New ASP code disables pre-existing live-additional-software.conf after upgrade
Originally created by @intrigeri on #15781 (Redmine)
I’ve tried upgrading a USB stick that already had a persistent volume, using an ISO built from from the topic branch. When rebooting after the upgrade:
- my old (empty)
live-additional-software.conf
was disabled, because it has was created on Tails 3.8 with 600 permissions; - a new
live-additional-software.conf
file is created, also with 600 permissions, so the ASP config GUI won’t start and I believe that file will itself be disabled on next boot.
The only way to recover from this situation is to manually chmod 644 the file (as root, on the command line).
We can’t merge a branch aimed at improving ASP if it fully breaks the feature for everyone who already had a persistent volume (regardless of whether they were using ASP or not), hence the High priority.
I believe 636fde21 is the culprit. It’s kinda funny to disable a file with perms 600, stating that it “has unsafe access rights”, because we now expect — and need — more relaxed permissions :)
I recommend the following:
- if the file has permissions 644 and the expected ownership and ACLs, fine, leave it alone
- else, if the file has permissions 600 and the expected ownership and ACLs, then make it 644
- else, disable the file
Feature Branch: bugfix/15781-asp-cofiguration-file-migration
Parent Task: #14568 (closed)