Current Derivative-Maker Features
Essential Derivative-Maker Features
* does not use non-deterministic binary base boxes (VM images) (which if compromised would compromise the resulting {{project_name_long}} image)* does not download anything that does not get gpg verified (apt, tb-updater do gpg verify everything)
* prospective support to create deterministic images (once this is generally possible, Derivative-Maker can also learn this)
* supports using APT Cache to speed up builds
* exit code checking everywhere
* APT unreliable exit code checking workaround
* --target virtualbox build VirtualBox ova images
** custom virtualbox VM settings (VBoxManage modifyvm "$VMNAME" --synthcpu on... etc.)
* --target qcow2 build KVM images
** adding whonix-libvirt xml files to the xz
* build {{project_name_gateway_long}}* build {{project_name_workstation_long}}* install Tor Browser by default inside {{project_name_workstation_long}}* default login user account creation, user "user" / password "changeme"
Non-Essential Derivative-Maker Features
* step based, build steps case be run manually to speed up development
* injection of custom build steps
* building {{project_name_long}} images that do not come with a desktop environment* building {{project_name_long}} images that do not come with {{project_name_long}} default applications Undecided Priority Derivative-Maker Features
* easy to implement creating other image types (raw images etc.)
* creation of hash sum verification and gpg signatures
* automatically installs all required build dependencies on the host system
* cleanup command removing temporary files and/or images
* --arch parameter support (--arch amd64 or --arch i386)
* --kernel and --headers parameter support (--kernel linux-image-amd64 --headers linux-headers-amd64)
* build from local apt repository rather than from deterministic remote repository
* install {{project_name_long}} packages from own custom remote repository* interactive error handler to repeat commands, open a shell or ignore them
* optional build step skipping feature
* --target root (for physical isolation)
* --target raw build raw images
* custom VM settings during build (these can of course be manually changed by the user anyhow), supported parameters with examples:
* build image that never had {{project_name_long}} repository enabled* build and install all {{project_name_long}} packages during {{project_name_long}} image build* protection from bad build surprises
** break or do not break when uncommitted changes are found
** break or do not break from non-tag
* --confdir /path/to/config/dir
** none: Do not install Tor Browser.
** closed: Fail closed if Tor Browser cannot be installed.
** open: Fail open if Tor Browser cannot and installed.
* use onion apt sources for building
* install different packages for virtualbox (virtualbox-guest-x11) and kvm (spice...)
* Separate VirtualBox / KVM builds <ref>
https://forums.whonix.org/t/non-qubes-whonix-13-0-0-1-0-x-issues/2443/4
</ref> using <code>--target virtualbox</code> or <code>--target qcow2</code>.
or create an account