@product Feature: Untrusted partitions As a Tails user I don't want to touch other media than the one Tails runs from Scenario: Tails will not enable disk swap # features/untrusted_partitions.feature:6 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "swap" # features/step_definitions/common_steps.rb:59 00:00:26.642728562: libguestfs: trace: set_autosync true 00:00:26.642974889: libguestfs: trace: set_autosync = 0 00:00:26.647057610: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/swap" "format:qcow2" 00:00:26.647143404: libguestfs: trace: add_drive = 0 00:00:26.648052090: libguestfs: trace: launch 00:00:26.648167859: libguestfs: trace: get_tmpdir 00:00:26.648250155: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:00:26.648421941: libguestfs: trace: get_backend_setting "force_tcg" 00:00:26.648545107: libguestfs: trace: get_backend_setting = NULL (error) 00:00:26.649015027: libguestfs: trace: get_cachedir 00:00:26.649116176: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:00:31.564135634: libguestfs: trace: get_cachedir 00:00:31.564317542: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:00:31.709018499: libguestfs: trace: get_sockdir 00:00:31.709188313: libguestfs: trace: get_sockdir = "/tmp" 00:00:31.709465359: libguestfs: trace: get_backend_setting "gdb" 00:00:31.709577399: libguestfs: trace: get_backend_setting = NULL (error) 00:00:35.980766232: libguestfs: trace: launch = 0 00:00:35.981052948: libguestfs: trace: list_devices 00:00:35.982037758: libguestfs: trace: list_devices = ["/dev/sda"] 00:00:35.982282004: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:00:36.042535451: libguestfs: trace: part_disk = 0 00:00:36.042715817: libguestfs: trace: list_partitions 00:00:36.043303199: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:00:36.043504764: libguestfs: trace: mkswap "/dev/sda1" 00:00:36.067392089: libguestfs: trace: mkswap = 0 00:00:36.067603978: libguestfs: trace: close 00:00:36.067794676: libguestfs: trace: internal_autosync 00:00:36.071198368: libguestfs: trace: internal_autosync = 0 And I create a gpt swap partition on disk "swap" # features/step_definitions/untrusted_partitions.rb:1 And I plug sata drive "swap" # features/step_definitions/common_steps.rb:65 00:00:38.604980019: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:00:42.372432590: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:01:44.299795084: calling as root: echo 'hello?' 00:01:44.549107902: call returned: [0, "hello?\n", ""] 00:01:44.550723169: calling as root: service tor status 00:01:44.827840692: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:01:44.828353836: opening file /etc/tor/torrc in 'append' mode 00:01:45.077479420: append complete 00:01:45.996185957: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:01:45.997551277: calling as root: loginctl 00:01:46.176166262: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:01:47.176625670: calling as root: loginctl 00:01:47.410249008: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 00:02:02.332207316: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:02:02.458247853: call returned: [0, "", ""] 00:02:02.458456057: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:02:02.580715790: call returned: [0, "", ""] 00:02:02.581975399: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node1 = dogtail.tree.root.application('gnome-shell') 00:02:03.736393171: execution complete 00:02:04.463496579: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:02:04.463808904: executing Python as amnesia: node2 = node1.child('No Notifications', roleName='label') 00:02:06.055486752: execution complete 00:02:06.055730955: executing Python as amnesia: node3 = node1.child('No Notifications', roleName='label') 00:02:07.379087733: execution complete When I start Tails with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:02:07.454578995: calling as root: blkid '/dev/sda' 00:02:07.471012814: [log] TYPE "#ESC." 00:02:07.781586775: call returned: [0, "/dev/sda: PTUUID=\"3d6c635b-a7df-44be-9d26-6fc52d015477\" PTTYPE=\"gpt\"\n", ""] Then a "swap" partition was detected by Tails on drive "swap" # features/step_definitions/untrusted_partitions.rb:5 00:02:07.783556856: calling as root: tail -n+2 /proc/swaps 00:02:08.020920677: call returned: [0, "", ""] 00:02:08.021158126: calling as root: grep '^Swap' /proc/meminfo 00:02:08.246797330: call returned: [0, "SwapCached: 0 kB\nSwapTotal: 0 kB\nSwapFree: 0 kB\n", ""] But Tails has no disk swap enabled # features/step_definitions/untrusted_partitions.rb:12 Scenario: Tails will detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is set # features/untrusted_partitions.feature:15 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:59 00:02:09.130007814: libguestfs: trace: set_autosync true 00:02:09.130132124: libguestfs: trace: set_autosync = 0 00:02:09.133273426: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" 00:02:09.133355215: libguestfs: trace: add_drive = 0 00:02:09.133429123: libguestfs: trace: launch 00:02:09.133497163: libguestfs: trace: get_tmpdir 00:02:09.133540971: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:02:09.133637218: libguestfs: trace: get_backend_setting "force_tcg" 00:02:09.133691574: libguestfs: trace: get_backend_setting = NULL (error) 00:02:09.133772801: libguestfs: trace: get_cachedir 00:02:09.133816390: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:02:09.168146490: libguestfs: trace: get_cachedir 00:02:09.168333625: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:02:09.168530908: libguestfs: trace: get_sockdir 00:02:09.168655919: libguestfs: trace: get_sockdir = "/tmp" 00:02:09.168843931: libguestfs: trace: get_backend_setting "gdb" 00:02:09.168917816: libguestfs: trace: get_backend_setting = NULL (error) 00:02:13.413816515: libguestfs: trace: launch = 0 00:02:13.414187114: libguestfs: trace: list_devices 00:02:13.415003400: libguestfs: trace: list_devices = ["/dev/sda"] 00:02:13.415200934: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:02:13.485106325: libguestfs: trace: part_disk = 0 00:02:13.485512891: libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" 00:02:13.547684880: libguestfs: trace: part_set_name = 0 00:02:13.547926931: libguestfs: trace: list_partitions 00:02:13.548398310: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:02:13.548536580: libguestfs: trace: luks_format "/dev/sda1" "***" 0 00:02:17.458304519: libguestfs: trace: luks_format = 0 00:02:17.458491285: libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" 00:02:19.577269125: libguestfs: trace: luks_open = 0 00:02:19.577570540: libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" 00:02:19.759370965: libguestfs: trace: mkfs = 0 00:02:19.759602884: libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" 00:02:19.779941480: libguestfs: trace: luks_close = 0 00:02:19.780089851: libguestfs: trace: close 00:02:19.780252518: libguestfs: trace: internal_autosync 00:02:19.784812982: libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug removable usb drive "fake_TailsData" # features/step_definitions/common_steps.rb:65 00:02:21.633088421: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] When I start the computer # features/step_definitions/common_steps.rb:109 00:03:27.591910370: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:03:27.592244656: calling as root: echo 'hello?' 00:03:27.836068948: call returned: [0, "hello?\n", ""] 00:03:27.836721038: calling as root: service tor status 00:03:28.128518091: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:03:28.128925754: opening file /etc/tor/torrc in 'append' mode 00:03:28.405356816: append complete And the computer boots Tails # features/step_definitions/common_steps.rb:248 00:03:28.424390124: calling as root: test -b /dev/sda 00:03:28.553893109: call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:72 And Tails Greeter has detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is unset # features/untrusted_partitions.feature:25 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:59 00:03:29.857469520: libguestfs: trace: set_autosync true 00:03:29.857602477: libguestfs: trace: set_autosync = 0 00:03:29.861206055: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" 00:03:29.861290130: libguestfs: trace: add_drive = 0 00:03:29.861353363: libguestfs: trace: launch 00:03:29.861445781: libguestfs: trace: get_tmpdir 00:03:29.861491740: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:03:29.861595669: libguestfs: trace: get_backend_setting "force_tcg" 00:03:29.861657492: libguestfs: trace: get_backend_setting = NULL (error) 00:03:29.861733779: libguestfs: trace: get_cachedir 00:03:29.861910881: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:03:29.899080292: libguestfs: trace: get_cachedir 00:03:29.899270803: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:03:29.899478545: libguestfs: trace: get_sockdir 00:03:29.899624833: libguestfs: trace: get_sockdir = "/tmp" 00:03:29.899829100: libguestfs: trace: get_backend_setting "gdb" 00:03:29.899983277: libguestfs: trace: get_backend_setting = NULL (error) 00:03:34.125699818: libguestfs: trace: launch = 0 00:03:34.125962785: libguestfs: trace: list_devices 00:03:34.126846427: libguestfs: trace: list_devices = ["/dev/sda"] 00:03:34.127136049: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:03:34.190488882: libguestfs: trace: part_disk = 0 00:03:34.190676039: libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" 00:03:34.250541127: libguestfs: trace: part_set_name = 0 00:03:34.250790191: libguestfs: trace: list_partitions 00:03:34.251534689: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:03:34.251704893: libguestfs: trace: luks_format "/dev/sda1" "***" 0 00:03:38.124403493: libguestfs: trace: luks_format = 0 00:03:38.124581394: libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" 00:03:40.292906989: libguestfs: trace: luks_open = 0 00:03:40.293080699: libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" 00:03:40.401424441: libguestfs: trace: mkfs = 0 00:03:40.401725825: libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" 00:03:40.624092025: libguestfs: trace: luks_close = 0 00:03:40.624312831: libguestfs: trace: close 00:03:40.624489356: libguestfs: trace: internal_autosync 00:03:40.626993602: libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug non-removable usb drive "fake_TailsData" # features/step_definitions/common_steps.rb:65 When I start the computer # features/step_definitions/common_steps.rb:109 00:03:42.557800940: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:04:57.028358574: calling as root: echo 'hello?' 00:04:57.048699936: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:04:57.283606810: call returned: [0, "hello?\n", ""] 00:04:57.284238826: calling as root: service tor status 00:04:57.624168166: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:04:57.624606591: opening file /etc/tor/torrc in 'append' mode 00:04:57.804292154: append complete And the computer boots Tails # features/step_definitions/common_steps.rb:248 00:04:57.824636541: calling as root: test -b /dev/sda 00:04:57.971353753: call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:72 And Tails Greeter has not detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on local hard drives as persistence volumes # features/untrusted_partitions.feature:35 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:59 00:05:02.379347548: libguestfs: trace: set_autosync true 00:05:02.379460129: libguestfs: trace: set_autosync = 0 00:05:02.383079816: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" 00:05:02.383195584: libguestfs: trace: add_drive = 0 00:05:02.383286729: libguestfs: trace: launch 00:05:02.383346455: libguestfs: trace: get_tmpdir 00:05:02.383400883: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:05:02.383514375: libguestfs: trace: get_backend_setting "force_tcg" 00:05:02.383587807: libguestfs: trace: get_backend_setting = NULL (error) 00:05:02.383649988: libguestfs: trace: get_cachedir 00:05:02.383743730: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:05:02.432036470: libguestfs: trace: get_cachedir 00:05:02.432262226: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:05:02.432446331: libguestfs: trace: get_sockdir 00:05:02.432610149: libguestfs: trace: get_sockdir = "/tmp" 00:05:02.432819166: libguestfs: trace: get_backend_setting "gdb" 00:05:02.432932239: libguestfs: trace: get_backend_setting = NULL (error) 00:05:05.678938889: libguestfs: trace: launch = 0 00:05:05.679200505: libguestfs: trace: list_devices 00:05:05.680116240: libguestfs: trace: list_devices = ["/dev/sda"] 00:05:05.680241389: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:05:05.736978410: libguestfs: trace: part_disk = 0 00:05:05.737312291: libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" 00:05:05.795180068: libguestfs: trace: part_set_name = 0 00:05:05.795359585: libguestfs: trace: list_partitions 00:05:05.796077006: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:05:05.796184245: libguestfs: trace: luks_format "/dev/sda1" "***" 0 00:05:09.944943011: libguestfs: trace: luks_format = 0 00:05:09.945541881: libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" 00:05:12.318059680: libguestfs: trace: luks_open = 0 00:05:12.318263527: libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" 00:05:12.441972634: libguestfs: trace: mkfs = 0 00:05:12.442631060: libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" 00:05:12.673062764: libguestfs: trace: luks_close = 0 00:05:12.673290810: libguestfs: trace: close 00:05:12.673401277: libguestfs: trace: internal_autosync 00:05:12.677493836: libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug sata drive "fake_TailsData" # features/step_definitions/common_steps.rb:65 00:05:14.643914978: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] When I start the computer # features/step_definitions/common_steps.rb:109 00:06:19.324496559: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:06:19.324906143: calling as root: echo 'hello?' 00:06:19.570448293: call returned: [0, "hello?\n", ""] 00:06:19.570870925: calling as root: service tor status 00:06:19.822027912: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:06:19.822459631: opening file /etc/tor/torrc in 'append' mode 00:06:20.001696473: append complete And the computer boots Tails # features/step_definitions/common_steps.rb:248 00:06:20.021382300: calling as root: test -b /dev/sda 00:06:20.139721199: call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:72 And Tails Greeter has not detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails can boot from live systems stored on hard drives # features/untrusted_partitions.feature:45 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 2 GiB disk named "live_hd" # features/step_definitions/common_steps.rb:59 00:06:24.754596027: libguestfs: trace: set_autosync true 00:06:24.754734757: libguestfs: trace: set_autosync = 0 00:06:24.754804482: libguestfs: trace: add_drive "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "readonly:true" "format:raw" 00:06:24.754915392: libguestfs: trace: get_tmpdir 00:06:24.754984036: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:06:24.755110201: libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfs8Yq7de/overlay1" "qcow2" -1 "backingfile:/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "backingformat:raw" 00:06:24.783739153: libguestfs: trace: disk_create = 0 00:06:24.783944178: libguestfs: trace: add_drive = 0 00:06:24.784065644: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/live_hd" "format:qcow2" 00:06:24.784189381: libguestfs: trace: add_drive = 0 00:06:24.784248865: libguestfs: trace: launch 00:06:24.784350094: libguestfs: trace: get_backend_setting "force_tcg" 00:06:24.784438043: libguestfs: trace: get_backend_setting = NULL (error) 00:06:24.784519882: libguestfs: trace: get_cachedir 00:06:24.784597695: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:06:24.828266689: libguestfs: trace: get_cachedir 00:06:24.828529965: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:06:24.828755916: libguestfs: trace: get_sockdir 00:06:24.828865968: libguestfs: trace: get_sockdir = "/tmp" 00:06:24.829431427: libguestfs: trace: get_backend_setting "gdb" 00:06:24.829560192: libguestfs: trace: get_backend_setting = NULL (error) 00:06:28.207833652: libguestfs: trace: launch = 0 00:06:28.208328803: libguestfs: trace: list_devices 00:06:28.209211540: libguestfs: trace: list_devices = ["/dev/sda", "/dev/sdb"] 00:06:28.209425378: libguestfs: trace: copy_device_to_device "/dev/sda" "/dev/sdb" 00:06:31.520289277: libguestfs: trace: copy_device_to_device = 0 00:06:31.520452541: libguestfs: trace: close 00:06:31.520551129: libguestfs: trace: internal_autosync 00:06:31.525496506: libguestfs: trace: internal_autosync = 0 And I write the Tails ISO image to disk "live_hd" # features/step_definitions/untrusted_partitions.rb:30 And the computer is set to boot from sata drive "live_hd" # features/step_definitions/common_steps.rb:55 And I set Tails to boot with options "live-media=" # features/step_definitions/common_steps.rb:105 00:06:33.849273329: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:06:38.421472103: [log] TYPE " autotest_never_use_this_option blacklist=psmouse live-media=#ENTER." 00:07:40.973015553: calling as root: echo 'hello?' 00:07:41.226358491: call returned: [0, "hello?\n", ""] 00:07:41.226772187: calling as root: service tor status 00:07:41.519419384: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:07:41.519938812: opening file /etc/tor/torrc in 'append' mode 00:07:41.828233939: append complete 00:07:42.618991997: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:07:42.619443921: calling as root: loginctl 00:07:42.918192257: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 00:07:57.822116918: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:07:57.972015733: call returned: [0, "", ""] 00:07:57.972174347: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:07:58.131599508: call returned: [0, "", ""] 00:07:58.131895673: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node4 = dogtail.tree.root.application('gnome-shell') 00:07:59.242721140: execution complete 00:07:59.969264438: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:07:59.969575420: executing Python as amnesia: node5 = node4.child('No Notifications', roleName='label') 00:08:01.803022626: execution complete 00:08:01.803214272: executing Python as amnesia: node6 = node4.child('No Notifications', roleName='label') 00:08:03.173007228: execution complete 00:08:03.215421070: [log] TYPE "#ESC." When I start Tails with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:08:03.217331580: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:08:03.456534098: call returned: [0, "8:1\n", ""] 00:08:03.456690063: calling as root: readlink -f /dev/block/'8:1' 00:08:03.700667422: call returned: [0, "/dev/sda1\n", ""] 00:08:03.700868369: calling as root: udevadm info --query=property --name='/dev/sda1' 00:08:03.985899994: call returned: [0, "DEVLINKS=/dev/disk/by-id/ata-QEMU_HARDDISK_QM00001-part1 /dev/disk/by-path/pci-0000:00:1f.2-ata-1-part1 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-partuuid/0000002a-01\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata1/host0/target0:0:0/0:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_ATA=1\nID_ATA_FEATURE_SET_SMART=1\nID_ATA_FEATURE_SET_SMART_ENABLED=1\nID_ATA_SATA=1\nID_ATA_WRITE_CACHE=1\nID_ATA_WRITE_CACHE_ENABLED=1\nID_BUS=ata\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x80\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=0\nID_PART_ENTRY_SCHEME=dos\nID_PART_ENTRY_SIZE=2361555\nID_PART_ENTRY_TYPE=0x17\nID_PART_ENTRY_UUID=0000002a-01\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-1\nID_PATH_TAG=pci-0000_00_1f_2-ata-1\nID_REVISION=2.5+\nID_SERIAL=QEMU_HARDDISK_QM00001\nID_SERIAL_SHORT=QM00001\nID_TYPE=disk\nMAJOR=8\nMINOR=1\nPARTN=1\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUSEC_INITIALIZED=6463940\n", ""] 00:08:03.986209391: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:08:04.182568280: call returned: [0, "8:1\n", ""] 00:08:04.182717835: calling as root: readlink -f /dev/block/'8:1' 00:08:04.390431238: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from sata drive "live_hd" # features/step_definitions/usb.rb:418 Scenario: Tails booting from a DVD does not use live systems stored on hard drives # features/untrusted_partitions.feature:54 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 2 GiB disk named "live_hd" # features/step_definitions/common_steps.rb:59 00:08:05.783989272: libguestfs: trace: set_autosync true 00:08:05.784172236: libguestfs: trace: set_autosync = 0 00:08:05.784267425: libguestfs: trace: add_drive "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "readonly:true" "format:raw" 00:08:05.784392149: libguestfs: trace: get_tmpdir 00:08:05.784499584: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:08:05.784596058: libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfsaNgtsE/overlay1" "qcow2" -1 "backingfile:/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "backingformat:raw" 00:08:05.814280824: libguestfs: trace: disk_create = 0 00:08:05.814475798: libguestfs: trace: add_drive = 0 00:08:05.814604887: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/live_hd" "format:qcow2" 00:08:05.814708217: libguestfs: trace: add_drive = 0 00:08:05.814828232: libguestfs: trace: launch 00:08:05.814919937: libguestfs: trace: get_backend_setting "force_tcg" 00:08:05.815072642: libguestfs: trace: get_backend_setting = NULL (error) 00:08:05.815173623: libguestfs: trace: get_cachedir 00:08:05.815301377: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:08:05.858706521: libguestfs: trace: get_cachedir 00:08:05.858885248: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:08:05.859140590: libguestfs: trace: get_sockdir 00:08:05.859263169: libguestfs: trace: get_sockdir = "/tmp" 00:08:05.859520755: libguestfs: trace: get_backend_setting "gdb" 00:08:05.859648395: libguestfs: trace: get_backend_setting = NULL (error) 00:08:10.107341991: libguestfs: trace: launch = 0 00:08:10.107709507: libguestfs: trace: list_devices 00:08:10.108772138: libguestfs: trace: list_devices = ["/dev/sda", "/dev/sdb"] 00:08:10.108987695: libguestfs: trace: copy_device_to_device "/dev/sda" "/dev/sdb" 00:08:13.613852663: libguestfs: trace: copy_device_to_device = 0 00:08:13.614095394: libguestfs: trace: close 00:08:13.614382731: libguestfs: trace: internal_autosync 00:08:13.619440286: libguestfs: trace: internal_autosync = 0 And I write the Tails ISO image to disk "live_hd" # features/step_definitions/untrusted_partitions.rb:30 And I plug sata drive "live_hd" # features/step_definitions/common_steps.rb:65 00:08:16.105532496: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:09:22.423559973: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:09:22.424003345: calling as root: echo 'hello?' 00:09:22.666599071: call returned: [0, "hello?\n", ""] 00:09:22.667070399: calling as root: service tor status 00:09:22.988449907: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:09:22.988858609: opening file /etc/tor/torrc in 'append' mode 00:09:23.261637342: append complete 00:09:24.061621744: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:09:24.062029918: calling as root: loginctl 00:09:24.236123947: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:09:25.236643540: calling as root: loginctl 00:09:25.492832541: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n c5 0 root ??? \n\n3 sessions listed.\n", ""] 00:09:45.032627477: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:09:45.170706563: call returned: [0, "", ""] 00:09:45.170951268: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:09:45.319981017: call returned: [0, "", ""] 00:09:45.320242208: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node7 = dogtail.tree.root.application('gnome-shell') 00:09:46.534416079: execution complete 00:09:47.258766150: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:09:47.259237072: executing Python as amnesia: node8 = node7.child('No Notifications', roleName='label') 00:09:48.825599721: execution complete 00:09:48.825809165: executing Python as amnesia: node9 = node7.child('No Notifications', roleName='label') 00:09:50.086546048: execution complete 00:09:50.128855814: [log] TYPE "#ESC." And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:09:50.147693950: calling as root: test -b /dev/sda 00:09:50.347014804: call returned: [0, "", ""] Then drive "live_hd" is detected by Tails # features/step_definitions/common_steps.rb:72 00:09:50.371963349: calling as root: grep -qs '^/dev/sda' /proc/mounts 00:09:50.541268391: call returned: [1, "", ""] And drive "live_hd" is not mounted # features/step_definitions/untrusted_partitions.rb:49 Scenario: Booting Tails does not automount untrusted ext2 partitions # features/untrusted_partitions.feature:63 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "gpt_ext2" # features/step_definitions/common_steps.rb:59 00:09:51.788502126: libguestfs: trace: set_autosync true 00:09:51.788613428: libguestfs: trace: set_autosync = 0 00:09:51.792090405: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/gpt_ext2" "format:qcow2" 00:09:51.792219970: libguestfs: trace: add_drive = 0 00:09:51.792287624: libguestfs: trace: launch 00:09:51.792342867: libguestfs: trace: get_tmpdir 00:09:51.792397706: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:09:51.792477376: libguestfs: trace: get_backend_setting "force_tcg" 00:09:51.792571465: libguestfs: trace: get_backend_setting = NULL (error) 00:09:51.792634364: libguestfs: trace: get_cachedir 00:09:51.792705463: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:09:51.838111500: libguestfs: trace: get_cachedir 00:09:51.838262856: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:09:51.838441271: libguestfs: trace: get_sockdir 00:09:51.838536586: libguestfs: trace: get_sockdir = "/tmp" 00:09:51.838751037: libguestfs: trace: get_backend_setting "gdb" 00:09:51.838824554: libguestfs: trace: get_backend_setting = NULL (error) 00:09:55.059565630: libguestfs: trace: launch = 0 00:09:55.059908248: libguestfs: trace: list_devices 00:09:55.060616901: libguestfs: trace: list_devices = ["/dev/sda"] 00:09:55.060787636: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:09:55.118099920: libguestfs: trace: part_disk = 0 00:09:55.118409984: libguestfs: trace: list_partitions 00:09:55.118926664: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:09:55.119200026: libguestfs: trace: mkfs "ext2" "/dev/sda1" 00:09:55.145645696: libguestfs: trace: mkfs = 0 00:09:55.145906222: libguestfs: trace: close 00:09:55.146192249: libguestfs: trace: internal_autosync 00:09:55.149405358: libguestfs: trace: internal_autosync = 0 And I create a gpt partition with an ext2 filesystem on disk "gpt_ext2" # features/step_definitions/untrusted_partitions.rb:23 And I plug sata drive "gpt_ext2" # features/step_definitions/common_steps.rb:65 00:09:57.883121881: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:10:01.328774527: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:11:04.341327600: calling as root: echo 'hello?' 00:11:04.599956840: call returned: [0, "hello?\n", ""] 00:11:04.600466744: calling as root: service tor status 00:11:04.912945852: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:11:04.913360111: opening file /etc/tor/torrc in 'append' mode 00:11:05.128565725: append complete 00:11:05.916517717: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:11:05.916825540: calling as root: loginctl 00:11:06.115771984: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:11:07.116280764: calling as root: loginctl 00:11:07.471758742: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 00:12:50.770304469: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:12:50.884490969: call returned: [0, "", ""] 00:12:50.884670978: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:12:51.004324006: call returned: [0, "", ""] 00:12:51.004637464: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node10 = dogtail.tree.root.application('gnome-shell') 00:12:52.239893247: execution complete 00:12:52.965574454: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:12:52.965964199: executing Python as amnesia: node11 = node10.child('No Notifications', roleName='label') 00:12:54.922589865: execution complete 00:12:54.922812096: executing Python as amnesia: node12 = node10.child('No Notifications', roleName='label') 00:12:56.467898899: execution complete 00:12:56.511142168: [log] TYPE "#ESC." And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:12:56.530197612: calling as root: test -b /dev/sda 00:12:56.742841900: call returned: [0, "", ""] Then drive "gpt_ext2" is detected by Tails # features/step_definitions/common_steps.rb:72 00:12:56.763866350: calling as root: grep -qs '^/dev/sda' /proc/mounts 00:12:57.060589045: call returned: [1, "", ""] And drive "gpt_ext2" is not mounted # features/step_definitions/untrusted_partitions.rb:49 Scenario: Booting Tails does not automount untrusted fat32 partitions # features/untrusted_partitions.feature:72 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 100 MiB disk named "msdos_fat32" # features/step_definitions/common_steps.rb:59 00:13:13.258314118: libguestfs: trace: set_autosync true 00:13:13.258509224: libguestfs: trace: set_autosync = 0 00:13:13.262506618: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/msdos_fat32" "format:qcow2" 00:13:13.262638148: libguestfs: trace: add_drive = 0 00:13:13.262702295: libguestfs: trace: launch 00:13:13.262785634: libguestfs: trace: get_tmpdir 00:13:13.262872255: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:13:13.262959737: libguestfs: trace: get_backend_setting "force_tcg" 00:13:13.263032676: libguestfs: trace: get_backend_setting = NULL (error) 00:13:13.263150135: libguestfs: trace: get_cachedir 00:13:13.263232273: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:13:13.309790036: libguestfs: trace: get_cachedir 00:13:13.310053966: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:13:13.310288215: libguestfs: trace: get_sockdir 00:13:13.310405785: libguestfs: trace: get_sockdir = "/tmp" 00:13:13.310621212: libguestfs: trace: get_backend_setting "gdb" 00:13:13.310727959: libguestfs: trace: get_backend_setting = NULL (error) 00:13:17.570651520: libguestfs: trace: launch = 0 00:13:17.570911207: libguestfs: trace: list_devices 00:13:17.572398020: libguestfs: trace: list_devices = ["/dev/sda"] 00:13:17.572535732: libguestfs: trace: part_disk "/dev/sda" "msdos" 00:13:17.652723840: libguestfs: trace: part_disk = 0 00:13:17.653102775: libguestfs: trace: list_partitions 00:13:17.653727710: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:13:17.654029621: libguestfs: trace: mkfs "vfat" "/dev/sda1" 00:13:17.668789914: libguestfs: trace: mkfs = 0 00:13:17.669059034: libguestfs: trace: close 00:13:17.669337514: libguestfs: trace: internal_autosync 00:13:17.673910644: libguestfs: trace: internal_autosync = 0 And I create an msdos partition with a vfat filesystem on disk "msdos_fat32" # features/step_definitions/untrusted_partitions.rb:23 And I plug sata drive "msdos_fat32" # features/step_definitions/common_steps.rb:65 00:13:32.537225058: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:13:36.476723395: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:14:35.979852768: calling as root: echo 'hello?' 00:14:36.249206291: call returned: [0, "hello?\n", ""] 00:14:36.250178534: calling as root: service tor status 00:14:36.563977981: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:14:36.564425581: opening file /etc/tor/torrc in 'append' mode 00:14:36.868238702: append complete 00:14:37.655124889: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:14:37.655500805: calling as root: loginctl 00:14:37.851314669: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:14:38.851772957: calling as root: loginctl 00:14:39.034037764: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c5 0 root ??? \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n3 sessions listed.\n", ""] 00:14:53.374436908: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:14:53.494665429: call returned: [0, "", ""] 00:14:53.494832017: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:14:53.640328836: call returned: [0, "", ""] 00:14:53.640648258: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node13 = dogtail.tree.root.application('gnome-shell') 00:14:54.729595847: execution complete 00:14:55.456446341: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:14:55.456700410: executing Python as amnesia: node14 = node13.child('No Notifications', roleName='label') 00:14:57.233320579: execution complete 00:14:57.233558759: executing Python as amnesia: node15 = node13.child('No Notifications', roleName='label') 00:14:58.623277580: execution complete 00:14:58.670678830: [log] TYPE "#ESC." And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:14:58.689549150: calling as root: test -b /dev/sda 00:14:58.910099321: call returned: [0, "", ""] Then drive "msdos_fat32" is detected by Tails # features/step_definitions/common_steps.rb:72 00:14:58.931963967: calling as root: grep -qs '^/dev/sda' /proc/mounts 00:14:59.128629090: call returned: [1, "", ""] And drive "msdos_fat32" is not mounted # features/step_definitions/untrusted_partitions.rb:49 @product Feature: Installing packages through APT As a Tails user when I set an administration password in Tails Greeter I should be able to install packages using APT and Synaptic and all Internet traffic should flow only through Tor. Scenario: APT sources are configured correctly # features/apt.feature:8 Checkpoint: I have started Tails from DVD without network and stopped at Tails Greeter's login screen Given the network is unplugged 00:15:02.792077139: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] And I start the computer 00:16:07.193293300: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:16:07.193808199: calling as root: echo 'hello?' 00:16:07.479201114: call returned: [0, "hello?\n", ""] 00:16:07.479572678: calling as root: service tor status 00:16:07.799621511: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:16:07.800069957: opening file /etc/tor/torrc in 'append' mode 00:16:07.998778090: append complete And the computer boots Tails 00:16:13.174085854: calling as root: echo 'hello?' 00:16:13.356103598: call returned: [0, "hello?\n", ""] 00:16:14.085490254: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:16:14.085709817: calling as root: nmcli device show eth0 00:16:14.396418555: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:16:14.417584800: calling as root: date -s '@1498725021' 00:16:14.580429766: call returned: [0, "Thu Jun 29 08:30:21 UTC 2017\n", ""] Checkpoint: I have started Tails from DVD without network and logged in Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen 00:16:15.366956528: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:16:15.367280903: calling as root: loginctl 00:16:15.578748643: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:16:16.579198931: calling as root: loginctl 00:16:16.767893474: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 8 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 00:16:38.541247247: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:16:38.666630980: call returned: [0, "", ""] 00:16:38.666840653: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:16:38.787133270: call returned: [0, "", ""] And I log in to a new session Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:16:42.546148333: calling as root: cat /etc/apt/sources.list /etc/apt/sources.list.d/* 00:16:42.843866684: call returned: [0, "# /etc/apt/sources.list\n\ndeb tor+http://vwakviie2ienjx6t.onion/debian/ stretch main contrib\ndeb tor+http://vwakviie2ienjx6t.onion/debian/ sid main contrib\ndeb tor+http://jenw7xbd6tf7vfhp.onion/ stable main contrib\ndeb tor+http://sdscoq7snqtznauu.onion/torproject.org/ stretch main\ndeb tor+http://sdscoq7snqtznauu.onion/torproject.org/ sid main\n", ""] Then the only hosts in APT sources are "vwakviie2ienjx6t.onion,sgvtcaew4bxjd7ln.onion,jenw7xbd6tf7vfhp.onion,sdscoq7snqtznauu.onion" # features/step_definitions/apt.rb:3 00:16:42.846270639: calling as root: cat /etc/apt/sources.list /etc/apt/sources.list.d/* 00:16:43.103257857: call returned: [0, "# /etc/apt/sources.list\n\ndeb tor+http://vwakviie2ienjx6t.onion/debian/ stretch main contrib\ndeb tor+http://vwakviie2ienjx6t.onion/debian/ sid main contrib\ndeb tor+http://jenw7xbd6tf7vfhp.onion/ stable main contrib\ndeb tor+http://sdscoq7snqtznauu.onion/torproject.org/ stretch main\ndeb tor+http://sdscoq7snqtznauu.onion/torproject.org/ sid main\n", ""] And no proposed-updates APT suite is enabled # features/step_definitions/apt.rb:17 @check_tor_leaks Scenario: Install packages using apt # features/apt.feature:14 00:16:46.996754700: calling as root: echo 'hello?' 00:16:47.151710433: call returned: [0, "hello?