/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bind-dirs.sh legacy function broken #2191

Closed
adrelanos opened this Issue Jul 21, 2016 · 11 comments

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 3.2
3 participants
@adrelanos @marmarek @andrewdavidwong
@adrelanos
Member

adrelanos commented Jul 21, 2016

R3.2 with testing repository

There is a problem with the whonix-gw template. Perhaps a release critical bug.

The symptom is starting with a fresh Tor data dir and Whonix Setup Wizard popping up again since /etc/tor/torrc settings get lost. Perhaps more.

The cause is a bug in bind-dirs.sh in the legacy function.

Both, legacy folders /rw/srv/qubes-whonix/ and /rw/srv/qubes/ contained a folder var.

Jul 21 19:12:31 host mount-dirs.sh[484]: mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty

user@host:~$ sudo ls /rw/srv/whonix/var
cache  lib

user@host:~$ sudo ls /rw/bind-dirs/
etc  var

user@host:~$ sudo mv /rw/srv/whonix/var /rw/bind-dirs/
mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty

user@host:/rw/srv$ find .
.
./qubes-whonix
./qubes-whonix/var
./qubes-whonix/var/cache
./qubes-whonix/var/cache/qubes-whonix
./qubes-whonix/var/cache/qubes-whonix/whonix-ip-gateway
./whonix
./whonix/var
./whonix/var/cache
./whonix/var/cache/anon-base-files
./whonix/var/cache/whonix-setup-wizard
./whonix/var/cache/whonix-setup-wizard/status-files
./whonix/var/cache/whonix-setup-wizard/status-files/first_use_check.skip
./whonix/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip
./whonix/var/cache/whonix-setup-wizard/status-files/disclaimer.skip
./whonix/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip
./whonix/var/cache/tb-updater
./whonix/var/lib
./whonix/var/lib/tor
find: `./whonix/var/lib/tor': Permission denied
./whonix/var/lib/whonix
./whonix/var/lib/whonix/whonixblog
./whonix/var/lib/whonix/initial-packages
./whonix/var/lib/whonix/sources_temp_list.d
./whonix/var/lib/whonix/do_once
./whonix/var/lib/whonix/do_once/timesync_apparmor_profile_delete
./whonix/var/lib/whonixcheck
./whonix/var/lib/whonixcheck/write_lock
./whonix/var/lib/whonixcheck/whonixcheck_lastrun
./whonix/etc
./whonix/etc/tor
./whonix/etc/tor/torrc
./whonix/etc/tor/torrc.anondist-orig
./whonix/etc/tor/torrc.examples
./whonix/etc/tor/torrc.anondist
./whonix/etc/tor/torsocks.conf

