@ -2,13 +2,18 @@
# vim: set ts=4 sw=4 sts=4 et :
# vim: set ts=4 sw=4 sts=4 et :
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Configuration s
# Source external script s
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
. $SCRIPTSDIR /vars.sh
. $SCRIPTSDIR /vars.sh
. ./umount_kill.sh >/dev/null
. ./umount_kill.sh >/dev/null
# ------------------------------------------------------------------------------
# Configurations
# ------------------------------------------------------------------------------
if [ " $VERBOSE " -ge 2 -o " $DEBUG " = = "1" ] ; then
if [ " $VERBOSE " -ge 2 -o " $DEBUG " = = "1" ] ; then
set -x
set -x
else
set -e
fi
fi
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@ -28,7 +33,7 @@ sudo mkdir --parents --mode=g+rw "/tmp/uwt"
# on the package. Things seem to work anyway. BUT hopfully the
# on the package. Things seem to work anyway. BUT hopfully the
# hold on grub* don't get removed
# hold on grub* don't get removed
sudo apt-mark hold sysvinit
sudo apt-mark hold sysvinit
sudo apt-mark hold grub-common grub-pc-bin grub2-common
sudo apt-mark hold grub-p c grub-pc-bin grub-commo n grub2-common
# Whonix expects haveged to be started
# Whonix expects haveged to be started
sudo /etc/init.d/haveged start
sudo /etc/init.d/haveged start
@ -89,7 +94,6 @@ sudo touch "/tmp/.prepared_whonix"
EOF
EOF
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# chroot Whonix fix script (Make sure set -e is not set)
# chroot Whonix fix script (Make sure set -e is not set)
# Run ../whonix_fix when whonix gives grub-pc error
# Run ../whonix_fix when whonix gives grub-pc error
@ -98,10 +102,27 @@ EOF
# ignore certain errors
# ignore certain errors
read -r -d '' WHONIX_FIX_SCRIPT <<'EOF'
read -r -d '' WHONIX_FIX_SCRIPT <<'EOF'
DEBIAN_FRONTEND = noninteractive DEBCONF_NONINTERACTIVE_SEEN = true \
DEBIAN_FRONTEND = noninteractive DEBCONF_NONINTERACTIVE_SEEN = true \
sudo apt-get -y --force-yes remove grub-common grub-pc-bin grub2-common
sudo apt-get -y --force-yes remove grub-pc grub- common grub-pc-bin grub2-common
sudo apt-mark hold grub-common grub-pc-bin grub2-common
sudo apt-mark hold grub-common grub-pc-bin grub2-common
EOF
EOF
read -r -d '' WHONIX_APT_PIN <<'EOF'
Package: grub-pc
Pin: version *
Pin-Priority: -100
Package: grub-pc-bin
Pin: version *
Pin-Priority: -100
Package: grub-common
Pin: version *
Pin-Priority: -100
Package: grub2-common
Pin: version *
Pin-Priority: -100
EOF
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Set defualts for apt not to install recommended or extra packages
# Set defualts for apt not to install recommended or extra packages
@ -116,19 +137,19 @@ EOF
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Cleanup function
# Cleanup function
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
function error ( ) {
function cleanup ( ) {
echo " --> Whonix error; umounting $INSTALLDIR to prevent further writes "
error " Whonix error; umounting $INSTALLDIR to prevent further writes "
umount_kill " $INSTALLDIR " || :
umount_kill " $INSTALLDIR " || :
exit 1
exit 1
}
}
trap error ERR
trap cleanup ERR
trap error EXIT
trap cleanup EXIT
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Mount devices, etc required for Whonix installation
# Mount devices, etc required for Whonix installation
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
if ! [ -f " $INSTALLDIR /tmp/.prepared_whonix " ] ; then
if ! [ -f " $INSTALLDIR /tmp/.prepared_whonix " ] ; then
echo "-> Installing w honix system"
info "Installing W honix system"