\n", ""] 00:16:47.906308853: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:16:47.906553983: calling as root: nmcli device show eth0 00:16:48.231169220: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:16:48.253043181: calling as root: date -s '@1498725055' 00:16:48.406234952: call returned: [0, "Thu Jun 29 08:30:55 UTC 2017\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with an administration password Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen 00:16:49.343299950: [log] CLICK on L(244,615)@S(0)[0,0 1024x768] 00:16:51.010534559: [log] CLICK on L(427,258)@S(0)[0,0 1024x768] 00:16:51.178795186: [log] TYPE "asdf" 00:16:51.222495778: [log] TYPE "#TAB." 00:16:51.393626580: [log] TYPE "asdf" And I set an administration password 00:16:52.105595015: [log] TYPE "#ENTER." 00:16:52.835566696: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:16:52.835922462: calling as root: loginctl 00:16:52.993850736: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:16:53.994327907: calling as root: loginctl 00:16:54.209750885: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 8 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 00:17:08.534044098: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:17:08.688888447: call returned: [0, "", ""] 00:17:08.689126198: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:17:08.815403100: call returned: [0, "", ""] And I log in to a new session 00:17:12.767482920: calling as root: echo 'hello?' 00:17:13.049762599: call returned: [0, "hello?\n", ""] 00:17:13.792828054: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:17:13.794411458: calling as root: nmcli device show eth0 00:17:14.142089227: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:94:72:B6\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:17:14.157174851: calling as root: date -s '@1498725081' 00:17:14.393726475: call returned: [0, "Thu Jun 29 08:31:21 UTC 2017\n", ""] Checkpoint: I have started Tails from DVD and logged in with an administration password and the network is connected Given I have started Tails from DVD without network and logged in with an administration password And the network is plugged 00:17:14.524864967: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:14.951841070: call returned: [1, "", ""] 00:17:15.952085617: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:16.156645916: call returned: [1, "", ""] 00:17:17.156965862: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:17.419627597: call returned: [1, "", ""] 00:17:18.420021684: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:18.661010214: call returned: [1, "", ""] 00:17:19.661367671: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:19.927224842: call returned: [1, "", ""] 00:17:20.927707395: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:21.205343668: call returned: [1, "", ""] 00:17:22.205668986: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:22.407950500: call returned: [1, "", ""] 00:17:23.408248677: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:23.584668703: call returned: [1, "", ""] 00:17:24.585018129: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:24.798719998: call returned: [1, "", ""] 00:17:25.799138102: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:26.065227484: call returned: [1, "", ""] 00:17:27.065591743: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:27.260029764: call returned: [3, "", ""] 00:17:28.260402900: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:17:28.738949686: call returned: [0, "", ""] 00:17:28.739995144: calling as root: test -e /run/tordate/done 00:17:29.139641968: call returned: [0, "", ""] 00:17:29.139993959: calling as root: test -e /run/htpdate/success 00:17:29.703636994: call returned: [1, "", ""] 00:17:30.703937056: calling as root: test -e /run/htpdate/success 00:17:30.855485852: call returned: [1, "", ""] 00:17:31.855870248: calling as root: test -e /run/htpdate/success 00:17:32.147899968: call returned: [0, "", ""] 00:17:32.148434269: calling as root: systemctl is-system-running 00:17:32.563862606: call returned: [0, "running\n", ""] And Tor is ready 00:17:32.564286586: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node16 = dogtail.tree.root.application('gnome-shell') 00:17:33.741200601: execution complete 00:17:34.465738651: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:17:34.466028065: executing Python as amnesia: node17 = node16.child('No Notifications', roleName='label') 00:17:36.857413953: execution complete 00:17:36.857604280: executing Python as amnesia: node18 = node16.child('No Notifications', roleName='label') 00:17:39.191667232: execution complete 00:17:39.233473865: [log] TYPE "#ESC." And all notifications have disappeared 00:17:39.234555504: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:39.481630114: call returned: [1, "", ""] 00:17:40.481912639: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:40.648626512: call returned: [1, "", ""] 00:17:41.648936144: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:41.886186520: call returned: [1, "", ""] 00:17:42.886511039: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:43.059505976: call returned: [1, "", ""] 00:17:44.059789899: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:44.248043738: call returned: [1, "", ""] 00:17:45.248351373: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:45.444406342: call returned: [1, "", ""] 00:17:46.444727777: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:46.653702797: call returned: [1, "", ""] 00:17:47.654010696: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:47.856558280: call returned: [1, "", ""] 00:17:48.856820728: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:49.065789847: call returned: [1, "", ""] 00:17:50.066146184: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:50.238807871: call returned: [1, "", ""] 00:17:51.239179065: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:51.404705472: call returned: [1, "", ""] 00:17:52.405025775: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:52.547290511: call returned: [1, "", ""] 00:17:53.547623205: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:53.716781074: call returned: [1, "", ""] 00:17:54.717123203: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:54.899437582: call returned: [1, "", ""] 00:17:55.899849142: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:56.093740136: call returned: [1, "", ""] 00:17:57.094067448: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:57.281610822: call returned: [1, "", ""] 00:17:58.281996208: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:17:58.635717232: call returned: [1, "", ""] 00:17:59.636045850: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:00.000155645: call returned: [1, "", ""] 00:18:01.000446453: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:01.285353218: call returned: [1, "", ""] 00:18:02.285790149: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:02.554764235: call returned: [1, "", ""] 00:18:03.555123536: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:03.807734043: call returned: [1, "", ""] 00:18:04.808128189: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:05.011002826: call returned: [1, "", ""] 00:18:06.011383289: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 00:18:06.202156493: call returned: [0, "", ""] And available upgrades have been checked Given I have started Tails from DVD and logged in with an administration password and the network is connected # features/step_definitions/snapshots.rb:172 00:18:18.045649569: calling as root: perl -pi -E ' use strict; use warnings FATAL => "all"; s{vwakviie2ienjx6t[.]onion}{ftp.us.debian.org}; s{sgvtcaew4bxjd7ln[.]onion}{security.debian.org}; s{sdscoq7snqtznauu[.]onion}{deb.torproject.org}; s{jenw7xbd6tf7vfhp[.]onion}{deb.tails.boum.org};' /etc/apt/sources.list /etc/apt/sources.list.d/* 00:18:18.310945441: call returned: [0, "", ""] When I configure APT to use non-onion sources # features/step_definitions/apt.rb:24 00:18:18.312725512: calling as amnesia: echo asdf | sudo -S apt update 00:18:32.687381232: call returned: [0, "Get:1 tor+http://deb.tails.boum.org stable InRelease [9,689 B]\nIgn:2 tor+http://ftp.us.debian.org/debian stretch InRelease\nGet:3 tor+http://ftp.us.debian.org/debian sid InRelease [255 kB]\nGet:4 tor+http://deb.torproject.org/torproject.org stretch InRelease [4,231 B]\nGet:5 tor+http://deb.tails.boum.org stable/main amd64 Packages [44.6 kB]\nGet:6 tor+http://deb.torproject.org/torproject.org sid InRelease [4,228 B]\nGet:7 tor+http://ftp.us.debian.org/debian stretch Release [113 kB]\nGet:8 tor+http://ftp.us.debian.org/debian stretch Release.gpg [3,108 B]\nGet:9 tor+http://deb.torproject.org/torproject.org stretch/main amd64 Packages [3,452 B]\nGet:10 tor+http://ftp.us.debian.org/debian sid/main amd64 Packages [7,560 kB]\nGet:11 tor+http://deb.torproject.org/torproject.org sid/main amd64 Packages [3,428 B]\nGet:12 tor+http://ftp.us.debian.org/debian sid/main Translation-en [5,732 kB]\nGet:13 tor+http://ftp.us.debian.org/debian sid/contrib amd64 Packages [57.7 kB]\nGet:14 tor+http://ftp.us.debian.org/debian sid/contrib Translation-en [50.8 kB]\nGet:15 tor+http://ftp.us.debian.org/debian stretch/main amd64 Packages [7,094 kB]\nGet:16 tor+http://ftp.us.debian.org/debian stretch/main Translation-en [5,392 kB]\nGet:17 tor+http://ftp.us.debian.org/debian stretch/contrib amd64 Packages [50.9 kB]\nGet:18 tor+http://ftp.us.debian.org/debian stretch/contrib Translation-en [45.9 kB]\nFetched 26.4 MB in 11s (2,234 kB/s)\nReading package lists...\nBuilding dependency tree...\nReading state information...\n5 packages can be upgraded. Run 'apt list --upgradable' to see them.\n", "\nWe trust you have received the usual lecture from the local System\nAdministrator. It usually boils down to these three things:\n\n #1) Respect the privacy of others.\n #2) Think before you type.\n #3) With great power comes great responsibility.\n\n[sudo] password for amnesia: \nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\n"] And I update APT using apt # features/step_definitions/apt.rb:41 00:18:32.689370985: calling as amnesia: echo asdf | sudo -S apt install cowsay 00:19:34.488147355: call returned: [0, "Reading package lists...\nBuilding dependency tree...\nReading state information...\nSuggested packages:\n filters\nRecommended packages:\n cowsay-off\nThe following NEW packages will be installed:\n cowsay\n0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.\nNeed to get 20.1 kB of archives.\nAfter this operation, 90.1 kB of additional disk space will be used.\nGet:1 tor+http://ftp.us.debian.org/debian stretch/main amd64 cowsay all 3.03+dfsg2-3 [20.1 kB]\nFetched 20.1 kB in 0s (73.9 kB/s)\nSelecting previously unselected package cowsay.\r\n(Reading database ... \r(Reading database ... 5%\r(Reading database ... 10%\r(Reading database ... 15%\r(Reading database ... 20%\r(Reading database ... 25%\r(Reading database ... 30%\r(Reading database ... 35%\r(Reading database ... 40%\r(Reading database ... 45%\r(Reading database ... 50%\r(Reading database ... 55%\r(Reading database ... 60%\r(Reading database ... 65%\r(Reading database ... 70%\r(Reading database ... 75%\r(Reading database ... 80%\r(Reading database ... 85%\r(Reading database ... 90%\r(Reading database ... 95%\r(Reading database ... 100%\r(Reading database ... 140782 files and directories currently installed.)\r\nPreparing to unpack .../cowsay_3.03+dfsg2-3_all.deb ...\r\nUnpacking cowsay (3.03+dfsg2-3) ...\r\nSetting up cowsay (3.03+dfsg2-3) ...\r\nProcessing triggers for man-db (2.7.6.1-2) ...\r\n", "[sudo] password for amnesia: \nWARNING: apt does not have a stable CLI interface. Use with caution in scripts.\n\ndebconf: unable to initialize frontend: Dialog\ndebconf: (Dialog frontend will not work on a dumb terminal, an emacs shell buffer, or without a controlling terminal.)\ndebconf: falling back to frontend: Readline\ndebconf: unable to initialize frontend: Readline\ndebconf: (This frontend requires a controlling tty.)\ndebconf: falling back to frontend: Teletype\ndpkg-preconfigure: unable to re-open stdin: \n"] And I install "cowsay" using apt # features/step_definitions/apt.rb:54 00:19:34.489870498: calling as root: dpkg -s 'cowsay' 2>/dev/null | grep -qs '^Status:.*installed$' 00:19:34.779699921: call returned: [0, "", ""] Then the package "cowsay" is installed # features/step_definitions/common_steps.rb:543 @product Feature: Root access control enforcement As a Tails user when I set an administration password in Tails Greeter I can use the password for attaining administrative privileges. But when I do not set an administration password I should not be able to attain administration privileges at all. Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges. # features/root_access_control.feature:9 00:19:59.183805549: calling as root: echo 'hello?' 00:19:59.325056296: call returned: [0, "hello?\n", ""] 00:20:00.049786421: calling as root: nmcli device show eth0 00:20:00.074359035: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:20:00.415656457: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:20:00.434689512: calling as root: date -s '@1498725247' 00:20:00.593501353: call returned: [0, "Thu Jun 29 08:34:07 UTC 2017\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with an administration password Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen 00:20:01.393859967: [log] CLICK on L(244,615)@S(0)[0,0 1024x768] 00:20:02.918043365: [log] CLICK on L(427,258)@S(0)[0,0 1024x768] 00:20:03.128816283: [log] TYPE "asdf" [log] TYPE "#TAB." 00:20:03.294949715: [log] TYPE "asdf" And I set an administration password 00:20:04.722122695: calling as root: loginctl 00:20:04.740647143: [log] TYPE "#ENTER." [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:20:04.922669884: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:20:05.923141711: calling as root: loginctl 00:20:06.109006412: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 8 1000 amnesia seat0 /dev/tty2 \n c8 0 root ??? \n\n3 sessions listed.\n", ""] 00:20:20.133920434: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:20:20.273932045: call returned: [0, "", ""] 00:20:20.274216225: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:20:20.458930397: call returned: [0, "", ""] And I log in to a new session Given I have started Tails from DVD without network and logged in with an administration password # features/step_definitions/snapshots.rb:172 00:20:30.983876084: calling as amnesia: echo asdf | sudo -S whoami 00:20:31.260093498: call returned: [0, "root\n", "\nWe trust you have received the usual lecture from the local System\nAdministrator. It usually boils down to these three things:\n\n #1) Respect the privacy of others.\n #2) Think before you type.\n #3) With great power comes great responsibility.\n\n[sudo] password for amnesia: "] Then I should be able to run administration commands as the live user # features/step_definitions/root_access_control.rb:1 Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges. # features/root_access_control.feature:13 00:20:48.809137835: calling as root: echo 'hello?' 00:20:49.091560784: call returned: [0, "hello?\n", ""] 00:20:49.820058396: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:20:49.820220940: calling as root: nmcli device show eth0 00:20:50.262001634: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:20:50.281962042: calling as root: date -s '@1498725297' 00:20:50.471372876: call returned: [0, "Thu Jun 29 08:34:57 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:20:50.473228266: calling as amnesia: echo | sudo -S whoami 00:20:50.693834730: call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] Then I should not be able to run administration commands as the live user with the "" password # features/step_definitions/root_access_control.rb:8 00:20:50.695734140: calling as amnesia: echo amnesia | sudo -S whoami 00:20:50.813189726: call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] And I should not be able to run administration commands as the live user with the "amnesia" password # features/step_definitions/root_access_control.rb:8 00:20:50.815012194: calling as amnesia: echo live | sudo -S whoami 00:20:50.991586378: call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] And I should not be able to run administration commands as the live user with the "live" password # features/step_definitions/root_access_control.rb:8 Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit # features/root_access_control.feature:19 00:21:20.437010616: calling as root: echo 'hello?' 00:21:20.691517223: call returned: [0, "hello?\n", ""] 00:21:21.424257103: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:21:21.424424926: calling as root: nmcli device show eth0 00:21:21.753260442: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:8A:C3:D2\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:21:21.774366601: calling as root: date -s '@1498725328' 00:21:21.952747228: call returned: [0, "Thu Jun 29 08:35:28 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in with an administration password # features/step_definitions/snapshots.rb:172 00:21:21.954983379: calling as root: pkaction --verbose --action-id org.freedesktop.policykit.exec 00:21:22.384570032: call returned: [1, "org.freedesktop.policykit.exec:\n description: Run programs as another user\n message: Authentication is required to run a program as another user\n vendor: The PolicyKit Project\n vendor_url: http://hal.freedesktop.org/docs/PolicyKit/\n icon: \n implicit any: auth_admin\n implicit inactive: auth_admin\n implicit active: auth_admin\n\n", ""] And running a command as root with pkexec requires PolicyKit administrator privileges # features/step_definitions/root_access_control.rb:15 00:21:22.387416975: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:21:22.606734397: call returned: [1, "", ""] 00:21:22.677185438: calling as amnesia: xdotool key Super 00:21:22.977409002: call returned: [0, "", ""] 00:21:24.717584861: [log] TYPE "GNOME Terminal" 00:21:27.848199299: [log] ( Ctrl ) TYPE "#ENTER." 00:21:29.129726959: [log] TYPE "pkexec touch /root/pkexec-test#ENTER." 00:21:30.373352549: [log] TYPE "asdf" 00:21:30.419294590: [log] TYPE "#ENTER." 00:21:31.184654278: calling as root: ls /root/pkexec-test 00:21:31.400044429: call returned: [0, "/root/pkexec-test\n", ""] Then I should be able to run a command as root with pkexec # features/step_definitions/root_access_control.rb:26 Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords. # features/root_access_control.feature:24 00:21:58.441557382: calling as root: echo 'hello?' 00:21:58.699141853: call returned: [0, "hello?\n", ""] 00:21:59.427250158: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:21:59.427431081: calling as root: nmcli device show eth0 00:21:59.819373062: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:21:59.837764146: calling as root: date -s '@1498725366' 00:22:00.045097503: call returned: [0, "Thu Jun 29 08:36:06 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:22:00.046470394: calling as root: pkaction --verbose --action-id org.freedesktop.policykit.exec 00:22:01.468700336: call returned: [1, "org.freedesktop.policykit.exec:\n description: Run programs as another user\n message: Authentication is required to run a program as another user\n vendor: The PolicyKit Project\n vendor_url: http://hal.freedesktop.org/docs/PolicyKit/\n icon: \n implicit any: auth_admin\n implicit inactive: auth_admin\n implicit active: auth_admin\n\n", ""] And running a command as root with pkexec requires PolicyKit administrator privileges # features/step_definitions/root_access_control.rb:15 00:22:01.472239403: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:22:01.669477551: call returned: [1, "", ""] 00:22:01.741227560: calling as amnesia: xdotool key Super 00:22:02.003639959: call returned: [0, "", ""] 00:22:03.634325687: [log] TYPE "GNOME Terminal" 00:22:07.702772801: [log] ( Ctrl ) TYPE "#ENTER." 00:22:08.980499016: [log] TYPE "pkexec touch /root/pkexec-test#ENTER." 00:22:09.992888750: [log] TYPE "#ENTER." 00:22:30.550125350: [log] TYPE "live" 00:22:30.592118153: [log] TYPE "#ENTER." 00:22:50.974732724: [log] TYPE "amnesia" 00:23:11.387712347: [log] TYPE "#ENTER." [log] TYPE "#ESC." Then I should not be able to run a command as root with pkexec and the standard passwords # features/step_definitions/root_access_control.rb:34 @product @check_tor_leaks Feature: Time syncing As a Tails user I want Tor to work properly And for that I need a reasonably accurate system clock Scenario: Clock with host's time # features/time_syncing.feature:7 00:23:28.203121008: calling as root: echo 'hello?' 00:23:28.460671073: call returned: [0, "hello?\n", ""] 00:23:29.188457681: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:23:29.188785401: calling as root: nmcli device show eth0 00:23:29.570626257: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:23:29.587930806: calling as root: date -s '@1498725456' 00:23:29.720078322: call returned: [0, "Thu Jun 29 08:37:36 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 When the network is plugged # features/step_definitions/common_steps.rb:79 00:23:31.829902713: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:32.091906037: call returned: [1, "", ""] 00:23:33.092260587: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:33.300150024: call returned: [1, "", ""] 00:23:34.300572707: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:34.539535020: call returned: [1, "", ""] 00:23:35.539949902: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:35.786768687: call returned: [1, "", ""] 00:23:36.787138329: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:37.006079590: call returned: [3, "", ""] 00:23:38.006387513: calling as root: /usr/local/sbin/tor-has-bootstrapped 00:23:38.335814425: call returned: [0, "", ""] 00:23:38.338203664: calling as root: test -e /run/tordate/done 00:23:38.676103149: call returned: [0, "", ""] 00:23:38.676448586: calling as root: test -e /run/htpdate/success 00:23:39.073542453: call returned: [1, "", ""] 00:23:40.073892531: calling as root: test -e /run/htpdate/success 00:23:40.266143862: call returned: [1, "", ""] 00:23:41.266639118: calling as root: test -e /run/htpdate/success 00:23:41.476097016: call returned: [1, "", ""] 00:23:42.476440543: calling as root: test -e /run/htpdate/success 00:23:42.732668504: call returned: [0, "", ""] 00:23:42.733011574: calling as root: systemctl is-system-running 00:23:43.162174019: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 00:23:43.164115944: calling as root: date --rfc-2822 00:23:43.485124213: call returned: [0, "Thu, 29 Jun 2017 08:37:49 +0000\n", ""] Then Tails clock is less than 5 minutes incorrect # features/step_definitions/time_syncing.rb:40 Time was 1.391080628 seconds off Scenario: The system time is not synced to the hardware clock # features/time_syncing.feature:23 00:24:11.124749422: calling as root: echo 'hello?' 00:24:11.389845453: call returned: [0, "hello?\n", ""] 00:24:12.117509517: calling as root: nmcli device show eth0 00:24:12.148944993: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:24:12.512201972: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:24:12.529106112: calling as root: date -s '@1498725499' 00:24:12.781608882: call returned: [0, "Thu Jun 29 08:38:19 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:24:12.783857807: calling as root: date 00:24:12.950314485: call returned: [0, "Thu Jun 29 08:38:19 UTC 2017\n", ""] 00:24:12.952437346: calling as root: date -s 'now -15 days' 00:24:13.241174498: call returned: [0, "Wed Jun 14 08:38:19 UTC 2017\n", ""] 00:24:13.241367963: calling as root: date 00:24:13.440133280: call returned: [0, "Wed Jun 14 08:38:19 UTC 2017\n", ""] When I bump the system time with "-15 days" # features/step_definitions/time_syncing.rb:20 00:24:13.458312403: spawning as root: reboot And I warm reboot the computer # features/step_definitions/common_steps.rb:530 00:25:07.126778775: calling as root: echo 'hello?' 00:25:07.148988110: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:25:08.030631330: call returned: [0, "hello?\n", ""] 00:25:08.031238913: calling as root: service tor status 00:25:08.509911382: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:25:08.510403104: opening file /etc/tor/torrc in 'append' mode 00:25:08.785547812: append complete And the computer reboots Tails # features/step_definitions/common_steps.rb:248 00:25:08.787997426: calling as root: hwclock -r 00:25:09.503451044: call returned: [0, "2017-06-29 08:39:15.819103+0000\n", ""] Then Tails' hardware clock is close to the host system's time # features/step_definitions/time_syncing.rb:69 Scenario: Anti-test: Changes to the hardware clock are kept when rebooting # features/time_syncing.feature:30 00:25:13.154548978: calling as root: echo 'hello?' 00:25:13.422442241: call returned: [0, "hello?\n", ""] 00:25:14.152880335: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:25:14.153111140: calling as root: nmcli device show eth0 00:25:14.448245632: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:25:14.466543376: calling as root: date -s '@1498725561' 00:25:14.685914791: call returned: [0, "Thu Jun 29 08:39:21 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:25:14.688008021: calling as root: hwclock -r 00:25:15.490539050: call returned: [0, "2017-06-29 08:39:21.470289+0000\n", ""] 00:25:15.490884128: calling as root: hwclock --set --date 'now -15 days' 00:25:17.186996134: call returned: [0, "", ""] 00:25:17.187191856: calling as root: hwclock -r 00:25:17.703602268: call returned: [0, "2017-06-14 08:39:23.649260+0000\n", ""] When I bump the hardware clock's time with "-15 days" # features/step_definitions/time_syncing.rb:20 00:25:17.721612309: spawning as root: reboot And I warm reboot the computer # features/step_definitions/common_steps.rb:530 00:25:24.326585681: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:26:08.675832549: calling as root: echo 'hello?' 00:26:09.463499045: call returned: [0, "hello?\n", ""] 00:26:09.463952761: calling as root: service tor status 00:26:10.317901698: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:26:10.318475472: opening file /etc/tor/torrc in 'append' mode 00:26:10.634956698: append complete And the computer reboots Tails # features/step_definitions/common_steps.rb:248 00:26:10.637328921: calling as root: hwclock -r 00:26:11.720246252: call returned: [0, "2017-06-14 08:40:17.431422+0000\n", ""] Then the hardware clock is still off by "-15 days" # features/step_definitions/time_syncing.rb:77 Scenario: Boot with a hardware clock set way in the past and make sure that Tails sets the clock to the source date # features/time_syncing.feature:37 Given a computer # features/step_definitions/common_steps.rb:46 And the network is unplugged # features/step_definitions/common_steps.rb:83 And the hardware clock is set to "01 Jan 2000 12:34:56" # features/step_definitions/common_steps.rb:92 00:26:15.306407091: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] And I start the computer # features/step_definitions/common_steps.rb:109 00:26:19.027839115: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:27:23.616549975: calling as root: echo 'hello?' 00:27:23.935194124: call returned: [0, "hello?\n", ""] 00:27:23.935594252: calling as root: service tor status 00:27:24.198420674: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:27:24.198800886: opening file /etc/tor/torrc in 'append' mode 00:27:24.461324476: append complete And the computer boots Tails # features/step_definitions/common_steps.rb:248 00:27:24.463437059: calling as root: date 00:27:24.629983510: call returned: [0, "Tue Jun 13 00:00:31 UTC 2017\n", ""] 00:27:24.630511434: calling as root: sed -n -e "1s/^.* - \([0-9]\+\)$/\1/p;q" /etc/amnesia/version 00:27:24.782395814: call returned: [0, "20170613\n", ""] Then the system clock is just past Tails' source date # features/step_definitions/time_syncing.rb:50 @product Feature: System memory erasure on shutdown As a Tails user when I shutdown Tails I want the system memory to be free from sensitive data. # These tests rely on the Linux kernel's memory poisoning features. # The feature is called "on shutdown" as this is the security guarantee # we document, but in practice we test that some important bits of memory # are erased _before_ shutdown, while for some others we really test # behavior at shutdown time. Scenario: Erasure of memory freed by killed userspace processes # features/erase_memory.feature:13 00:27:28.012119532: calling as root: echo 'hello?' 00:27:28.269868122: call returned: [0, "hello?\n", ""] 00:27:28.997152078: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:27:28.997850514: calling as root: nmcli device show eth0 00:27:29.374770351: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:27:29.393192819: calling as root: date -s '@1498725696' 00:27:29.605523770: call returned: [0, "Thu Jun 29 08:41:36 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:27:29.608135083: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:27:29.884781368: call returned: [0, "2004\n", ""] 00:27:29.885912076: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:27:30.442952102: call returned: [0, "", ""] 00:27:30.443142779: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:27:32.174985265: call returned: [0, "", ""] 00:27:32.175185584: calling as root: sysctl vm.oom_kill_allocating_task=0 00:27:32.488287808: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:27:32.488502977: calling as root: sysctl vm.oom_dump_tasks=0 00:27:32.670454904: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:27:32.670647306: calling as root: sysctl vm.overcommit_memory=0 00:27:32.861769190: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:27:32.861978317: calling as root: sysctl vm.min_free_kbytes=65536 00:27:33.062683033: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:27:33.062903605: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:27:33.286299587: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:27:33.286534593: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:33.655606393: call returned: [0, "547\n", ""] 00:27:33.655891418: calling as root: systemctl status initramfs-shutdown.service 00:27:34.007840339: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 11min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:27:34.008035379: calling as root: systemctl status memlockd.service 00:27:34.340005685: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 11min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:27:34.340244728: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:27:34.587388211: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 11min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 00:27:34.589269036: spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram 00:27:34.718548864: spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram 00:27:34.959122268: calling as root: pidof -x -o '%PPID' fillram 00:27:35.410588069: call returned: [0, "9176 9146\n", ""] 00:27:35.410882163: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:35.630902929: call returned: [0, "571\n", ""] 00:27:35.631112821: Memory fill progress: 30% 00:27:35.631197689: calling as root: pidof -x -o '%PPID' fillram 00:27:35.936014305: call returned: [0, "9176 9146\n", ""] 00:27:36.936305059: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:37.219228639: call returned: [0, "746\n", ""] 00:27:37.219388211: Memory fill progress: 40% 00:27:37.219463543: calling as root: pidof -x -o '%PPID' fillram 00:27:37.484452174: call returned: [0, "9176 9146\n", ""] 00:27:38.484732130: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:38.708302406: call returned: [0, "944\n", ""] 00:27:38.708465642: Memory fill progress: 50% 00:27:38.708560747: calling as root: pidof -x -o '%PPID' fillram 00:27:38.963957883: call returned: [0, "9176 9146\n", ""] 00:27:39.964223181: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:40.211881242: call returned: [0, "1125\n", ""] 00:27:40.212043524: Memory fill progress: 60% 00:27:40.212112368: calling as root: pidof -x -o '%PPID' fillram 00:27:40.498197622: call returned: [0, "9176 9146\n", ""] 00:27:41.498467501: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:41.762100471: call returned: [0, "1319\n", ""] 00:27:41.762296696: Memory fill progress: 70% 00:27:41.762366843: calling as root: pidof -x -o '%PPID' fillram 00:27:42.044135495: call returned: [0, "9176 9146\n", ""] 00:27:43.044421607: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:43.488614451: call returned: [0, "1513\n", ""] 00:27:43.488775243: Memory fill progress: 80% 00:27:43.488864028: calling as root: pidof -x -o '%PPID' fillram 00:27:43.762396187: call returned: [0, "9176 9146\n", ""] 00:27:44.762709956: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:27:48.278769565: call returned: [0, "548\n", ""] 00:27:48.278947019: calling as root: pidof -x -o '%PPID' fillram 00:27:48.778421680: call returned: [1, "", ""] 00:27:48.778661413: Memory fill progress: finished When I fill the guest's memory with a known pattern and the allocating processes get killed # features/step_definitions/erase_memory.rb:104 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) Scenario: Erasure of tmpfs data on unmount # features/erase_memory.feature:19 00:27:56.531764936: calling as root: echo 'hello?' 00:27:56.802149348: call returned: [0, "hello?\n", ""] 00:27:57.531256846: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:27:57.532425866: calling as root: nmcli device show eth0 00:27:57.920403566: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:27:57.936927710: calling as root: date -s '@1498725724' 00:27:58.173255897: call returned: [0, "Thu Jun 29 08:42:04 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:27:58.174532562: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:27:58.424577282: call returned: [0, "2004\n", ""] 00:27:58.424797718: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:27:58.928915424: call returned: [0, "", ""] 00:27:58.929221078: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:28:00.710541496: call returned: [0, "", ""] 00:28:00.710773412: calling as root: sysctl vm.oom_kill_allocating_task=0 00:28:00.990402316: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:28:00.990576882: calling as root: sysctl vm.oom_dump_tasks=0 00:28:01.219777619: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:28:01.220009704: calling as root: sysctl vm.overcommit_memory=0 00:28:01.374415674: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:28:01.374636157: calling as root: sysctl vm.min_free_kbytes=65536 00:28:01.602040890: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:28:01.602291246: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:28:01.783022493: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:28:01.783293752: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:28:02.111992304: call returned: [0, "547\n", ""] 00:28:02.112178931: calling as root: systemctl status initramfs-shutdown.service 00:28:02.496527264: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 12min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:28:02.496711690: calling as root: systemctl status memlockd.service 00:28:02.780574510: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 12min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:28:02.780747713: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:28:03.025749500: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 12min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 And I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) 00:28:06.069637816: calling as root: mount -t tmpfs -o 'size=128M' tmpfs '/mnt' 00:28:06.286937877: call returned: [0, "", ""] 00:28:06.287299854: calling as root: while echo wipe_didnt_work >> '/mnt/file'; do true ; done 00:28:47.275917955: call returned: [0, "", "sh: echo: I/O error\n"] 00:28:47.276160667: calling as root: df --output=avail '/mnt' 00:28:47.575758598: call returned: [0, "Avail\n 0\n", ""] When I mount a 128 MiB tmpfs on "/mnt" and fill it with a known pattern # features/step_definitions/erase_memory.rb:155 Then patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 100.000% (128 MiB out of 128 MiB reference memory) 00:28:50.998456689: calling as root: umount '/mnt' 00:28:51.389665210: call returned: [0, "", ""] When I umount "/mnt" # features/step_definitions/erase_memory.rb:209 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) Scenario: Erasure of read and write disk caches on unmount: vfat # features/erase_memory.feature:28 00:29:27.785888973: calling as root: echo 'hello?' 00:29:28.049519519: call returned: [0, "hello?