-- Logs begin at Thu 2016-07-21 19:09:37 UTC, end at Thu 2016-07-21 19:16:12 UTC. --
Jul 21 19:09:43 host systemd[1]: Starting Initialize and mount /rw and /home...
Jul 21 19:09:44 host mount-dirs.sh[484]: tune2fs 1.42.12 (29-Aug-2014)
Jul 21 19:09:44 host mount-dirs.sh[484]: Setting reserved blocks percentage to 0% (0 blocks)
Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /usr/lib/qubes-bind-dirs.d'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /usr/lib/qubes-bind-dirs.d ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + for file_name in '"$source_folder/"*".conf"'
Jul 21 19:12:31 host mount-dirs.sh[484]: + bash -n /usr/lib/qubes-bind-dirs.d/40_qubes-whonix.conf
Jul 21 19:12:31 host mount-dirs.sh[484]: + source /usr/lib/qubes-bind-dirs.d/40_qubes-whonix.conf
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/tor')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/whonix')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/lib/whonixcheck')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/whonix-setup-wizard')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/anon-base-files')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/qubes-whonix')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/var/cache/tb-updater')
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ binds+=('/etc/tor')
Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /etc/qubes-bind-dirs.d'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /etc/qubes-bind-dirs.d ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + continue
Jul 21 19:12:31 host mount-dirs.sh[484]: + for source_folder in /usr/lib/qubes-bind-dirs.d /etc/qubes-bind-dirs.d /rw/config/qubes-bind-dirs.d
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'source_folder: /rw/config/qubes-bind-dirs.d'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' -d /rw/config/qubes-bind-dirs.d ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + continue
Jul 21 19:12:31 host mount-dirs.sh[484]: + main
Jul 21 19:12:31 host mount-dirs.sh[484]: + prerequisite
Jul 21 19:12:31 host mount-dirs.sh[484]: ++ qubesdb-read /qubes-vm-persistence
Jul 21 19:12:31 host mount-dirs.sh[484]: + qubes_vm_persistence=rw-only
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' '!' rw-only = rw-only ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -f /var/run/qubes-service/qubes-dvm ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + init
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + rw_dest_dir=/rw/bind-dirs
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_max=10
Jul 21 19:12:31 host mount-dirs.sh[484]: + mkdir --parents /rw/bind-dirs
Jul 21 19:12:31 host mount-dirs.sh[484]: + shopt -s nullglob
Jul 21 19:12:31 host mount-dirs.sh[484]: + shopt -s dotglob
Jul 21 19:12:31 host mount-dirs.sh[484]: + legacy
Jul 21 19:12:31 host mount-dirs.sh[484]: + local item
Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*'
Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/qubes-whonix/var /rw/bind-dirs/
Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*'
Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/whonix/etc /rw/bind-dirs/
Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in '/rw/srv/qubes-whonix/*' '/rw/srv/whonix/*'
Jul 21 19:12:31 host mount-dirs.sh[484]: + mv /rw/srv/whonix/var /rw/bind-dirs/
Jul 21 19:12:31 host mount-dirs.sh[484]: mv: cannot move ‘/rw/srv/whonix/var’ to ‘/rw/bind-dirs/var’: Directory not empty
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in /rw/srv/qubes-whonix /rw/srv/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /rw/srv/qubes-whonix ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + rmdir /rw/srv/qubes-whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + for item in /rw/srv/qubes-whonix /rw/srv/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /rw/srv/whonix ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + rmdir /rw/srv/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: rmdir: failed to remove ‘/rw/srv/whonix’: Directory not empty
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + bind_dirs
Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/tor ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/tor is not a symlink'
Jul 21 19:12:31 host mount-dirs.sh[484]: + break
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/tor'
Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/tor
Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/tor
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/tor ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/tor /rw/bind-dirs
Jul 21 19:12:31 host mount-dirs.sh[484]: /var/lib -> /rw/bind-dirs/var/lib
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor’ -> ‘/rw/bind-dirs/var/lib/tor’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor/state’ -> ‘/rw/bind-dirs/var/lib/tor/state’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/tor/lock’ -> ‘/rw/bind-dirs/var/lib/tor/lock’
Jul 21 19:12:31 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/tor /var/lib/tor
Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/whonix ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/whonix is not a symlink'
Jul 21 19:12:31 host mount-dirs.sh[484]: + break
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/whonix'
Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/whonix ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/whonix /rw/bind-dirs
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix’ -> ‘/rw/bind-dirs/var/lib/whonix’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/initial-packages’ -> ‘/rw/bind-dirs/var/lib/whonix/initial-packages’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/whonixblog’ -> ‘/rw/bind-dirs/var/lib/whonix/whonixblog’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/sources_temp_list.d’ -> ‘/rw/bind-dirs/var/lib/whonix/sources_temp_list.d’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once/twelve_dot_x_to_thirteen_dot_x_version_6’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once/twelve_dot_x_to_thirteen_dot_x_version_6’
Jul 21 19:12:31 host mount-dirs.sh[484]: ‘/var/lib/whonix/do_once/timesync_apparmor_profile_delete’ -> ‘/rw/bind-dirs/var/lib/whonix/do_once/timesync_apparmor_profile_delete’
