configure.mdwn 10.8 KB
Newer Older
1
[[!meta title="Create & Configure the Persistent Volume"]]
2
3
4

[[!inline pages="doc/first_steps/persistence.caution" raw="yes"]]

Tails developers's avatar
Tails developers committed
5
6
[[!toc levels=2]]

7
8
Start the Persistent Volume Assistant
=====================================
9

10
To start the persistent volume assistant, choose
11
12
13
14
15
<span class="menuchoice">
  <span class="guimenu">Applications</span>&nbsp;▸
  <span class="guisubmenu">Tails</span>&nbsp;▸
  <span class="guimenuitem">Configure persistent storage</span></span>.

Tails developers's avatar
Tails developers committed
16
17
18
19
20
21
<div class="note">
The error message <span class="emphasis">Error, Persistence partition is not
unlocked.</span> means that the persistent volume was not enabled from
<span class="application">Tails greeter</span>. So you can not configure it
but you can delete it and create a new one.
</div>
22

23
24
Creating the Persistent Volume
==============================
25
26

When run for the first time, or after [[deleting the persistent
27
volume|delete]], the assistant proposes to create a new persistent volume on
28
29
the USB stick from which Tails is running.

30
1. The persistent volume is an encrypted partition protected by a passphrase.
31
32
33
34
35
36
37
38
39
40
Specify a passphrase of your choice in both the
<span class="guilabel">Passphrase</span> and <span class="guilabel">Verify
Passphrase</span> text boxes.

2. Click on the <span class="guilabel">Create</span> button.

3. Wait for the creation to finish.

<div class="bug">
<strong>If the creation is interrupted before it finishes</strong>, you may not
Tails developers's avatar
Tails developers committed
41
be able to start Tails from this USB stick any more. This can happen if you
42
close the window of the wizard or unplug the USB stick during the creation of
Tails developers's avatar
Tails developers committed
43
the persistent volume. [[Delete|first_steps/usb_reset]] and
44
[[reinstall|first_steps/usb_installation]] Tails to fix this issue.
45
46
</div>

47
48
Persistent Volume Features
==========================
49

50
When run from a USB stick that already has a persistent volume, the assistant
51
shows a list of the possible persistent features. Each feature corresponds to a
52
set a files to be saved in the persistent volume.
53
54
55
56
57
58
59

<div class="note">
<strong>Restart Tails to apply the changes</strong> after selecting or
unselecting one or several features.
</div>

<div class="bug">
Tails developers's avatar
Tails developers committed
60
61
If you unselect a feature that used to be activated, it will be
deactivated after restarting Tails but the corresponding files will
62
remain on the persistent volume.
63
64
</div>

Tails developers's avatar
Tails developers committed
65
66
<a id="personal_data"></a>

67
<div class="icon">
68
[[!img stock_folder.png link=no]]
Tails developers's avatar
Tails developers committed
69
<div class="text"><h2>Personal Data</h2></div>
70
71
72
73
74
75
76
77
78
</div>

When this feature is activated, you can save your personal files and working
documents in the <span class="filename">Persistent</span> folder.

To open the <span class="filename">Persistent</span> folder, choose
<span class="menuchoice">
  <span class="guimenu">Places</span>&nbsp;▸
  <span class="guimenuitem">Home Folder</span></span>, and open the <span
79
  class="guilabel">Persistent</span> folder.
80

Tails developers's avatar
Tails developers committed
81
82
<a id="gnupg"></a>

83
<div class="icon">
84
[[!img seahorse-key.png link=no]]
Tails developers's avatar
Tails developers committed
85
<div class="text"><h2>GnuPG</h2></div>
86
87
88
</div>

When this feature is activated, the OpenPGP keys that you create or import are
89
saved in the persistent volume.
90
91

<div class="caution">
Tails developers's avatar
Tails developers committed
92
93
94
If you manually edit or overwrite the
<span class="filename">~/.gnupg/gpg.conf</span> configuration file
you may lessen your anonymity,
95
96
97
weaken the encryption defaults or render GnuPG unusable.
</div>

Tails developers's avatar
Tails developers committed
98
99
<a id="ssh_client"></a>

100
<div class="icon">
101
[[!img seahorse-key-ssh.png link=no]]
Tails developers's avatar
Tails developers committed
102
<div class="text"><h2>SSH Client</h2></div>
103
104
105
</div>
    
When this feature is activated, all the files related to the secure-shell client
106
are saved in the persistent volume:
107
108
109
110
111
112

