Re: [Whonix-devel] OpenBSD gateway development

[adrelanos <adr...@ri...>]

chiccofx:
> adrelanos:
>> How do you plan to replace grml-debootstrap, i.e. the step for creating
>> a base VM image?
> 
> I just recently started looking into whonix source code. I believe that
> whonix would have to be built from inside an OpenBSD machine. This could
> possibly break the workstation building process, but I believe that it
> is easier to fix that from inside OpenBSD, than building OpenBSD inside
> linux. OpenBSD introduces changes to the gcc, assembler, linker, etc.
> This: http://www.openbsd.org/faq/faq5.html, illustrates the building
> process.

Its not a problem, to build Whonix you also need to build on Debian
Wheezy (or maybe above) on hardware or inside a VM. You can't build
Whonix on Ubuntu, unless you want to change a few things and get an
Ubuntu-based Whonix and you can not build on top of Windows and I doubt
you can build it on top of Mac, BSD, etc.

> Of course this would only apply to the ones wanting to build from
> source, and these could (or not?) be considered computer literate enough
> to setup a OpenBSD virtual machine (that if they are not already using
> one as host).

Seems only natural to be, that you have to build the Debian based VMs on
Debian and BSD based VMs on BSD.

If you want support building a Whonix-BSD-Gateway on Debian, maybe
chroots could work?

> Also, the script can detect and only build an OpenBSD gateway if being
> run from inside it (or asked to, or both), if not build the debian based
> gateway. This is the price to pay for extra security, even smaller
> attack surface on the gateway and less RAM needed for it, freeing RAM to
> the workstation (to me this is the most nice, for performance reasons).

Yes, we can autodetect it and/or use command line options.