Re: [Tails-dev] next big features: status update

Nachricht löschen

Nachricht beantworten
Autor: sajolida
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] next big features: status update
intrigeri:
> hi,
>
> sajolida wrote (15 Mar 2012 14:23:32 GMT) :
>> Hi, here is the report for my testing session.
>
> Thank you.
>
> I'll study these reports thoroughly later,
> and am now only asking questions about information that is missing,
> and replying to some trivial points.
>
>> We could end-up needing just one stick if I can store my new ISO in
>> the persistence storage, boot with `toram` and install the new ISO
>> on the same USB.
>
> That will be great. Some day.
>
>> I understand the need to go through a special bootstrap procedure
>> (burn a CD or run isohybrid, etc.) while installing Tails for the
>> first time but that will be a pain if it has to be done for every
>> new ISO. It seems to be the case so far if you don't have 3 sticks
>> and 3 ports.
>
> That's not for every new ISO. After the transition to 0.11 installed
> using the USB installer is done, using "only" two sticks will be
> possible, thanks to the possibility to put the ISO in the
> persistent space.


Sure. That will work for 4GB sticks.

>>> bootstrap persistent storage
>>> ============================
>>>
>>> * wiki: https://tails.boum.org/todo/persistence/#index9h3
>>> * todo: https://tails.boum.org/todo/persistence/#index1h4
>>>
>>> Status: Mostly working.
>>> Testing: https://tails.boum.org/todo/persistence/#index2h4
>
>> 1. The label of the partition was not set to TailsData.
>
> The version you've been testing sets the *partition* label to
> TailsData, but it sets no *filesystem* label. We, and some of our
> tools, are more used to filesystem labels. So please double check
> you're not meaning "the label of the filesystem was not set to
> TailsData".


I was.

> FYI, current tails-persistence-setup in Git also sets the filesystem
> label to TailsData.


I confirm: the filesystem label is now set to "TailsData" as well.

>> 2. The encrypted partition was created but nothing was written in it.
>
> What do you mean? Wasn't the LUKS container setup? Or wasn't
> a filesystem created inside the LUKS container? Or wasn't there any
> file created inside that filesystem?


The LUKS container was created and it had a filesystem in it but no
files on that filesystem. That's solved with the latest version I tested.

>> 3. When rebooting I'm not asked for the passphrase of the persistent
>> storage by Tails greeter.
>
> ... and there's no "enable persistence" GUI?
> (I think that's the bug anonym recently fixed in live-persist.
> Should be fixed in current experimental branch, I think.
> Please confirm or disagree.)


There were no GUI. But that's fixed now as well.

>> 4. If I try to delete this partition (from another system), then I can't
>> boot on the USB anymore.
>
> https://tails.boum.org/todo/usb_install_and_upgrade/todo/#index1h2
>
>> 1. When trying to boot Tails experimental in VirtualBox the window is
>> much bigger than it used to be. I liked the previous size better.
>
> Previous?
>
>> 2. Minor suggestion: offer a "other…" option in the keyboard selection.
>> You might want to use another keyboard layout than the ones
>> corresponding to the locale you are using.
>
> https://tails.boum.org/todo/TailsGreeter/issues/#index7h2
>
>> 4. It uses the default Debian squeeze background. I'm far from being
>> part of the crusade against it but ours should rather match the default
>> blue background.
>
> This is fixed in current experimental Git branch already, isn't it?


That's fixed now.

>> 5. When doing a minimal boot (booting from a isohybrid and clicing
>> 'Login' on the welcoming window), I can't do `sudo -i` without having to
>> enter a password which I never set!
>
> Yeah. You're not a sudoer.
> https://tails.boum.org/todo/better_root_access_control/


D'oh!

>> 6. I don't understand this sentence of the "Administration password" of
>> Tails greeter: « Leave this blank for better security unless you need to
>> perform administration operations. »
>
> Not being a sudoer gives better security.
> Being a sudoer allows to perform administration operations.
> What's unclear?


Ok, now I understand. But when I first read it I thought that leaving it
blank was like setting a "blank" administration password and that I
would be able to do sudo at anytime (like before).

So what about:

« Optionally enter an administration password.
If you leave this blank you won't be able to perform administration
operations but that could prevent a malware or an attacker from getting
administration privileges. »

--
sajolida