\n", ""] 00:29:28.782910176: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:29:28.783267701: calling as root: nmcli device show eth0 00:29:29.183366040: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:29:29.207710796: calling as root: date -s '@1498725816' 00:29:29.380314740: call returned: [0, "Thu Jun 29 08:43:36 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:29:29.381631214: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:29:29.676556963: call returned: [0, "2004\n", ""] 00:29:29.676798282: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:29:30.280517095: call returned: [0, "", ""] 00:29:30.280696469: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:29:32.133872686: call returned: [0, "", ""] 00:29:32.134128941: calling as root: sysctl vm.oom_kill_allocating_task=0 00:29:32.456186160: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:29:32.456432916: calling as root: sysctl vm.oom_dump_tasks=0 00:29:32.665693973: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:29:32.665940951: calling as root: sysctl vm.overcommit_memory=0 00:29:32.913868339: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:29:32.914043544: calling as root: sysctl vm.min_free_kbytes=65536 00:29:33.118825461: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:29:33.119100757: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:29:33.291989596: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:29:33.292164954: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:29:33.584919745: call returned: [0, "546\n", ""] 00:29:33.585132186: calling as root: systemctl status initramfs-shutdown.service 00:29:33.900978910: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 13min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:29:33.901218832: calling as root: systemctl status memlockd.service 00:29:34.270903257: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 13min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:29:34.271302133: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:29:34.541427245: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 13min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 00:29:34.590806608: libguestfs: trace: set_autosync true 00:29:34.591081170: libguestfs: trace: set_autosync = 0 00:29:34.594957973: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/qYnCsSvhfM" "format:qcow2" 00:29:34.595172701: libguestfs: trace: add_drive = 0 00:29:34.595235851: libguestfs: trace: launch 00:29:34.595389125: libguestfs: trace: get_tmpdir 00:29:34.595441819: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:29:34.595639046: libguestfs: trace: get_backend_setting "force_tcg" 00:29:34.595704467: libguestfs: trace: get_backend_setting = NULL (error) 00:29:34.595766383: libguestfs: trace: get_cachedir 00:29:34.595901479: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:29:34.652163181: libguestfs: trace: get_cachedir 00:29:34.652457305: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:29:34.652616262: libguestfs: trace: get_sockdir 00:29:34.652803435: libguestfs: trace: get_sockdir = "/tmp" 00:29:34.652985187: libguestfs: trace: get_backend_setting "gdb" 00:29:34.653172693: libguestfs: trace: get_backend_setting = NULL (error) 00:29:38.943473069: libguestfs: trace: launch = 0 00:29:38.943749139: libguestfs: trace: list_devices 00:29:38.945039393: libguestfs: trace: list_devices = ["/dev/sda"] 00:29:38.945190160: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:29:39.028395579: libguestfs: trace: part_disk = 0 00:29:39.028610504: libguestfs: trace: part_set_name "/dev/sda" 1 "qYnCsSvhfM" 00:29:39.100962058: libguestfs: trace: part_set_name = 0 00:29:39.101205142: libguestfs: trace: list_partitions 00:29:39.101825136: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:29:39.102453019: libguestfs: trace: mkfs "vfat" "/dev/sda1" 00:29:39.118160211: libguestfs: trace: mkfs = 0 00:29:39.118709703: libguestfs: trace: close 00:29:39.118891011: libguestfs: trace: internal_autosync 00:29:39.123380442: libguestfs: trace: internal_autosync = 0 00:29:39.315468382: calling as root: test -b /dev/sda 00:29:39.526990780: call returned: [1, "", ""] 00:29:40.551525191: calling as root: test -b /dev/sda 00:29:40.848953047: call returned: [1, "", ""] 00:29:41.876554803: calling as root: test -b /dev/sda 00:29:42.029053969: call returned: [1, "", ""] 00:29:43.057994377: calling as root: test -b /dev/sda 00:29:43.457509035: call returned: [0, "", ""] 00:29:43.458492518: calling as root: mktemp -d 00:29:43.869293613: call returned: [0, "/tmp/tmp.J3ewT7NplJ\n", ""] 00:29:43.900223411: calling as root: mount /dev/sda1 /tmp/tmp.J3ewT7NplJ 00:29:44.503325621: call returned: [0, "", ""] 00:29:44.503567560: calling as root: df --output=avail '/tmp/tmp.J3ewT7NplJ' 00:29:44.946768482: call returned: [0, " Avail\n130670\n", ""] When I plug and mount a 128 MiB USB drive with a vfat filesystem # features/step_definitions/common_steps.rb:957 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1266 MiB reference memory) 00:29:47.692769634: calling as root: while echo wipe_didnt_work >> '/tmp/tmp.J3ewT7NplJ/file'; do true ; done 00:30:39.393866109: call returned: [0, "", "sh: echo: I/O error\n"] 00:30:39.394124918: calling as root: df --output=avail '/tmp/tmp.J3ewT7NplJ' 00:30:39.613940980: call returned: [0, "Avail\n 0\n", ""] When I fill the USB drive with a known pattern # features/step_definitions/erase_memory.rb:167 Then patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 102.400% (127 MiB out of 124 MiB reference memory) 00:30:43.130793388: calling as root: umount /tmp/tmp.J3ewT7NplJ 00:30:43.773811714: call returned: [0, "", ""] When I umount the USB drive # features/step_definitions/common_steps.rb:981 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1266 MiB reference memory) 00:30:46.732129577: calling as root: mktemp -d 00:30:46.930756748: call returned: [0, "/tmp/tmp.jKR8IBymHe\n", ""] 00:30:46.963870907: calling as root: mount /dev/sda1 /tmp/tmp.jKR8IBymHe 00:30:47.251135862: call returned: [0, "", ""] When I mount the USB drive again # features/step_definitions/common_steps.rb:977 00:30:47.252918119: calling as root: cat /tmp/tmp.jKR8IBymHe/file >/dev/null 00:30:48.668242286: call returned: [0, "", ""] And I read the content of the test FS # features/step_definitions/erase_memory.rb:174 Then patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 102.400% (127 MiB out of 124 MiB reference memory) 00:30:51.963891837: calling as root: umount /tmp/tmp.jKR8IBymHe 00:30:52.325928738: call returned: [0, "", ""] When I umount the USB drive # features/step_definitions/common_steps.rb:981 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1266 MiB reference memory) Scenario: Erasure of read and write disk caches on unmount: LUKS-encrypted ext4 # features/erase_memory.feature:45 00:30:58.616108180: calling as root: echo 'hello?' 00:30:58.953490421: call returned: [0, "hello?\n", ""] 00:30:59.692282250: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:30:59.692534509: calling as root: nmcli device show eth0 00:31:00.108842837: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:31:00.125454315: calling as root: date -s '@1498725907' 00:31:00.354395432: call returned: [0, "Thu Jun 29 08:45:07 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:31:00.355634630: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:31:00.641865920: call returned: [0, "2004\n", ""] 00:31:00.642142162: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:31:01.243560050: call returned: [0, "", ""] 00:31:01.243777351: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:31:02.888262368: call returned: [0, "", ""] 00:31:02.888492686: calling as root: sysctl vm.oom_kill_allocating_task=0 00:31:03.195590822: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:31:03.195804714: calling as root: sysctl vm.oom_dump_tasks=0 00:31:03.378670873: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:31:03.378973550: calling as root: sysctl vm.overcommit_memory=0 00:31:03.614965688: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:31:03.615156184: calling as root: sysctl vm.min_free_kbytes=65536 00:31:03.799235094: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:31:03.799484685: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:31:03.997307399: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:31:03.997537179: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:31:04.269380886: call returned: [0, "547\n", ""] 00:31:04.269712779: calling as root: systemctl status initramfs-shutdown.service 00:31:04.600234403: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 15min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:31:04.600409761: calling as root: systemctl status memlockd.service 00:31:04.918993118: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 15min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:31:04.919192877: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:31:05.201873433: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 15min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 00:31:05.242441474: libguestfs: trace: set_autosync true 00:31:05.242789120: libguestfs: trace: set_autosync = 0 00:31:05.246495355: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/kMiVrzRsiv" "format:qcow2" 00:31:05.246585050: libguestfs: trace: add_drive = 0 00:31:05.246819981: libguestfs: trace: launch 00:31:05.246885734: libguestfs: trace: get_tmpdir 00:31:05.246934159: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:31:05.247010373: libguestfs: trace: get_backend_setting "force_tcg" 00:31:05.247260458: libguestfs: trace: get_backend_setting = NULL (error) 00:31:05.247388157: libguestfs: trace: get_cachedir 00:31:05.247442417: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:31:05.295876992: libguestfs: trace: get_cachedir 00:31:05.296039991: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:31:05.296500967: libguestfs: trace: get_sockdir 00:31:05.296574416: libguestfs: trace: get_sockdir = "/tmp" 00:31:05.296747543: libguestfs: trace: get_backend_setting "gdb" 00:31:05.296825188: libguestfs: trace: get_backend_setting = NULL (error) 00:31:08.596291135: libguestfs: trace: launch = 0 00:31:08.597450570: libguestfs: trace: list_devices 00:31:08.598316590: libguestfs: trace: list_devices = ["/dev/sda"] 00:31:08.598457558: libguestfs: trace: part_disk "/dev/sda" "gpt" 00:31:08.671378487: libguestfs: trace: part_disk = 0 00:31:08.671583948: libguestfs: trace: part_set_name "/dev/sda" 1 "kMiVrzRsiv" 00:31:08.738962746: libguestfs: trace: part_set_name = 0 00:31:08.739184221: libguestfs: trace: list_partitions 00:31:08.739704713: libguestfs: trace: list_partitions = ["/dev/sda1"] 00:31:08.739835871: libguestfs: trace: luks_format "/dev/sda1" "***" 0 00:31:12.620664680: libguestfs: trace: luks_format = 0 00:31:12.621799416: libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" 00:31:14.841565913: libguestfs: trace: luks_open = 0 00:31:14.841773338: libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" 00:31:14.952438697: libguestfs: trace: mkfs = 0 00:31:14.953222421: libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" 00:31:15.175853805: libguestfs: trace: luks_close = 0 00:31:15.176097149: libguestfs: trace: close 00:31:15.176252228: libguestfs: trace: internal_autosync 00:31:15.179230394: libguestfs: trace: internal_autosync = 0 00:31:15.370254602: calling as root: test -b /dev/sda 00:31:15.549945532: call returned: [1, "", ""] 00:31:16.570199917: calling as root: test -b /dev/sda 00:31:16.762008460: call returned: [1, "", ""] 00:31:17.787847656: calling as root: test -b /dev/sda 00:31:18.071821685: call returned: [1, "", ""] 00:31:19.093431831: calling as root: test -b /dev/sda 00:31:19.424241143: call returned: [0, "", ""] 00:31:19.424499460: calling as root: mktemp -d 00:31:19.643017139: call returned: [0, "/tmp/tmp.ruC4ZsV2xU\n", ""] 00:31:19.673542301: calling as root: echo asdf | cryptsetup luksOpen /dev/sda1 kMiVrzRsiv_unlocked 00:31:22.560953926: call returned: [0, "", ""] 00:31:22.561194454: calling as root: mount /dev/mapper/kMiVrzRsiv_unlocked /tmp/tmp.ruC4ZsV2xU 00:31:23.253495376: call returned: [0, "", ""] 00:31:23.253746874: calling as root: df --output=avail '/tmp/tmp.ruC4ZsV2xU' 00:31:23.448141313: call returned: [0, " Avail\n110152\n", ""] When I plug and mount a 128 MiB USB drive with an ext4 filesystem encrypted with password "asdf" # features/step_definitions/common_steps.rb:957 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) 00:31:26.394869381: calling as root: while echo wipe_didnt_work >> '/tmp/tmp.ruC4ZsV2xU/file'; do true ; done 00:32:27.298686863: call returned: [0, "", "sh: echo: I/O error\n"] 00:32:27.298879913: calling as root: df --output=avail '/tmp/tmp.ruC4ZsV2xU' 00:32:27.524513782: call returned: [0, "Avail\n 0\n", ""] When I fill the USB drive with a known pattern # features/step_definitions/erase_memory.rb:167 Then patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 108.390% (113 MiB out of 105 MiB reference memory) 00:32:30.735696608: calling as root: umount /tmp/tmp.ruC4ZsV2xU 00:32:31.243136587: call returned: [0, "", ""] 00:32:31.243326657: calling as root: cryptsetup luksClose kMiVrzRsiv_unlocked 00:32:31.590272424: call returned: [0, "", ""] When I umount the USB drive # features/step_definitions/common_steps.rb:981 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) 00:32:34.480574225: calling as root: mktemp -d 00:32:34.734043586: call returned: [0, "/tmp/tmp.rRUQBoEtd0\n", ""] 00:32:34.759728675: calling as root: echo asdf | cryptsetup luksOpen /dev/sda1 kMiVrzRsiv_unlocked 00:32:37.750408503: call returned: [0, "", ""] 00:32:37.750599727: calling as root: mount /dev/mapper/kMiVrzRsiv_unlocked /tmp/tmp.rRUQBoEtd0 00:32:38.107536607: call returned: [0, "", ""] When I mount the USB drive again # features/step_definitions/common_steps.rb:977 00:32:38.108642780: calling as root: cat /tmp/tmp.rRUQBoEtd0/file >/dev/null 00:32:39.255279508: call returned: [0, "", ""] And I read the content of the test FS # features/step_definitions/erase_memory.rb:174 Then patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 108.390% (113 MiB out of 105 MiB reference memory) 00:32:42.479478603: calling as root: umount /tmp/tmp.rRUQBoEtd0 00:32:42.865922856: call returned: [0, "", ""] 00:32:42.866114516: calling as root: cryptsetup luksClose kMiVrzRsiv_unlocked 00:32:43.143156734: call returned: [0, "", ""] When I umount the USB drive # features/step_definitions/common_steps.rb:981 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) Scenario: Erasure of the aufs read-write branch on shutdown # features/erase_memory.feature:62 00:32:49.075523383: calling as root: echo 'hello?' 00:32:49.292576436: call returned: [0, "hello?\n", ""] 00:32:50.016150275: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:32:50.017424279: calling as root: nmcli device show eth0 00:32:50.455127950: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:32:50.477764233: calling as root: date -s '@1498726017' 00:32:50.679174091: call returned: [0, "Thu Jun 29 08:46:57 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 00:32:50.680394646: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:32:50.939676669: call returned: [0, "2004\n", ""] 00:32:50.939948907: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:32:51.489482410: call returned: [0, "", ""] 00:32:51.489742076: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:32:53.171192075: call returned: [0, "", ""] 00:32:53.171449254: calling as root: sysctl vm.oom_kill_allocating_task=0 00:32:53.488085301: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:32:53.488329834: calling as root: sysctl vm.oom_dump_tasks=0 00:32:53.661067381: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:32:53.661291952: calling as root: sysctl vm.overcommit_memory=0 00:32:53.871981656: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:32:53.872261193: calling as root: sysctl vm.min_free_kbytes=65536 00:32:54.056782594: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:32:54.056966327: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:32:54.258549881: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:32:54.258774150: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:32:54.640735488: call returned: [0, "546\n", ""] 00:32:54.640941117: calling as root: systemctl status initramfs-shutdown.service 00:32:55.042910183: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 16min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:32:55.043106468: calling as root: systemctl status memlockd.service 00:32:55.350928584: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 17min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:32:55.351131199: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:32:55.657820509: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 17min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 00:32:55.659826806: calling as root: for i in $(seq 1 8388608) ; do echo wipe_didnt_work >> '/eCFBHnkiAS' ; done 00:34:05.682912372: call returned: [0, "", ""] When I fill a 128 MiB file with a known pattern on the root filesystem # features/step_definitions/erase_memory.rb:229 00:34:05.684852381: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:34:05.956469197: call returned: [0, "", ""] And I drop all kernel caches # features/step_definitions/erase_memory.rb:246 Then patterns cover at least 128 MiB in the guest's memory # features/step_definitions/erase_memory.rb:189 Pattern coverage: 100.000% (128 MiB out of 128 MiB reference memory) 00:34:09.690765208: spawning as root: halt When I trigger shutdown # features/step_definitions/erase_memory.rb:250 And I wait 20 seconds # features/step_definitions/common_steps.rb:826 Slept for 20 seconds Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1266 MiB reference memory) Scenario: Erasure of read and write disk caches of persistent data on shutdown # features/erase_memory.feature:73 00:34:38.946603544: calling as root: echo 'hello?' 00:34:39.188292037: call returned: [0, "hello?\n", ""] 00:34:39.914051407: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:34:39.914291611: calling as root: nmcli device show eth0 00:34:40.273367784: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:34:40.292397898: calling as root: date -s '@1498726127' 00:34:40.516780284: call returned: [0, "Thu Jun 29 08:48:47 UTC 2017\n", ""] Checkpoint: I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen Given I have started Tails from DVD without network and logged in And I create a 4 GiB disk named "__internal" 00:34:40.640145516: calling as root: test -b /dev/sda 00:34:40.820396212: call returned: [1, "", ""] 00:34:41.844630230: calling as root: test -b /dev/sda 00:34:42.081315178: call returned: [1, "", ""] 00:34:43.105916423: calling as root: test -b /dev/sda 00:34:43.277455046: call returned: [0, "", ""] And I plug USB drive "__internal" 00:34:43.279466672: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:34:43.526430653: call returned: [1, "", ""] 00:34:43.592740687: calling as amnesia: xdotool key Super 00:34:43.818764990: call returned: [0, "", ""] 00:34:45.590662254: [log] TYPE "GNOME Terminal" 00:34:49.487795169: [log] ( Ctrl ) TYPE "#ENTER." 00:34:51.329036879: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:34:51.329417100: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node19 = dogtail.tree.root.application('tails-installer-launcher') 00:34:53.458605022: execution complete 00:34:53.458807352: executing Python as amnesia: node20 = node19.child('Tails Installer', roleName='frame') 00:34:53.522980704: execution complete 00:34:56.523368547: executing Python as amnesia: node21 = node20.button('Install by cloning') 00:34:56.581454641: execution complete 00:34:56.581681779: executing Python as amnesia: node21.click() 00:34:57.663307707: execution complete 00:34:57.663511342: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node22 = dogtail.tree.root.application('tails-installer') 00:34:57.972973314: execution complete 00:34:57.973234848: executing Python as amnesia: node23 = node22.child('Tails Installer', roleName='frame') 00:34:58.003595860: execution complete 00:35:01.003912515: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:35:01.237568407: call returned: [0, "", ""] 00:35:01.255354151: executing Python as amnesia: node24 = node22.child('', roleName='text') 00:35:01.371765286: execution complete 00:35:01.371922155: executing Python as amnesia: print(node24.text) 00:35:01.406950010: execution complete 00:35:01.427782908: executing Python as amnesia: node25 = node22.child('Target Device:', roleName='label') 00:35:01.507974720: execution complete 00:35:01.508162380: executing Python as amnesia: node26 = node25.parent 00:35:01.543933299: execution complete 00:35:01.544138951: executing Python as amnesia: node27 = node26.child('', roleName='combo box', recursive=False) 00:35:01.594466915: execution complete 00:35:01.594707472: executing Python as amnesia: print(node27.name) 00:35:01.630073485: execution complete 00:35:01.630382237: executing Python as amnesia: node28 = node22.button('Install Tails') 00:35:01.711983149: execution complete 00:35:01.712167385: executing Python as amnesia: node28.click() 00:35:02.777224631: execution complete 00:35:02.777432139: executing Python as amnesia: node29 = node22.child('Question', roleName='alert') 00:35:02.863887731: execution complete 00:35:02.864087318: executing Python as amnesia: node30 = node29.button('Yes') 00:35:02.928180908: execution complete 00:35:02.928352136: executing Python as amnesia: node30.click() 00:35:03.980005700: execution complete 00:35:03.980364131: executing Python as amnesia: node31 = node22.child('Information', roleName='alert') 00:35:15.203965205: execution complete 00:35:16.204458483: executing Python as amnesia: node32 = node22.child('Information', roleName='alert') 00:35:27.611472546: execution complete 00:35:28.612024833: executing Python as amnesia: node33 = node22.child('Information', roleName='alert') 00:35:39.510953746: execution complete 00:35:40.511338158: executing Python as amnesia: node34 = node22.child('Information', roleName='alert') 00:35:51.668180851: execution complete 00:35:52.668561155: executing Python as amnesia: node35 = node22.child('Information', roleName='alert') 00:36:04.190746059: execution complete 00:36:05.191148148: executing Python as amnesia: node36 = node22.child('Information', roleName='alert') 00:36:16.314143518: execution complete 00:36:17.314479973: executing Python as amnesia: node37 = node22.child('Information', roleName='alert') 00:36:28.038490195: execution complete 00:36:28.038670957: executing Python as amnesia: node38 = node37.child('Installation complete!', roleName='label') 00:36:28.083877109: execution complete And I "Install by cloning" Tails to USB drive "__internal" 00:36:28.084889275: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:36:29.262467811: call returned: [0, "11:0\n", ""] 00:36:29.262663616: calling as root: readlink -f /dev/block/'11:0' 00:36:29.548259759: call returned: [0, "/dev/sr0\n", ""] 00:36:29.548415412: calling as root: udevadm info --query=property --name='/dev/sr0' 00:36:29.919338661: call returned: [0, "DEVLINKS=/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/dvd /dev/cdrom /dev/disk/by-uuid/2017-06-13-05-06-30-00\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:seat:uaccess:systemd:\nUSEC_INITIALIZED=5804478\n", ""] 00:36:29.937306467: calling as root: udisksctl info --block-device '/dev/sda' 00:36:30.781746247: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 00:36:30.782011161: calling as root: udisksctl info --block-device '/dev/sda1' 00:36:31.164960865: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-F410-3272\n IdLabel: Tails\n IdType: vfat\n IdUUID: F410-3272\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/F410-3272\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 4312549e-4491-4f02-99a5-1e01ae79ffba\n", ""] 00:36:31.165388561: calling as root: mkdir -p /mnt/new 00:36:31.326794671: call returned: [0, "", ""] 00:36:31.326961638: calling as root: mount /dev/sda1 /mnt/new 00:36:31.597995809: call returned: [0, "", ""] 00:36:31.598207925: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 00:36:53.281772089: call returned: [0, "", ""] 00:36:53.282021522: calling as root: ls -1 /mnt/new/syslinux 00:36:54.737147577: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 00:36:54.737311252: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 00:36:55.032500402: call returned: [0, "", ""] 00:36:55.032669903: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 00:36:55.184671827: call returned: [0, "", ""] 00:36:55.184900138: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 00:36:55.405009681: call returned: [0, "", ""] 00:36:55.405191217: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 00:36:55.607129266: call returned: [0, "", ""] 00:36:55.607305458: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 00:36:55.887482477: call returned: [0, "", ""] 00:36:55.887651684: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 00:36:56.096951131: call returned: [0, "", ""] 00:36:56.097119343: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 00:36:56.315334961: call returned: [0, "", ""] 00:36:56.315517626: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 00:36:56.508948700: call returned: [0, "", ""] 00:36:56.509163336: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 00:36:56.687194021: call returned: [0, "", ""] 00:36:56.687381571: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 00:36:56.913959912: call returned: [0, "", ""] 00:36:56.914168479: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 00:36:57.185561242: call returned: [0, "", ""] 00:36:57.185758059: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 00:36:57.392865820: call returned: [0, "", ""] 00:36:57.393065910: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 00:36:57.590408787: call returned: [0, "", ""] 00:36:57.590607123: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 00:36:57.819877644: call returned: [0, "", ""] 00:36:57.820096880: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 00:36:58.012158377: call returned: [0, "", ""] 00:36:58.012364974: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 00:36:58.253753977: call returned: [0, "", ""] 00:36:58.253945059: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 00:36:58.459768642: call returned: [0, "", ""] 00:36:58.460015940: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 00:36:58.612279170: call returned: [0, "", ""] 00:36:58.612558721: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 00:36:58.808069368: call returned: [0, "", ""] 00:36:58.808314977: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 00:36:59.263189087: call returned: [0, "", ""] 00:36:59.263368745: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 00:36:59.603684335: call returned: [0, "", ""] 00:36:59.603883474: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 00:36:59.803587853: call returned: [0, "", ""] 00:36:59.803824806: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 00:36:59.987136936: call returned: [0, "", ""] 00:36:59.987313775: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 00:37:00.180312967: call returned: [0, "", ""] 00:37:00.180575488: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 00:37:00.431619374: call returned: [0, "", ""] 00:37:00.431791601: calling as root: umount /mnt/new 00:37:01.111065514: call returned: [0, "", ""] 00:37:01.111232254: calling as root: sync 00:37:01.324035246: call returned: [0, "", ""] And the running Tails is installed on USB drive "__internal" 00:37:01.343679354: calling as root: test -b /dev/sda2 00:37:01.515696603: call returned: [1, "", ""] And there is no persistence partition on USB drive "__internal" 00:37:01.516661996: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off 00:37:12.500699418: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:37:14.811746676: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:38:21.981056063: calling as root: echo 'hello?' 00:38:22.254489176: call returned: [0, "hello?\n", ""] 00:38:22.254940123: calling as root: service tor status 00:38:22.541125765: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:38:22.541508569: opening file /etc/tor/torrc in 'append' mode 00:38:22.758886036: append complete And I start Tails from USB drive "__internal" with network unplugged 00:38:22.760399075: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:38:22.913376876: call returned: [0, "8:1\n", ""] 00:38:22.913529563: calling as root: readlink -f /dev/block/'8:1' 00:38:23.028473491: call returned: [0, "/dev/sda1\n", ""] 00:38:23.028695707: calling as root: ls -1 /dev/sda* 00:38:23.197716630: call returned: [0, "/dev/sda\n/dev/sda1\n", ""] 00:38:23.197889352: calling as root: cut -d':' -f1 /etc/passwd 00:38:23.351191292: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 00:38:23.351366098: calling as root: groups root 00:38:23.564184451: call returned: [0, "root : root\n", ""] 00:38:23.564404993: calling as root: groups daemon 00:38:23.689226562: call returned: [0, "daemon : daemon\n", ""] 00:38:23.689451982: calling as root: groups bin 00:38:23.815424749: call returned: [0, "bin : bin\n", ""] 00:38:23.815676491: calling as root: groups sys 00:38:23.964708727: call returned: [0, "sys : sys\n", ""] 00:38:23.964887965: calling as root: groups sync 00:38:24.095124101: call returned: [0, "sync : nogroup\n", ""] 00:38:24.095319182: calling as root: groups games 00:38:24.229293648: call returned: [0, "games : games\n", ""] 00:38:24.229554096: calling as root: groups man 00:38:24.377321659: call returned: [0, "man : man\n", ""] 00:38:24.377505774: calling as root: groups lp 00:38:24.518195984: call returned: [0, "lp : lp\n", ""] 00:38:24.518387004: calling as root: groups mail 00:38:24.661689734: call returned: [0, "mail : mail\n", ""] 00:38:24.661944745: calling as root: groups news 00:38:24.815653215: call returned: [0, "news : news\n", ""] 00:38:24.815843160: calling as root: groups uucp 00:38:24.967641461: call returned: [0, "uucp : uucp\n", ""] 00:38:24.967816833: calling as root: groups proxy 00:38:25.098832317: call returned: [0, "proxy : proxy\n", ""] 00:38:25.099027378: calling as root: groups www-data 00:38:25.242897520: call returned: [0, "www-data : www-data\n", ""] 00:38:25.243173176: calling as root: groups backup 00:38:25.415092456: call returned: [0, "backup : backup\n", ""] 00:38:25.415300877: calling as root: groups list 00:38:25.549239346: call returned: [0, "list : list\n", ""] 00:38:25.549457471: calling as root: groups irc 00:38:25.683358547: call returned: [0, "irc : irc\n", ""] 00:38:25.683598903: calling as root: groups gnats 00:38:25.805912697: call returned: [0, "gnats : gnats\n", ""] 00:38:25.806114598: calling as root: groups nobody 00:38:25.934360323: call returned: [0, "nobody : nogroup\n", ""] 00:38:25.934573302: calling as root: groups systemd-timesync 00:38:26.075616413: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 00:38:26.075852640: calling as root: groups systemd-network 00:38:26.241287425: call returned: [0, "systemd-network : systemd-network\n", ""] 00:38:26.241492841: calling as root: groups systemd-resolve 00:38:26.401308994: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 00:38:26.401507390: calling as root: groups systemd-bus-proxy 00:38:26.547872616: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 00:38:26.548097411: calling as root: groups _apt 00:38:26.718327374: call returned: [0, "_apt : nogroup\n", ""] 00:38:26.718560343: calling as root: groups messagebus 00:38:26.857554080: call returned: [0, "messagebus : messagebus\n", ""] 00:38:26.857776095: calling as root: groups memlockd 00:38:27.011428801: call returned: [0, "memlockd : memlockd\n", ""] 00:38:27.011693074: calling as root: groups monkeysphere 00:38:27.188543416: call returned: [0, "monkeysphere : monkeysphere\n", ""] 00:38:27.188770784: calling as root: groups debian-tor 00:38:27.345248061: call returned: [0, "debian-tor : debian-tor\n", ""] 00:38:27.345453526: calling as root: groups speech-dispatcher 00:38:27.520349021: call returned: [0, "speech-dispatcher : audio\n", ""] 00:38:27.520556153: calling as root: groups colord 00:38:27.661521083: call returned: [0, "colord : colord\n", ""] 00:38:27.661791296: calling as root: groups saned 00:38:27.814271915: call returned: [0, "saned : saned scanner\n", ""] 00:38:27.814477641: calling as root: groups pulse 00:38:27.961665519: call returned: [0, "pulse : pulse audio\n", ""] 00:38:27.961926508: calling as root: groups hplip 00:38:28.133876673: call returned: [0, "hplip : lp\n", ""] 00:38:28.134128096: calling as root: groups Debian-gdm 00:38:28.280443904: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 00:38:28.280667779: calling as root: groups tails-persistence-setup 00:38:28.414248567: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 00:38:28.414480944: calling as root: groups clearnet 00:38:28.587949094: call returned: [0, "clearnet : clearnet\n", ""] 00:38:28.588215274: calling as root: groups htp 00:38:28.765188605: call returned: [0, "htp : htp\n", ""] 00:38:28.765404372: calling as root: groups tails-iuk-get-target-file 00:38:28.946405545: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 00:38:28.946606821: calling as root: groups tails-upgrade-frontend 00:38:29.134944869: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 00:38:29.135273406: calling as root: groups tor-launcher 00:38:29.284346769: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 00:38:29.284577628: calling as root: groups tails-install-iuk 00:38:29.472773428: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 00:38:29.473031746: calling as root: groups amnesia 00:38:29.661164539: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 00:38:29.661443990: calling as root: stat -c %U /dev/sda 00:38:29.846448123: call returned: [0, "root\n", ""] 00:38:29.846607025: calling as root: stat -c %G /dev/sda 00:38:29.995303834: call returned: [0, "disk\n", ""] 00:38:29.995471095: calling as root: stat -c %a /dev/sda 00:38:30.210777558: call returned: [0, "660\n", ""] 00:38:30.211468517: calling as root: stat -c %U /dev/sda1 00:38:30.354912164: call returned: [0, "root\n", ""] 00:38:30.355151557: calling as root: stat -c %G /dev/sda1 00:38:30.548037610: call returned: [0, "disk\n", ""] 00:38:30.548257675: calling as root: stat -c %a /dev/sda1 00:38:30.695325061: call returned: [0, "660\n", ""] 00:38:30.695902138: calling as root: udisksctl info --block-device '/dev/sda' 00:38:31.239439887: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights 00:38:31.240473789: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:38:31.380530590: call returned: [0, "8:1\n", ""] 00:38:31.380693055: calling as root: readlink -f /dev/block/'8:1' 00:38:31.503466521: call returned: [0, "/dev/sda1\n", ""] 00:38:31.503670389: calling as root: udevadm info --query=property --name='/dev/sda1' 00:38:31.732349550: call returned: [0, "DEVLINKS=/dev/disk/by-uuid/F410-3272 /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-partlabel/Tails /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7812087\n", ""] 00:38:31.732761356: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:38:31.885652234: call returned: [0, "8:1\n", ""] 00:38:31.885831622: calling as root: readlink -f /dev/block/'8:1' 00:38:32.025711067: call returned: [0, "/dev/sda1\n", ""] And Tails is running from USB drive "__internal" 00:38:32.114913854: calling as root: test -b /dev/sda2 00:38:32.266650064: call returned: [1, "", ""] And there is no persistence partition on USB drive "__internal" 00:38:32.267765957: calling as root: pidof -x -o '%PPID' udev-watchdog 00:38:32.426799157: call returned: [0, "3872\n", ""] And process "udev-watchdog" is running 00:38:32.427807088: calling as root: ps -wweo cmd 00:38:32.818696096: call returned: [0, "CMD\n/sbin/init config nopersistence noprompt splash noautologin kaslr autotest_never_use_this_option\n[kthreadd]\n[ksoftirqd/0]\n[kworker/0:0]\n[kworker/0:0H]\n[kworker/u4:0]\n[rcu_sched]\n[rcu_bh]\n[migration/0]\n[lru-add-drain]\n[watchdog/0]\n[cpuhp/0]\n[cpuhp/1]\n[watchdog/1]\n[migration/1]\n[ksoftirqd/1]\n[kworker/1:0]\n[kworker/1:0H]\n[kdevtmpfs]\n[netns]\n[khungtaskd]\n[oom_reaper]\n[writeback]\n[kcompactd0]\n[kworker/0:1]\n[ksmd]\n[khugepaged]\n[crypto]\n[kintegrityd]\n[bioset]\n[kblockd]\n[devfreq_wq]\n[watchdogd]\n[kswapd0]\n[vmstat]\n[kthrotld]\n[kworker/1:1]\n[ipv6_addrconf]\n[kworker/0:2]\n[kworker/u4:1]\n[ata_sff]\n[kworker/0:3]\n[scsi_eh_0]\n[scsi_tmf_0]\n[scsi_eh_1]\n[scsi_tmf_1]\n[scsi_eh_2]\n[scsi_tmf_2]\n[scsi_eh_3]\n[scsi_tmf_3]\n[scsi_eh_4]\n[scsi_tmf_4]\n[scsi_eh_5]\n[scsi_tmf_5]\n[kworker/u4:2]\n[kworker/u4:3]\n[ttm_swap]\n[kworker/u4:4]\n[kworker/u4:5]\n[kworker/u4:6]\n[scsi_eh_6]\n[scsi_tmf_6]\n[usb-storage]\n[bioset]\n[kworker/0:1H]\n[kworker/1:1H]\n[kworker/1:2]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[loop0]\n/lib/systemd/systemd-journald\n[kauditd]\n/sbin/lvmetad -f\n[kworker/1:3]\n[kworker/1:4]\ngpg-agent --homedir /home/amnesia/.gnupg --use-standard-socket --daemon\ngpg-agent --homedir /usr/share/tails-iuk/trusted_gnupg_homedir --use-standard-socket --daemon\n/usr/sbin/haveged --Foreground --verbose=1 -w 2048\ngpg-agent --homedir /root/.gnupg --use-standard-socket --daemon\n/lib/systemd/systemd-udevd\n/usr/lib/accountsservice/accounts-daemon\n/usr/bin/python3 -u /usr/local/lib/onion-grater\n/usr/sbin/cron -f\n/usr/bin/python3 /usr/local/lib/tails-autotest-remote-shell\n/usr/sbin/memlockd -f -u memlockd\n/bin/sh -c . /usr/local/lib/tails-shell-library/tor.sh ; while ! tor_is_working ; do /bin/sleep 1 ; done\n/bin/sh /usr/local/lib/udev-watchdog-wrapper\n/lib/systemd/systemd-logind\n/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/sbin/ModemManager\n[kworker/0:4]\n/usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1 disk\n/usr/lib/policykit-1/polkitd --no-debug\n/usr/sbin/spice-vdagentd\n/usr/sbin/gdm3\ngdm-session-worker [pam/gdm-launch-environment]\n/lib/systemd/systemd --user\n(sd-pam)\n/usr/lib/gdm3/gdm-x-session gnome-session --autostart /usr/share/gdm/greeter/autostart\n/usr/lib/xorg/Xorg vt1 -displayfd 3 -auth /run/user/114/gdm/Xauthority -background none -noreset -keeptty -verbose 3\n[cfg80211]\n/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/lib/gnome-session/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart\n/usr/lib/at-spi2-core/at-spi-bus-launcher\n/usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3\n/usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session\n/usr/bin/gnome-shell --mode=gdm-tails\n/usr/lib/upower/upowerd\n/usr/bin/pulseaudio --daemonize=no\nibus-daemon --xim --panel disable\n/usr/lib/gnome-settings-daemon/gnome-settings-daemon\n/usr/bin/spice-vdagent\n/usr/lib/ibus/ibus-dconf\n/usr/lib/ibus/ibus-x11 --kill-daemon\n/bin/bash /usr/bin/tails-greeter\n/usr/lib/colord/colord\n/lib/systemd/systemd-hostnamed\n/lib/systemd/systemd-localed\n/usr/bin/python3 ./tails-greeter.py\n/usr/lib/ibus/ibus-engine-simple\n/usr/lib/dconf/dconf-service\n[kworker/1:5]\n[kworker/1:6]\n/usr/lib/udisks2/udisksd --no-debug\n/bin/sleep 1\n/bin/sh -c ps -wweo cmd\nps -wweo cmd\n", ""] 00:38:32.819106986: opening file /sys/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1/dev in 'read' mode 00:38:32.865005538: read complete 00:38:32.865176845: calling as root: readlink -f /dev/block/'8:1' 00:38:32.993378480: call returned: [0, "/dev/sda1\n", ""] 00:38:32.993634616: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:38:33.162624945: call returned: [0, "8:1\n", ""] 00:38:33.162826392: calling as root: readlink -f /dev/block/'8:1' 00:38:33.303380566: call returned: [0, "/dev/sda1\n", ""] And udev-watchdog is monitoring the correct device 00:38:34.831834656: calling as root: echo 'hello?' 