  - The SSH keys that you create or import
  - The public keys of the hosts you connect to
  - The SSH configuration file in <span class="filename">~/.ssh/config</span> 

<div class="caution">
Tails developers's avatar
Tails developers committed
113
114
115
116
If you manually edit the <span class="filename">~/.ssh/config</span>
configuration file, make sure not to overwrite the
default configuration from the
<span class="filename">/etc/ssh/ssh_config</span> file. Otherwise, you may weaken the
117
118
119
encryption defaults or render SSH unusable.
</div>

Tails developers's avatar
Tails developers committed
120
121
<a id="pidgin"></a>

122
<div class="icon">
123
[[!img pidgin.png link=no]]
Tails developers's avatar
Tails developers committed
124
<div class="text"><h2>Pidgin</h2></div>
125
126
127
</div>

When this feature is activated, all the configuration files of the
128
129
<span class="application">Pidgin</span> Internet messenger are saved in the
persistent volume:
130
131
132

  - The configuration of your accounts, buddies and chats.
  - Your OTR encryption keys and keyring.
Tails developers's avatar
Tails developers committed
133
  - The content of the discussions is not saved unless you configure
134
135
136
137
138
    <span class="application">Pidgin</span> to do so.

All the configuration options are available from the graphical interface. There
is no need to manually edit or overwrite the configuration files.

Tails developers's avatar
Tails developers committed
139
140
<a id="claws_mail"></a>

141
<div class="icon">
142
[[!img claws-mail.png link=no]]
Tails developers's avatar
Tails developers committed
143
<div class="text"><h2>Claws Mail</h2></div>
144
145
146
</div>

When this feature is activated, the configuration and emails stored locally by
147
148
the <span class="application">Claws Mail</span> email client are saved in the
persistent volume.
149
150
151
152

All the configuration options are available from the graphical interface. There
is no need to manually edit or overwrite the configuration files.

Tails developers's avatar
Tails developers committed
153
154
<a id="gnome_keyring"></a>

155
<div class="icon">
156
[[!img seahorse-key-personal.png link=no]]
Tails developers's avatar
Tails developers committed
157
<div class="text"><h2>GNOME Keyring</h2></div>
158
159
160
</div>

When this feature is activated, the secrets of
161
162
<span class="application">GNOME Keyring</span> are saved in the persistent
volume.
163
164
165
166
167
168

GNOME Keyring is a collection of components in GNOME that store secrets,
passwords, keys, certificates and make them available to applications.
For more information about <span class="application">GNOME Keyring</span> see
the [official documentation](http://live.gnome.org/GnomeKeyring).

169
170
171
<a id="network-manager"></a>

<div class="icon">
Tails developers's avatar
Tails developers committed
172
[[!img network-manager.png link=no]]
173
<div class="text"><h2>Network Connections</h2></div>
174
175
</div>

176
When this feature is activated, the configuration of the network devices
Tails developers's avatar
Tails developers committed
177
and connections is saved in the persistent volume.
178

179
180
181
To save passwords, for example the passwords of encrypted wireless connections,
the [[<span class="application">GNOME Keyring</span> persistence
feature|configure#gnome_keyring]] must also be activated.
182

Tails developers's avatar
Tails developers committed
183
184
<a id="apt_packages"></a>

185
<div class="icon">
186
[[!img synaptic.png link=no]]
Tails developers's avatar
Tails developers committed
187
<div class="text"><h2>APT Packages</h2></div>
188
189
190
191
</div>

When this feature is activated, the packages that you install using the
<span class="application">Synaptic</span> package manager or the
192
<span class="command">apt-get</span> command are saved in the persistent volume.
193

194
195
196
If you install additional programs, this feature allows you to download them
once and reinstall them during future working sessions, even offline.
Note that those packages are not automatically installed when restarting Tails.
197
198
199
200

If you activate this feature, it is recommended to activate the
<span class="guilabel">APT Lists</span> feature as well.

Tails developers's avatar
Tails developers committed
201
202
<a id="apt_lists"></a>

203
<div class="icon">
204
[[!img synaptic.png link=no]]
Tails developers's avatar
Tails developers committed
205
<div class="text"><h2>APT Lists</h2></div>
206
207
208
</div>

When this feature is activated, the lists of all the software packages available
209
for installation are saved in the persistent volume.
210
211
212
213
214
215
216

Those so called <span class="emphasis">APT lists</span> correspond to the files
downloaded while doing
<span class="guilabel">Reload</span> from the
<span class="application">Synaptic</span> package manager or issuing the
<span class="command">apt-get update</span> command.

