From 5e0bf3c71b66dba22e2f5f892a124818b730e50f Mon Sep 17 00:00:00 2001 From: Ganwtrs Date: Mon, 8 Dec 2025 18:11:23 -0800 Subject: [PATCH] Remove sudo and the like from Whonix Workstation script Signed-off-by: Ganwtrs --- whonix/whonix-workstation.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/whonix/whonix-workstation.sh b/whonix/whonix-workstation.sh index c16236c..71d41e1 100644 --- a/whonix/whonix-workstation.sh +++ b/whonix/whonix-workstation.sh @@ -19,11 +19,11 @@ set -eu unpriv(){ - sudo -u nobody "${@}" + -u nobody "${@}" } download() { - unpriv curl -s --proxy http://127.0.0.1:8082 "${1}" | sudo tee "${2}" > /dev/null + unpriv curl -s --proxy http://127.0.0.1:8082 "${1}" | tee "${2}" > /dev/null } # Setting umask to 077 @@ -31,7 +31,7 @@ download() { umask 077 sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs -echo 'umask 077' | sudo tee -a /etc/bash.bashrc +echo 'umask 077' | tee -a /etc/bash.bashrc # Make home directory private chmod 700 /home/* @@ -43,6 +43,9 @@ chmod 644 /etc/apt/apt.conf.d/99sane-upgrades # Install packages apt-get install --no-install-recommends arc-theme pipewire-pulse qt5-style-plugins -y +# Uninstall packages +apt-get purge -y sudo su runuser + # Restrict /proc and access systemctl enable --now proc-hidepid.service @@ -57,8 +60,8 @@ download https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc # Theming download https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/environment /etc/environment -sudo mkdir -p /etc/gtk-3.0 +mkdir -p /etc/gtk-3.0 download https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/gtk-3.0/settings.ini /etc/gtk-3.0/settings.ini -sudo mkdir -p /etc/gtk-4.0 +mkdir -p /etc/gtk-4.0 download https://raw.githubusercontent.com/TommyTran732/QubesOS-Scripts/main/etc/gtk-4.0/settings.ini /etc/gtk-4.0/settings.ini