Jul 21 19:12:31 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/whonix /var/lib/whonix
Jul 21 19:12:31 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:31 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:31 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -h /var/lib/whonixcheck ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + true '/var/lib/whonixcheck is not a symlink'
Jul 21 19:12:31 host mount-dirs.sh[484]: + break
Jul 21 19:12:31 host mount-dirs.sh[484]: + true 'fso_ro: /var/lib/whonixcheck'
Jul 21 19:12:31 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/lib/whonixcheck
Jul 21 19:12:31 host mount-dirs.sh[484]: + umount /var/lib/whonixcheck
Jul 21 19:12:31 host mount-dirs.sh[484]: + true
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + '[' -d /var/lib/whonixcheck ']'
Jul 21 19:12:31 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/lib/whonixcheck /rw/bind-dirs
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/lib/whonixcheck’ -> ‘/rw/bind-dirs/var/lib/whonixcheck’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/lib/whonixcheck/write_lock’ -> ‘/rw/bind-dirs/var/lib/whonixcheck/write_lock’
Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/lib/whonixcheck /var/lib/whonixcheck
Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/whonix-setup-wizard ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/whonix-setup-wizard is not a symlink'
Jul 21 19:12:32 host mount-dirs.sh[484]: + break
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/whonix-setup-wizard'
Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/whonix-setup-wizard
Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/whonix-setup-wizard
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/whonix-setup-wizard ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/cache/whonix-setup-wizard /rw/bind-dirs
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/whonix_repository.skip’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/first_use_check.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/first_use_check.skip’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/disclaimer.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/disclaimer.skip’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip’ -> ‘/rw/bind-dirs/var/cache/whonix-setup-wizard/status-files/whonixsetup.skip’
Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/cache/whonix-setup-wizard /var/cache/whonix-setup-wizard
Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/anon-base-files ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/anon-base-files is not a symlink'
Jul 21 19:12:32 host mount-dirs.sh[484]: + break
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/anon-base-files'
Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/anon-base-files
Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/anon-base-files
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/anon-base-files ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /var/cache/anon-base-files /rw/bind-dirs
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/anon-base-files’ -> ‘/rw/bind-dirs/var/cache/anon-base-files’
Jul 21 19:12:32 host mount-dirs.sh[484]: ‘/var/cache/anon-base-files/first-boot-skel.TemplateVM.done’ -> ‘/rw/bind-dirs/var/cache/anon-base-files/first-boot-skel.TemplateVM.done’
Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/var/cache/anon-base-files /var/cache/anon-base-files
Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/qubes-whonix ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/qubes-whonix is not a symlink'
Jul 21 19:12:32 host mount-dirs.sh[484]: + break
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/qubes-whonix'
Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/qubes-whonix
Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/qubes-whonix
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/qubes-whonix ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -f /var/cache/qubes-whonix ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/qubes-whonix is neither a directory nor a file or does not exist, skipping.'
Jul 21 19:12:32 host mount-dirs.sh[484]: + continue
Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /var/cache/tb-updater ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/tb-updater is not a symlink'
Jul 21 19:12:32 host mount-dirs.sh[484]: + break
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /var/cache/tb-updater'
Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/var/cache/tb-updater
Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /var/cache/tb-updater
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /var/cache/tb-updater ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -f /var/cache/tb-updater ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/var/cache/tb-updater is neither a directory nor a file or does not exist, skipping.'
Jul 21 19:12:32 host mount-dirs.sh[484]: + continue
Jul 21 19:12:32 host mount-dirs.sh[484]: + for fso_ro in '${binds[@]}'
Jul 21 19:12:32 host mount-dirs.sh[484]: + local symlink_level_counter
Jul 21 19:12:32 host mount-dirs.sh[484]: + symlink_level_counter=0
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -h /etc/tor ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + true '/etc/tor is not a symlink'
Jul 21 19:12:32 host mount-dirs.sh[484]: + break
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'fso_ro: /etc/tor'
Jul 21 19:12:32 host mount-dirs.sh[484]: + fso_rw=/rw/bind-dirs/etc/tor
Jul 21 19:12:32 host mount-dirs.sh[484]: + umount /etc/tor
Jul 21 19:12:32 host mount-dirs.sh[484]: + true
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -n '' ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + '[' -d /etc/tor ']'
Jul 21 19:12:32 host mount-dirs.sh[484]: + cp --verbose --no-clobber --archive --recursive --parents /etc/tor /rw/bind-dirs
Jul 21 19:12:32 host mount-dirs.sh[484]: + mount --bind /rw/bind-dirs/etc/tor /etc/tor
Jul 21 19:12:32 host mount-dirs.sh[484]: + true 'OK: END.'
Jul 21 19:12:32 host systemd[1]: Started Initialize and mount /rw and /home.