00:38:35.002216518: call returned: [0, "hello?\n", ""] 00:38:35.730080055: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:38:35.730309921: calling as root: nmcli device show eth0 00:38:36.110979584: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:38:36.128877926: calling as root: date -s '@1498726363' 00:38:36.279391963: call returned: [0, "Thu Jun 29 08:52:43 UTC 2017\n", ""] Checkpoint: I have started Tails without network from a USB drive without a persistent partition and logged in Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen 00:38:37.074978167: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:38:37.075428309: calling as root: loginctl 00:38:37.256926192: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:38:38.257399959: calling as root: loginctl 00:38:38.535491464: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 71 1000 amnesia seat0 /dev/tty2 \n c71 0 root n/a \n\n3 sessions listed.\n", "Failed to get session path: No such device or address\n"] 00:38:53.468477633: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:38:53.607550971: call returned: [0, "", ""] 00:38:53.607737737: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:38:53.742554536: call returned: [0, "", ""] And I log in to a new session 00:38:55.799329404: calling as root: echo 'hello?' 00:38:56.029184482: call returned: [0, "hello?\n", ""] 00:38:56.757578038: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:38:56.757887986: calling as root: nmcli device show eth0 00:38:57.095369754: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:4D:7A:08\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:38:57.122838753: calling as root: date -s '@1498726384' 00:38:57.314950253: call returned: [0, "Thu Jun 29 08:53:04 UTC 2017\n", ""] Checkpoint: I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen Given I have started Tails without network from a USB drive without a persistent partition and logged in 00:38:57.373414382: calling as amnesia: xdotool key Super 00:38:57.633402200: call returned: [0, "", ""] 00:38:59.742404715: [log] TYPE "Configure persistent volume" 00:38:59.805289336: [log] ( Ctrl ) TYPE "#ENTER." 00:39:10.349197037: [log] TYPE "asdf#TAB.asdf#ENTER." 00:39:25.258937386: [log] TYPE "#TAB." 00:39:25.259217315: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 00:39:26.673398025: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 00:39:26.841206495: [log] TYPE "#TAB. " [log] TYPE "#TAB. " 00:39:26.924079776: [log] TYPE "#TAB. " 00:39:27.006853365: [log] TYPE "#TAB. " 00:39:27.089748513: [log] TYPE "#TAB. " 00:39:27.177494725: [log] TYPE "#TAB. " 00:39:27.342178745: [log] TYPE "#TAB. " [log] TYPE "#TAB. " 00:39:27.425070825: [log] TYPE "#TAB. " 00:39:27.509113363: [log] TYPE "#TAB. " 00:39:27.592456550: [log] TYPE "#TAB. " 00:39:27.676354518: [log] TYPE "#TAB. " 00:39:29.346179380: [log] CLICK on L(878,708)@S(0)[0,0 1024x768] 00:39:29.412696100: [log] ( Alt ) TYPE "#F4." And I create a persistent partition 00:39:29.432783614: calling as root: udisksctl info --block-device '/dev/sda2' 00:39:29.966469220: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda2:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda2\n DeviceNumber: 2050\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: by-uuid-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdLabel: \n IdType: crypto_LUKS\n IdUUID: 6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdUsage: crypto\n IdVersion: 1\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda2\n ReadOnly: false\n Size: 1670364672\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part2\n /dev/disk/by-partlabel/TailsData\n /dev/disk/by-partuuid/d8ed5054-08cc-4017-96e8-239e227c1eb2\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part2\n /dev/disk/by-uuid/6f9c10b5-4034-4358-91c7-8738b6fb04ff\n org.freedesktop.UDisks2.Encrypted:\n org.freedesktop.UDisks2.Partition:\n Flags: 0\n IsContained: false\n IsContainer: false\n Name: TailsData\n Number: 2\n Offset: 2624585728\n Size: 1670364672\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: 0fc63daf-8483-4772-8e79-3d69d8477de4\n UUID: d8ed5054-08cc-4017-96e8-239e227c1eb2\n", ""] 00:39:29.966814639: calling as root: ls -1 --hide 'control' /dev/mapper/ 00:39:30.138645197: call returned: [0, "luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n", ""] 00:39:30.138886797: calling as root: cryptsetup status 'luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff' 00:39:30.455000746: call returned: [0, "/dev/mapper/luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff is active and is in use.\n type: LUKS1\n cipher: aes-xts-plain64\n keysize: 256 bits\n device: /dev/sda2\n offset: 4096 sectors\n size: 3258335 sectors\n mode: read/write\n", ""] 00:39:30.455308328: calling as root: udisksctl info --block-device '/dev/mapper/luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff' 00:39:30.865513238: call returned: [0, "/org/freedesktop/UDisks2/block_devices/dm_2d0:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sda2'\n Device: /dev/dm-0\n DeviceNumber: 65024\n Drive: '/'\n HintAuto: false\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: false\n HintSymbolicIconName: \n HintSystem: true\n Id: by-id-dm-name-luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdLabel: TailsData\n IdType: ext4\n IdUUID: 2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n IdUsage: filesystem\n IdVersion: 1.0\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/mapper/luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n ReadOnly: false\n Size: 1668267520\n Symlinks: /dev/disk/by-id/dm-name-luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n /dev/disk/by-id/dm-uuid-CRYPT-LUKS1-6f9c10b54034435891c78738b6fb04ff-luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n /dev/disk/by-label/TailsData\n /dev/disk/by-uuid/2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n /dev/mapper/luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: /media/tails-persistence-setup/TailsData\n", ""] 00:39:30.865807239: calling as root: mkdir -p /mnt/__internal 00:39:31.117974414: call returned: [0, "", ""] 00:39:31.118119099: calling as root: mount '/dev/mapper/luks-6f9c10b5-4034-4358-91c7-8738b6fb04ff' /mnt/__internal 00:39:31.390895809: call returned: [0, "", ""] 00:39:31.391151524: calling as root: umount /mnt/__internal 00:39:31.716548143: call returned: [0, "", ""] 00:39:31.716696229: calling as root: sync 00:39:31.932128123: call returned: [0, "", ""] 00:39:31.932281454: calling as root: cryptsetup luksClose __internal 00:39:32.186947526: call returned: [4, "", "Device __internal is not active.\n"] And a Tails persistence partition exists on USB drive "__internal" 00:39:32.187260435: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off 00:39:41.478890192: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:40:54.404179057: calling as root: echo 'hello?' 00:40:54.404354333: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:40:54.714218088: call returned: [0, "hello?\n", ""] 00:40:54.715081069: calling as root: service tor status 00:40:55.016211360: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:40:55.016674789: opening file /etc/tor/torrc in 'append' mode 00:40:55.295445610: append complete And I start Tails from USB drive "__internal" with network unplugged 00:40:55.295735803: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:40:55.449212288: call returned: [0, "8:1\n", ""] 00:40:55.449394381: calling as root: readlink -f /dev/block/'8:1' 00:40:55.571295054: call returned: [0, "/dev/sda1\n", ""] 00:40:55.571480840: calling as root: ls -1 /dev/sda* 00:40:55.695373623: call returned: [0, "/dev/sda\n/dev/sda1\n/dev/sda2\n", ""] 00:40:55.695579628: calling as root: cut -d':' -f1 /etc/passwd 00:40:55.850555638: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 00:40:55.850786883: calling as root: groups root 00:40:56.055093792: call returned: [0, "root : root\n", ""] 00:40:56.055275076: calling as root: groups daemon 00:40:56.194828479: call returned: [0, "daemon : daemon\n", ""] 00:40:56.195006494: calling as root: groups bin 00:40:56.327158365: call returned: [0, "bin : bin\n", ""] 00:40:56.327342187: calling as root: groups sys 00:40:56.484686208: call returned: [0, "sys : sys\n", ""] 00:40:56.484935543: calling as root: groups sync 00:40:56.609410795: call returned: [0, "sync : nogroup\n", ""] 00:40:56.609588117: calling as root: groups games 00:40:56.780259821: call returned: [0, "games : games\n", ""] 00:40:56.780432104: calling as root: groups man 00:40:56.918670543: call returned: [0, "man : man\n", ""] 00:40:56.918845241: calling as root: groups lp 00:40:57.067039840: call returned: [0, "lp : lp\n", ""] 00:40:57.067250653: calling as root: groups mail 00:40:57.252948438: call returned: [0, "mail : mail\n", ""] 00:40:57.253120890: calling as root: groups news 00:40:57.416644358: call returned: [0, "news : news\n", ""] 00:40:57.416863534: calling as root: groups uucp 00:40:57.549250798: call returned: [0, "uucp : uucp\n", ""] 00:40:57.549481878: calling as root: groups proxy 00:40:57.726922062: call returned: [0, "proxy : proxy\n", ""] 00:40:57.727178730: calling as root: groups www-data 00:40:57.877222572: call returned: [0, "www-data : www-data\n", ""] 00:40:57.877460228: calling as root: groups backup 00:40:58.045206734: call returned: [0, "backup : backup\n", ""] 00:40:58.045407618: calling as root: groups list 00:40:58.201847108: call returned: [0, "list : list\n", ""] 00:40:58.202054636: calling as root: groups irc 00:40:58.329580499: call returned: [0, "irc : irc\n", ""] 00:40:58.329838709: calling as root: groups gnats 00:40:58.488080680: call returned: [0, "gnats : gnats\n", ""] 00:40:58.488302481: calling as root: groups nobody 00:40:58.654023192: call returned: [0, "nobody : nogroup\n", ""] 00:40:58.654278226: calling as root: groups systemd-timesync 00:40:58.811662533: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 00:40:58.811924580: calling as root: groups systemd-network 00:40:58.974307201: call returned: [0, "systemd-network : systemd-network\n", ""] 00:40:58.974495207: calling as root: groups systemd-resolve 00:40:59.136646447: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 00:40:59.136828592: calling as root: groups systemd-bus-proxy 00:40:59.307115422: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 00:40:59.307354707: calling as root: groups _apt 00:40:59.502206606: call returned: [0, "_apt : nogroup\n", ""] 00:40:59.502495466: calling as root: groups messagebus 00:40:59.663223154: call returned: [0, "messagebus : messagebus\n", ""] 00:40:59.663509442: calling as root: groups memlockd 00:40:59.807225013: call returned: [0, "memlockd : memlockd\n", ""] 00:40:59.807437105: calling as root: groups monkeysphere 00:40:59.984961977: call returned: [0, "monkeysphere : monkeysphere\n", ""] 00:40:59.985160123: calling as root: groups debian-tor 00:41:00.135324272: call returned: [0, "debian-tor : debian-tor\n", ""] 00:41:00.135560873: calling as root: groups speech-dispatcher 00:41:00.317539417: call returned: [0, "speech-dispatcher : audio\n", ""] 00:41:00.317766305: calling as root: groups colord 00:41:00.519752750: call returned: [0, "colord : colord\n", ""] 00:41:00.520001880: calling as root: groups saned 00:41:00.651092308: call returned: [0, "saned : saned scanner\n", ""] 00:41:00.651296593: calling as root: groups pulse 00:41:00.845974546: call returned: [0, "pulse : pulse audio\n", ""] 00:41:00.846229234: calling as root: groups hplip 00:41:01.011455577: call returned: [0, "hplip : lp\n", ""] 00:41:01.011702084: calling as root: groups Debian-gdm 00:41:01.177099633: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 00:41:01.177309151: calling as root: groups tails-persistence-setup 00:41:01.320108492: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 00:41:01.320308206: calling as root: groups clearnet 00:41:01.470154770: call returned: [0, "clearnet : clearnet\n", ""] 00:41:01.470337009: calling as root: groups htp 00:41:01.601809379: call returned: [0, "htp : htp\n", ""] 00:41:01.602004937: calling as root: groups tails-iuk-get-target-file 00:41:01.729469514: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 00:41:01.729671366: calling as root: groups tails-upgrade-frontend 00:41:01.883615643: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 00:41:01.883896975: calling as root: groups tor-launcher 00:41:02.034409955: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 00:41:02.034664216: calling as root: groups tails-install-iuk 00:41:02.179766543: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 00:41:02.179961648: calling as root: groups amnesia 00:41:02.329273704: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 00:41:02.329608173: calling as root: stat -c %U /dev/sda 00:41:02.481261863: call returned: [0, "root\n", ""] 00:41:02.481507262: calling as root: stat -c %G /dev/sda 00:41:02.617499475: call returned: [0, "disk\n", ""] 00:41:02.617645748: calling as root: stat -c %a /dev/sda 00:41:02.756008234: call returned: [0, "660\n", ""] 00:41:02.756609404: calling as root: stat -c %U /dev/sda1 00:41:02.934883908: call returned: [0, "root\n", ""] 00:41:02.935058112: calling as root: stat -c %G /dev/sda1 00:41:03.166574394: call returned: [0, "disk\n", ""] 00:41:03.166771614: calling as root: stat -c %a /dev/sda1 00:41:03.353723987: call returned: [0, "660\n", ""] 00:41:03.354410775: calling as root: stat -c %U /dev/sda2 00:41:03.531150349: call returned: [0, "root\n", ""] 00:41:03.531380035: calling as root: stat -c %G /dev/sda2 00:41:03.673575575: call returned: [0, "disk\n", ""] 00:41:03.673734927: calling as root: stat -c %a /dev/sda2 00:41:03.821694498: call returned: [0, "660\n", ""] 00:41:03.822275724: calling as root: udisksctl info --block-device '/dev/sda' 00:41:04.269438554: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights 00:41:04.269789826: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:41:04.431474446: call returned: [0, "8:1\n", ""] 00:41:04.431622352: calling as root: readlink -f /dev/block/'8:1' 00:41:04.585695927: call returned: [0, "/dev/sda1\n", ""] 00:41:04.585838904: calling as root: udevadm info --query=property --name='/dev/sda1' 00:41:04.817126558: call returned: [0, "DEVLINKS=/dev/disk/by-label/Tails /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-partlabel/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-uuid/F410-3272 /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8188288\n", ""] 00:41:04.817523545: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:41:04.982729402: call returned: [0, "8:1\n", ""] 00:41:04.982945509: calling as root: readlink -f /dev/block/'8:1' 00:41:05.129185872: call returned: [0, "/dev/sda1\n", ""] And Tails is running from USB drive "__internal" 00:41:05.182301841: calling as root: pidof -x -o '%PPID' udev-watchdog 00:41:05.347215095: call returned: [0, "3827\n", ""] And process "udev-watchdog" is running 00:41:05.347445992: calling as root: ps -wweo cmd 00:41:05.762344686: call returned: [0, "CMD\n/sbin/init config nopersistence noprompt splash noautologin kaslr autotest_never_use_this_option\n[kthreadd]\n[ksoftirqd/0]\n[kworker/0:0]\n[kworker/0:0H]\n[kworker/u4:0]\n[rcu_sched]\n[rcu_bh]\n[migration/0]\n[lru-add-drain]\n[watchdog/0]\n[cpuhp/0]\n[cpuhp/1]\n[watchdog/1]\n[migration/1]\n[ksoftirqd/1]\n[kworker/1:0]\n[kworker/1:0H]\n[kdevtmpfs]\n[netns]\n[khungtaskd]\n[oom_reaper]\n[writeback]\n[kcompactd0]\n[kworker/0:1]\n[ksmd]\n[khugepaged]\n[crypto]\n[kintegrityd]\n[bioset]\n[kblockd]\n[devfreq_wq]\n[watchdogd]\n[kworker/1:1]\n[kswapd0]\n[vmstat]\n[kthrotld]\n[kworker/1:2]\n[ipv6_addrconf]\n[ata_sff]\n[ttm_swap]\n[kworker/u4:1]\n[kworker/0:2]\n[scsi_eh_0]\n[scsi_tmf_0]\n[scsi_eh_1]\n[scsi_tmf_1]\n[scsi_eh_2]\n[scsi_tmf_2]\n[scsi_eh_3]\n[scsi_tmf_3]\n[scsi_eh_4]\n[scsi_tmf_4]\n[scsi_eh_5]\n[scsi_tmf_5]\n[kworker/u4:2]\n[kworker/u4:3]\n[kworker/u4:4]\n[kworker/u4:5]\n[kworker/u4:6]\n[scsi_eh_6]\n[scsi_tmf_6]\n[usb-storage]\n[bioset]\n[kworker/0:1H]\n[kworker/1:1H]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[bioset]\n[loop0]\n[kauditd]\n/lib/systemd/systemd-journald\n[kworker/0:3]\n/sbin/lvmetad -f\n[kworker/1:3]\ngpg-agent --homedir /home/amnesia/.gnupg --use-standard-socket --daemon\ngpg-agent --homedir /usr/share/tails-iuk/trusted_gnupg_homedir --use-standard-socket --daemon\n/usr/sbin/haveged --Foreground --verbose=1 -w 2048\ngpg-agent --homedir /root/.gnupg --use-standard-socket --daemon\n/lib/systemd/systemd-udevd\n/lib/systemd/systemd-logind\n/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/sbin/cron -f\n/usr/bin/python3 -u /usr/local/lib/onion-grater\n/usr/sbin/memlockd -f -u memlockd\n/bin/sh /usr/local/lib/udev-watchdog-wrapper\n/usr/bin/python3 /usr/local/lib/tails-autotest-remote-shell\n/bin/sh -c . /usr/local/lib/tails-shell-library/tor.sh ; while ! tor_is_working ; do /bin/sleep 1 ; done\n/usr/sbin/ModemManager\n/usr/lib/accountsservice/accounts-daemon\n/usr/lib/policykit-1/polkitd --no-debug\n/usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1 disk\n/usr/sbin/spice-vdagentd\n[kworker/0:4]\n/usr/sbin/gdm3\ngdm-session-worker [pam/gdm-launch-environment]\n/lib/systemd/systemd --user\n(sd-pam)\n/usr/lib/gdm3/gdm-x-session gnome-session --autostart /usr/share/gdm/greeter/autostart\n/usr/lib/xorg/Xorg vt1 -displayfd 3 -auth /run/user/114/gdm/Xauthority -background none -noreset -keeptty -verbose 3\n[cfg80211]\n/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/lib/gnome-session/gnome-session-binary --autostart /usr/share/gdm/greeter/autostart\n/usr/lib/at-spi2-core/at-spi-bus-launcher\n/usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3\n/usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session\n/usr/bin/gnome-shell --mode=gdm-tails\n/usr/lib/upower/upowerd\n/usr/bin/pulseaudio --daemonize=no\nibus-daemon --xim --panel disable\n/usr/lib/gnome-settings-daemon/gnome-settings-daemon\n/usr/bin/spice-vdagent\n/usr/lib/ibus/ibus-dconf\n/usr/lib/ibus/ibus-x11 --kill-daemon\n/bin/bash /usr/bin/tails-greeter\n/usr/lib/colord/colord\n/lib/systemd/systemd-hostnamed\n/usr/bin/python3 ./tails-greeter.py\n/lib/systemd/systemd-localed\n/usr/lib/ibus/ibus-engine-simple\n/usr/lib/dconf/dconf-service\n[kworker/1:4]\n[kworker/1:5]\n/usr/lib/udisks2/udisksd --no-debug\n/bin/sleep 1\n/bin/sh -c ps -wweo cmd\nps -wweo cmd\n", ""] 00:41:05.762790096: opening file /sys/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1/dev in 'read' mode 00:41:05.802629643: read complete 00:41:05.802763855: calling as root: readlink -f /dev/block/'8:1' 00:41:05.925628401: call returned: [0, "/dev/sda1\n", ""] 00:41:05.925839559: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:41:06.099949970: call returned: [0, "8:1\n", ""] 00:41:06.100108026: calling as root: readlink -f /dev/block/'8:1' 00:41:06.262358697: call returned: [0, "/dev/sda1\n", ""] And udev-watchdog is monitoring the correct device 00:41:07.912355416: calling as root: echo 'hello?' 00:41:08.111546895: call returned: [0, "hello?\n", ""] 00:41:08.834885360: calling as root: nmcli device show eth0 00:41:08.849756800: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:41:09.173096138: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:41:09.189999606: calling as root: date -s '@1498726516' 00:41:09.338065686: call returned: [0, "Thu Jun 29 08:55:16 UTC 2017\n", ""] Checkpoint: I have started Tails without network from a USB drive with a persistent partition enabled and logged in Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen 00:41:10.150546991: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 00:41:10.356334677: [log] TYPE "asdf#ENTER." And I enable persistence 00:41:17.342473255: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 00:41:17.342780152: calling as root: loginctl 00:41:17.542935163: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:41:18.543367610: calling as root: loginctl 00:41:18.809152858: call returned: [0, " SESSION UID USER SEAT TTY \n 73 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 00:41:33.630058172: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:41:33.744222305: call returned: [0, "", ""] 00:41:33.744394378: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:41:33.851890629: call returned: [0, "", ""] And I log in to a new session 00:41:33.852977691: calling as root: test -e '/var/lib/live/config/tails.persistence' 00:41:34.071238044: call returned: [0, "", ""] 00:41:34.071388916: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 00:41:34.333738595: call returned: [0, "", ""] 00:41:34.333989308: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 00:41:36.296104382: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 00:41:36.296441416: calling as root: mount 00:41:36.757067748: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=7ab626b1c0a8b106,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=26,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10497)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] And all persistence presets are enabled 00:41:36.758399333: calling as root: ls -1 -d /live/persistence/*_unlocked/ 00:41:37.037631699: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 00:41:37.037862170: calling as root: stat -c %U /live/persistence/TailsData_unlocked/ 00:41:37.314998940: call returned: [0, "root\n", ""] 00:41:37.315293636: calling as root: stat -c %G /live/persistence/TailsData_unlocked/ 00:41:37.553825991: call returned: [0, "root\n", ""] 00:41:37.554139342: calling as root: stat -c %a /live/persistence/TailsData_unlocked/ 00:41:37.840380412: call returned: [0, "775\n", ""] And all persistent filesystems have safe access rights 00:41:37.841582795: calling as root: ls -1 -d /live/persistence/*_unlocked/ 00:41:38.068874567: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 00:41:38.069037914: calling as root: test -e /live/persistence/TailsData_unlocked//persistence.conf 00:41:38.313717341: call returned: [0, "", ""] 00:41:38.313926943: calling as root: test ! -e /live/persistence/TailsData_unlocked//live-persistence.conf 00:41:38.567385298: call returned: [0, "", ""] 00:41:38.567604844: calling as root: ls -1 /live/persistence/TailsData_unlocked//persistence.conf /live/persistence/TailsData_unlocked//live-*.conf 00:41:38.814752640: call returned: [0, "/live/persistence/TailsData_unlocked//live-additional-software.conf\n/live/persistence/TailsData_unlocked//persistence.conf\n", ""] 00:41:38.814933415: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//live-additional-software.conf' 00:41:39.128829952: call returned: [0, "tails-persistence-setup\n", ""] 00:41:39.128992985: calling as root: stat -c %G '/live/persistence/TailsData_unlocked//live-additional-software.conf' 00:41:39.432449335: call returned: [0, "tails-persistence-setup\n", ""] 00:41:39.432597337: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//live-additional-software.conf' 00:41:39.668362275: call returned: [0, "600\n", ""] 00:41:39.668613446: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//persistence.conf' 00:41:39.932538239: call returned: [0, "tails-persistence-setup\n", ""] 00:41:39.932691984: calling as root: stat -c %G '/live/persistence/TailsData_unlocked//persistence.conf' 00:41:40.139184030: call returned: [0, "tails-persistence-setup\n", ""] 00:41:40.139371110: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//persistence.conf' 00:41:40.422382618: call returned: [0, "600\n", ""] And all persistence configuration files have safe access rights 00:41:40.423372004: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 00:41:41.872641389: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 00:41:41.873004653: calling as root: ls -1 -d /live/persistence/*_unlocked/ 00:41:42.088000210: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 00:41:42.088194728: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 00:41:42.360873717: call returned: [0, "", ""] 00:41:42.361046561: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 00:41:42.639734317: call returned: [0, "700\n", ""] 00:41:42.639985800: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 00:41:42.892871358: call returned: [0, "amnesia\n", ""] 00:41:42.893076804: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 00:41:43.096561270: call returned: [0, "", ""] 00:41:43.096805277: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 00:41:43.372585897: call returned: [0, "700\n", ""] 00:41:43.372776179: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 00:41:43.576616386: call returned: [0, "amnesia\n", ""] 00:41:43.576870347: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 00:41:43.792100766: call returned: [0, "", ""] 00:41:43.792282167: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 00:41:44.013187300: call returned: [0, "700\n", ""] 00:41:44.013373233: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 00:41:44.258365945: call returned: [0, "amnesia\n", ""] 00:41:44.258571995: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 00:41:44.462773287: call returned: [0, "", ""] 00:41:44.462957885: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 00:41:44.759357565: call returned: [0, "700\n", ""] 00:41:44.759545996: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 00:41:45.034971578: call returned: [0, "amnesia\n", ""] 00:41:45.035209787: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 00:41:45.259685102: call returned: [0, "", ""] 00:41:45.259940789: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 00:41:45.560169150: call returned: [0, "700\n", ""] 00:41:45.560343512: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 00:41:45.834212094: call returned: [0, "amnesia\n", ""] 00:41:45.834447773: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 00:41:46.134949802: call returned: [0, "", ""] 00:41:46.135181663: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 00:41:46.360160604: call returned: [0, "700\n", ""] 00:41:46.360369340: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 00:41:46.661459947: call returned: [0, "amnesia\n", ""] 00:41:46.661724945: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 00:41:46.886690818: call returned: [0, "", ""] 00:41:46.886872258: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 00:41:47.214518459: call returned: [0, "755\n", ""] 00:41:47.214694616: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 00:41:47.409178086: call returned: [0, "root\n", ""] 00:41:47.409385882: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 00:41:47.650700580: call returned: [0, "", ""] 00:41:47.650877156: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 00:41:47.856469343: call returned: [0, "700\n", ""] 00:41:47.856651166: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 00:41:48.082243394: call returned: [0, "amnesia\n", ""] 00:41:48.082455504: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 00:41:48.316041909: call returned: [0, "", ""] 00:41:48.316212573: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 00:41:48.585226032: call returned: [0, "755\n", ""] 00:41:48.585401489: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 00:41:48.795631674: call returned: [0, "root\n", ""] 00:41:48.795836464: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 00:41:48.989801059: call returned: [0, "", ""] 00:41:48.989990677: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 00:41:49.236919450: call returned: [0, "700\n", ""] 00:41:49.237100501: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 00:41:49.452613321: call returned: [0, "amnesia\n", ""] 00:41:49.452857137: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 00:41:49.675018259: call returned: [0, "", ""] 00:41:49.675265596: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 00:41:49.963409671: call returned: [0, "755\n", ""] 00:41:49.963662688: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 00:41:50.183688649: call returned: [0, "root\n", ""] 00:41:50.183952084: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 00:41:50.431363910: call returned: [0, "", ""] 00:41:50.431564730: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 00:41:50.679769874: call returned: [0, "755\n", ""] 00:41:50.679955864: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 00:41:50.953642959: call returned: [0, "root\n", ""] 00:41:50.953867702: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 00:41:51.225245259: call returned: [0, "", ""] 00:41:51.225482068: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 00:41:51.491173394: call returned: [0, "700\n", ""] 00:41:51.491347439: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 00:41:51.815577289: call returned: [0, "amnesia\n", ""] And all persistent directories have safe access rights Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 00:41:53.889956901: calling as root: free -m | awk '/^Mem:/ { print $2 }' 00:41:54.224089002: call returned: [0, "2004\n", ""] 00:41:54.224378831: calling as root: echo 3 > /proc/sys/vm/drop_caches 00:41:54.825498689: call returned: [0, "", ""] 00:41:54.825691205: calling as root: touch /run/initramfs/tails_shutdown_debugging 00:41:56.560806956: call returned: [0, "", ""] 00:41:56.560992455: calling as root: sysctl vm.oom_kill_allocating_task=0 00:41:56.869883455: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 00:41:56.870060802: calling as root: sysctl vm.oom_dump_tasks=0 00:41:57.074489940: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 00:41:57.074698695: calling as root: sysctl vm.overcommit_memory=0 00:41:57.321445397: call returned: [0, "vm.overcommit_memory = 0\n", ""] 00:41:57.321669729: calling as root: sysctl vm.min_free_kbytes=65536 00:41:57.598402609: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 00:41:57.598578183: calling as root: sysctl vm.admin_reserve_kbytes=131072 00:41:57.842446664: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 00:41:57.842617285: calling as root: free -m | awk '/^Mem:/ { print $3 }' 00:41:58.220079404: call returned: [0, "569\n", ""] 00:41:58.220290567: calling as root: systemctl status initramfs-shutdown.service 00:41:58.571295010: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:54:52 UTC; 1min 10s ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3719 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:54:40 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:54:52 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 00:41:58.571465504: calling as root: systemctl status memlockd.service 00:41:58.969829972: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:54:40 UTC; 1min 22s ago\n Main PID: 3702 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3702 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:54:42 localhost.localdomain memlockd[3702]: Mapped file /bin/rm\nJun 29 08:54:42 localhost.localdomain memlockd[3702]: Mapped file /bin/sh\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /bin/sleep\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /bin/systemctl\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/bin/eject\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/bin/pkill\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 00:41:58.970022647: calling as root: systemctl status tails-shutdown-on-media-removal.service 00:41:59.239791919: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:54:40 UTC; 1min 23s ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3703 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3703 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3827 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1 disk\n\nJun 29 08:54:40 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 00:41:59.242030687: calling as root: for i in $(seq 1 8388608) ; do echo wipe_didnt_work >> '/home/amnesia/Persistent/mIycZeJiPc' ; done 00:43:09.736946627: call returned: [0, "", ""] When I fill a 128 MiB file with a known pattern on the persistent filesystem # features/step_definitions/erase_memory.rb:229 00:43:09.738118244: spawning as root: halt When I trigger shutdown # features/step_definitions/erase_memory.rb:250 And I wait 20 seconds # features/step_definitions/common_steps.rb:826 Slept for 20 seconds Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1243 MiB reference memory) @product Feature: Installing Tails to a USB drive As a Tails user I want to install Tails to a suitable USB drive Scenario: Try installing Tails to a too small USB drive # features/usb_install.feature:6 00:43:36.082660135: calling as root: echo 'hello?' 00:43:36.359461760: call returned: [0, "hello?\n", ""] 00:43:37.084228296: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:43:37.084684607: calling as root: nmcli device show eth0 00:43:37.557228860: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:43:37.576152095: calling as root: date -s '@1498726664' 00:43:37.834253793: call returned: [0, "Thu Jun 29 08:57:44 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 2 GiB disk named "too-small-device" # features/step_definitions/common_steps.rb:59 00:43:37.884087506: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:43:38.107171180: call returned: [1, "", ""] 00:43:38.185529930: calling as amnesia: xdotool key Super 00:43:38.446104703: call returned: [0, "", ""] 00:43:40.193677283: [log] TYPE "GNOME Terminal" 00:43:44.745267760: [log] ( Ctrl ) TYPE "#ENTER." 00:43:46.587332702: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:43:46.587535622: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node39 = dogtail.tree.root.application('tails-installer-launcher') 00:43:48.672261321: execution complete 00:43:48.672550913: executing Python as amnesia: node40 = node39.child('Tails Installer', roleName='frame') 00:43:48.707032754: execution complete 00:43:51.707400731: executing Python as amnesia: node41 = node40.button('Install by cloning') 00:43:51.762778113: execution complete 00:43:51.762951514: executing Python as amnesia: node41.click() 00:43:52.841021406: execution complete 00:43:52.841209686: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node42 = dogtail.tree.root.application('tails-installer') 00:43:53.033997602: execution complete 00:43:53.034184126: executing Python as amnesia: node43 = node42.child('Tails Installer', roleName='frame') 00:43:53.111334754: execution complete 00:43:56.111665624: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:43:56.401276678: call returned: [0, "", ""] And I start Tails Installer in "Install by cloning" mode # features/step_definitions/usb.rb:114 00:43:56.403243849: executing Python as amnesia: node44 = node42.child('No device suitable to install Tails could be found', roleName='label') 00:43:56.468710102: execution complete But a suitable USB device is not found # features/step_definitions/usb.rb:151 00:43:56.470619479: executing Python as amnesia: node45 = node42.child('Target Device:', roleName='label') 00:43:56.545332838: execution complete 00:43:56.545545578: executing Python as amnesia: node46 = node45.parent 00:43:56.581001120: execution complete 00:43:56.581238920: executing Python as amnesia: node47 = node46.child('', roleName='combo box', recursive=False) 00:43:56.628218599: execution complete 00:43:56.628382210: executing Python as amnesia: print(node47.name) 00:43:56.662110058: execution complete And no USB drive is selected # features/step_definitions/usb.rb:157 00:43:56.746507582: calling as root: test -b /dev/sda 00:43:56.911011847: call returned: [1, "", ""] 00:43:57.932740920: calling as root: test -b /dev/sda 00:43:58.166236450: call returned: [1, "", ""] 00:43:59.188208591: calling as root: test -b /dev/sda 00:43:59.388065346: call returned: [0, "", ""] When I plug USB drive "too-small-device" # features/step_definitions/common_steps.rb:65 00:43:59.390379489: executing Python as amnesia: node48 = node42.child('', roleName='text') 00:43:59.465579361: execution complete 00:43:59.465766618: executing Python as amnesia: print(node48.text) 00:43:59.506458889: execution complete Then Tails Installer detects that a device is too small # features/step_definitions/usb.rb:131 00:43:59.508080811: executing Python as amnesia: node49 = node42.child('Target Device:', roleName='label') 00:43:59.575766487: execution complete 00:43:59.575967652: executing Python as amnesia: node50 = node49.parent 00:43:59.621105914: execution complete 00:43:59.621298499: executing Python as amnesia: node51 = node50.child('', roleName='combo box', recursive=False) 00:43:59.661247653: execution complete 00:43:59.661370807: executing Python as amnesia: print(node51.name) 00:43:59.691319768: execution complete And no USB drive is selected # features/step_definitions/usb.rb:157 When I unplug USB drive "too-small-device" # features/step_definitions/usb.rb:63 And I temporarily create a 4 GiB disk named "big-enough" # features/step_definitions/common_steps.rb:59 00:43:59.841790072: calling as root: test -b /dev/sda 00:44:00.104518236: call returned: [1, "", ""] 00:44:01.139430663: calling as root: test -b /dev/sda 00:44:01.332356758: call returned: [0, "", ""] And I plug USB drive "big-enough" # features/step_definitions/common_steps.rb:65 00:44:01.352513487: executing Python as amnesia: node52 = node42.child('Target Device:', roleName='label') 00:44:01.449258865: execution complete 00:44:01.449415677: executing Python as amnesia: node53 = node52.parent 00:44:01.486467131: execution complete 00:44:01.486695300: executing Python as amnesia: node54 = node53.child('', roleName='combo box', recursive=False) 00:44:01.546337272: execution complete 00:44:01.546489538: executing Python as amnesia: print(node54.name) 00:44:01.578605407: execution complete 00:44:02.605804622: executing Python as amnesia: node55 = node42.child('Target Device:', roleName='label') 00:44:02.677917381: execution complete 00:44:02.678094259: executing Python as amnesia: node56 = node55.parent 00:44:02.711753755: execution complete 00:44:02.711973118: executing Python as amnesia: node57 = node56.child('', roleName='combo box', recursive=False) 00:44:02.760568323: execution complete 00:44:02.760756299: executing Python as amnesia: print(node57.name) 00:44:02.798290714: execution complete Then the "big-enough" USB drive is selected # features/step_definitions/usb.rb:157 Scenario: Detecting when a target USB drive is inserted or removed # features/usb_install.feature:20 00:44:05.668778434: calling as root: echo 'hello?' 00:44:05.914742016: call returned: [0, "hello?\n", ""] 00:44:06.646123667: calling as root: nmcli device show eth0 00:44:06.673997814: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:44:07.078397199: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:44:07.099667862: calling as root: date -s '@1498726694' 00:44:07.315155725: call returned: [0, "Thu Jun 29 08:58:14 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 4 GiB disk named "temp" # features/step_definitions/common_steps.rb:59 00:44:07.359202317: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:44:07.583705736: call returned: [1, "", ""] 00:44:07.648340361: calling as amnesia: xdotool key Super 00:44:07.874171911: call returned: [0, "", ""] 00:44:09.678318735: [log] TYPE "GNOME Terminal" 00:44:13.554218884: [log] ( Ctrl ) TYPE "#ENTER." 00:44:15.407198235: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:44:15.407731258: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node58 = dogtail.tree.root.application('tails-installer-launcher') 00:44:17.502860160: execution complete 00:44:17.503122324: executing Python as amnesia: node59 = node58.child('Tails Installer', roleName='frame') 00:44:17.557743335: execution complete 00:44:20.558190058: executing Python as amnesia: node60 = node59.button('Install by cloning') 00:44:20.597452733: execution complete 00:44:20.597590313: executing Python as amnesia: node60.click() 00:44:21.653862266: execution complete 00:44:21.654120265: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node61 = dogtail.tree.root.application('tails-installer') 00:44:21.892223714: execution complete 00:44:21.892446349: executing Python as amnesia: node62 = node61.child('Tails Installer', roleName='frame') 00:44:21.950270680: execution complete 00:44:24.950621235: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:44:25.191596418: call returned: [0, "", ""] And I start Tails Installer in "Install by cloning" mode # features/step_definitions/usb.rb:114 00:44:25.192960691: executing Python as amnesia: node63 = node61.child('No device suitable to install Tails could be found', roleName='label') 00:44:25.242541449: execution complete But a suitable USB device is not found # features/step_definitions/usb.rb:151 00:44:25.311749564: calling as root: test -b /dev/sda 00:44:25.515352996: call returned: [1, "", ""] 00:44:26.554115465: calling as root: test -b /dev/sda 00:44:26.746400188: call returned: [1, "", ""] 00:44:27.771191005: calling as root: test -b /dev/sda 00:44:27.936435581: call returned: [0, "", ""] When I plug USB drive "temp" # features/step_definitions/common_steps.rb:65 00:44:27.958031947: executing Python as amnesia: node64 = node61.child('Target Device:', roleName='label') 00:44:28.046674262: execution complete 00:44:28.046895245: executing Python as amnesia: node65 = node64.parent 00:44:28.082776858: execution complete 00:44:28.082987658: executing Python as amnesia: node66 = node65.child('', roleName='combo box', recursive=False) 00:44:28.122917860: execution complete 00:44:28.123099896: executing Python as amnesia: print(node66.name) 00:44:28.162036424: execution complete Then the "temp" USB drive is selected # features/step_definitions/usb.rb:157 When I unplug USB drive "temp" # features/step_definitions/usb.rb:63 00:44:28.188128146: executing Python as amnesia: node67 = node61.child('No device suitable to install Tails could be found', roleName='label') 00:44:28.239071966: execution complete Then a suitable USB device is not found # features/step_definitions/usb.rb:151 Scenario: Installing Tails to a pristine USB drive # features/usb_install.feature:30 00:44:31.131315399: calling as root: echo 'hello?' 00:44:31.390087021: call returned: [0, "hello?\n", ""] 00:44:32.125901333: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:44:32.126095153: calling as root: nmcli device show eth0 00:44:32.492714248: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:44:32.514747037: calling as root: date -s '@1498726719' 00:44:32.743574518: call returned: [0, "Thu Jun 29 08:58:39 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 4 GiB disk named "install" # features/step_definitions/common_steps.rb:59 00:44:32.874656525: calling as root: test -b /dev/sda 00:44:33.018709756: call returned: [1, "", ""] 00:44:34.045055750: calling as root: test -b /dev/sda 00:44:34.232365063: call returned: [1, "", ""] 00:44:35.263787269: calling as root: test -b /dev/sda 00:44:35.455406478: call returned: [0, "", ""] And I plug USB drive "install" # features/step_definitions/common_steps.rb:65 00:44:35.457377153: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:44:35.732261514: call returned: [1, "", ""] 00:44:35.801489302: calling as amnesia: xdotool key Super 00:44:36.023715943: call returned: [0, "", ""] 00:44:37.820234204: [log] TYPE "GNOME Terminal" 00:44:37.889699716: [log] ( Ctrl ) TYPE "#ENTER." 00:44:43.785869101: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:44:43.787061704: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node68 = dogtail.tree.root.application('tails-installer-launcher') 00:44:45.833178548: execution complete 00:44:45.833420983: executing Python as amnesia: node69 = node68.child('Tails Installer', roleName='frame') 00:44:45.883749470: execution complete 00:44:48.884098964: executing Python as amnesia: node70 = node69.button('Install by cloning') 00:44:48.934249620: execution complete 00:44:48.934468735: executing Python as amnesia: node70.click() 00:44:50.023636360: execution complete 00:44:50.023830856: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node71 = dogtail.tree.root.application('tails-installer') 00:44:50.377423834: execution complete 00:44:50.377648714: executing Python as amnesia: node72 = node71.child('Tails Installer', roleName='frame') 00:44:50.426227927: execution complete 00:44:53.426579680: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:44:53.642663242: call returned: [0, "", ""] 00:44:53.663893058: executing Python as amnesia: node73 = node71.child('', roleName='text') 00:44:53.733595072: execution complete 00:44:53.733781116: executing Python as amnesia: print(node73.text) 00:44:53.773502431: execution complete 00:44:53.796633110: executing Python as amnesia: node74 = node71.child('Target Device:', roleName='label') 00:44:53.865188334: execution complete 00:44:53.865393852: executing Python as amnesia: node75 = node74.parent 00:44:53.909816396: execution complete 00:44:53.909984893: executing Python as amnesia: node76 = node75.child('', roleName='combo box', recursive=False) 00:44:53.955467197: execution complete 00:44:53.955641999: executing Python as amnesia: print(node76.name) 00:44:54.002645453: execution complete 00:44:54.002932880: executing Python as amnesia: node77 = node71.button('Install Tails') 00:44:54.057235585: execution complete 00:44:54.057441605: executing Python as amnesia: node77.click() 00:44:55.107366858: execution complete 00:44:55.107541794: executing Python as amnesia: node78 = node71.child('Question', roleName='alert') 00:44:55.194705797: execution complete 00:44:55.194873544: executing Python as amnesia: node79 = node78.button('Yes') 00:44:55.259805390: execution complete 00:44:55.259978831: executing Python as amnesia: node79.click() 00:44:56.303349293: execution complete 00:44:56.303798814: executing Python as amnesia: node80 = node71.child('Information', roleName='alert') 00:45:07.432717741: execution complete 00:45:08.433598309: executing Python as amnesia: node81 = node71.child('Information', roleName='alert') 00:45:19.509573629: execution complete 00:45:20.509988711: executing Python as amnesia: node82 = node71.child('Information', roleName='alert') 00:45:31.446538789: execution complete 00:45:32.446936672: executing Python as amnesia: node83 = node71.child('Information', roleName='alert') 00:45:43.298864336: execution complete 00:45:44.299323765: executing Python as amnesia: node84 = node71.child('Information', roleName='alert') 00:45:55.797589805: execution complete 00:45:56.797940994: executing Python as amnesia: node85 = node71.child('Information', roleName='alert') 00:46:08.343467065: execution complete 00:46:09.343829201: executing Python as amnesia: node86 = node71.child('Information', roleName='alert') 00:46:20.822598173: execution complete 00:46:21.822967567: executing Python as amnesia: node87 = node71.child('Information', roleName='alert') 00:46:21.946351616: execution complete 00:46:21.946535135: executing Python as amnesia: node88 = node87.child('Installation complete!', roleName='label') 00:46:21.988198055: execution complete And I "Install by cloning" Tails to USB drive "install" # features/step_definitions/usb.rb:167 00:46:21.992754893: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:46:23.159188095: call returned: [0, "11:0\n", ""] 00:46:23.159335579: calling as root: readlink -f /dev/block/'11:0' 00:46:23.377601181: call returned: [0, "/dev/sr0\n", ""] 00:46:23.377751698: calling as root: udevadm info --query=property --name='/dev/sr0' 00:46:23.705644337: call returned: [0, "DEVLINKS=/dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/cdrom /dev/dvd /dev/disk/by-path/pci-0000:00:1f.2-ata-3\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:uaccess:seat:\nUSEC_INITIALIZED=5804478\n", ""] 00:46:23.725098640: calling as root: udisksctl info --block-device '/dev/sda' 00:46:24.529672754: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 00:46:24.529963305: calling as root: udisksctl info --block-device '/dev/sda1' 00:46:24.902648716: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-191C-4C3F\n IdLabel: Tails\n IdType: vfat\n IdUUID: 191C-4C3F\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/2733eeb4-75d1-408d-8034-fe70f76ba0dd\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/191C-4C3F\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 2733eeb4-75d1-408d-8034-fe70f76ba0dd\n", ""] 00:46:24.902963715: calling as root: mkdir -p /mnt/new 00:46:25.065948026: call returned: [0, "", ""] 00:46:25.066093907: calling as root: mount /dev/sda1 /mnt/new 00:46:25.343204861: call returned: [0, "", ""] 00:46:25.343372553: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 00:46:46.190304880: call returned: [0, "", ""] 00:46:46.190480190: calling as root: ls -1 /mnt/new/syslinux 00:46:47.380641630: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 00:46:47.380858433: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 00:46:47.701487090: call returned: [0, "", ""] 00:46:47.701697471: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 00:46:47.882408035: call returned: [0, "", ""] 00:46:47.882590580: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 00:46:48.088482019: call returned: [0, "", ""] 00:46:48.088660319: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 00:46:48.313353551: call returned: [0, "", ""] 00:46:48.313556178: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 00:46:48.564706958: call returned: [0, "", ""] 00:46:48.564893687: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 00:46:48.734491382: call returned: [0, "", ""] 00:46:48.734679210: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 00:46:48.954494805: call returned: [0, "", ""] 00:46:48.954742501: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 00:46:49.188646645: call returned: [0, "", ""] 00:46:49.188830698: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 00:46:49.370976292: call returned: [0, "", ""] 00:46:49.371231446: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 00:46:49.590502339: call returned: [0, "", ""] 00:46:49.590695243: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 00:46:49.847810590: call returned: [0, "", ""] 00:46:49.848040838: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 00:46:50.039620068: call returned: [0, "", ""] 00:46:50.039862343: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 00:46:50.231745240: call returned: [0, "", ""] 00:46:50.231920006: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 00:46:50.439823037: call returned: [0, "", ""] 00:46:50.439991136: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 00:46:50.694632900: call returned: [0, "", ""] 00:46:50.694838657: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 00:46:50.890423134: call returned: [0, "", ""] 00:46:50.890633688: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 00:46:51.105748971: call returned: [0, "", ""] 00:46:51.105922055: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 00:46:51.339593440: call returned: [0, "", ""] 00:46:51.339836640: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 00:46:51.516154780: call returned: [0, "", ""] 00:46:51.516321371: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 00:46:51.680436666: call returned: [0, "", ""] 00:46:51.680610141: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 00:46:51.867293685: call returned: [0, "", ""] 00:46:51.867472004: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 00:46:52.013425156: call returned: [0, "", ""] 00:46:52.013697395: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 00:46:52.210675697: call returned: [0, "", ""] 00:46:52.210896358: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 00:46:52.393301653: call returned: [0, "", ""] 00:46:52.393473408: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 00:46:52.538636248: call returned: [0, "", ""] 00:46:52.538866968: calling as root: umount /mnt/new 00:46:53.081095516: call returned: [0, "", ""] 00:46:53.081267098: calling as root: sync 00:46:53.250726052: call returned: [0, "", ""] Then the running Tails is installed on USB drive "install" # features/step_definitions/usb.rb:292 00:46:53.271027950: calling as root: test -b /dev/sda2 00:46:53.443581048: call returned: [1, "", ""] But there is no persistence partition on USB drive "install" # features/step_definitions/usb.rb:305 Scenario: Booting Tails from a USB drive without a persistent partition and creating one # features/usb_install.feature:38 00:46:57.275889585: calling as root: echo 'hello?' 00:46:57.493256966: call returned: [0, "hello?\n", ""] 00:46:58.224622536: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:46:58.224809755: calling as root: nmcli device show eth0 00:46:58.591178538: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:46:58.607770224: calling as root: date -s '@1498726865' 00:46:58.766877488: call returned: [0, "Thu Jun 29 09:01:05 UTC 2017\n", ""] Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 00:46:59.715226249: calling as root: loginctl 00:46:59.715461078: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:46:59.918132864: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:47:00.918621798: calling as root: loginctl 00:47:01.132056705: call returned: [0, " SESSION UID USER SEAT TTY \n 71 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 00:47:16.121389936: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:47:16.236914729: call returned: [0, "", ""] 00:47:16.237159777: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:47:16.386973422: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 00:47:16.454814934: calling as amnesia: xdotool key Super 00:47:16.698683012: call returned: [0, "", ""] 00:47:20.537043656: [log] TYPE "Configure persistent volume" 00:47:20.603296823: [log] ( Ctrl ) TYPE "#ENTER." 00:47:30.551878837: [log] TYPE "asdf#TAB.asdf#ENTER." 00:47:43.725811557: [log] TYPE "#TAB." 00:47:43.726055654: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 00:47:45.086566373: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 00:47:45.173092286: [log] TYPE "#TAB. " 00:47:45.257034926: [log] TYPE "#TAB. " 00:47:45.338822701: [log] TYPE "#TAB. " 00:47:45.669313228: [log] TYPE "#TAB. " [log] TYPE "#TAB. " [log] TYPE "#TAB. " [log] TYPE "#TAB. " 00:47:45.752892606: [log] TYPE "#TAB. " 00:47:45.836901676: [log] TYPE "#TAB. " 00:47:45.919562958: [log] TYPE "#TAB. " 00:47:46.003882968: [log] TYPE "#TAB. " 00:47:46.147464598: [log] TYPE "#TAB. " 00:47:46.877997203: [log] CLICK on L(878,708)@S(0)[0,0 1024x768] 00:47:47.535768398: [log] ( Alt ) TYPE "#F4." When I create a persistent partition # features/step_definitions/usb.rb:222 00:47:47.554442249: calling as root: udisksctl info --block-device '/dev/sda2' 00:47:47.983181815: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda2:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda2\n DeviceNumber: 2050\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: by-uuid-00602e71-b425-4dd6-b53d-d264b8f85031\n IdLabel: \n IdType: crypto_LUKS\n IdUUID: 00602e71-b425-4dd6-b53d-d264b8f85031\n IdUsage: crypto\n IdVersion: 1\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda2\n ReadOnly: false\n Size: 1670364672\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part2\n /dev/disk/by-partlabel/TailsData\n /dev/disk/by-partuuid/df1a7abc-0a6c-4554-9d80-897d45cffe4b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part2\n /dev/disk/by-uuid/00602e71-b425-4dd6-b53d-d264b8f85031\n org.freedesktop.UDisks2.Encrypted:\n org.freedesktop.UDisks2.Partition:\n Flags: 0\n IsContained: false\n IsContainer: false\n Name: TailsData\n Number: 2\n Offset: 2624585728\n Size: 1670364672\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: 0fc63daf-8483-4772-8e79-3d69d8477de4\n UUID: df1a7abc-0a6c-4554-9d80-897d45cffe4b\n", ""] 00:47:47.983545642: calling as root: ls -1 --hide 'control' /dev/mapper/ 00:47:48.149738850: call returned: [0, "luks-00602e71-b425-4dd6-b53d-d264b8f85031\n", ""] 00:47:48.149919105: calling as root: cryptsetup status 'luks-00602e71-b425-4dd6-b53d-d264b8f85031' 00:47:48.415772925: call returned: [0, "/dev/mapper/luks-00602e71-b425-4dd6-b53d-d264b8f85031 is active and is in use.\n type: LUKS1\n cipher: aes-xts-plain64\n keysize: 256 bits\n device: /dev/sda2\n offset: 4096 sectors\n size: 3258335 sectors\n mode: read/write\n", ""] 00:47:48.416041686: calling as root: udisksctl info --block-device '/dev/mapper/luks-00602e71-b425-4dd6-b53d-d264b8f85031' 00:47:48.810439017: call returned: [0, "/org/freedesktop/UDisks2/block_devices/dm_2d0:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sda2'\n Device: /dev/dm-0\n DeviceNumber: 65024\n Drive: '/'\n HintAuto: false\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: false\n HintSymbolicIconName: \n HintSystem: true\n Id: by-id-dm-name-luks-00602e71-b425-4dd6-b53d-d264b8f85031\n IdLabel: TailsData\n IdType: ext4\n IdUUID: cf974ef3-fa94-4878-b0dd-e5dd96cd8af8\n IdUsage: filesystem\n IdVersion: 1.0\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/mapper/luks-00602e71-b425-4dd6-b53d-d264b8f85031\n ReadOnly: false\n Size: 1668267520\n Symlinks: /dev/disk/by-id/dm-name-luks-00602e71-b425-4dd6-b53d-d264b8f85031\n /dev/disk/by-id/dm-uuid-CRYPT-LUKS1-00602e71b4254dd6b53dd264b8f85031-luks-00602e71-b425-4dd6-b53d-d264b8f85031\n /dev/disk/by-label/TailsData\n /dev/disk/by-uuid/cf974ef3-fa94-4878-b0dd-e5dd96cd8af8\n /dev/mapper/luks-00602e71-b425-4dd6-b53d-d264b8f85031\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: /media/tails-persistence-setup/TailsData\n", ""] 00:47:48.810737512: calling as root: mkdir -p /mnt/__internal 00:47:48.975138330: call returned: [0, "", ""] 00:47:48.975332867: calling as root: mount '/dev/mapper/luks-00602e71-b425-4dd6-b53d-d264b8f85031' /mnt/__internal 00:47:49.365612694: call returned: [0, "", ""] 00:47:49.365893488: calling as root: umount /mnt/__internal 00:47:49.676530032: call returned: [0, "", ""] 00:47:49.676708200: calling as root: sync 00:47:49.877855031: call returned: [0, "", ""] 00:47:49.878032475: calling as root: cryptsetup luksClose __internal 00:47:50.084676780: call returned: [4, "", "Device __internal is not active.\n"] Then a Tails persistence partition exists on USB drive "__internal" # features/step_definitions/usb.rb:311 Scenario: Booting Tails from a USB drive without a persistent partition # features/usb_install.feature:44 00:47:53.413734350: calling as root: echo 'hello?' 00:47:53.645342798: call returned: [0, "hello?\n", ""] 00:47:54.373736164: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:47:54.374053810: calling as root: nmcli device show eth0 00:47:54.710075509: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:47:54.728470395: calling as root: date -s '@1498726921' 00:47:54.878998272: call returned: [0, "Thu Jun 29 09:02:01 UTC 2017\n", ""] Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 00:47:55.689199552: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:47:55.689613041: calling as root: loginctl 00:47:55.939243413: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:47:56.939749114: calling as root: loginctl 00:47:57.225625756: call returned: [0, " SESSION UID USER SEAT TTY \n 71 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 00:48:17.385803157: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:48:17.505998876: call returned: [0, "", ""] 00:48:17.506172535: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:48:17.634635554: call returned: [0, "", ""] When I log in to a new session # features/step_definitions/common_steps.rb:257 00:48:17.635891285: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:48:17.842200124: call returned: [0, "8:1\n", ""] 00:48:17.842349303: calling as root: readlink -f /dev/block/'8:1' 00:48:18.022256966: call returned: [0, "/dev/sda1\n", ""] 00:48:18.022407455: calling as root: udevadm info --query=property --name='/dev/sda1' 00:48:18.295202498: call returned: [0, "DEVLINKS=/dev/disk/by-label/Tails /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-partlabel/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-uuid/F410-3272 /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7812087\n", ""] 00:48:18.295539424: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:48:18.493117713: call returned: [0, "8:1\n", ""] 00:48:18.493267705: calling as root: readlink -f /dev/block/'8:1' 00:48:18.684324320: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "__internal" # features/step_definitions/usb.rb:418 00:48:18.766606779: calling as root: test -d '/home/amnesia/Persistent/Tor Browser' 00:48:18.964848459: call returned: [1, "", ""] And the persistent Tor Browser directory does not exist # features/step_definitions/common_steps.rb:659 00:48:18.983522464: calling as root: test -b /dev/sda2 00:48:19.127722498: call returned: [1, "", ""] And there is no persistence partition on USB drive "__internal" # features/step_definitions/usb.rb:305 Scenario: Booting Tails from a USB drive in UEFI mode # features/usb_install.feature:51 00:48:22.560398017: calling as root: echo 'hello?' 00:48:22.732721790: call returned: [0, "hello?\n", ""] 00:48:23.457224784: calling as root: nmcli device show eth0 00:48:23.478842677: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:48:23.809630919: call returned: [8, "", "Error: NetworkManager is not running.\n"] 00:48:23.827945383: calling as root: date -s '@1498726950' 00:48:24.015633933: call returned: [0, "Thu Jun 29 09:02:30 UTC 2017\n", ""] Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 Then I power off the computer # features/step_definitions/common_steps.rb:159 Given the computer is set to boot in UEFI mode # features/step_definitions/usb.rb:71 00:48:26.438045486: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:48:51.604809883: [log] TYPE "#ENTER." 00:48:51.614397275: We missed the boot menu before we could deal with it, resetting... 00:49:02.646955771: [log] TYPE "#ENTER." 00:49:17.687543978: We missed the boot menu before we could deal with it, resetting... 00:49:28.595743250: [log] TYPE "#ENTER." 00:49:43.897511220: We missed the boot menu before we could deal with it, resetting... 00:49:54.614426198: [log] TYPE "#ENTER." 00:50:09.925733108: We missed the boot menu before we could deal with it, resetting... 00:50:20.243439757: [log] TYPE "#ENTER." 00:50:35.578703311: We missed the boot menu before we could deal with it, resetting... 00:50:45.819336907: [log] TYPE "#ENTER." 00:51:00.847069570: We missed the boot menu before we could deal with it, resetting... 00:51:11.438145332: [log] TYPE "#ENTER." 00:51:27.101513593: We missed the boot menu before we could deal with it, resetting... When I start Tails from USB drive "__internal" with network unplugged and I login # features/step_definitions/common_steps.rb:137 try_for() timeout expired Last ignored exception was: RuntimeError: FindFailed: can not find TailsBootMenuKernelCmdlineUEFI.png in S(0)[0,0 1024x768] Line 2171, in file Region.java (Timeout::Error) ./features/support/helpers/misc_helpers.rb:90:in `rescue in try_for' ./features/support/helpers/misc_helpers.rb:36:in `/^Tails is at the boot menu's cmdline( after rebooting)?$/' features/usb_install.feature:55:in `When I start Tails from USB drive "__internal" with network unplugged and I login' Then the boot device has safe access rights # features/step_definitions/usb.rb:438 And Tails is running from USB drive "__internal" # features/step_definitions/usb.rb:418 And the boot device has safe access rights # features/step_definitions/usb.rb:438 And Tails has started in UEFI mode # features/step_definitions/usb.rb:633 Scenario failed at time 00:51:40 Screenshot: https://jenkins.tails.boum.org/job/test_Tails_ISO_stable/814/artifact/build-artifacts/00:51:40_Booting_Tails_from_a_USB_drive_in_UEFI_mode.png Video: https://jenkins.tails.boum.org/job/test_Tails_ISO_stable/814/artifact/build-artifacts/00:51:40_Booting_Tails_from_a_USB_drive_in_UEFI_mode.mkv Scenario: Installing Tails to a USB drive with an MBR partition table but no partitions, and making sure that it boots # features/usb_install.feature:61 00:51:44.209870297: calling as root: echo 'hello?' 00:51:44.428524681: call returned: [0, "hello?\n", ""] 00:51:45.156065880: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:51:45.156323856: calling as root: nmcli device show eth0 00:51:45.555894551: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 00:51:45.571164236: calling as root: date -s '@1498727152' 00:51:45.794815174: call returned: [0, "Thu Jun 29 09:05:52 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 4 GiB disk named "mbr" # features/step_definitions/common_steps.rb:59 00:51:45.837653777: libguestfs: trace: set_autosync true 00:51:45.837752400: libguestfs: trace: set_autosync = 0 00:51:45.841510974: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/mbr" "format:qcow2" 00:51:45.841730404: libguestfs: trace: add_drive = 0 00:51:45.841790215: libguestfs: trace: launch 00:51:45.841840123: libguestfs: trace: get_tmpdir 00:51:45.841888621: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:51:45.842130171: libguestfs: trace: get_backend_setting "force_tcg" 00:51:45.842192757: libguestfs: trace: get_backend_setting = NULL (error) 00:51:45.842247947: libguestfs: trace: get_cachedir 00:51:45.842297382: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:51:45.888530138: libguestfs: trace: get_cachedir 00:51:45.888695347: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:51:45.888837889: libguestfs: trace: get_sockdir 00:51:45.888928815: libguestfs: trace: get_sockdir = "/tmp" 00:51:45.889103177: libguestfs: trace: get_backend_setting "gdb" 00:51:45.889366563: libguestfs: trace: get_backend_setting = NULL (error) 00:51:50.144895548: libguestfs: trace: launch = 0 00:51:50.145231985: libguestfs: trace: list_devices 00:51:50.146076613: libguestfs: trace: list_devices = ["/dev/sda"] 00:51:50.146239138: libguestfs: trace: part_init "/dev/sda" "msdos" 00:51:50.213573294: libguestfs: trace: part_init = 0 00:51:50.213812005: libguestfs: trace: close 00:51:50.213940975: libguestfs: trace: internal_autosync 00:51:50.216750513: libguestfs: trace: internal_autosync = 0 And I create a msdos label on disk "mbr" # features/step_definitions/usb.rb:638 00:51:50.421833909: calling as root: test -b /dev/sda 00:51:50.598874246: call returned: [1, "", ""] 00:51:51.619843414: calling as root: test -b /dev/sda 00:51:51.829872438: call returned: [1, "", ""] 00:51:52.851334030: calling as root: test -b /dev/sda 00:51:53.024642246: call returned: [0, "", ""] And I plug USB drive "mbr" # features/step_definitions/common_steps.rb:65 00:51:53.027692508: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:51:53.287845413: call returned: [1, "", ""] 00:51:53.367429955: calling as amnesia: xdotool key Super 00:51:53.624159467: call returned: [0, "", ""] 00:51:59.134758543: [log] TYPE "GNOME Terminal" 00:52:00.971837361: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node89 = dogtail.tree.root.application('tails-installer-launcher') 00:52:00.993285688: [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:52:03.027221173: execution complete 00:52:03.027477359: executing Python as amnesia: node90 = node89.child('Tails Installer', roleName='frame') 00:52:03.081351323: execution complete 00:52:06.081716144: executing Python as amnesia: node91 = node90.button('Install by cloning') 00:52:06.131862498: execution complete 00:52:06.132054756: executing Python as amnesia: node91.click() 00:52:07.182826068: execution complete 00:52:07.183409051: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node92 = dogtail.tree.root.application('tails-installer') 00:52:07.561100470: execution complete 00:52:07.561326391: executing Python as amnesia: node93 = node92.child('Tails Installer', roleName='frame') 00:52:07.614110057: execution complete 00:52:10.614432115: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:52:10.873619507: call returned: [0, "", ""] 00:52:10.891160214: executing Python as amnesia: node94 = node92.child('', roleName='text') 00:52:10.964776368: execution complete 00:52:10.964940476: executing Python as amnesia: print(node94.text) 00:52:10.997427992: execution complete 00:52:11.016305461: executing Python as amnesia: node95 = node92.child('Target Device:', roleName='label') 00:52:11.072065641: execution complete 00:52:11.072282290: executing Python as amnesia: node96 = node95.parent 00:52:11.112424623: execution complete 00:52:11.112596777: executing Python as amnesia: node97 = node96.child('', roleName='combo box', recursive=False) 00:52:11.151930880: execution complete 00:52:11.152086309: executing Python as amnesia: print(node97.name) 00:52:11.224369639: execution complete 00:52:11.224651123: executing Python as amnesia: node98 = node92.button('Install Tails') 00:52:11.295294359: execution complete 00:52:11.295455091: executing Python as amnesia: node98.click() 00:52:12.349801267: execution complete 00:52:12.349988562: executing Python as amnesia: node99 = node92.child('Question', roleName='alert') 00:52:12.418389491: execution complete 00:52:12.418572118: executing Python as amnesia: node100 = node99.button('Yes') 00:52:12.451002076: execution complete 00:52:12.451174185: executing Python as amnesia: node100.click() 00:52:13.495496526: execution complete 00:52:13.495754156: executing Python as amnesia: node101 = node92.child('Information', roleName='alert') 00:52:24.563331714: execution complete 00:52:25.563870260: executing Python as amnesia: node102 = node92.child('Information', roleName='alert') 00:52:36.758251145: execution complete 00:52:37.758639382: executing Python as amnesia: node103 = node92.child('Information', roleName='alert') 00:52:48.587002417: execution complete 00:52:49.587498615: executing Python as amnesia: node104 = node92.child('Information', roleName='alert') 00:53:00.369164036: execution complete 00:53:01.369523553: executing Python as amnesia: node105 = node92.child('Information', roleName='alert') 00:53:12.231846958: execution complete 00:53:13.232274013: executing Python as amnesia: node106 = node92.child('Information', roleName='alert') 00:53:25.143880413: execution complete 00:53:26.144293324: executing Python as amnesia: node107 = node92.child('Information', roleName='alert') 00:53:37.436516495: execution complete 00:53:37.436754483: executing Python as amnesia: node108 = node107.child('Installation complete!', roleName='label') 00:53:37.521391995: execution complete And I "Install by cloning" Tails to USB drive "mbr" # features/step_definitions/usb.rb:167 00:53:37.523686529: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:53:38.759222947: call returned: [0, "11:0\n", ""] 00:53:38.759422567: calling as root: readlink -f /dev/block/'11:0' 00:53:38.951507560: call returned: [0, "/dev/sr0\n", ""] 00:53:38.951671567: calling as root: udevadm info --query=property --name='/dev/sr0' 00:53:39.213217257: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/dvd /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/cdrom\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:uaccess:seat:\nUSEC_INITIALIZED=5804478\n", ""] 00:53:39.233325088: calling as root: udisksctl info --block-device '/dev/sda' 00:53:40.140885376: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 00:53:40.141107524: calling as root: udisksctl info --block-device '/dev/sda1' 00:53:40.593560754: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-345C-6714\n IdLabel: Tails\n IdType: vfat\n IdUUID: 345C-6714\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/76945dc2-e83e-46d0-8f37-2c2f7ee74679\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/345C-6714\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 76945dc2-e83e-46d0-8f37-2c2f7ee74679\n", ""] 00:53:40.593858117: calling as root: mkdir -p /mnt/new 00:53:40.755321067: call returned: [0, "", ""] 00:53:40.755536358: calling as root: mount /dev/sda1 /mnt/new 00:53:41.092951356: call returned: [0, "", ""] 00:53:41.093110547: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 00:54:03.243548988: call returned: [0, "", ""] 00:54:03.243726042: calling as root: ls -1 /mnt/new/syslinux 00:54:04.386135072: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 00:54:04.386312585: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 00:54:04.710088844: call returned: [0, "", ""] 00:54:04.710375652: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 00:54:04.885821398: call returned: [0, "", ""] 00:54:04.885994255: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 00:54:05.104523037: call returned: [0, "", ""] 00:54:05.104759865: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 00:54:05.317019078: call returned: [0, "", ""] 00:54:05.317252784: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 00:54:05.502604691: call returned: [0, "", ""] 00:54:05.502827561: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 00:54:05.718169871: call returned: [0, "", ""] 00:54:05.718416327: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 00:54:05.909959001: call returned: [0, "", ""] 00:54:05.910171674: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 00:54:06.116138338: call returned: [0, "", ""] 00:54:06.116375264: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 00:54:06.318442706: call returned: [0, "", ""] 00:54:06.318616570: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 00:54:06.488275991: call returned: [0, "", ""] 00:54:06.488510065: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 00:54:06.659141360: call returned: [0, "", ""] 00:54:06.659313130: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 00:54:06.846347118: call returned: [0, "", ""] 00:54:06.846523997: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 00:54:07.059287367: call returned: [0, "", ""] 00:54:07.059468778: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 00:54:07.300305133: call returned: [0, "", ""] 00:54:07.300480587: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 00:54:07.509795573: call returned: [0, "", ""] 00:54:07.509976830: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 00:54:07.693096393: call returned: [0, "", ""] 00:54:07.693294704: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 00:54:07.885796140: call returned: [0, "", ""] 00:54:07.886047819: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 00:54:08.084152503: call returned: [0, "", ""] 00:54:08.084433398: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 00:54:08.252880668: call returned: [0, "", ""] 00:54:08.253117271: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 00:54:08.453665718: call returned: [0, "", ""] 00:54:08.453839201: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 00:54:08.704094087: call returned: [0, "", ""] 00:54:08.704261134: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 00:54:08.871357850: call returned: [0, "", ""] 00:54:08.871545215: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 00:54:09.136772782: call returned: [0, "", ""] 00:54:09.136964513: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 00:54:09.338541841: call returned: [0, "", ""] 00:54:09.338723650: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 00:54:09.539966229: call returned: [0, "", ""] 00:54:09.540154484: calling as root: umount /mnt/new 00:54:10.099600123: call returned: [0, "", ""] 00:54:10.099761178: calling as root: sync 00:54:10.283486558: call returned: [0, "", ""] Then the running Tails is installed on USB drive "mbr" # features/step_definitions/usb.rb:292 00:54:10.303556035: calling as root: test -b /dev/sda2 00:54:10.531446066: call returned: [1, "", ""] But there is no persistence partition on USB drive "mbr" # features/step_definitions/usb.rb:305 00:54:10.532569761: spawning as root: poweroff When I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 00:54:23.748274204: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:54:26.320156424: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:55:35.409245586: calling as root: echo 'hello?' 00:55:35.652188792: call returned: [0, "hello?\n", ""] 00:55:35.652609161: calling as root: service tor status 00:55:35.973668919: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:55:35.974169537: opening file /etc/tor/torrc in 'append' mode 00:55:36.289775808: append complete 00:55:37.081176671: calling as root: loginctl 00:55:37.102476003: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:55:37.304375118: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:55:38.304822609: calling as root: loginctl 00:55:38.515312129: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 00:55:53.418562899: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:55:53.558352689: call returned: [0, "", ""] 00:55:53.558581306: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:55:53.707973720: call returned: [0, "", ""] 00:55:53.708245081: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node109 = dogtail.tree.root.application('gnome-shell') 00:55:54.864550402: execution complete 00:55:55.587953606: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:55:55.588239992: executing Python as amnesia: node110 = node109.child('No Notifications', roleName='label') 00:55:57.570163078: execution complete 00:55:57.570429368: executing Python as amnesia: node111 = node109.child('No Notifications', roleName='label') 00:55:59.062940737: execution complete 00:55:59.106513123: [log] TYPE "#ESC." And I start Tails from USB drive "mbr" with network unplugged and I login # features/step_definitions/common_steps.rb:137 00:55:59.108627376: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:55:59.329958821: call returned: [0, "8:1\n", ""] 00:55:59.330174353: calling as root: readlink -f /dev/block/'8:1' 00:55:59.584547959: call returned: [0, "/dev/sda1\n", ""] 00:55:59.584696512: calling as root: udevadm info --query=property --name='/dev/sda1' 00:55:59.852544857: call returned: [0, "DEVLINKS=/dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-partuuid/76945dc2-e83e-46d0-8f37-2c2f7ee74679 /dev/disk/by-uuid/345C-6714 /dev/disk/by-partlabel/Tails\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=345C-6714\nID_FS_UUID_ENC=345C-6714\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=76945dc2-e83e-46d0-8f37-2c2f7ee74679\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=c8277dd6-ed8e-4b52-bd98-b0fbffa12ec5\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8432943\n", ""] 00:55:59.852918337: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:56:00.084250030: call returned: [0, "8:1\n", ""] 00:56:00.084409717: calling as root: readlink -f /dev/block/'8:1' 00:56:00.234443621: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "mbr" # features/step_definitions/usb.rb:418 00:56:00.289623021: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:56:00.528418844: call returned: [0, "8:1\n", ""] 00:56:00.528569850: calling as root: readlink -f /dev/block/'8:1' 00:56:00.685059271: call returned: [0, "/dev/sda1\n", ""] 00:56:00.685316171: calling as root: ls -1 /dev/sda* 00:56:00.888722488: call returned: [0, "/dev/sda\n/dev/sda1\n", ""] 00:56:00.888899304: calling as root: cut -d':' -f1 /etc/passwd 00:56:01.121533917: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 00:56:01.121771100: calling as root: groups root 00:56:01.438366441: call returned: [0, "root : root\n", ""] 00:56:01.438605418: calling as root: groups daemon 00:56:01.609594591: call returned: [0, "daemon : daemon\n", ""] 00:56:01.609781027: calling as root: groups bin 00:56:01.886070547: call returned: [0, "bin : bin\n", ""] 00:56:01.886435654: calling as root: groups sys 00:56:02.061397996: call returned: [0, "sys : sys\n", ""] 00:56:02.061618485: calling as root: groups sync 00:56:02.244766598: call returned: [0, "sync : nogroup\n", ""] 00:56:02.245067861: calling as root: groups games 00:56:02.454833837: call returned: [0, "games : games\n", ""] 00:56:02.455018348: calling as root: groups man 00:56:02.711788443: call returned: [0, "man : man\n", ""] 00:56:02.712027513: calling as root: groups lp 00:56:02.888507587: call returned: [0, "lp : lp\n", ""] 00:56:02.888761781: calling as root: groups mail 00:56:03.041721338: call returned: [0, "mail : mail\n", ""] 00:56:03.041943956: calling as root: groups news 00:56:03.235762166: call returned: [0, "news : news\n", ""] 00:56:03.235942033: calling as root: groups uucp 00:56:03.416568200: call returned: [0, "uucp : uucp\n", ""] 00:56:03.416787506: calling as root: groups proxy 00:56:03.621937629: call returned: [0, "proxy : proxy\n", ""] 00:56:03.622150070: calling as root: groups www-data 00:56:03.816110536: call returned: [0, "www-data : www-data\n", ""] 00:56:03.816320071: calling as root: groups backup 00:56:03.998159049: call returned: [0, "backup : backup\n", ""] 00:56:03.998338315: calling as root: groups list 00:56:04.158304918: call returned: [0, "list : list\n", ""] 00:56:04.158483411: calling as root: groups irc 00:56:04.403306524: call returned: [0, "irc : irc\n", ""] 00:56:04.403565161: calling as root: groups gnats 00:56:04.721856826: call returned: [0, "gnats : gnats\n", ""] 00:56:04.722047163: calling as root: groups nobody 00:56:04.975486371: call returned: [0, "nobody : nogroup\n", ""] 00:56:04.975668961: calling as root: groups systemd-timesync 00:56:05.120299838: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 00:56:05.120483197: calling as root: groups systemd-network 00:56:05.292969303: call returned: [0, "systemd-network : systemd-network\n", ""] 00:56:05.293170088: calling as root: groups systemd-resolve 00:56:05.477006501: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 00:56:05.477289103: calling as root: groups systemd-bus-proxy 00:56:05.634154636: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 00:56:05.634326225: calling as root: groups _apt 00:56:05.853234138: call returned: [0, "_apt : nogroup\n", ""] 00:56:05.853498412: calling as root: groups messagebus 00:56:06.063572369: call returned: [0, "messagebus : messagebus\n", ""] 00:56:06.063753981: calling as root: groups memlockd 00:56:06.222585504: call returned: [0, "memlockd : memlockd\n", ""] 00:56:06.222800924: calling as root: groups monkeysphere 00:56:06.401908634: call returned: [0, "monkeysphere : monkeysphere\n", ""] 00:56:06.402135090: calling as root: groups debian-tor 00:56:06.577326164: call returned: [0, "debian-tor : debian-tor\n", ""] 00:56:06.577559595: calling as root: groups speech-dispatcher 00:56:06.750641665: call returned: [0, "speech-dispatcher : audio\n", ""] 00:56:06.750862378: calling as root: groups colord 00:56:06.933290001: call returned: [0, "colord : colord\n", ""] 00:56:06.933569450: calling as root: groups saned 00:56:07.181412217: call returned: [0, "saned : saned scanner\n", ""] 00:56:07.181606268: calling as root: groups pulse 00:56:07.373632428: call returned: [0, "pulse : pulse audio\n", ""] 00:56:07.373808857: calling as root: groups hplip 00:56:07.603912196: call returned: [0, "hplip : lp\n", ""] 00:56:07.604135923: calling as root: groups Debian-gdm 00:56:07.781910279: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 00:56:07.782096135: calling as root: groups tails-persistence-setup 00:56:07.968907876: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 00:56:07.969117979: calling as root: groups clearnet 00:56:08.151188945: call returned: [0, "clearnet : clearnet\n", ""] 00:56:08.151374075: calling as root: groups htp 00:56:08.301895874: call returned: [0, "htp : htp\n", ""] 00:56:08.302075873: calling as root: groups tails-iuk-get-target-file 00:56:08.536418796: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 00:56:08.536658478: calling as root: groups tails-upgrade-frontend 00:56:08.726640688: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 00:56:08.726841367: calling as root: groups tor-launcher 00:56:08.931175746: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 00:56:08.931431218: calling as root: groups tails-install-iuk 00:56:09.108794063: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 00:56:09.109087690: calling as root: groups amnesia 00:56:09.304722724: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 00:56:09.304956028: calling as root: stat -c %U /dev/sda 00:56:09.506870327: call returned: [0, "root\n", ""] 00:56:09.507079251: calling as root: stat -c %G /dev/sda 00:56:09.721836741: call returned: [0, "disk\n", ""] 00:56:09.722025569: calling as root: stat -c %a /dev/sda 00:56:09.903395738: call returned: [0, "660\n", ""] 00:56:09.904015319: calling as root: stat -c %U /dev/sda1 00:56:10.081980381: call returned: [0, "root\n", ""] 00:56:10.082141320: calling as root: stat -c %G /dev/sda1 00:56:10.303105163: call returned: [0, "disk\n", ""] 00:56:10.303248282: calling as root: stat -c %a /dev/sda1 00:56:10.462803146: call returned: [0, "660\n", ""] 00:56:10.463321121: calling as root: udisksctl info --block-device '/dev/sda' 00:56:10.868751614: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 00:56:10.887283049: calling as root: test -b /dev/sda2 00:56:11.079561425: call returned: [1, "", ""] And there is no persistence partition on USB drive "mbr" # features/step_definitions/usb.rb:305 Scenario: Writing a Tails isohybrid to a USB drive and booting it, then trying to upgrading it but ending up having to do a fresh installation, which boots # features/usb_install.feature:75 Given a computer # features/step_definitions/common_steps.rb:46 And I temporarily create a 4 GiB disk named "isohybrid" # features/step_definitions/common_steps.rb:59 00:56:12.262814566: libguestfs: trace: set_autosync true 00:56:12.262950388: libguestfs: trace: set_autosync = 0 00:56:12.263062793: libguestfs: trace: add_drive "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "readonly:true" "format:raw" 00:56:12.263170479: libguestfs: trace: get_tmpdir 00:56:12.263310181: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 00:56:12.263393116: libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfsaqHTZe/overlay1" "qcow2" -1 "backingfile:/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "backingformat:raw" 00:56:12.297717414: libguestfs: trace: disk_create = 0 00:56:12.298047080: libguestfs: trace: add_drive = 0 00:56:12.298143124: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/isohybrid" "format:qcow2" 00:56:12.298214459: libguestfs: trace: add_drive = 0 00:56:12.298273729: libguestfs: trace: launch 00:56:12.298341976: libguestfs: trace: get_backend_setting "force_tcg" 00:56:12.298540011: libguestfs: trace: get_backend_setting = NULL (error) 00:56:12.298635744: libguestfs: trace: get_cachedir 00:56:12.298691674: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:56:12.342014853: libguestfs: trace: get_cachedir 00:56:12.342411420: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 00:56:12.342569091: libguestfs: trace: get_sockdir 00:56:12.342637934: libguestfs: trace: get_sockdir = "/tmp" 00:56:12.342804567: libguestfs: trace: get_backend_setting "gdb" 00:56:12.342879071: libguestfs: trace: get_backend_setting = NULL (error) 00:56:15.588740212: libguestfs: trace: launch = 0 00:56:15.589010603: libguestfs: trace: list_devices 00:56:15.590549599: libguestfs: trace: list_devices = ["/dev/sda", "/dev/sdb"] 00:56:15.590722091: libguestfs: trace: copy_device_to_device "/dev/sda" "/dev/sdb" 00:56:18.816663346: libguestfs: trace: copy_device_to_device = 0 00:56:18.816843805: libguestfs: trace: close 00:56:18.816989010: libguestfs: trace: internal_autosync 00:56:18.820992490: libguestfs: trace: internal_autosync = 0 And I write the Tails ISO image to disk "isohybrid" # features/step_definitions/untrusted_partitions.rb:30 00:56:22.366176533: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:56:24.758296966: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:57:32.750288833: calling as root: echo 'hello?' 00:57:33.006511030: call returned: [0, "hello?\n", ""] 00:57:33.006965131: calling as root: service tor status 00:57:33.281876326: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:57:33.282355587: opening file /etc/tor/torrc in 'append' mode 00:57:33.596999652: append complete 00:57:34.389998167: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:57:34.391279561: calling as root: loginctl 00:57:34.583917626: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:57:35.584367163: calling as root: loginctl 00:57:35.781621629: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 00:57:50.087393146: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:57:50.230254263: call returned: [0, "", ""] 00:57:50.230545493: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:57:50.401804027: call returned: [0, "", ""] 00:57:50.402107957: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node112 = dogtail.tree.root.application('gnome-shell') 00:57:51.510165352: execution complete 00:57:52.236324989: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:57:52.236537321: executing Python as amnesia: node113 = node112.child('No Notifications', roleName='label') 00:57:53.660203244: execution complete 00:57:53.660383678: executing Python as amnesia: node114 = node112.child('No Notifications', roleName='label') 00:57:55.046249438: execution complete 00:57:55.096144465: [log] TYPE "#ESC." And I start Tails from USB drive "isohybrid" with network unplugged and I login # features/step_definitions/common_steps.rb:137 00:57:55.099797536: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:57:55.382840896: call returned: [0, "8:0\n", ""] 00:57:55.383050705: calling as root: readlink -f /dev/block/'8:0' 00:57:55.614252040: call returned: [0, "/dev/sda\n", ""] 00:57:55.614407211: calling as root: udevadm info --query=property --name='/dev/sda' 00:57:55.971088084: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/bilibop /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/TailsBootDev /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nDEVNAME=/dev/sda\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda\nDEVTYPE=disk\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8234726\n", ""] 00:57:55.971436704: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 00:57:56.160863985: call returned: [0, "8:0\n", ""] 00:57:56.161022308: calling as root: readlink -f /dev/block/'8:0' 00:57:56.375691946: call returned: [0, "/dev/sda\n", ""] Then Tails is running from USB drive "isohybrid" # features/step_definitions/usb.rb:418 00:57:56.429493942: spawning as root: poweroff When I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 00:58:06.618042041: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 00:58:08.831164064: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 00:59:12.908030345: calling as root: echo 'hello?' 00:59:13.150871059: call returned: [0, "hello?\n", ""] 00:59:13.151272403: calling as root: service tor status 00:59:13.431131492: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 00:59:13.431547471: opening file /etc/tor/torrc in 'append' mode 00:59:13.681927023: append complete 00:59:14.474054443: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 00:59:14.474349229: calling as root: loginctl 00:59:14.666947563: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 00:59:15.667516696: calling as root: loginctl 00:59:15.898868174: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n c5 0 root n/a \n 5 1000 amnesia seat0 /dev/tty2 \n\n3 sessions listed.\n", "Failed to get session path: No such device or address\n"] 00:59:36.182775032: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 00:59:36.299369158: call returned: [0, "", ""] 00:59:36.299554919: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 00:59:36.404888010: call returned: [0, "", ""] 00:59:36.405146753: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node115 = dogtail.tree.root.application('gnome-shell') 00:59:37.543964821: execution complete 00:59:38.274843515: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 00:59:38.275133539: executing Python as amnesia: node116 = node115.child('No Notifications', roleName='label') 00:59:39.963325188: execution complete 00:59:39.963510754: executing Python as amnesia: node117 = node115.child('No Notifications', roleName='label') 00:59:41.438877157: execution complete 00:59:41.480474079: [log] TYPE "#ESC." And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 00:59:41.483453749: calling as root: pidof -x -o '%PPID' gnome-terminal-server 00:59:41.715738280: call returned: [1, "", ""] 00:59:41.773408591: calling as amnesia: xdotool key Super 00:59:41.997372028: call returned: [0, "", ""] 00:59:43.643509178: [log] TYPE "GNOME Terminal" 00:59:49.528666554: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node118 = dogtail.tree.root.application('tails-installer-launcher') 00:59:49.545692556: [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 00:59:51.179604648: execution complete 00:59:51.179790060: executing Python as amnesia: node119 = node118.child('Tails Installer', roleName='frame') 00:59:51.223371346: execution complete 00:59:54.223702902: executing Python as amnesia: node120 = node119.button('Upgrade by cloning') 00:59:54.268242030: execution complete 00:59:54.268391330: executing Python as amnesia: node120.click() 00:59:55.342800272: execution complete 00:59:55.343087570: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node121 = dogtail.tree.root.application('tails-installer') 00:59:55.765164701: execution complete 00:59:55.765404642: executing Python as amnesia: node122 = node121.child('Tails Installer', roleName='frame') 00:59:55.812412394: execution complete 00:59:58.812943231: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 00:59:59.011740320: call returned: [0, "", ""] 00:59:59.036051486: executing Python as amnesia: node123 = node121.child('', roleName='text') 00:59:59.107092415: execution complete 00:59:59.107252624: executing Python as amnesia: print(node123.text) 00:59:59.148370392: execution complete And I fail to "Upgrade by cloning" Tails to USB drive "isohybrid" # features/step_definitions/usb.rb:172 00:59:59.150486050: executing Python as amnesia: node124 = node121.child('', roleName='text') 00:59:59.202305678: execution complete 00:59:59.202458909: executing Python as amnesia: print(node124.text) 00:59:59.258250768: execution complete Then I am suggested to do a "Install by cloning" # features/step_definitions/usb.rb:143 00:59:59.260110543: calling as root: killall tails-installer 00:59:59.533395278: call returned: [0, "", ""] 00:59:59.533627628: calling as root: pidof -x -o '%PPID' tails-installer 00:59:59.807207173: call returned: [1, "", ""] When I kill the process "tails-installer" # features/step_definitions/common_steps.rb:496 00:59:59.809278694: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:00:00.079837803: call returned: [0, "9552\n", ""] 01:00:00.999371686: [log] CLICK on L(226,585)@S(0)[0,0 1024x768] 01:00:02.842793098: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node125 = dogtail.tree.root.application('tails-installer-launcher') 01:00:02.858586519: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:00:03.542302684: execution complete 01:00:03.542503496: executing Python as amnesia: node126 = node125.child('Tails Installer', roleName='frame') 01:00:03.583390549: execution complete 01:00:06.583765541: executing Python as amnesia: node127 = node126.button('Install by cloning') 01:00:06.633342047: execution complete 01:00:06.633537831: executing Python as amnesia: node127.click() 01:00:07.686854852: execution complete 01:00:07.687064812: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node128 = dogtail.tree.root.application('tails-installer') 01:00:07.872269452: execution complete 01:00:07.872455940: executing Python as amnesia: node129 = node128.child('Tails Installer', roleName='frame') 01:00:07.919087144: execution complete 01:00:10.919373294: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:00:11.080560732: call returned: [0, "", ""] 01:00:11.107384865: executing Python as amnesia: node130 = node128.child('', roleName='text') 01:00:11.199451090: execution complete 01:00:11.199666269: executing Python as amnesia: print(node130.text) 01:00:11.234761747: execution complete 01:00:11.259367488: executing Python as amnesia: node131 = node128.child('Target Device:', roleName='label') 01:00:11.333048889: execution complete 01:00:11.333258398: executing Python as amnesia: node132 = node131.parent 01:00:11.378927133: execution complete 01:00:11.379126733: executing Python as amnesia: node133 = node132.child('', roleName='combo box', recursive=False) 01:00:11.420245243: execution complete 01:00:11.420395732: executing Python as amnesia: print(node133.name) 01:00:11.475389410: execution complete 01:00:11.475623826: executing Python as amnesia: node134 = node128.button('Install Tails') 01:00:11.554812553: execution complete 01:00:11.555016898: executing Python as amnesia: node134.click() 01:00:12.598920960: execution complete 01:00:12.599174295: executing Python as amnesia: node135 = node128.child('Question', roleName='alert') 01:00:12.678603744: execution complete 01:00:12.678886839: executing Python as amnesia: node136 = node135.button('Yes') 01:00:12.728925658: execution complete 01:00:12.729171687: executing Python as amnesia: node136.click() 01:00:13.774892807: execution complete 01:00:13.775270012: executing Python as amnesia: node137 = node128.child('Information', roleName='alert') 01:00:25.015546701: execution complete 01:00:26.015954559: executing Python as amnesia: node138 = node128.child('Information', roleName='alert') 01:00:37.507669806: execution complete 01:00:38.508019548: executing Python as amnesia: node139 = node128.child('Information', roleName='alert') 01:00:49.326519307: execution complete 01:00:50.326997999: executing Python as amnesia: node140 = node128.child('Information', roleName='alert') 01:01:01.810008919: execution complete 01:01:02.810441657: executing Python as amnesia: node141 = node128.child('Information', roleName='alert') 01:01:14.363915271: execution complete 01:01:15.364349941: executing Python as amnesia: node142 = node128.child('Information', roleName='alert') 01:01:26.450657447: execution complete 01:01:27.451034448: executing Python as amnesia: node143 = node128.child('Information', roleName='alert') 01:01:38.814369717: execution complete 01:01:39.814836202: executing Python as amnesia: node144 = node128.child('Information', roleName='alert') 01:01:39.883086351: execution complete 01:01:39.883275842: executing Python as amnesia: node145 = node144.child('Installation complete!', roleName='label') 01:01:39.948574713: execution complete And I "Install by cloning" Tails to USB drive "isohybrid" # features/step_definitions/usb.rb:167 01:01:39.951404996: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:01:41.131079197: call returned: [0, "11:0\n", ""] 01:01:41.131260189: calling as root: readlink -f /dev/block/'11:0' 01:01:41.398191498: call returned: [0, "/dev/sr0\n", ""] 01:01:41.398381140: calling as root: udevadm info --query=property --name='/dev/sr0' 01:01:41.754040558: call returned: [0, "DEVLINKS=/dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/cdrom /dev/dvd /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:uaccess:seat:\nUSEC_INITIALIZED=6582433\n", ""] 01:01:41.777247100: calling as root: udisksctl info --block-device '/dev/sda' 01:01:42.655022250: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:01:42.655380632: calling as root: udisksctl info --block-device '/dev/sda1' 01:01:43.094262390: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-527D-86AB\n IdLabel: Tails\n IdType: vfat\n IdUUID: 527D-86AB\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/cf7863ef-504b-41a4-8a9e-0777b264cd98\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/527D-86AB\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: cf7863ef-504b-41a4-8a9e-0777b264cd98\n", ""] 01:01:43.094622003: calling as root: mkdir -p /mnt/new 01:01:43.334141778: call returned: [0, "", ""] 01:01:43.334329739: calling as root: mount /dev/sda1 /mnt/new 01:01:43.651525157: call returned: [0, "", ""] 01:01:43.651710023: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 01:02:05.056314760: call returned: [0, "", ""] 01:02:05.056511689: calling as root: ls -1 /mnt/new/syslinux 01:02:06.241509157: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:02:06.241707150: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:02:06.537539163: call returned: [0, "", ""] 01:02:06.537757269: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:02:06.705379835: call returned: [0, "", ""] 01:02:06.705590424: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:02:06.912278148: call returned: [0, "", ""] 01:02:06.912462834: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:02:07.091424727: call returned: [0, "", ""] 01:02:07.091616201: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:02:07.329562516: call returned: [0, "", ""] 01:02:07.329757436: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:02:07.572744742: call returned: [0, "", ""] 01:02:07.572973224: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:02:07.818025690: call returned: [0, "", ""] 01:02:07.818284015: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:02:08.054045514: call returned: [0, "", ""] 01:02:08.054256910: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:02:08.284992444: call returned: [0, "", ""] 01:02:08.285183582: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:02:08.514136373: call returned: [0, "", ""] 01:02:08.514330478: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:02:08.693405660: call returned: [0, "", ""] 01:02:08.693634401: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:02:08.912142188: call returned: [0, "", ""] 01:02:08.912373920: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:02:09.164617589: call returned: [0, "", ""] 01:02:09.164836472: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:02:09.348359123: call returned: [0, "", ""] 01:02:09.348559475: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:02:09.619144944: call returned: [0, "", ""] 01:02:09.619316532: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:02:09.813069193: call returned: [0, "", ""] 01:02:09.813265983: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:02:10.039743603: call returned: [0, "", ""] 01:02:10.039950412: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:02:10.238311624: call returned: [0, "", ""] 01:02:10.238483703: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:02:10.481363682: call returned: [0, "", ""] 01:02:10.481534320: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:02:10.688763427: call returned: [0, "", ""] 01:02:10.689007512: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 01:02:10.922780082: call returned: [0, "", ""] 01:02:10.923120326: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:02:11.137067538: call returned: [0, "", ""] 01:02:11.137290210: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:02:11.335373330: call returned: [0, "", ""] 01:02:11.335555251: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:02:11.514673977: call returned: [0, "", ""] 01:02:11.514861023: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:02:11.763299066: call returned: [0, "", ""] 01:02:11.763467895: calling as root: umount /mnt/new 01:02:12.327581954: call returned: [0, "", ""] 01:02:12.327733029: calling as root: sync 01:02:12.580973877: call returned: [0, "", ""] Then the running Tails is installed on USB drive "isohybrid" # features/step_definitions/usb.rb:292 01:02:12.603384337: calling as root: test -b /dev/sda2 01:02:12.763623589: call returned: [1, "", ""] But there is no persistence partition on USB drive "isohybrid" # features/step_definitions/usb.rb:305 01:02:12.764867404: spawning as root: poweroff When I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 01:02:23.975207080: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:02:27.727030145: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:03:40.447335122: calling as root: echo 'hello?' 01:03:40.725855132: call returned: [0, "hello?\n", ""] 01:03:40.726383513: calling as root: service tor status 01:03:40.989652982: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:03:40.990105874: opening file /etc/tor/torrc in 'append' mode 01:03:41.286534703: append complete 01:03:42.071257017: calling as root: loginctl 01:03:42.071381757: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:03:42.257453672: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:03:43.257872514: calling as root: loginctl 01:03:43.457024947: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:03:58.643643138: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:03:58.770187660: call returned: [0, "", ""] 01:03:58.770371889: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:03:58.891112505: call returned: [0, "", ""] 01:03:58.891469600: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node146 = dogtail.tree.root.application('gnome-shell') 01:04:00.081090717: execution complete 01:04:00.806434995: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:04:00.806763450: executing Python as amnesia: node147 = node146.child('No Notifications', roleName='label') 01:04:02.607235210: execution complete 01:04:02.607494320: executing Python as amnesia: node148 = node146.child('No Notifications', roleName='label') 01:04:04.024306029: execution complete 01:04:04.066537970: [log] TYPE "#ESC." And I start Tails from USB drive "isohybrid" with network unplugged and I login # features/step_definitions/common_steps.rb:137 01:04:04.068251879: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:04:04.328562101: call returned: [0, "8:1\n", ""] 01:04:04.328777006: calling as root: readlink -f /dev/block/'8:1' 01:04:04.574015316: call returned: [0, "/dev/sda1\n", ""] 01:04:04.574305033: calling as root: udevadm info --query=property --name='/dev/sda1' 01:04:05.019396164: call returned: [0, "DEVLINKS=/dev/disk/by-partlabel/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-uuid/527D-86AB /dev/disk/by-label/Tails /dev/disk/by-partuuid/cf7863ef-504b-41a4-8a9e-0777b264cd98 /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=527D-86AB\nID_FS_UUID_ENC=527D-86AB\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=cf7863ef-504b-41a4-8a9e-0777b264cd98\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=c5cdd51a-8eae-48cd-8d80-8d2b6ca8b66c\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7730561\n", ""] 01:04:05.019726802: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:04:05.258981466: call returned: [0, "8:1\n", ""] 01:04:05.259230794: calling as root: readlink -f /dev/block/'8:1' 01:04:05.412297147: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "isohybrid" # features/step_definitions/usb.rb:418 01:04:05.464902074: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:04:05.660373395: call returned: [0, "8:1\n", ""] 01:04:05.660530266: calling as root: readlink -f /dev/block/'8:1' 01:04:05.851931034: call returned: [0, "/dev/sda1\n", ""] 01:04:05.852170219: calling as root: ls -1 /dev/sda* 01:04:06.015528126: call returned: [0, "/dev/sda\n/dev/sda1\n", ""] 01:04:06.015703619: calling as root: cut -d':' -f1 /etc/passwd 01:04:06.263513464: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 01:04:06.263706505: calling as root: groups root 01:04:06.562146251: call returned: [0, "root : root\n", ""] 01:04:06.562384529: calling as root: groups daemon 01:04:06.757045941: call returned: [0, "daemon : daemon\n", ""] 01:04:06.757243946: calling as root: groups bin 01:04:06.951641206: call returned: [0, "bin : bin\n", ""] 01:04:06.951890669: calling as root: groups sys 01:04:07.180149615: call returned: [0, "sys : sys\n", ""] 01:04:07.180411310: calling as root: groups sync 01:04:07.384682982: call returned: [0, "sync : nogroup\n", ""] 01:04:07.384899607: calling as root: groups games 01:04:07.573656824: call returned: [0, "games : games\n", ""] 01:04:07.573844498: calling as root: groups man 01:04:07.799286225: call returned: [0, "man : man\n", ""] 01:04:07.799527274: calling as root: groups lp 01:04:07.988703843: call returned: [0, "lp : lp\n", ""] 01:04:07.988893186: calling as root: groups mail 01:04:08.217024377: call returned: [0, "mail : mail\n", ""] 01:04:08.217236441: calling as root: groups news 01:04:08.411718357: call returned: [0, "news : news\n", ""] 01:04:08.411951531: calling as root: groups uucp 01:04:08.646086018: call returned: [0, "uucp : uucp\n", ""] 01:04:08.646282303: calling as root: groups proxy 01:04:08.842459683: call returned: [0, "proxy : proxy\n", ""] 01:04:08.842661304: calling as root: groups www-data 01:04:09.055255817: call returned: [0, "www-data : www-data\n", ""] 01:04:09.055510887: calling as root: groups backup 01:04:09.267900394: call returned: [0, "backup : backup\n", ""] 01:04:09.268130204: calling as root: groups list 01:04:09.551424096: call returned: [0, "list : list\n", ""] 01:04:09.551628357: calling as root: groups irc 01:04:09.796775701: call returned: [0, "irc : irc\n", ""] 01:04:09.796977136: calling as root: groups gnats 01:04:09.971182640: call returned: [0, "gnats : gnats\n", ""] 01:04:09.971425997: calling as root: groups nobody 01:04:10.297643907: call returned: [0, "nobody : nogroup\n", ""] 01:04:10.297867142: calling as root: groups systemd-timesync 01:04:10.594853349: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 01:04:10.595068226: calling as root: groups systemd-network 01:04:10.832352118: call returned: [0, "systemd-network : systemd-network\n", ""] 01:04:10.832596950: calling as root: groups systemd-resolve 01:04:11.001901162: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 01:04:11.002103645: calling as root: groups systemd-bus-proxy 01:04:11.231176970: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 01:04:11.231375370: calling as root: groups _apt 01:04:11.434212541: call returned: [0, "_apt : nogroup\n", ""] 01:04:11.434414470: calling as root: groups messagebus 01:04:11.616674395: call returned: [0, "messagebus : messagebus\n", ""] 01:04:11.616930319: calling as root: groups memlockd 01:04:11.856892543: call returned: [0, "memlockd : memlockd\n", ""] 01:04:11.857151393: calling as root: groups monkeysphere 01:04:12.043227119: call returned: [0, "monkeysphere : monkeysphere\n", ""] 01:04:12.043499690: calling as root: groups debian-tor 01:04:12.244205698: call returned: [0, "debian-tor : debian-tor\n", ""] 01:04:12.244447040: calling as root: groups speech-dispatcher 01:04:12.453826087: call returned: [0, "speech-dispatcher : audio\n", ""] 01:04:12.454004959: calling as root: groups colord 01:04:12.651831881: call returned: [0, "colord : colord\n", ""] 01:04:12.652108659: calling as root: groups saned 01:04:12.808867368: call returned: [0, "saned : saned scanner\n", ""] 01:04:12.809054278: calling as root: groups pulse 01:04:13.069052515: call returned: [0, "pulse : pulse audio\n", ""] 01:04:13.069299305: calling as root: groups hplip 01:04:13.260957313: call returned: [0, "hplip : lp\n", ""] 01:04:13.261217425: calling as root: groups Debian-gdm 01:04:13.473151105: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 01:04:13.473331605: calling as root: groups tails-persistence-setup 01:04:13.676117961: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 01:04:13.676342075: calling as root: groups clearnet 01:04:13.850877466: call returned: [0, "clearnet : clearnet\n", ""] 01:04:13.851144936: calling as root: groups htp 01:04:14.082852217: call returned: [0, "htp : htp\n", ""] 01:04:14.083074792: calling as root: groups tails-iuk-get-target-file 01:04:14.248811167: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 01:04:14.249034026: calling as root: groups tails-upgrade-frontend 01:04:14.478626278: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 01:04:14.478849586: calling as root: groups tor-launcher 01:04:14.694183432: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 01:04:14.694394980: calling as root: groups tails-install-iuk 01:04:14.881840175: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 01:04:14.882047331: calling as root: groups amnesia 01:04:15.083172263: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 01:04:15.083342435: calling as root: stat -c %U /dev/sda 01:04:15.266074030: call returned: [0, "root\n", ""] 01:04:15.266262168: calling as root: stat -c %G /dev/sda 01:04:15.513851558: call returned: [0, "disk\n", ""] 01:04:15.514001959: calling as root: stat -c %a /dev/sda 01:04:15.672142757: call returned: [0, "660\n", ""] 01:04:15.672677078: calling as root: stat -c %U /dev/sda1 01:04:15.884032642: call returned: [0, "root\n", ""] 01:04:15.884177906: calling as root: stat -c %G /dev/sda1 01:04:16.110241338: call returned: [0, "disk\n", ""] 01:04:16.110390835: calling as root: stat -c %a /dev/sda1 01:04:16.289619607: call returned: [0, "660\n", ""] 01:04:16.290160109: calling as root: udisksctl info --block-device '/dev/sda' 01:04:16.677694478: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 01:04:16.701505455: calling as root: test -b /dev/sda2 01:04:16.844244151: call returned: [1, "", ""] And there is no persistence partition on USB drive "isohybrid" # features/step_definitions/usb.rb:305 @product Feature: Upgrading an old Tails USB installation As a Tails user If I have an old versoin of Tails installed on a USB device and the USB device has a persistent partition I want to upgrade Tails on it and keep my persistent partition in the process # An issue with this feature is that scenarios depend on each # other. When editing this feature, make sure you understand these # dependencies (which are documented below). Scenario: Try to "Upgrade from ISO" Tails to a pristine USB drive # features/usb_upgrade.feature:13 01:04:19.786126134: calling as root: echo 'hello?' 01:04:20.043643265: call returned: [0, "hello?\n", ""] 01:04:20.768234699: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:04:20.768464608: calling as root: nmcli device show eth0 01:04:21.190217187: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:04:21.217487223: calling as root: date -s '@1498727908' 01:04:21.432925853: call returned: [0, "Thu Jun 29 09:18:28 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:04:21.478472298: libguestfs: trace: set_autosync true 01:04:21.478595981: libguestfs: trace: set_autosync = 0 01:04:21.482657914: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/UaOQrpKJlY" "format:qcow2" 01:04:21.482814992: libguestfs: trace: add_drive = 0 01:04:21.482886624: libguestfs: trace: launch 01:04:21.483095338: libguestfs: trace: get_tmpdir 01:04:21.483189705: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:04:21.483273803: libguestfs: trace: get_backend_setting "force_tcg" 01:04:21.483343483: libguestfs: trace: get_backend_setting = NULL (error) 01:04:21.483399601: libguestfs: trace: get_cachedir 01:04:21.483614257: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:04:21.529033164: libguestfs: trace: get_cachedir 01:04:21.529204429: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:04:21.529374123: libguestfs: trace: get_sockdir 01:04:21.529444283: libguestfs: trace: get_sockdir = "/tmp" 01:04:21.529868102: libguestfs: trace: get_backend_setting "gdb" 01:04:21.529964463: libguestfs: trace: get_backend_setting = NULL (error) 01:04:25.814707226: libguestfs: trace: launch = 0 01:04:25.814988616: libguestfs: trace: list_devices 01:04:25.815850880: libguestfs: trace: list_devices = ["/dev/sda"] 01:04:25.816945059: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:04:25.880526289: libguestfs: trace: part_disk = 0 01:04:25.880754335: libguestfs: trace: part_set_name "/dev/sda" 1 "UaOQrpKJlY" 01:04:25.935208440: libguestfs: trace: part_set_name = 0 01:04:25.936456802: libguestfs: trace: list_partitions 01:04:25.936895476: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:04:25.937026574: libguestfs: trace: mkfs "ext4" "/dev/sda1" 01:04:26.101719135: libguestfs: trace: mkfs = 0 01:04:26.101929343: libguestfs: trace: close 01:04:26.103001676: libguestfs: trace: internal_autosync 01:04:26.106733783: libguestfs: trace: internal_autosync = 0 01:04:26.194890453: libguestfs: trace: set_autosync true 01:04:26.195075418: libguestfs: trace: set_autosync = 0 01:04:26.205329451: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/UaOQrpKJlY" "format:qcow2" 01:04:26.205613528: libguestfs: trace: add_drive = 0 01:04:26.205691027: libguestfs: trace: launch 01:04:26.205965449: libguestfs: trace: get_tmpdir 01:04:26.206034393: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:04:26.206133562: libguestfs: trace: get_backend_setting "force_tcg" 01:04:26.206209955: libguestfs: trace: get_backend_setting = NULL (error) 01:04:26.206270878: libguestfs: trace: get_cachedir 01:04:26.206591814: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:04:26.250990616: libguestfs: trace: get_cachedir 01:04:26.251174721: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:04:26.251339737: libguestfs: trace: get_sockdir 01:04:26.251664790: libguestfs: trace: get_sockdir = "/tmp" 01:04:26.251860562: libguestfs: trace: get_backend_setting "gdb" 01:04:26.251940476: libguestfs: trace: get_backend_setting = NULL (error) 01:04:30.533873612: libguestfs: trace: launch = 0 01:04:30.534140364: libguestfs: trace: list_devices 01:04:30.535944584: libguestfs: trace: list_devices = ["/dev/sda"] 01:04:30.536086801: libguestfs: trace: list_partitions 01:04:30.536652366: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:04:30.536787428: libguestfs: trace: mount "/dev/sda1" "/" 01:04:30.549879247: libguestfs: trace: mount = 0 01:04:30.550100306: libguestfs: trace: upload "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" 01:04:37.396136804: libguestfs: trace: upload = 0 01:04:37.396358407: libguestfs: trace: close 01:04:37.396482760: libguestfs: trace: internal_autosync 01:04:37.528014893: libguestfs: trace: internal_autosync = 0 01:04:37.705234969: calling as root: test -b /dev/sda 01:04:37.888947764: call returned: [1, "", ""] 01:04:38.913284319: calling as root: test -b /dev/sda 01:04:39.120174333: call returned: [1, "", ""] 01:04:40.155277648: calling as root: test -b /dev/sda 01:04:40.383984412: call returned: [0, "", ""] 01:04:40.384402957: calling as root: mktemp -d 01:04:40.603832914: call returned: [0, "/tmp/tmp.J4j9DBxp3L\n", ""] 01:04:40.625188482: calling as root: mount /dev/sda1 /tmp/tmp.J4j9DBxp3L 01:04:41.475214499: call returned: [0, "", ""] 01:04:41.475401650: calling as root: chmod -R a+rX '/tmp/tmp.J4j9DBxp3L' 01:04:41.706509075: call returned: [0, "", ""] And I plug and mount a USB drive containing the Tails ISO # features/step_definitions/usb.rb:182 And I temporarily create a 4 GiB disk named "pristine" # features/step_definitions/common_steps.rb:59 01:04:41.875506662: calling as root: test -b /dev/sdb 01:04:42.093564970: call returned: [1, "", ""] 01:04:43.118757694: calling as root: test -b /dev/sdb 01:04:43.348415516: call returned: [0, "", ""] And I plug USB drive "pristine" # features/step_definitions/common_steps.rb:65 01:04:43.350398548: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:04:43.539299141: call returned: [1, "", ""] 01:04:43.626022025: calling as amnesia: xdotool key Super 01:04:43.872324778: call returned: [0, "", ""] 01:04:45.596091559: [log] TYPE "GNOME Terminal" 01:04:49.831934205: [log] ( Ctrl ) TYPE "#ENTER." 01:04:51.682408976: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:04:51.683262738: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node149 = dogtail.tree.root.application('tails-installer-launcher') 01:04:53.792772241: execution complete 01:04:53.792998068: executing Python as amnesia: node150 = node149.child('Tails Installer', roleName='frame') 01:04:53.838444391: execution complete 01:04:56.838799539: executing Python as amnesia: node151 = node150.button('Upgrade from ISO') 01:04:56.882343020: execution complete 01:04:56.882571480: executing Python as amnesia: node151.click() 01:04:57.930389791: execution complete 01:04:57.930733036: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node152 = dogtail.tree.root.application('tails-installer') 01:04:58.442733642: execution complete 01:04:58.442991954: executing Python as amnesia: node153 = node152.child('Tails Installer', roleName='frame') 01:04:58.507610964: execution complete 01:05:01.507949980: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:05:01.688297018: call returned: [0, "", ""] When I start Tails Installer in "Upgrade from ISO" mode # features/step_definitions/usb.rb:114 01:05:01.690251440: executing Python as amnesia: node154 = node152.child('', roleName='text') 01:05:01.752796784: execution complete 01:05:01.753014043: executing Python as amnesia: print(node154.text) 01:05:01.823320245: execution complete Then I am told that the destination device cannot be upgraded # features/step_definitions/usb.rb:137 Scenario: Try to "Upgrade by cloning" Tails to a pristine USB drive # features/usb_upgrade.feature:21 01:05:04.798187403: calling as root: echo 'hello?' 01:05:05.121234077: call returned: [0, "hello?\n", ""] 01:05:05.846708248: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:05:05.847017855: calling as root: nmcli device show eth0 01:05:06.278859621: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:05:06.301087851: calling as root: date -s '@1498727953' 01:05:06.494709073: call returned: [0, "Thu Jun 29 09:19:13 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 4 GiB disk named "pristine" # features/step_definitions/common_steps.rb:59 01:05:06.621037871: calling as root: test -b /dev/sda 01:05:06.782323777: call returned: [1, "", ""] 01:05:07.802178427: calling as root: test -b /dev/sda 01:05:08.005838263: call returned: [1, "", ""] 01:05:09.031009099: calling as root: test -b /dev/sda 01:05:09.201518906: call returned: [0, "", ""] And I plug USB drive "pristine" # features/step_definitions/common_steps.rb:65 01:05:09.202916908: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:05:09.416112074: call returned: [1, "", ""] 01:05:09.478157973: calling as amnesia: xdotool key Super 01:05:09.690241588: call returned: [0, "", ""] 01:05:11.815813758: [log] TYPE "GNOME Terminal" 01:05:17.379201280: [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:05:17.379635523: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node155 = dogtail.tree.root.application('tails-installer-launcher') 01:05:19.650643729: execution complete 01:05:19.650876503: executing Python as amnesia: node156 = node155.child('Tails Installer', roleName='frame') 01:05:19.697689082: execution complete 01:05:22.698094928: executing Python as amnesia: node157 = node156.button('Upgrade by cloning') 01:05:22.742882830: execution complete 01:05:22.743087939: executing Python as amnesia: node157.click() 01:05:23.816335071: execution complete 01:05:23.816586149: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node158 = dogtail.tree.root.application('tails-installer') 01:05:24.201554281: execution complete 01:05:24.201738804: executing Python as amnesia: node159 = node158.child('Tails Installer', roleName='frame') 01:05:24.233663577: execution complete 01:05:27.234071117: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:05:27.438651497: call returned: [0, "", ""] When I start Tails Installer in "Upgrade by cloning" mode # features/step_definitions/usb.rb:114 01:05:27.439943738: executing Python as amnesia: node160 = node158.child('', roleName='text') 01:05:27.506487284: execution complete 01:05:27.506643390: executing Python as amnesia: print(node160.text) 01:05:27.557170171: execution complete Then I am told that the destination device cannot be upgraded # features/step_definitions/usb.rb:137 Scenario: Try to "Upgrade from ISO" Tails to a USB drive with GPT and a FAT partition # features/usb_upgrade.feature:28 01:05:30.306545830: calling as root: echo 'hello?' 01:05:30.531822454: call returned: [0, "hello?\n", ""] 01:05:31.256223046: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:05:31.256479602: calling as root: nmcli device show eth0 01:05:31.671705928: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:05:31.693528506: calling as root: date -s '@1498727978' 01:05:31.905628263: call returned: [0, "Thu Jun 29 09:19:38 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:05:31.956407910: libguestfs: trace: set_autosync true 01:05:31.956561501: libguestfs: trace: set_autosync = 0 01:05:31.962848217: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/OeHmuvgZzH" "format:qcow2" 01:05:31.962990556: libguestfs: trace: add_drive = 0 01:05:31.963098353: libguestfs: trace: launch 01:05:31.963238554: libguestfs: trace: get_tmpdir 01:05:31.963354248: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:05:31.963480086: libguestfs: trace: get_backend_setting "force_tcg" 01:05:31.963584019: libguestfs: trace: get_backend_setting = NULL (error) 01:05:31.963721616: libguestfs: trace: get_cachedir 01:05:31.963791234: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:32.005689259: libguestfs: trace: get_cachedir 01:05:32.005930281: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:32.006122945: libguestfs: trace: get_sockdir 01:05:32.006245074: libguestfs: trace: get_sockdir = "/tmp" 01:05:32.006472997: libguestfs: trace: get_backend_setting "gdb" 01:05:32.006599018: libguestfs: trace: get_backend_setting = NULL (error) 01:05:35.289120764: libguestfs: trace: launch = 0 01:05:35.289666349: libguestfs: trace: list_devices 01:05:35.290652125: libguestfs: trace: list_devices = ["/dev/sda"] 01:05:35.290993847: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:05:35.366154923: libguestfs: trace: part_disk = 0 01:05:35.366552723: libguestfs: trace: part_set_name "/dev/sda" 1 "OeHmuvgZzH" 01:05:35.436414912: libguestfs: trace: part_set_name = 0 01:05:35.436729955: libguestfs: trace: list_partitions 01:05:35.437412827: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:05:35.437861711: libguestfs: trace: mkfs "ext4" "/dev/sda1" 01:05:35.605574631: libguestfs: trace: mkfs = 0 01:05:35.606006306: libguestfs: trace: close 01:05:35.606406234: libguestfs: trace: internal_autosync 01:05:35.609857446: libguestfs: trace: internal_autosync = 0 01:05:35.700526401: libguestfs: trace: set_autosync true 01:05:35.700770828: libguestfs: trace: set_autosync = 0 01:05:35.708017306: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/OeHmuvgZzH" "format:qcow2" 01:05:35.708130214: libguestfs: trace: add_drive = 0 01:05:35.708367517: libguestfs: trace: launch 01:05:35.708422776: libguestfs: trace: get_tmpdir 01:05:35.708473795: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:05:35.708551659: libguestfs: trace: get_backend_setting "force_tcg" 01:05:35.708745875: libguestfs: trace: get_backend_setting = NULL (error) 01:05:35.708825427: libguestfs: trace: get_cachedir 01:05:35.708877100: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:35.753178433: libguestfs: trace: get_cachedir 01:05:35.753566542: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:35.753730913: libguestfs: trace: get_sockdir 01:05:35.753797144: libguestfs: trace: get_sockdir = "/tmp" 01:05:35.753967198: libguestfs: trace: get_backend_setting "gdb" 01:05:35.754218446: libguestfs: trace: get_backend_setting = NULL (error) 01:05:39.011159658: libguestfs: trace: launch = 0 01:05:39.011412423: libguestfs: trace: list_devices 01:05:39.012139858: libguestfs: trace: list_devices = ["/dev/sda"] 01:05:39.013040298: libguestfs: trace: list_partitions 01:05:39.013580072: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:05:39.013695459: libguestfs: trace: mount "/dev/sda1" "/" 01:05:39.028278189: libguestfs: trace: mount = 0 01:05:39.029269900: libguestfs: trace: upload "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" 01:05:45.182093257: libguestfs: trace: upload = 0 01:05:45.182285783: libguestfs: trace: close 01:05:45.182400913: libguestfs: trace: internal_autosync 01:05:45.307124184: libguestfs: trace: internal_autosync = 0 01:05:45.501550355: calling as root: test -b /dev/sda 01:05:45.662585289: call returned: [1, "", ""] 01:05:46.681236469: calling as root: test -b /dev/sda 01:05:46.857650735: call returned: [1, "", ""] 01:05:47.877190507: calling as root: test -b /dev/sda 01:05:48.113294949: call returned: [0, "", ""] 01:05:48.113594222: calling as root: mktemp -d 01:05:48.335105803: call returned: [0, "/tmp/tmp.gTtoEExHFH\n", ""] 01:05:48.356540555: calling as root: mount /dev/sda1 /tmp/tmp.gTtoEExHFH 01:05:48.985227324: call returned: [0, "", ""] 01:05:48.985472565: calling as root: chmod -R a+rX '/tmp/tmp.gTtoEExHFH' 01:05:49.195347756: call returned: [0, "", ""] And I plug and mount a USB drive containing the Tails ISO # features/step_definitions/usb.rb:182 And I temporarily create a 4 GiB disk named "gptfat" # features/step_definitions/common_steps.rb:59 01:05:49.247593916: libguestfs: trace: set_autosync true 01:05:49.247724084: libguestfs: trace: set_autosync = 0 01:05:49.251999820: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/gptfat" "format:qcow2" 01:05:49.252096034: libguestfs: trace: add_drive = 0 01:05:49.252239585: libguestfs: trace: launch 01:05:49.252294819: libguestfs: trace: get_tmpdir 01:05:49.252432767: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:05:49.252522897: libguestfs: trace: get_backend_setting "force_tcg" 01:05:49.252653620: libguestfs: trace: get_backend_setting = NULL (error) 01:05:49.252723885: libguestfs: trace: get_cachedir 01:05:49.252791977: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:49.295142627: libguestfs: trace: get_cachedir 01:05:49.295312447: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:05:49.295597191: libguestfs: trace: get_sockdir 01:05:49.295672650: libguestfs: trace: get_sockdir = "/tmp" 01:05:49.296008938: libguestfs: trace: get_backend_setting "gdb" 01:05:49.296097387: libguestfs: trace: get_backend_setting = NULL (error) 01:05:52.622367005: libguestfs: trace: launch = 0 01:05:52.622635271: libguestfs: trace: list_devices 01:05:52.623381934: libguestfs: trace: list_devices = ["/dev/sda"] 01:05:52.623963736: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:05:52.684506745: libguestfs: trace: part_disk = 0 01:05:52.685138417: libguestfs: trace: list_partitions 01:05:52.685547712: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:05:52.686066984: libguestfs: trace: mkfs "vfat" "/dev/sda1" 01:05:52.732776037: libguestfs: trace: mkfs = 0 01:05:52.732975290: libguestfs: trace: close 01:05:52.733521702: libguestfs: trace: internal_autosync 01:05:52.738027795: libguestfs: trace: internal_autosync = 0 And I create a gpt partition with a vfat filesystem on disk "gptfat" # features/step_definitions/untrusted_partitions.rb:23 01:05:52.951930884: calling as root: test -b /dev/sdb 01:05:53.084700599: call returned: [1, "", ""] 01:05:54.104718288: calling as root: test -b /dev/sdb 01:05:54.383276973: call returned: [0, "", ""] And I plug USB drive "gptfat" # features/step_definitions/common_steps.rb:65 01:05:54.384597484: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:05:54.626024099: call returned: [1, "", ""] 01:05:54.696847106: calling as amnesia: xdotool key Super 01:05:54.927939222: call returned: [0, "", ""] 01:05:56.677129265: [log] TYPE "GNOME Terminal" 01:06:00.883967160: [log] ( Ctrl ) TYPE "#ENTER." 01:06:02.717298825: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:06:02.717614201: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node161 = dogtail.tree.root.application('tails-installer-launcher') 01:06:04.929240871: execution complete 01:06:04.929445845: executing Python as amnesia: node162 = node161.child('Tails Installer', roleName='frame') 01:06:04.973315444: execution complete 01:06:07.973664302: executing Python as amnesia: node163 = node162.button('Upgrade from ISO') 01:06:08.026883668: execution complete 01:06:08.027166703: executing Python as amnesia: node163.click() 01:06:09.096279464: execution complete 01:06:09.096512677: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node164 = dogtail.tree.root.application('tails-installer') 01:06:09.463980142: execution complete 01:06:09.464237379: executing Python as amnesia: node165 = node164.child('Tails Installer', roleName='frame') 01:06:09.519305191: execution complete 01:06:12.519621429: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:06:12.703332774: call returned: [0, "", ""] When I start Tails Installer in "Upgrade from ISO" mode # features/step_definitions/usb.rb:114 01:06:12.704649696: executing Python as amnesia: node166 = node164.child('', roleName='text') 01:06:12.777107292: execution complete 01:06:12.777330085: executing Python as amnesia: print(node166.text) 01:06:12.859484541: execution complete Then I am told that the destination device cannot be upgraded # features/step_definitions/usb.rb:137 Scenario: Try to "Upgrade by cloning" Tails to a USB drive with GPT and a FAT partition # features/usb_upgrade.feature:37 01:06:15.902860082: calling as root: echo 'hello?' 01:06:16.211201050: call returned: [0, "hello?\n", ""] 01:06:16.935154397: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:06:16.935454063: calling as root: nmcli device show eth0 01:06:17.309511534: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:06:17.338457859: calling as root: date -s '@1498728024' 01:06:17.530879519: call returned: [0, "Thu Jun 29 09:20:24 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I temporarily create a 4 GiB disk named "gptfat" # features/step_definitions/common_steps.rb:59 01:06:17.571670342: libguestfs: trace: set_autosync true 01:06:17.571775001: libguestfs: trace: set_autosync = 0 01:06:17.575870281: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/gptfat" "format:qcow2" 01:06:17.576061713: libguestfs: trace: add_drive = 0 01:06:17.576123189: libguestfs: trace: launch 01:06:17.576235043: libguestfs: trace: get_tmpdir 01:06:17.576283798: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:06:17.576461243: libguestfs: trace: get_backend_setting "force_tcg" 01:06:17.576541614: libguestfs: trace: get_backend_setting = NULL (error) 01:06:17.576694325: libguestfs: trace: get_cachedir 01:06:17.576746722: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:06:17.618959680: libguestfs: trace: get_cachedir 01:06:17.619298091: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:06:17.619464853: libguestfs: trace: get_sockdir 01:06:17.619678965: libguestfs: trace: get_sockdir = "/tmp" 01:06:17.619862427: libguestfs: trace: get_backend_setting "gdb" 01:06:17.620042681: libguestfs: trace: get_backend_setting = NULL (error) 01:06:21.888869457: libguestfs: trace: launch = 0 01:06:21.889495345: libguestfs: trace: list_devices 01:06:21.890490554: libguestfs: trace: list_devices = ["/dev/sda"] 01:06:21.890647377: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:06:21.960188317: libguestfs: trace: part_disk = 0 01:06:21.960397300: libguestfs: trace: list_partitions 01:06:21.961286252: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:06:21.961440837: libguestfs: trace: mkfs "vfat" "/dev/sda1" 01:06:22.013727495: libguestfs: trace: mkfs = 0 01:06:22.013897066: libguestfs: trace: close 01:06:22.014441643: libguestfs: trace: internal_autosync 01:06:22.018440662: libguestfs: trace: internal_autosync = 0 And I create a gpt partition with a vfat filesystem on disk "gptfat" # features/step_definitions/untrusted_partitions.rb:23 01:06:22.186157577: calling as root: test -b /dev/sda 01:06:22.383122591: call returned: [1, "", ""] 01:06:23.405308659: calling as root: test -b /dev/sda 01:06:23.618014571: call returned: [1, "", ""] 01:06:24.642972054: calling as root: test -b /dev/sda 01:06:24.804349197: call returned: [0, "", ""] And I plug USB drive "gptfat" # features/step_definitions/common_steps.rb:65 01:06:24.805583224: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:06:25.020438151: call returned: [1, "", ""] 01:06:25.093392255: calling as amnesia: xdotool key Super 01:06:25.343403637: call returned: [0, "", ""] 01:06:27.002707330: [log] TYPE "GNOME Terminal" 01:06:31.268998627: [log] ( Ctrl ) TYPE "#ENTER." 01:06:33.111849278: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node167 = dogtail.tree.root.application('tails-installer-launcher') 01:06:33.128307752: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:06:35.227113916: execution complete 01:06:35.227405354: executing Python as amnesia: node168 = node167.child('Tails Installer', roleName='frame') 01:06:35.275920536: execution complete 01:06:38.276384969: executing Python as amnesia: node169 = node168.button('Upgrade by cloning') 01:06:38.339453987: execution complete 01:06:38.339624208: executing Python as amnesia: node169.click() 01:06:39.417282415: execution complete 01:06:39.417633211: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node170 = dogtail.tree.root.application('tails-installer') 01:06:39.810515578: execution complete 01:06:39.810734186: executing Python as amnesia: node171 = node170.child('Tails Installer', roleName='frame') 01:06:39.853549266: execution complete 01:06:42.853906540: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:06:43.351350644: call returned: [0, "", ""] When I start Tails Installer in "Upgrade by cloning" mode # features/step_definitions/usb.rb:114 01:06:43.352609587: executing Python as amnesia: node172 = node170.child('', roleName='text') 01:06:43.468179605: execution complete 01:06:43.468337434: executing Python as amnesia: print(node172.text) 01:06:43.532812975: execution complete Then I am told that the destination device cannot be upgraded # features/step_definitions/usb.rb:137 Scenario: Installing an old version of Tails to a pristine USB drive # features/usb_upgrade.feature:45 Given a computer # features/step_definitions/common_steps.rb:46 And the computer is set to boot from the old Tails DVD # features/step_definitions/usb.rb:67 And the network is unplugged # features/step_definitions/common_steps.rb:83 01:06:46.647269869: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] And I start the computer # features/step_definitions/common_steps.rb:109 01:07:50.464558663: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:07:50.465183954: calling as root: echo 'hello?' 01:07:50.730341449: call returned: [0, "hello?\n", ""] 01:07:50.730785261: calling as root: service tor status 01:07:50.986470376: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:07:50.986909057: opening file /etc/tor/torrc in 'append' mode 01:07:51.302592671: append complete When the computer boots Tails # features/step_definitions/common_steps.rb:248 01:07:52.087589692: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:07:52.087946624: calling as root: loginctl 01:07:52.268900322: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:07:53.269366570: calling as root: loginctl 01:07:53.536404716: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:08:06.932073937: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:08:07.059012468: call returned: [0, "", ""] 01:08:07.059206654: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:08:07.173159479: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 01:08:07.174421345: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node173 = dogtail.tree.root.application('gnome-shell') 01:08:08.256483144: execution complete 01:08:08.986465316: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:08:08.986664668: executing Python as amnesia: node174 = node173.child('No Notifications', roleName='label') 01:08:10.569545438: execution complete 01:08:10.569731006: executing Python as amnesia: node175 = node173.child('No Notifications', roleName='label') 01:08:11.920960353: execution complete 01:08:11.967409597: [log] TYPE "#ESC." And all notifications have disappeared # features/step_definitions/common_steps.rb:422 And I create a 4 GiB disk named "old" # features/step_definitions/common_steps.rb:59 01:08:12.082211395: calling as root: test -b /dev/sda 01:08:12.287384897: call returned: [1, "", ""] 01:08:13.307500707: calling as root: test -b /dev/sda 01:08:13.515969502: call returned: [1, "", ""] 01:08:14.537286483: calling as root: test -b /dev/sda 01:08:14.707614798: call returned: [0, "", ""] And I plug USB drive "old" # features/step_definitions/common_steps.rb:65 01:08:14.709618610: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:08:14.907281006: call returned: [1, "", ""] 01:08:14.967978246: calling as amnesia: xdotool key Super 01:08:15.230770089: call returned: [0, "", ""] 01:08:16.637692267: [log] TYPE "GNOME Terminal" 01:08:20.389995271: [log] ( Ctrl ) TYPE "#ENTER." 01:08:22.232672895: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:08:22.232944565: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node176 = dogtail.tree.root.application('tails-installer-launcher') 01:08:23.727745116: execution complete 01:08:23.727998794: executing Python as amnesia: node177 = node176.child('Tails Installer', roleName='frame') 01:08:23.777876728: execution complete 01:08:26.778292738: executing Python as amnesia: node178 = node177.button('Install by cloning') 01:08:26.824054324: execution complete 01:08:26.824212416: executing Python as amnesia: node178.click() 01:08:27.886773213: execution complete 01:08:27.886966080: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node179 = dogtail.tree.root.application('tails-installer') 01:08:28.120843631: execution complete 01:08:28.121106149: executing Python as amnesia: node180 = node179.child('Tails Installer', roleName='frame') 01:08:28.154700401: execution complete 01:08:31.154980523: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:08:31.354242264: call returned: [0, "", ""] 01:08:31.375018010: executing Python as amnesia: node181 = node179.child('', roleName='text') 01:08:31.423819358: execution complete 01:08:31.424015860: executing Python as amnesia: print(node181.text) 01:08:31.456083876: execution complete 01:08:31.473700476: executing Python as amnesia: node182 = node179.child('Target Device:', roleName='label') 01:08:31.536382142: execution complete 01:08:31.536584878: executing Python as amnesia: node183 = node182.parent 01:08:31.567187883: execution complete 01:08:31.567350692: executing Python as amnesia: node184 = node183.child('', roleName='combo box', recursive=False) 01:08:31.612017680: execution complete 01:08:31.612174721: executing Python as amnesia: print(node184.name) 01:08:31.649816816: execution complete 01:08:31.650075041: executing Python as amnesia: node185 = node179.button('Install Tails') 01:08:31.711013992: execution complete 01:08:31.711189741: executing Python as amnesia: node185.click() 01:08:32.760241203: execution complete 01:08:32.760468226: executing Python as amnesia: node186 = node179.child('Question', roleName='alert') 01:08:32.908497308: execution complete 01:08:32.908777254: executing Python as amnesia: node187 = node186.button('Yes') 01:08:32.981933800: execution complete 01:08:32.982114507: executing Python as amnesia: node187.click() 01:08:34.040613730: execution complete 01:08:34.040937407: executing Python as amnesia: node188 = node179.child('Information', roleName='alert') 01:08:45.039586497: execution complete 01:08:46.040101815: executing Python as amnesia: node189 = node179.child('Information', roleName='alert') 01:08:57.485332233: execution complete 01:08:58.485746130: executing Python as amnesia: node190 = node179.child('Information', roleName='alert') 01:09:09.290780405: execution complete 01:09:10.291320311: executing Python as amnesia: node191 = node179.child('Information', roleName='alert') 01:09:21.507158492: execution complete 01:09:22.507582671: executing Python as amnesia: node192 = node179.child('Information', roleName='alert') 01:09:34.022395911: execution complete 01:09:35.022768701: executing Python as amnesia: node193 = node179.child('Information', roleName='alert') 01:09:46.737315986: execution complete 01:09:47.737740316: executing Python as amnesia: node194 = node179.child('Information', roleName='alert') 01:09:58.591328783: execution complete 01:09:58.591560023: executing Python as amnesia: node195 = node194.child('Installation complete!', roleName='label') 01:09:58.653812920: execution complete When I "Install by cloning" Tails to USB drive "old" # features/step_definitions/usb.rb:167 01:09:58.656197041: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:09:59.851304665: call returned: [0, "11:0\n", ""] 01:09:59.851512071: calling as root: readlink -f /dev/block/'11:0' 01:10:00.111034842: call returned: [0, "/dev/sr0\n", ""] 01:10:00.111237732: calling as root: udevadm info --query=property --name='/dev/sr0' 01:10:00.407101730: call returned: [0, "DEVLINKS=/dev/dvd /dev/cdrom /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/disk/by-path/pci-0000:00:1f.2-ata-3\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:uaccess:seat:\nUSEC_INITIALIZED=6165549\n", ""] 01:10:00.428489182: calling as root: udisksctl info --block-device '/dev/sda' 01:10:01.220419715: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:10:01.220708542: calling as root: udisksctl info --block-device '/dev/sda1' 01:10:01.617126113: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-71BD-104A\n IdLabel: Tails\n IdType: vfat\n IdUUID: 71BD-104A\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/71BD-104A\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n", ""] 01:10:01.617488345: calling as root: mkdir -p /mnt/new 01:10:01.804980830: call returned: [0, "", ""] 01:10:01.805130069: calling as root: mount /dev/sda1 /mnt/new 01:10:02.099567949: call returned: [0, "", ""] 01:10:02.099718467: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 01:10:23.443113139: call returned: [0, "", ""] 01:10:23.443325249: calling as root: ls -1 /mnt/new/syslinux 01:10:24.923552442: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:10:24.923725870: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:10:25.183192946: call returned: [0, "", ""] 01:10:25.183378139: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:10:25.410172491: call returned: [0, "", ""] 01:10:25.410352611: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:10:25.641924642: call returned: [0, "", ""] 01:10:25.642184959: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:10:25.869586562: call returned: [0, "", ""] 01:10:25.869771244: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:10:26.084256528: call returned: [0, "", ""] 01:10:26.084444422: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:10:26.295148729: call returned: [0, "", ""] 01:10:26.295369434: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:10:26.514208589: call returned: [0, "", ""] 01:10:26.514402595: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:10:26.708816766: call returned: [0, "", ""] 01:10:26.709030924: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:10:26.928187099: call returned: [0, "", ""] 01:10:26.928387263: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:10:27.192682880: call returned: [0, "", ""] 01:10:27.192880820: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:10:27.395767367: call returned: [0, "", ""] 01:10:27.395961387: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:10:27.596990822: call returned: [0, "", ""] 01:10:27.597219152: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:10:27.846760621: call returned: [0, "", ""] 01:10:27.846944393: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:10:28.067201285: call returned: [0, "", ""] 01:10:28.067378631: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:10:28.275805616: call returned: [0, "", ""] 01:10:28.276056246: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:10:28.477077386: call returned: [0, "", ""] 01:10:28.477262274: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:10:28.844126029: call returned: [0, "", ""] 01:10:28.844297575: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:10:29.235999453: call returned: [0, "", ""] 01:10:29.236170994: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:10:29.442183739: call returned: [0, "", ""] 01:10:29.442392567: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:10:29.585529877: call returned: [0, "", ""] 01:10:29.585706839: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 01:10:29.814791388: call returned: [0, "", ""] 01:10:29.814979436: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:10:30.018649137: call returned: [0, "", ""] 01:10:30.018924598: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:10:30.232454284: call returned: [0, "", ""] 01:10:30.232639744: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:10:30.454677282: call returned: [0, "", ""] 01:10:30.454896822: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:10:30.660816747: call returned: [0, "", ""] 01:10:30.661053823: calling as root: umount /mnt/new 01:10:31.308809564: call returned: [0, "", ""] 01:10:31.308994834: calling as root: sync 01:10:31.531725877: call returned: [0, "", ""] Then the running Tails is installed on USB drive "old" # features/step_definitions/usb.rb:292 01:10:31.561272964: calling as root: test -b /dev/sda2 01:10:31.755394184: call returned: [1, "", ""] But there is no persistence partition on USB drive "old" # features/step_definitions/usb.rb:305 And I unplug USB drive "old" # features/step_definitions/usb.rb:63 # Depends on scenario: Installing an old version of Tails to a pristine USB drive Scenario: Creating a persistent partition with the old Tails USB installation # features/usb_upgrade.feature:61 Given a computer # features/step_definitions/common_steps.rb:46 01:10:34.889149322: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:11:45.805390672: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:11:45.805928153: calling as root: echo 'hello?' 