Hi, all.
Sorry it has been so long since I've written.
I have just uploaded v0.2.0 of tails-clone-persistent[1], which is
memory-safe and relies entirely on polkit and sudoers to manage
privilege escalation.
There are still a couple of minor niggles, but I'm hoping someone on the
list can help with them.
Firstly, I had some trouble finding the correct polkit action for
unlocking the target crypted drive. As far as I can tell from the docs,
this should be `org.freedesktop.udisks2.encrypted-unlock-system` - but
this is already in the tails polkit configuration and seems to have no
effect. I got it to work by enabling `org.freedesktop.udisks2.*`, but
this is excessive.
Secondly, I have a subroutine that duplicates the functionality of
`tails-persistence-setup --step bootstrap --override-boot-drive <x>`,
but clumsily and less safely. Ideally, I would replace this by a call to
tails-persistence-setup itself, but I can't get `--override-boot-drive`
to work.
Any ideas or support would be most welcome. ;-)
[1]
https://github.com/andrewgdotcom/tails-clone-persistent
Andrew.