Do you know how to properly merge/move these folders?

Perhaps I should just abandon the generic approach and do it manually for the 8 legacy folders? I.e.

mv /rw/srv/whonix/var/lib/tor /rw/bind-dirs/var/lib/tor

etc.?
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Jul 21, 2016

Member

Also need to keep or restore file permissions.
Member

adrelanos commented Jul 21, 2016

Also need to keep or restore file permissions.

@andrewdavidwong andrewdavidwong added bug P: critical C: Whonix labels Jul 21, 2016

@andrewdavidwong andrewdavidwong added this to the Release 3.2 milestone Jul 21, 2016

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 21, 2016

Member

As for merging - you can use cp + rm. Or an overkill like rsync --remove-source-files...
Member

marmarek commented Jul 21, 2016

As for merging - you can use cp + rm. Or an overkill like rsync --remove-source-files...
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Jul 21, 2016

Member

That means a qubes-core-agent dependency on rsync would be permissible?
Member

adrelanos commented Jul 21, 2016

That means a qubes-core-agent dependency on rsync would be permissible?
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 21, 2016

Member

On full template it is installed anyway. On whonix-gw too (probably whonix-ws too).
On minimal template it's easy - rsync do not pull any other packages, it's about 800kb.
So, if that would make solution much easier - yes, it's ok to add rsync dependency.
Member

marmarek commented Jul 21, 2016

On full template it is installed anyway. On whonix-gw too (probably whonix-ws too).
On minimal template it's easy - rsync do not pull any other packages, it's about 800kb.
So, if that would make solution much easier - yes, it's ok to add rsync dependency.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 21, 2016

Member

Hmm, what about putting legacy function (that long list you've just made) into separate file? Or even better - move it to qubes-whonix package, as it is whonix-specific?
Member

marmarek commented Jul 21, 2016

Hmm, what about putting legacy function (that long list you've just made) into separate file? Or even better - move it to qubes-whonix package, as it is whonix-specific?
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Jul 22, 2016

Member

Hmm, what about putting legacy function (that long list you've just made) into separate file? Or even better - move it to qubes-whonix package, as it is whonix-specific?

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

We can either ship a dummy file /usr/lib/qubes/bind-dirs.sh for legacy purposes or I update the qubes-whonix package bind-directories script to the new path. And perhaps a better check that does not rely on file names? Which qubes-core-agent version first shipped bind-dirs.sh?
Member

adrelanos commented Jul 22, 2016

Hmm, what about putting legacy function (that long list you've just made) into separate file? Or even better - move it to qubes-whonix package, as it is whonix-specific?

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

We can either ship a dummy file /usr/lib/qubes/bind-dirs.sh for legacy purposes or I update the qubes-whonix package bind-directories script to the new path. And perhaps a better check that does not rely on file names? Which qubes-core-agent version first shipped bind-dirs.sh?

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 22, 2016

@adrelanos
bind-dirs.sh path change fix 
QubesOS/qubes-issues#2191 (comment)
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
90abf35

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 22, 2016

@adrelanos
fix bind-dirs.sh legacy function 
QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
cf92e9e

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 22, 2016

@adrelanos
bind-directories: also exit if qubes-core-agent version is equal or h… 
…igher than 3.2.8-1+deb8u1

QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
e695bd8
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 23, 2016

Member

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

Ok, so leave it where it is.

