|
|
||||||
Keep those existing kernel parameters and add `apparmor=1 security=apparmor` by entering:
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -s whonix-gw kernelopts "nopat apparmor=1 security=apparmor"
|
|
||||||
~~~
|
|
||||||
|
|
||||||
When running the command to get a list of current kernel parameters again (just hit the arrow up key twice, so you don't have to type the command again).
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -g whonix-gw kernelopts
|
|
||||||
~~~
|
|
||||||
|
|
||||||
It should show the old and the new kernel parameters. For example:
|
|
||||||
|
|
||||||
~~~
|
|
||||||
nopat apparmor=1 security=apparmor
|
|
||||||
~~~
|
|
||||||
|
|
||||||
Once you started the VM, you can check if AppArmor is now active.
|
|
||||||
|
|
||||||
```
|
|
||||||
sudo aa-status --enabled ; echo $?
|
|
||||||
```
|
|
||||||
|
|
||||||
It should show: `0`
|
|
||||||
|
|
||||||
### Configuring Whonix-Workstation
|
|
||||||
|
|
||||||
In `dom0` terminal Konsole or Terminal Emulator, get a list of current kernel parameters.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -g whonix-ws kernelopts
|
|
||||||
~~~
|
|
||||||
|
|
||||||
In current version of Qubes, this will show `nopat` as a response. To keep those existing kernel parameters and add `apparmor=1 security=apparmor` do the following:
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -s whonix-ws kernelopts "nopat apparmor=1 security=apparmor"
|
|
||||||
~~~
|
|
||||||
|
|
||||||
When running the command to get a list of current kernel parameters again (just hit the arrow up key twice, so you don't have to type the command again).
|
|
||||||
|
|
||||||
~~~
|
|
||||||
qvm-prefs -g whonix-ws kernelopts
|
|
||||||
~~~
|
|
||||||
|
|
||||||
It should show the old and the new kernel parameters. For example:<br />
|
|
||||||
|
|
||||||
~~~
|
|
||||||
nopat apparmor=1 security=apparmor
|
|
||||||
~~~
|
|
||||||
|
|
||||||
Once you started the VM, you can check if AppArmor is now active by typing:
|
|
||||||
|
|
||||||
~~~
|
|
||||||
sudo aa-status --enabled ; echo $?
|
|
||||||
~~~
|
|
||||||
|
|
||||||
It should show: `0`
|
|
@ -1,8 +0,0 @@
|
|||||||
---
|
|
||||||
layout: doc
|
|
||||||
title: Install Whonix in Qubes
|
|
||||||
permalink: /doc/whonix/install/
|
|
||||||
redirect_from: /doc/privacy/install-whonix/
|
|
||||||
redirect_to: https://www.whonix.org/wiki/Qubes/Install
|
|
||||||
---
|
|
||||||
|
|
@ -1,66 +0,0 @@
|
|||||||
---
|
|
||||||
layout: doc
|
|
||||||
title: Uninstall Whonix from Qubes
|
|
||||||
permalink: /doc/whonix/uninstall/
|
|
||||||
redirect_from: /doc/privacy/uninstall-whonix/
|
|
||||||
---
|
|
||||||
|
|
||||||
Uninstall Whonix from Qubes
|
|
||||||
===========================
|
|
||||||
|
|
||||||
If you just want to remove your **Whonix-Gateway ProxyVMs** or **Whonix-Workstation AppVMs** this would not be the guide for doing that. Just use the Qubes VM Manager or command line tools for doing that.
|
|
||||||
|
|
||||||
*Warning: This guide will completely uninstall your underlying Whonix TemplateVMs. Only do this if you want to stop using Whonix or start over with a clean install of Whonix.*
|
|
||||||
|
|
||||||
### Unset or Remove Whonix TemplateVM from All VMs
|
|
||||||
|
|
||||||
In order to uninstall a Whonix TemplateVM, you first must ensure that no VMs have this TemplateVM set as its underlying template, or else the uninstall will not work. You can accomplish this by either unsetting the TemplateVM from VMs or simply by removing the VMs altogether. You only have to do this for VMs that use the TemplateVM that you will uninstall.
|
|
||||||
|
|
||||||
**Option 1a. Unsetting TemplateVM from VMs**
|
|
||||||
|
|
||||||
This option allows you to keep any VMs and their user storage contents. Note that the root storage will still be lost when uninstalling the TemplateVM, so you may want to backup anything important first.
|
|
||||||
|
|
||||||
```
|
|
||||||
dom0 -> Qubes VM Manager -> right click Whonix VM -> Shutdown VM
|
|
||||||
```
|
|
||||||
|
|
||||||
In Dom0 » Qubes VM Manager:
|
|
||||||
|
|
||||||
```
|
|
||||||
dom0 -> Qubes VM Manager -> right click Whonix VM -> VM Settings -> Basic tab -> Template -> Choose a different TemplateVM from the Template list, such as your Fedora TemplateVM.
|
|
||||||
```
|
|
||||||
|
|
||||||
**Option 1b. Removing VMs with TemplateVM**
|
|
||||||
|
|
||||||
This option will delete your user storage contents, so you may want to backup anything important first.
|
|
||||||
|
|
||||||
```
|
|
||||||
dom0 -> Qubes VM Manager -> right click Whonix VM -> Remove AppVM
|
|
||||||
```
|
|
||||||
|
|
||||||
### Uninstall Whonix TemplateVM
|
|
||||||
|
|
||||||
Note that if you have customized your TemplateVM, these will be lost when uninstalling the TemplateVM, so you may want to backup anything important first or clone the TemplateVM.