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
# Initialize Whonix submodules
# Initialize Whonix submodules
@ -147,17 +168,31 @@ if ! [ -f "$INSTALLDIR/tmp/.prepared_whonix" ]; then
# XXX: Seems like the error disappears, but then whonix updates to original code?
# XXX: Seems like the error disappears, but then whonix updates to original code?
pushd " $WHONIX_DIR /packages/anon-meta-packages/debian "
pushd " $WHONIX_DIR /packages/anon-meta-packages/debian "
{
{
sed -i 's/ grub-pc,//g' control;
sed -i 's/ grub-pc,//g' control || : ;
#git commit -am 'removed grub-pc depend' ;
su $USER -c "git commit -am 'removed grub-pc depend'" || : ;
}
}
popd
popd
pushd " $WHONIX_DIR /build-steps.d "
pushd " $WHONIX_DIR "
{
{
sed -i 's/ check_for_uncommited_changes/ #check_for_uncommited_changes/g' 1200_create-debian-packages;
sed -i 's/grub-pc//g' grml_packages || :;
su $USER -c "git commit -am 'removed grub-pc depend'" || :;
}
}
popd
popd
pushd " $WHONIX_DIR /packages/anon-shared-build-fix-grub/usr/lib/anon-dist/chroot-scripts-post.d "
{
sed -i 's/update-grub/:/g' 85_update_grub || :;
su $USER -c "git commit -am 'removed grub-pc depend'" || :;
}
popd
#pushd "$WHONIX_DIR/build-steps.d"
#{
# sed -i 's/ check_for_uncommited_changes/ #check_for_uncommited_changes/g' 1200_create-debian-packages;
#}
#popd
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
# Whonix system config dependancies
# Whonix system config dependancies
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
@ -184,18 +219,22 @@ if ! [ -f "$INSTALLDIR/tmp/.prepared_whonix" ]; then
# Install Whonix system
# Install Whonix system
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
if ! [ -d " $INSTALLDIR /home/user/Whonix " ] ; then
if ! [ -d " $INSTALLDIR /home/user/Whonix " ] ; then
echo "-> Installing Whonix build environment..."
debug " Installing Whonix build environment..."
chroot " $INSTALLDIR " su user -c 'mkdir /home/user/Whonix'
chroot " $INSTALLDIR " su user -c 'mkdir /home/user/Whonix'
fi
fi
if [ -d " $INSTALLDIR /home/user/Whonix " ] ; then
if [ -d " $INSTALLDIR /home/user/Whonix " ] ; then
debug "Building Whonix..."
mount --bind "../Whonix" " $INSTALLDIR /home/user/Whonix "
mount --bind "../Whonix" " $INSTALLDIR /home/user/Whonix "
echo "-> Building Whonix..."
# Install apt-get preferences
# Install apt-get preferences
echo " $WHONIX_APT_PREFERENCE " > " $INSTALLDIR /etc/apt/apt.conf.d/99whonix "
echo " $WHONIX_APT_PREFERENCE " > " $INSTALLDIR /etc/apt/apt.conf.d/99whonix "
chmod 0644 " $INSTALLDIR /etc/apt/apt.conf.d/99whonix "
chmod 0644 " $INSTALLDIR /etc/apt/apt.conf.d/99whonix "
# Pin grub packages so they will not install
echo " $WHONIX_APT_PIN " > " $INSTALLDIR /etc/apt/preferences.d/whonix_qubes "
chmod 0644 " $INSTALLDIR /etc/apt/preferences.d/whonix_qubes "
# Install Whonix fix script
# Install Whonix fix script
echo " $WHONIX_FIX_SCRIPT " > " $INSTALLDIR /home/user/whonix_fix "
echo " $WHONIX_FIX_SCRIPT " > " $INSTALLDIR /home/user/whonix_fix "
chmod 0755 " $INSTALLDIR /home/user/whonix_fix "
chmod 0755 " $INSTALLDIR /home/user/whonix_fix "
@ -209,9 +248,9 @@ if ! [ -f "$INSTALLDIR/tmp/.prepared_whonix" ]; then
elif [ " ${ TEMPLATE_FLAVOR } " = = "whonix-workstation" ] ; then
elif [ " ${ TEMPLATE_FLAVOR } " = = "whonix-workstation" ] ; then
BUILD_TYPE = "--torworkstation"
BUILD_TYPE = "--torworkstation"
else
else
echo " Incorrent Whonix type \" ${ TEMPLATE_FLAVOR } \" selected. Not building Whonix modules "
error " Incorrent Whonix type \" ${ TEMPLATE_FLAVOR } \" selected. Not building Whonix modules "
echo "You need to set TEMPLATE_FLAVOR environment variable to either"
error "You need to set TEMPLATE_FLAVOR environment variable to either"
echo "whonix-gateway OR whonix-workstation"
error "whonix-gateway OR whonix-workstation"
exit 1
exit 1
fi
fi