sys-whonix auto starts when the opposite was requested on install

[vincentadultman]

Qubes OS version:

4.0

Affected component(s):

Steps to reproduce the behavior:

Reboot

Expected behavior:

sys-whonix should not start until manually executed / needed by dependent qube.

Actual behavior:

Following first install, when prompted with wizard as to which qubes to setup, Whonix was selected. However it was not selected to auto start / start now. After the wizard finished the expected qubes (i.e. sys-net and sys-firewall) were started, but not sys-whonix (as expected). On first full reboot of system sys-whonix was started and it's own first configuration wizard displayed.

General notes:

I might have misread the wizard? Can install again to reproduce but in any case, I believed I was not setting sys-whonix to auto start.

Related issues:

[lunarthegrey]

Are any of the other whonix related templates starting as well that use sys-whonix as a NetVM?

[lunarthegrey]

Are any of the other whonix related templates starting as well that use sys-whonix as a NetVM?

[vincentadultman]

No. Sys-whonix does obey the settings tickbox for start on boot however, so the issue is easily corrected and presumably the first start wizard of whonix prevents any outgoing network connection (I am not yet familiar with the OS). Do you need me to try to reproduce / reinstall taking better note of exactly what was selected in the Qubes setup wizard? Happy to do so.

[vincentadultman]

No. Sys-whonix does obey the settings tickbox for start on boot however, so the issue is easily corrected and presumably the first start wizard of whonix prevents any outgoing network connection (I am not yet familiar with the OS). Do you need me to try to reproduce / reinstall taking better note of exactly what was selected in the Qubes setup wizard? Happy to do so.

[andrewdavidwong]

Do you need me to try to reproduce / reinstall taking better note of exactly what was selected in the Qubes setup wizard? Happy to do so.

I think that would be very helpful for whoever debugs this. Thank you!

[andrewdavidwong]

Do you need me to try to reproduce / reinstall taking better note of exactly what was selected in the Qubes setup wizard? Happy to do so.

I think that would be very helpful for whoever debugs this. Thank you!

[mfc]

I will just add that sys-whonix randomly starts sometimes, even tho I have configured sys-tor to be my whonix gateway for all AppVMs, UpdatesProxy uses sys-tor, global Qubes settings uses sys-tor.

it will start when I start running a new AppVM which is not dependent on sys-whonix for netvm or anything.

[mfc]

I will just add that sys-whonix randomly starts sometimes, even tho I have configured sys-tor to be my whonix gateway for all AppVMs, UpdatesProxy uses sys-tor, global Qubes settings uses sys-tor.

it will start when I start running a new AppVM which is not dependent on sys-whonix for netvm or anything.

[marmarek]

I guess you have some VM dependent on sys-whonix. Maybe its clockvm? Check journalctl in dom0 - you'll see what qrexec call wake it up.

[marmarek]

I guess you have some VM dependent on sys-whonix. Maybe its clockvm? Check journalctl in dom0 - you'll see what qrexec call wake it up.

[vincentadultman]

Have reinstalled as promised. The issue may come from a misunderstanding on my part of what the wizard means:

[x] Create whonix gateway and workstation qubes (sys-whonix, anon-whonix)
[ ] Enable system and template updates over the tor anonymity network with whonix

What vms will be auto started actually isn't mentioned. I had presumed leaving the second option unselected would lead to sys-whonix not starting at boot (as to my "new with whonix" mind it is only necessary when anon-whonix is executed whereas for some I'm sure it's required 24/7). I think looking at the salt recipe I'm wrong in this and the behaviour is intended per https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/blob/master/qvm/sys-whonix.sls

Perhaps an area on that screen showing what vms will auto start as the various options are selected / deselected? It's a very minor point however, so if I'm right above apologies for the noise.

[vincentadultman]

Have reinstalled as promised. The issue may come from a misunderstanding on my part of what the wizard means:

[x] Create whonix gateway and workstation qubes (sys-whonix, anon-whonix)
[ ] Enable system and template updates over the tor anonymity network with whonix

What vms will be auto started actually isn't mentioned. I had presumed leaving the second option unselected would lead to sys-whonix not starting at boot (as to my "new with whonix" mind it is only necessary when anon-whonix is executed whereas for some I'm sure it's required 24/7). I think looking at the salt recipe I'm wrong in this and the behaviour is intended per https://github.com/QubesOS/qubes-mgmt-salt-dom0-virtual-machines/blob/master/qvm/sys-whonix.sls

Perhaps an area on that screen showing what vms will auto start as the various options are selected / deselected? It's a very minor point however, so if I'm right above apologies for the noise.

[mfc]

@marmarek yep your guess was totally right, sorry for the additional noise in this thread.

[mfc]

@marmarek yep your guess was totally right, sorry for the additional noise in this thread.