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

Yes.

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

That file was always installed into /usr/lib/qubes/init, not /usr/lib/qubes. Some references to it were broken. I assume the same applies to legacy Whonix bind-directories disabling itself.
Since it isn't easy possible to change old Whonix packages (possibly already installed somewhere), better add a compatibility symlink (/usr/lib/qubes/bind-dirs.sh -> /usr/lib/qubes/init/bind-dirs.sh).

And perhaps a better check that does not rely on file names?

I'm not sure if it worth it. The best would be some feature discovery protocol (just package version isn't the best as the same feature may be backported to older branches, or dropped in the future). But just checking for path existence is IMO good enough feature discovery.

Which qubes-core-agent version first shipped bind-dirs.sh?

3.2.0. But as noted above, IMO this is bad idea.
Member

marmarek commented Jul 23, 2016

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

Ok, so leave it where it is.

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

Yes.

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

That file was always installed into /usr/lib/qubes/init, not /usr/lib/qubes. Some references to it were broken. I assume the same applies to legacy Whonix bind-directories disabling itself.
Since it isn't easy possible to change old Whonix packages (possibly already installed somewhere), better add a compatibility symlink (/usr/lib/qubes/bind-dirs.sh -> /usr/lib/qubes/init/bind-dirs.sh).

And perhaps a better check that does not rely on file names?

I'm not sure if it worth it. The best would be some feature discovery protocol (just package version isn't the best as the same feature may be backported to older branches, or dropped in the future). But just checking for path existence is IMO good enough feature discovery.

Which qubes-core-agent version first shipped bind-dirs.sh?

3.2.0. But as noted above, IMO this is bad idea.
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Jul 23, 2016

Member

Marek Marczykowski-Górecki:

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

Ok, so leave it where it is.

Thank you!

But actually, I made good progress on an updated qubes-whonix package.
Testing it currently. It fixes that bind-dirs.sh legacy function.

Related:
#2194

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

Yes.

Good! And good to know.

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

That file was always installed into /usr/lib/qubes/init, not /usr/lib/qubes. Some references to it were broken. I assume the same applies to legacy Whonix bind-directories disabling itself.
Since it isn't easy possible to change old Whonix packages (possibly already installed somewhere), better add a compatibility symlink (/usr/lib/qubes/bind-dirs.sh -> /usr/lib/qubes/init/bind-dirs.sh).

And perhaps a better check that does not rely on file names?

I'm not sure if it worth it. The best would be some feature discovery protocol (just package version isn't the best as the same feature may be backported to older branches, or dropped in the future). But just checking for path existence is IMO good enough feature discovery.

Which qubes-core-agent version first shipped bind-dirs.sh?

3.2.0. But as noted above, IMO this is bad idea.

Whonix legacy bind-directories disables itself on both file names and
qubes-core-agent version equal or higher than '3.2.8-1+deb8u1' now.
Generally you are right, but I doubt we will or should be backporting
bind-dirs.sh to R3.1. So I guess in this case it is good enough.

I want to totally wipe Whonix legacy bind-directories at some point. It
depends on when old Qubes releases can be considered deprecated and when
Qubes-Whonix versions start to depend on some minimum Qubes version.
Since that goes off-topic here, I will ask on qubes-devel.

Once testing is done and the updated qubes-core-agent package is in
Whonix stable repository, there should be a functional Qubes R3.1 Whonix
12 to Qubes R3.2 Whonix 13 upgrade path.

Users upgrading to Qubes R3.2 but staying with Whonix 12, not sure if
that happens, could still benefit from the compatibility symlink.

[Users starting with fresh Qubes R3.2 / Whonix 13 images are currently
affected by "bind-dirs plus bind-directories at the same time" bug. So
after the upgrades, a new template build would be good.]
Member

adrelanos commented Jul 23, 2016

Marek Marczykowski-Górecki:

I am worries about any update combinations Whonix 12/13 vs Qubes R3.1/R3.2.

