Re: [Tails-dev] [Whonix-devel] Tails control port filter pro…

Delete this message

Reply to this message
Author: Patrick Schleizer
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] [Whonix-devel] Tails control port filter proxy in Whonix?
Hi!

[override] will probably work for Whonix. Joy and me drafted a plan.

In one sentence: We at Whonix invent a new a separate config folder,
parse it with a yml merger python script, and generate another yml file
that gets passed to tor-controlport-filter by Tails.

In more detail:

- We'll at Whonix invent /usr/lib/tor-controlport-filter-merger.
- And ship that as opt-in or in a separate package by Whonix.
- (If opt-in, we enable it in a separate Whonix package.)

- /etc/tor-controlport-filter.d
-- We tell Whonix users to ignore it.
-- Internally used by /usr/lib/tor-controlport-filter .
-- Will contain
--- tails-default-profies.yml (for the sake of sharing the package and
perhaps we also benefit from a profile for arm/nyx)
--- 30_autogenerated.yml

- /etc/tor-controlport-filter-merger.d
-- Will be used by Whonix and its users
-- 30_whonix_default.yml - will by shipped by Whonix by default
-- 40_onionshare.yml - user defined
-- 40_ricochet.yml - another user defined etc.

- /usr/lib/tor-controlport-filter-merger parses both,
-- /etc/tor-controlport-filter-merger.d and
-- /usr/local/etc/tor-controlport-filter-merger.d (for Qubes-Whonix)
-- and creates /etc/tor-controlport-filter.d/30_autogenerated.yml

- Our tor-controlport-filter.service systemd service will in essence
look like this.
-- ExecStartPre=/usr/lib/tor-controlport-filter-merger
-- ExecStart=/usr/lib/tor-controlport-filter

Does that sound like that could work out?

Best regards,
Patrick