|
|
||||||
|
|
||||||
**Option 2a. Uninstall Whonix-Gateway TemplateVM**
|
|
||||||
|
|
||||||
Launch a Dom0 Terminal Emulator (Xfce Terminal)
|
|
||||||
```
|
|
||||||
Click the Qubes App Launcher (blue/grey "Q") and then open the Terminal Emulator (Xfce Terminal).
|
|
||||||
```
|
|
||||||
|
|
||||||
Uninstall the qubes-template-whonix-gw template package.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
sudo yum erase qubes-template-whonix-gw
|
|
||||||
~~~
|
|
||||||
|
|
||||||
**Option 2b. Uninstall Whonix-Workstation TemplateVM**
|
|
||||||
|
|
||||||
Launch a Dom0 Terminal Emulator (Xfce Terminal)
|
|
||||||
|
|
||||||
Uninstall the qubes-template-whonix-ws template package.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
sudo yum erase qubes-template-whonix-ws
|
|
||||||
~~~
|
|
@ -1,88 +0,0 @@
|
|||||||
---
|
|
||||||
layout: doc
|
|
||||||
title: Updating Whonix in Qubes
|
|
||||||
permalink: /doc/whonix/update/
|
|
||||||
redirect_from: /doc/privacy/updating-whonix/
|
|
||||||
---
|
|
||||||
|
|
||||||
Updating Whonix in Qubes
|
|
||||||
========================
|
|
||||||
|
|
||||||
It is important to keep your Whonix templates current as to get important security updates.
|
|
||||||
|
|
||||||
### Configure Whonix TemplateVM proxy settings
|
|
||||||
|
|
||||||
|
|
||||||
![TemplateVM Proxy Settings](/attachment/wiki/Whonix/Qubes-Whonix-Gateway_TemplateVM_Qubes_VM_Manager_Settings.png)
|
|
||||||
|
|
||||||
### Open the Whonix Terminals
|
|
||||||
|
|
||||||
Launch `Terminal` for both `whonix-gw` and `whonix-ws` TemplateVMs and then perform the following steps to both TemplateVMs
|
|
||||||
|
|
||||||
~~~
|
|
||||||
sudo apt-get update && sudo apt-get dist-upgrade
|
|
||||||
~~~
|
|
||||||
|
|
||||||
The output should look similar to this.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
Hit http://security.debian.org jessie/updates Release.gpg
|
|
||||||
|
|
||||||
Hit http://security.debian.org jessie/updates Release
|
|
||||||
|
|
||||||
Hit http://deb.torproject.org jessie Release.gpg
|
|
||||||
|
|
||||||
Hit http://ftp.us.debian.org jessie Release.gpg
|
|
||||||
|
|
||||||
Hit http://security.debian.org jessie/updates/main i386 Packages
|
|
||||||
Hit http://deb.torproject.org jessie Release
|
|
||||||
Hit http://security.debian.org jessie/updates/contrib i386 Packages
|
|
||||||
Hit http://ftp.us.debian.org jessie Release
|
|
||||||
Hit http://security.debian.org jessie/updates/non-free i386 Packages
|
|
||||||
Hit http://deb.torproject.org jessie/main i386 Packages
|
|
||||||
Hit http://security.debian.org jessie/updates/contrib Translation-en
|
|
||||||
Hit http://ftp.us.debian.org jessie/main i386 Packages
|
|
||||||
Hit http://security.debian.org jessie/updates/main Translation-en
|
|
||||||
|
|
||||||
Hit http://ftp.us.debian.org jessie/contrib i386 Packages
|
|
||||||
|
|
||||||
Hit http://security.debian.org jessie/updates/non-free Translation-en
|
|
||||||
|
|
||||||
Hit http://ftp.us.debian.org jessie/non-free i386 Packages
|
|
||||||
|
|
||||||
Ign http://ftp.us.debian.org jessie/contrib Translation-en
|
|
||||||
|
|
||||||
Ign http://ftp.us.debian.org jessie/main Translation-en
|
|
||||||
|
|
||||||
Ign http://ftp.us.debian.org jessie/non-free Translation-en
|
|
||||||
|
|
||||||
Ign http://deb.torproject.org jessie/main Translation-en_US
|
|
||||||
|
|
||||||
Ign http://deb.torproject.org jessie/main Translation-en
|
|
||||||
|
|
||||||
Reading package lists... Done
|
|
||||||
~~~
|
|
||||||
|
|
||||||
However, if what you see is different or you see the word `WARNING:` you should look at our troubleshooting documentation for [Debian and Whonix](/doc/troubleshooting/updating-debian-and-whonix/).
|
|
||||||
|
|
||||||
### Restart Services after Upgrading
|
|
||||||
|
|
||||||
The easy way to do this is to simply reboot.
|
|
||||||
|
|
||||||
~~~
|
|
||||||
sudo reboot
|
|
||||||
~~~
|
|
||||||
|
|
||||||
### Restart after Kernel Upgrades
|
|
||||||
|
|
||||||
When `linux-image-...` was upgraded, reboot is required to profit from security updates.
|
|
||||||
|
|
||||||
Shutdown Whonix TemplateVM
|
|
||||||
|
|
||||||
~~~
|
|
||||||
Qubes VM Manager -> right clock on TemplateVM -> Shutdown VM
|
|
||||||
~~~
|
|
||||||
|
|
||||||
### Restart / Update Whonix VMs
|
|
||||||
|
|
||||||
If new updates were available and installed, you will need to either simply restart your running Whonix-Gateway ProxyVMs and running Whonix-Workstation AppVMs for them to be updated -- or alternatively apply this same update process again to your running VMs if not wanting to restart them right away.
|
|
Loading…
Reference in New Issue
Block a user