Ok, so leave it where it is.

Thank you!

But actually, I made good progress on an updated qubes-whonix package.
Testing it currently. It fixes that bind-dirs.sh legacy function.

Related:
#2194

When I am using Qubes R.3.2 and install Whonix from Qubes repository, do I get Whonix 13 updated with Qubes R3.2? (It seems like or I messed up yesterday.)

Yes.

Good! And good to know.

There is an even bigger issue. The path change of Qubes bind-dirs broke legacy Whonix bind-directories disabling itself.

That file was always installed into /usr/lib/qubes/init, not /usr/lib/qubes. Some references to it were broken. I assume the same applies to legacy Whonix bind-directories disabling itself.
Since it isn't easy possible to change old Whonix packages (possibly already installed somewhere), better add a compatibility symlink (/usr/lib/qubes/bind-dirs.sh -> /usr/lib/qubes/init/bind-dirs.sh).

And perhaps a better check that does not rely on file names?

I'm not sure if it worth it. The best would be some feature discovery protocol (just package version isn't the best as the same feature may be backported to older branches, or dropped in the future). But just checking for path existence is IMO good enough feature discovery.

Which qubes-core-agent version first shipped bind-dirs.sh?

3.2.0. But as noted above, IMO this is bad idea.

Whonix legacy bind-directories disables itself on both file names and
qubes-core-agent version equal or higher than '3.2.8-1+deb8u1' now.
Generally you are right, but I doubt we will or should be backporting
bind-dirs.sh to R3.1. So I guess in this case it is good enough.

I want to totally wipe Whonix legacy bind-directories at some point. It
depends on when old Qubes releases can be considered deprecated and when
Qubes-Whonix versions start to depend on some minimum Qubes version.
Since that goes off-topic here, I will ask on qubes-devel.

Once testing is done and the updated qubes-core-agent package is in
Whonix stable repository, there should be a functional Qubes R3.1 Whonix
12 to Qubes R3.2 Whonix 13 upgrade path.

Users upgrading to Qubes R3.2 but staying with Whonix 12, not sure if
that happens, could still benefit from the compatibility symlink.

[Users starting with fresh Qubes R3.2 / Whonix 13 images are currently
affected by "bind-dirs plus bind-directories at the same time" bug. So
after the upgrades, a new template build would be good.]

This was referenced Jul 23, 2016

Merged
Merged

adrelanos added a commit to Whonix/qubes-whonix that referenced this issue Jul 24, 2016

@adrelanos
run bind-dirs.sh legacy function only once 
QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
f3acd5d

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 24, 2016

@adrelanos
only run bind-dirs.sh legacy function on mount, not on unmount 
QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
2660abb

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 24, 2016

@adrelanos
bind-dirs.sh legacy snippet: add shebang for syntax highlighting 
QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
cce19fd

adrelanos added a commit to adrelanos/qubes-whonix that referenced this issue Jul 24, 2016

@adrelanos
override with || true, just in case 
QubesOS/qubes-issues#2191
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
fa6fe8c
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Jul 27, 2016

Member

This is fixed in qubes-whonix git. Updated package will be uploaded [and called for public testing] once another blocking task https://phabricator.whonix.org/T528 is done.
Member

adrelanos commented Jul 27, 2016

This is fixed in qubes-whonix git. Updated package will be uploaded [and called for public testing] once another blocking task https://phabricator.whonix.org/T528 is done.
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Aug 1, 2016

Member

An updated package is in Whonix jessie-proposed-fixes as well as testers repository.
Member

adrelanos commented Aug 1, 2016

An updated package is in Whonix jessie-proposed-fixes as well as testers repository.
@adrelanos

@adrelanos adrelanos closed this Aug 4, 2016

@adrelanos adrelanos referenced this issue Aug 4, 2016

Closed

build Qubes-Whonix 13.0.0.1.0 templates for R3.2 final #2228

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment