Kicksecure - for VirtualBox - Point Release!

Download Kicksecure for VirtualBox:

This is a point release.


Alternatively, in-place release upgrade is possible upgrade using Kicksecure repository.

This release would not have been possible without the numerous supporters of Kicksecure!

Please Donate!

Please Contribute!

Major Changes

  • kicksecure-meta-packages:
    • install by default on host operating system: gnome-disk-utility, gsmartcontrol, smartmontools, smart-notifier, nvme-cli, pv, lshw, hwinfo, ddrescue, lm-sensors, psensor, gddrescue, ddrescueview
    • add kicksecure-desktop-applications-xfce to kicksecure-qubes-gui
  • swap-file-creator:
    • vastly improve swap-file-creator
    • always create a swap file if swap-file-creator is installed
    • increased minimum size of swap file to 6 GB
    • vastly speed up swap-file-creator through use of fallocate and systemd-cryptsetup from several or tens of seconds to around 1 second * use calculate-swap-size to calculate size of swap file to be created
    • take into account for size calculation if the system is using hibernation, it is assumed that this is not the case in VMs, therefore a smaller swapfile is sufficient.
    • do not attempt to create a swap file if there is insufficient disk space
    • improved output
    • systemd After=systemd-random-seed-load.service for better entropy
    • added a test to check if a swap file with the expected size has been created
    • improved error handling
    • code simplification through integration with systemd / journald for logs and status
    • removed little/unused configuration options, see /etc/default/swap-file-creator
    • swap - swap file - Whonix-Gateway freezing during apt-get dist-upgrade - encrypted swap-file-creator - #8 by Patrick - Development - Whonix Forum
  • Kicksecure (and Whonix) for VirtualBox Installer
    • check if unexpected unregistered vbox file exists
    • set download flag only if integrity check succeeded
    • introduce --noupdate
    • fix: --import-only; allow only importing one VM but not the other and starting it; don’t run package manager updates command when using --dev to safe time
    • fix: do not reimport unless using --reimport
    • fix output: suppress stderr from vboxmanage showvminfo in case it is expected that no VMs exist yet
    • update for new sha512sums link format Whonix Linux Installer - Development Discussion - #161 by Patrick - Development - Whonix Forum
    • no longer install apt-transport-https because it is a dummy transitional package, its functionality was merged into apt
  • desktop-config-dist:
    • fix: livecheck also detect ISO live mode
  • grub-live:
    • add a safeguard in case the dracut 90overlay-root module vanishes in the future
  • helper-scripts:
  • security-misc:
  • tirdad:
    • activate-noawait update-initramfs
  • derivative-maker:
    • fix: remove empty /mnt/initialdeb folder at the end of a build
    • install VM integration tools (such as VirtualBox guest additions) inside ISO
    • add efivar to efi_weak_recommended_packages_list
    • fix: do not create utm folder just because of using --arch arm64 create utm folder only when using --target utm
    • fix: do not delete the raw image when creating the utm folder
  • towards Wayland support
    • remove no longer required dependency on lxqt-sudo since ported to Wayland, pkexec
  • deprecate sha256sums files
  • new link format for sha512sums files

Full difference of all changes…