Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
T
tails
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 967
    • Issues 967
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 21
    • Merge Requests 21
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #15781

Closed
Open
Opened Aug 10, 2018 by intrigeri@intrigeriMaintainer

New ASP code disables pre-existing live-additional-software.conf after upgrade

Originally created by @intrigeri on #15781 (Redmine)

I’ve tried upgrading a USB stick that already had a persistent volume, using an ISO built from from the topic branch. When rebooting after the upgrade:

  1. my old (empty) live-additional-software.conf was disabled, because it has was created on Tails 3.8 with 600 permissions;
  2. a new live-additional-software.conf file is created, also with 600 permissions, so the ASP config GUI won’t start and I believe that file will itself be disabled on next boot.

The only way to recover from this situation is to manually chmod 644 the file (as root, on the command line).

We can’t merge a branch aimed at improving ASP if it fully breaks the feature for everyone who already had a persistent volume (regardless of whether they were using ASP or not), hence the High priority.

I believe 636fde21 is the culprit. It’s kinda funny to disable a file with perms 600, stating that it “has unsafe access rights”, because we now expect — and need — more relaxed permissions :)

I recommend the following:

  • if the file has permissions 644 and the expected ownership and ACLs, fine, leave it alone
  • else, if the file has permissions 600 and the expected ownership and ACLs, then make it 644
  • else, disable the file

Feature Branch: bugfix/15781-asp-cofiguration-file-migration

Parent Task: #14568 (closed)

Edited May 15, 2020 by intrigeri
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Tails_3.9
Milestone
Tails_3.9 (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: tails/tails#15781