217
218
219
220
The <span class="emphasis">APT lists</span> are needed to install additional
programs or explore the list of available software packages. This feature allows
you to reuse them during future working sessions, even offline.

221
222
223
<a id="browser_bookmarks"></a>

<div class="icon">
Tails developers's avatar
Tails developers committed
224
[[!img user-bookmarks.png link=no]]
225
226
227
228
<div class="text"><h2>Browser bookmarks</h2></div>
</div>

When this feature is activated, changes to the bookmarks in the
Tails developers's avatar
Tails developers committed
229
<span class="application">Iceweasel</span> web browser are saved in the persistent
230
231
volume. This does not apply to the Unsafe web browser.

Tails developers's avatar
Tails developers committed
232
233
<a id="dotfiles"></a>

234
<div class="icon">
235
[[!img preferences-desktop.png link=no]]
Tails developers's avatar
Tails developers committed
236
<div class="text"><h2>Dotfiles</h2></div>
237
238
</div>

239
When this feature is activated, all the files in the <span
240
class="filename">/lib/live/mount/persistence/XXX_unlocked/dotfiles</span> folder
241
242
243
244
245
are linked in the <span class="filename">Home Folder</span> (files in
subfolders of <span class="filename">dotfiles</span> are also linked
in the corresponding subfolder of your <span class="filename">Home
Folder</span>). The `XXX` in the above should be something like `sdb2`
but since there will only ever be one folder in <span
246
class="filename">/lib/live/mount/persistence</span> there should be little risk
247
248
249
250
251
252
253
254
for confusion.

This option is useful if you want to make some specific files
persistent, but not the folders they are stored in. A fine example are
the so called "dotfiles" (and hence the name of this feature), the
hidden configuration files in the root of your home directory, like
<span class="filename">~/.git</span> and <span
class="filename">~/.bashrc</span>.
255

Tails developers's avatar
Tails developers committed
256
257
<a id="custom_directory"></a>

258
259
260
261
262
263
264
265
266
267
Custom directory
----------------

With this feature you can specify other folders of your choice to be saved in
the persistent volume.

If for example you want to create and make persistent an
<span class="filename">Images</span> folder in the
<span class="filename">Home Folder</span> you can specify
<span class="filename">/home/amnesia/Images</span> as a custom directory.
Tails developers's avatar
Tails developers committed
268

Tails developers's avatar
Tails developers committed
269
270
<a id="additional_packages"></a>

Tails developers's avatar
Tails developers committed
271
272
273
Additional software packages
----------------------------

Tails developers's avatar
Tails developers committed
274
<div class="note">
Tails developers's avatar
Tails developers committed
275
This is an experimental feature which does not appear in the assistant.
Tails developers's avatar
Tails developers committed
276
277
278
279
280
</div>

When this feature is enabled, a list of additional software of your
choice is automatically installed at the beginning of every working
session. The corresponding software packages are stored in the
Tails developers's avatar
Tails developers committed
281
282
persistent volume. They are automatically upgraded for security
after a network connection is established.
Tails developers's avatar
Tails developers committed
283
284
285
286
287

To use this feature you need to enable both the <span
class="guilabel">APT Lists</span> and <span class="guilabel">APT
Packages</span> features.

288
289
290
291
292
293
<div class="note">
If you are offline and your additional software packages don't install, it
might be caused by outdated APT Lists. The issue will be fixed next time you
connect Tails to Internet with persistence activated.
</div>

Tails developers's avatar
Tails developers committed
294
To choose the list of additional software, create a file called
295
`/live/persistence/XXX_unlocked/live-additional-software.conf`
Tails developers's avatar
Tails developers committed
296
297
298
299
300
301
302
303
(`XXX` corresponds to the name of the device where the persistent
storage is stored: probably `sdb2`). Each line of this file must contain
the name of a Debian package to be installed as an additional software
package.

For example, to automatically install the `dia` software, a diagram
editor, and the `fontmatrix` software, a font manager, create a
`live-additional-software.conf` file with the following content:
Tails developers's avatar
Tails developers committed
304

Tails developers's avatar
Tails developers committed
305
306
    dia
    fontmatrix
Tails developers's avatar
Tails developers committed
307

Tails developers's avatar
Tails developers committed
308
309
To learn about the many software packages available in Debian, visit
<http://packages.debian.org/stable/>.