01:11:46.048065729: call returned: [0, "hello?\n", ""] 01:11:46.048498307: calling as root: service tor status 01:11:46.357299041: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:11:46.357784969: opening file /etc/tor/torrc in 'append' mode 01:11:46.655947436: append complete 01:11:47.474790883: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:11:47.475218570: calling as root: loginctl 01:11:47.683310576: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:11:48.683817018: calling as root: loginctl 01:11:48.964559011: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n c5 0 root n/a \n\n3 sessions listed.\n", "Failed to get session path: No such device or address\n"] 01:12:11.708513290: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:12:11.854696547: call returned: [0, "", ""] 01:12:11.854871819: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:12:11.979230152: call returned: [0, "", ""] 01:12:11.979562786: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node196 = dogtail.tree.root.application('gnome-shell') 01:12:13.154193906: execution complete 01:12:13.883516661: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:12:13.883808564: executing Python as amnesia: node197 = node196.child('No Notifications', roleName='label') 01:12:15.430467638: execution complete 01:12:15.430688092: executing Python as amnesia: node198 = node196.child('No Notifications', roleName='label') 01:12:16.707217393: execution complete And I start Tails from USB drive "old" with network unplugged and I login # features/step_definitions/common_steps.rb:137 01:12:16.758664320: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:12:16.758868847: [log] TYPE "#ESC." 01:12:16.963133428: call returned: [0, "8:1\n", ""] 01:12:16.963320337: calling as root: readlink -f /dev/block/'8:1' 01:12:17.159782618: call returned: [0, "/dev/sda1\n", ""] 01:12:17.159939907: calling as root: udevadm info --query=property --name='/dev/sda1' 01:12:17.423613229: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-partlabel/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b /dev/disk/by-uuid/71BD-104A\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=71BD-104A\nID_FS_UUID_ENC=71BD-104A\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=872330f6-e1b6-49f6-91f2-ba2aaab11a5b\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=847b3482-53bd-4442-8291-0b370d4a2bdb\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7781232\n", ""] 01:12:17.423921206: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:12:17.638294060: call returned: [0, "8:1\n", ""] 01:12:17.638455971: calling as root: readlink -f /dev/block/'8:1' 01:12:17.833578535: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "old" # features/step_definitions/usb.rb:418 01:12:17.963717288: calling as amnesia: xdotool key Super 01:12:18.204068094: call returned: [0, "", ""] 01:12:20.237971428: [log] TYPE "Configure persistent volume" 01:12:20.301235489: [log] ( Ctrl ) TYPE "#ENTER." 01:12:43.021652286: [log] TYPE "asdf#TAB.asdf#ENTER." 01:12:43.141461912: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:12:43.141721836: [log] TYPE "#TAB." 01:12:44.563634750: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:12:44.892790996: [log] TYPE "#TAB. " [log] TYPE "#TAB. " [log] TYPE "#TAB. " [log] TYPE "#TAB. " 01:12:44.977952505: [log] TYPE "#TAB. " 01:12:45.144272355: [log] TYPE "#TAB. " [log] TYPE "#TAB. " 01:12:45.228664801: [log] TYPE "#TAB. " 01:12:45.310333936: [log] TYPE "#TAB. " 01:12:45.392227870: [log] TYPE "#TAB. " 01:12:45.618864604: [log] TYPE "#TAB. " [log] TYPE "#TAB. " 01:12:46.952008791: [log] CLICK on L(878,708)@S(0)[0,0 1024x768] 01:12:47.014970744: [log] ( Alt ) TYPE "#F4." And I create a persistent partition # features/step_definitions/usb.rb:222 01:12:47.016823658: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:12:48.397127331: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:12:48.397449779: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:12:49.812715257: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] And I take note of which persistence presets are available # features/step_definitions/usb.rb:560 01:12:49.840358285: calling as root: udisksctl info --block-device '/dev/sda2' 01:12:50.307936309: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda2:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda2\n DeviceNumber: 2050\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: by-uuid-1e37f121-c209-40a0-b105-b12874b7ee5f\n IdLabel: \n IdType: crypto_LUKS\n IdUUID: 1e37f121-c209-40a0-b105-b12874b7ee5f\n IdUsage: crypto\n IdVersion: 1\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda2\n ReadOnly: false\n Size: 1670364672\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part2\n /dev/disk/by-partlabel/TailsData\n /dev/disk/by-partuuid/b9e1a5a2-c9c3-4a40-9ef3-9e551325e120\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part2\n /dev/disk/by-uuid/1e37f121-c209-40a0-b105-b12874b7ee5f\n org.freedesktop.UDisks2.Encrypted:\n org.freedesktop.UDisks2.Partition:\n Flags: 0\n IsContained: false\n IsContainer: false\n Name: TailsData\n Number: 2\n Offset: 2624585728\n Size: 1670364672\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: 0fc63daf-8483-4772-8e79-3d69d8477de4\n UUID: b9e1a5a2-c9c3-4a40-9ef3-9e551325e120\n", ""] 01:12:50.308246821: calling as root: ls -1 --hide 'control' /dev/mapper/ 01:12:50.483335461: call returned: [0, "luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n", ""] 01:12:50.483523635: calling as root: cryptsetup status 'luks-1e37f121-c209-40a0-b105-b12874b7ee5f' 01:12:50.715531084: call returned: [0, "/dev/mapper/luks-1e37f121-c209-40a0-b105-b12874b7ee5f is active and is in use.\n type: LUKS1\n cipher: aes-xts-plain64\n keysize: 256 bits\n device: /dev/sda2\n offset: 4096 sectors\n size: 3258335 sectors\n mode: read/write\n", ""] 01:12:50.715760879: calling as root: udisksctl info --block-device '/dev/mapper/luks-1e37f121-c209-40a0-b105-b12874b7ee5f' 01:12:51.088236598: call returned: [0, "/org/freedesktop/UDisks2/block_devices/dm_2d0:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sda2'\n Device: /dev/dm-0\n DeviceNumber: 65024\n Drive: '/'\n HintAuto: false\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: false\n HintSymbolicIconName: \n HintSystem: true\n Id: by-id-dm-name-luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n IdLabel: TailsData\n IdType: ext4\n IdUUID: bde86341-cd86-4819-a0c1-89daf837065c\n IdUsage: filesystem\n IdVersion: 1.0\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/mapper/luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n ReadOnly: false\n Size: 1668267520\n Symlinks: /dev/disk/by-id/dm-name-luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n /dev/disk/by-id/dm-uuid-CRYPT-LUKS1-1e37f121c20940a0b105b12874b7ee5f-luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n /dev/disk/by-label/TailsData\n /dev/disk/by-uuid/bde86341-cd86-4819-a0c1-89daf837065c\n /dev/mapper/luks-1e37f121-c209-40a0-b105-b12874b7ee5f\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: /media/tails-persistence-setup/TailsData\n", ""] 01:12:51.088582906: calling as root: mkdir -p /mnt/old 01:12:51.297213998: call returned: [0, "", ""] 01:12:51.297364950: calling as root: mount '/dev/mapper/luks-1e37f121-c209-40a0-b105-b12874b7ee5f' /mnt/old 01:12:51.557293484: call returned: [0, "", ""] 01:12:51.557480111: calling as root: umount /mnt/old 01:12:51.812822515: call returned: [0, "", ""] 01:12:51.812973611: calling as root: sync 01:12:52.060092286: call returned: [0, "", ""] 01:12:52.060241755: calling as root: cryptsetup luksClose old 01:12:52.323825291: call returned: [4, "", "Device old is not active.\n"] Then a Tails persistence partition exists on USB drive "old" # features/step_definitions/usb.rb:311 01:12:52.325171076: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 # Depends on scenario: Creating a persistent partition with the old Tails USB installation Scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation # features/usb_upgrade.feature:71 Given a computer # features/step_definitions/common_steps.rb:46 01:13:02.448751953: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:13:05.995530816: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:14:15.339171169: calling as root: echo 'hello?' 01:14:15.594955648: call returned: [0, "hello?\n", ""] 01:14:15.595558889: calling as root: service tor status 01:14:15.887978377: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:14:15.888472015: opening file /etc/tor/torrc in 'append' mode 01:14:16.111258366: append complete 01:14:16.895720271: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 01:14:23.516538711: [log] TYPE "asdf#ENTER." 01:14:23.516911759: calling as root: loginctl 01:14:23.536154701: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:14:23.727593729: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:14:24.728102085: calling as root: loginctl 01:14:24.979400678: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:14:39.526615062: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:14:39.647759720: call returned: [0, "", ""] 01:14:39.647991267: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:14:39.796105869: call returned: [0, "", ""] 01:14:39.796566186: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node199 = dogtail.tree.root.application('gnome-shell') 01:14:41.016500267: execution complete 01:14:41.742859266: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:14:41.743168799: executing Python as amnesia: node200 = node199.child('No Notifications', roleName='label') 01:14:43.334080957: execution complete 01:14:43.334255637: executing Python as amnesia: node201 = node199.child('No Notifications', roleName='label') 01:14:44.809014983: execution complete 01:14:44.850971573: [log] TYPE "#ESC." And I start Tails from USB drive "old" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 01:14:44.852664855: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:14:45.113124113: call returned: [0, "8:1\n", ""] 01:14:45.113283991: calling as root: readlink -f /dev/block/'8:1' 01:14:45.350235909: call returned: [0, "/dev/sda1\n", ""] 01:14:45.350412984: calling as root: udevadm info --query=property --name='/dev/sda1' 01:14:45.701489298: call returned: [0, "DEVLINKS=/dev/disk/by-partlabel/Tails /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-uuid/71BD-104A /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=71BD-104A\nID_FS_UUID_ENC=71BD-104A\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=872330f6-e1b6-49f6-91f2-ba2aaab11a5b\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=847b3482-53bd-4442-8291-0b370d4a2bdb\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7793863\n", ""] 01:14:45.701864711: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:14:45.886373967: call returned: [0, "8:1\n", ""] 01:14:45.886579807: calling as root: readlink -f /dev/block/'8:1' 01:14:46.140333687: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "old" # features/step_definitions/usb.rb:418 01:14:46.211635203: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:14:46.430660166: call returned: [0, "", ""] 01:14:46.430814755: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:14:46.683107226: call returned: [0, "", ""] 01:14:46.683464510: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:14:48.729241608: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:14:48.729602906: calling as root: mount 01:14:49.157672203: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=d35d7f80e3115638,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=37,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10437)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] And all persistence presets are enabled # features/step_definitions/usb.rb:365 01:14:49.159651601: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:14:50.586396205: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:14:50.586726711: calling as root: stat -c %U /home/amnesia/Persistent 01:14:50.759008822: call returned: [0, "amnesia\n", ""] 01:14:50.759198584: calling as amnesia: touch /home/amnesia/Persistent/XXX_persist 01:14:50.905092264: call returned: [0, "", ""] 01:14:50.905364597: calling as root: stat -c %U /home/amnesia/.gnupg 01:14:51.161947888: call returned: [0, "amnesia\n", ""] 01:14:51.162089424: calling as amnesia: touch /home/amnesia/.gnupg/XXX_persist 01:14:51.262630855: call returned: [0, "", ""] 01:14:51.262861095: calling as root: stat -c %U /home/amnesia/.ssh 01:14:51.486513857: call returned: [0, "amnesia\n", ""] 01:14:51.486698273: calling as amnesia: touch /home/amnesia/.ssh/XXX_persist 01:14:51.592488419: call returned: [0, "", ""] 01:14:51.592689659: calling as root: stat -c %U /home/amnesia/.purple 01:14:51.781601080: call returned: [0, "amnesia\n", ""] 01:14:51.781752207: calling as amnesia: touch /home/amnesia/.purple/XXX_persist 01:14:51.949487112: call returned: [0, "", ""] 01:14:51.949660607: calling as root: stat -c %U /home/amnesia/.thunderbird 01:14:52.189611916: call returned: [0, "amnesia\n", ""] 01:14:52.189771951: calling as amnesia: touch /home/amnesia/.thunderbird/XXX_persist 01:14:52.335838371: call returned: [0, "", ""] 01:14:52.335997967: calling as root: stat -c %U /home/amnesia/.gnome2/keyrings 01:14:52.583760984: call returned: [0, "amnesia\n", ""] 01:14:52.583913249: calling as amnesia: touch /home/amnesia/.gnome2/keyrings/XXX_persist 01:14:52.700024413: call returned: [0, "", ""] 01:14:52.700195043: calling as root: stat -c %U /etc/NetworkManager/system-connections 01:14:52.913951949: call returned: [0, "root\n", ""] 01:14:52.914099157: calling as root: touch /etc/NetworkManager/system-connections/XXX_persist 01:14:53.160055370: call returned: [0, "", ""] 01:14:53.160225422: calling as root: stat -c %U /home/amnesia/.mozilla/firefox/bookmarks 01:14:53.351896807: call returned: [0, "amnesia\n", ""] 01:14:53.352057243: calling as amnesia: touch /home/amnesia/.mozilla/firefox/bookmarks/XXX_persist 01:14:53.519108041: call returned: [0, "", ""] 01:14:53.519335400: calling as root: stat -c %U /etc/cups 01:14:53.731987592: call returned: [0, "root\n", ""] 01:14:53.732190348: calling as root: touch /etc/cups/XXX_persist 01:14:53.955145256: call returned: [0, "", ""] 01:14:53.955323153: calling as root: stat -c %U /home/amnesia/.electrum 01:14:54.219034085: call returned: [0, "amnesia\n", ""] 01:14:54.219236383: calling as amnesia: touch /home/amnesia/.electrum/XXX_persist 01:14:54.329656811: call returned: [0, "", ""] 01:14:54.329836682: calling as root: stat -c %U /var/cache/apt/archives 01:14:54.537307883: call returned: [0, "root\n", ""] 01:14:54.537462280: calling as root: touch /var/cache/apt/archives/XXX_persist 01:14:54.736250303: call returned: [0, "", ""] 01:14:54.736455261: calling as root: stat -c %U /var/lib/apt/lists 01:14:55.019384177: call returned: [0, "root\n", ""] 01:14:55.019557934: calling as root: touch /var/lib/apt/lists/XXX_persist 01:14:55.232228022: call returned: [0, "", ""] When I write some files expected to persist # features/step_definitions/usb.rb:530 01:14:55.233286561: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:14:55.477705727: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:14:55.477928169: calling as root: stat -c %U /live/persistence/TailsData_unlocked/ 01:14:55.794694213: call returned: [0, "root\n", ""] 01:14:55.794904717: calling as root: stat -c %G /live/persistence/TailsData_unlocked/ 01:14:56.035761543: call returned: [0, "root\n", ""] 01:14:56.035909640: calling as root: stat -c %a /live/persistence/TailsData_unlocked/ 01:14:56.333346901: call returned: [0, "775\n", ""] And all persistent filesystems have safe access rights # features/step_definitions/usb.rb:470 01:14:56.334608260: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:14:56.652214890: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:14:56.652382341: calling as root: test -e /live/persistence/TailsData_unlocked//persistence.conf 01:14:56.920023033: call returned: [0, "", ""] 01:14:56.920205727: calling as root: test ! -e /live/persistence/TailsData_unlocked//live-persistence.conf 01:14:57.154893378: call returned: [0, "", ""] 01:14:57.155225529: calling as root: ls -1 /live/persistence/TailsData_unlocked//persistence.conf /live/persistence/TailsData_unlocked//live-*.conf 01:14:57.431770059: call returned: [0, "/live/persistence/TailsData_unlocked//live-additional-software.conf\n/live/persistence/TailsData_unlocked//persistence.conf\n", ""] 01:14:57.431949148: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//live-additional-software.conf' 01:14:57.662097848: call returned: [0, "tails-persistence-setup\n", ""] 01:14:57.662314776: calling as root: stat -c %G '/live/persistence/TailsData_unlocked//live-additional-software.conf' 01:14:58.000529484: call returned: [0, "tails-persistence-setup\n", ""] 01:14:58.000681213: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//live-additional-software.conf' 01:14:58.214501136: call returned: [0, "600\n", ""] 01:14:58.214713931: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//persistence.conf' 01:14:58.464756000: call returned: [0, "tails-persistence-setup\n", ""] 01:14:58.464954722: calling as root: stat -c %G '/live/persistence/TailsData_unlocked//persistence.conf' 01:14:58.799823183: call returned: [0, "tails-persistence-setup\n", ""] 01:14:58.800012632: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//persistence.conf' 01:14:59.065708273: call returned: [0, "600\n", ""] And all persistence configuration files have safe access rights # features/step_definitions/usb.rb:481 01:14:59.067622586: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:14:59.287256028: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:14:59.287454613: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 01:14:59.531800306: call returned: [0, "", ""] 01:14:59.531991253: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 01:14:59.805178057: call returned: [0, "700\n", ""] 01:14:59.805369163: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 01:15:00.013582034: call returned: [0, "amnesia\n", ""] 01:15:00.013872841: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 01:15:00.270281613: call returned: [0, "", ""] 01:15:00.270467889: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 01:15:00.557487069: call returned: [0, "700\n", ""] 01:15:00.557747555: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 01:15:00.844941426: call returned: [0, "amnesia\n", ""] 01:15:00.845268366: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 01:15:01.067800443: call returned: [0, "", ""] 01:15:01.067979781: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 01:15:01.346203416: call returned: [0, "700\n", ""] 01:15:01.346383979: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 01:15:01.600773862: call returned: [0, "amnesia\n", ""] 01:15:01.600977783: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 01:15:01.829205937: call returned: [0, "", ""] 01:15:01.829385933: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 01:15:02.115818888: call returned: [0, "700\n", ""] 01:15:02.115992351: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 01:15:02.330279422: call returned: [0, "amnesia\n", ""] 01:15:02.330507320: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 01:15:02.598968119: call returned: [0, "", ""] 01:15:02.599200295: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 01:15:02.884540325: call returned: [0, "700\n", ""] 01:15:02.884720116: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 01:15:03.153709153: call returned: [0, "amnesia\n", ""] 01:15:03.153954441: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 01:15:03.404637539: call returned: [0, "", ""] 01:15:03.404873535: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:15:03.691240774: call returned: [0, "700\n", ""] 01:15:03.691495475: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:15:03.958014539: call returned: [0, "amnesia\n", ""] 01:15:03.958305434: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 01:15:04.235750053: call returned: [0, "", ""] 01:15:04.235938519: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 01:15:04.511703833: call returned: [0, "755\n", ""] 01:15:04.512020437: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 01:15:04.808433338: call returned: [0, "root\n", ""] 01:15:04.808715566: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 01:15:05.013778335: call returned: [0, "", ""] 01:15:05.013977992: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 01:15:05.322045865: call returned: [0, "700\n", ""] 01:15:05.322243885: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 01:15:05.595867823: call returned: [0, "amnesia\n", ""] 01:15:05.596099727: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 01:15:05.924031557: call returned: [0, "", ""] 01:15:05.924207814: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 01:15:06.356687542: call returned: [0, "755\n", ""] 01:15:06.356935749: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 01:15:06.839278217: call returned: [0, "root\n", ""] 01:15:06.839543503: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 01:15:07.174984217: call returned: [0, "", ""] 01:15:07.175222590: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 01:15:07.488997528: call returned: [0, "700\n", ""] 01:15:07.489245825: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 01:15:07.731655495: call returned: [0, "amnesia\n", ""] 01:15:07.731888260: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 01:15:07.951543307: call returned: [0, "", ""] 01:15:07.951735599: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 01:15:08.224044173: call returned: [0, "755\n", ""] 01:15:08.224218848: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 01:15:08.489864111: call returned: [0, "root\n", ""] 01:15:08.490119799: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 01:15:08.719961952: call returned: [0, "", ""] 01:15:08.720197956: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 01:15:08.969112244: call returned: [0, "755\n", ""] 01:15:08.969300408: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 01:15:09.220333133: call returned: [0, "root\n", ""] 01:15:09.220642872: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 01:15:09.495856083: call returned: [0, "", ""] 01:15:09.496067890: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 01:15:09.782778640: call returned: [0, "700\n", ""] 01:15:09.782956152: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 01:15:10.045388929: call returned: [0, "amnesia\n", ""] And all persistent directories from the old Tails version have safe access rights # features/step_definitions/usb.rb:500 01:15:10.046574986: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:15:11.439278340: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:15:11.439616456: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:15:12.764838780: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] And I take note of which persistence presets are available # features/step_definitions/usb.rb:560 01:15:12.766133525: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 01:15:19.949936106: libguestfs: trace: set_autosync true 01:15:19.950074458: libguestfs: trace: set_autosync = 0 01:15:19.950257739: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/old" "readonly:true" "format:qcow2" 01:15:19.950351309: libguestfs: trace: get_tmpdir 01:15:19.950423940: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:15:19.950517428: libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfscTJ95Z/overlay1" "qcow2" -1 "backingfile:/tmp/TailsToaster/TailsToasterStorage/old" "backingformat:qcow2" 01:15:19.984683414: libguestfs: trace: disk_create = 0 01:15:19.985210965: libguestfs: trace: add_drive = 0 01:15:19.985303652: libguestfs: trace: launch 01:15:19.985399263: libguestfs: trace: get_backend_setting "force_tcg" 01:15:19.985489384: libguestfs: trace: get_backend_setting = NULL (error) 01:15:19.985832521: libguestfs: trace: get_cachedir 01:15:19.985916102: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:15:20.045914801: libguestfs: trace: get_cachedir 01:15:20.046163142: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:15:20.046424595: libguestfs: trace: get_sockdir 01:15:20.046916770: libguestfs: trace: get_sockdir = "/tmp" 01:15:20.047243162: libguestfs: trace: get_backend_setting "gdb" 01:15:20.047388371: libguestfs: trace: get_backend_setting = NULL (error) 01:15:23.283333143: libguestfs: trace: launch = 0 01:15:23.283583483: libguestfs: trace: list_devices 01:15:23.285085308: libguestfs: trace: list_devices = ["/dev/sda"] 01:15:23.285232193: libguestfs: trace: part_list "/dev/sda" 01:15:23.354136532: libguestfs: trace: part_list = 01:15:23.354399363: libguestfs: trace: blkid "/dev/sda1" 01:15:23.369557017: libguestfs: trace: blkid = ["DEVNAME", "/dev/sda1", "LABEL", "Tails", "UUID", "71BD-104A", "VERSION", "FAT32", "TYPE", "vfat", "USAGE", "filesystem", "MINIMUM_IO_SIZE", "512", "PHYSICAL_SECTOR_SIZE", "512", "LOGICAL_SECTOR_SIZE", "512", "PART_ENTRY_SCHEME", "gpt", "PART_ENTRY_NAME", "Tails", "PART_ENTRY_UUID", "872330f6-e1b6-49f6-91f2-ba2aaab11a5b", "PART_ENTRY_TYPE", "c12a7328-f81f-11d2-ba4b-00a0c93ec93b", "PART_ENTRY_FLAGS", "0x5", "PART_ENTRY_NUMBER", "1", "PART_ENTRY_OFFSET", "2048", "PART_ENTRY_SIZE", "5120000", "PART_ENTRY_DISK", "8:0"] 01:15:23.369844059: libguestfs: trace: blkid "/dev/sda2" 01:15:23.373697868: libguestfs: trace: blkid = ["DEVNAME", "/dev/sda2", "UUID", "1e37f121-c209-40a0-b105-b12874b7ee5f", "VERSION", "1", "TYPE", "crypto_LUKS", "USAGE", "crypto", "MINIMUM_IO_SIZE", "512", "PHYSICAL_SECTOR_SIZE", "512", "LOGICAL_SECTOR_SIZE", "512", "PART_ENTRY_SCHEME", "gpt", "PART_ENTRY_NAME", "TailsData", "PART_ENTRY_UUID", "b9e1a5a2-c9c3-4a40-9ef3-9e551325e120", "PART_ENTRY_TYPE", "0fc63daf-8483-4772-8e79-3d69d8477de4", "PART_ENTRY_NUMBER", "2", "PART_ENTRY_OFFSET", "5126144", "PART_ENTRY_SIZE", "3262431", "PART_ENTRY_DISK", "8:0"] 01:15:23.374653665: libguestfs: trace: luks_open "/dev/sda2" "***" "sda2_unlocked" 01:15:25.002092618: libguestfs: trace: luks_open = 0 01:15:25.002305287: libguestfs: trace: mount "/dev/mapper/sda2_unlocked" "/" 01:15:25.017175170: libguestfs: trace: mount = 0 01:15:25.018125584: libguestfs: trace: exists "/Persistent/XXX_persist" 01:15:25.019444803: libguestfs: trace: exists = 1 01:15:25.019647224: libguestfs: trace: exists "/Persistent/XXX_gone" 01:15:25.020190102: libguestfs: trace: exists = 0 01:15:25.021027276: libguestfs: trace: exists "/gnupg/XXX_persist" 01:15:25.022010250: libguestfs: trace: exists = 1 01:15:25.022188154: libguestfs: trace: exists "/gnupg/XXX_gone" 01:15:25.022652122: libguestfs: trace: exists = 0 01:15:25.023301516: libguestfs: trace: exists "/openssh-client/XXX_persist" 01:15:25.024373834: libguestfs: trace: exists = 1 01:15:25.024538365: libguestfs: trace: exists "/openssh-client/XXX_gone" 01:15:25.025000273: libguestfs: trace: exists = 0 01:15:25.025834426: libguestfs: trace: exists "/pidgin/XXX_persist" 01:15:25.026855823: libguestfs: trace: exists = 1 01:15:25.027017007: libguestfs: trace: exists "/pidgin/XXX_gone" 01:15:25.027506310: libguestfs: trace: exists = 0 01:15:25.027671284: libguestfs: trace: exists "/thunderbird/XXX_persist" 01:15:25.031338956: libguestfs: trace: exists = 1 01:15:25.031559687: libguestfs: trace: exists "/thunderbird/XXX_gone" 01:15:25.031940407: libguestfs: trace: exists = 0 01:15:25.032123131: libguestfs: trace: exists "/gnome-keyrings/XXX_persist" 01:15:25.033290327: libguestfs: trace: exists = 1 01:15:25.033468359: libguestfs: trace: exists "/gnome-keyrings/XXX_gone" 01:15:25.033852604: libguestfs: trace: exists = 0 01:15:25.034008484: libguestfs: trace: exists "/nm-system-connections/XXX_persist" 01:15:25.035261007: libguestfs: trace: exists = 1 01:15:25.035425494: libguestfs: trace: exists "/nm-system-connections/XXX_gone" 01:15:25.035921276: libguestfs: trace: exists = 0 01:15:25.036070364: libguestfs: trace: exists "/bookmarks/XXX_persist" 01:15:25.037335493: libguestfs: trace: exists = 1 01:15:25.037490142: libguestfs: trace: exists "/bookmarks/XXX_gone" 01:15:25.037893895: libguestfs: trace: exists = 0 01:15:25.038069395: libguestfs: trace: exists "/cups-configuration/XXX_persist" 01:15:25.039285585: libguestfs: trace: exists = 1 01:15:25.039440435: libguestfs: trace: exists "/cups-configuration/XXX_gone" 01:15:25.039919451: libguestfs: trace: exists = 0 01:15:25.040078748: libguestfs: trace: exists "/electrum/XXX_persist" 01:15:25.040627752: libguestfs: trace: exists = 1 01:15:25.041446306: libguestfs: trace: exists "/electrum/XXX_gone" 01:15:25.041854310: libguestfs: trace: exists = 0 01:15:25.042014286: libguestfs: trace: exists "/apt/cache/XXX_persist" 01:15:25.042832143: libguestfs: trace: exists = 1 01:15:25.043524315: libguestfs: trace: exists "/apt/cache/XXX_gone" 01:15:25.043961104: libguestfs: trace: exists = 0 01:15:25.044100542: libguestfs: trace: exists "/apt/lists/XXX_persist" 01:15:25.044680510: libguestfs: trace: exists = 1 01:15:25.045366222: libguestfs: trace: exists "/apt/lists/XXX_gone" 01:15:25.045749957: libguestfs: trace: exists = 0 01:15:25.045963706: libguestfs: trace: umount "/" 01:15:25.049449431: libguestfs: trace: umount = 0 01:15:25.049572562: libguestfs: trace: luks_close "/dev/mapper/sda2_unlocked" 01:15:25.063928249: libguestfs: trace: luks_close = 0 01:15:25.064065433: libguestfs: trace: close 01:15:25.064142066: libguestfs: trace: internal_autosync 01:15:25.067269022: libguestfs: trace: internal_autosync = 0 Then only the expected files are present on the persistence partition on USB drive "old" # features/step_definitions/usb.rb:588 # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation Scenario: Upgrading an old Tails USB installation from a Tails DVD # features/usb_upgrade.feature:86 01:15:27.844633501: calling as root: echo 'hello?' 01:15:28.190697975: call returned: [0, "hello?\n", ""] 01:15:28.918934226: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:15:28.919195384: calling as root: nmcli device show eth0 01:15:29.264331258: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:15:29.291838326: calling as root: date -s '@1498728576' 01:15:29.470132356: call returned: [0, "Thu Jun 29 09:29:36 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I clone USB drive "old" to a new USB drive "to_upgrade" # features/step_definitions/usb.rb:59 01:15:30.939513766: calling as root: test -b /dev/sda 01:15:31.119250078: call returned: [1, "", ""] 01:15:32.139658043: calling as root: test -b /dev/sda 01:15:32.363567283: call returned: [1, "", ""] 01:15:33.397024774: calling as root: test -b /dev/sda 01:15:33.630475536: call returned: [0, "", ""] And I plug USB drive "to_upgrade" # features/step_definitions/common_steps.rb:65 01:15:33.632641196: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:15:33.922778991: call returned: [1, "", ""] 01:15:33.993723257: calling as amnesia: xdotool key Super 01:15:34.242463936: call returned: [0, "", ""] 01:15:36.026844795: [log] TYPE "GNOME Terminal" 01:15:40.179595742: [log] ( Ctrl ) TYPE "#ENTER." 01:15:42.006897516: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:15:42.007218387: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node202 = dogtail.tree.root.application('tails-installer-launcher') 01:15:44.198048953: execution complete 01:15:44.198240700: executing Python as amnesia: node203 = node202.child('Tails Installer', roleName='frame') 01:15:44.235712824: execution complete 01:15:47.236110501: executing Python as amnesia: node204 = node203.button('Upgrade by cloning') 01:15:47.276886866: execution complete 01:15:47.277062697: executing Python as amnesia: node204.click() 01:15:48.347108303: execution complete 01:15:48.347341899: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node205 = dogtail.tree.root.application('tails-installer') 01:15:48.841243327: execution complete 01:15:48.841430486: executing Python as amnesia: node206 = node205.child('Tails Installer', roleName='frame') 01:15:48.888630573: execution complete 01:15:51.888912180: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:15:52.097187565: call returned: [0, "", ""] 01:15:52.115907912: executing Python as amnesia: node207 = node205.child('', roleName='text') 01:15:52.187426117: execution complete 01:15:52.187633464: executing Python as amnesia: print(node207.text) 01:15:52.219594664: execution complete 01:15:52.238664343: executing Python as amnesia: node208 = node205.child('Target Device:', roleName='label') 01:15:52.315737776: execution complete 01:15:52.315953634: executing Python as amnesia: node209 = node208.parent 01:15:52.350251221: execution complete 01:15:52.350418016: executing Python as amnesia: node210 = node209.child('', roleName='combo box', recursive=False) 01:15:52.392374490: execution complete 01:15:52.392510641: executing Python as amnesia: print(node210.name) 01:15:52.430143429: execution complete 01:15:52.430425650: executing Python as amnesia: node211 = node205.button('Install Tails') 01:15:52.510148591: execution complete 01:15:52.510302091: executing Python as amnesia: node211.click() 01:15:53.566142285: execution complete 01:15:53.566346938: executing Python as amnesia: node212 = node205.child('Question', roleName='alert') 01:15:53.629166333: execution complete 01:15:53.629368683: executing Python as amnesia: node213 = node212.button('Yes') 01:15:53.666470771: execution complete 01:15:53.666592448: executing Python as amnesia: node213.click() 01:15:54.738127243: execution complete 01:15:54.738403580: executing Python as amnesia: node214 = node205.child('Information', roleName='alert') 01:16:06.243268567: execution complete 01:16:07.243705972: executing Python as amnesia: node215 = node205.child('Information', roleName='alert') 01:16:18.292665053: execution complete 01:16:19.292992417: executing Python as amnesia: node216 = node205.child('Information', roleName='alert') 01:16:19.428392415: execution complete 01:16:19.428654415: executing Python as amnesia: node217 = node216.child('Installation complete!', roleName='label') 01:16:19.484715251: execution complete When I "Upgrade by cloning" Tails to USB drive "to_upgrade" # features/step_definitions/usb.rb:167 01:16:19.486589571: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:16:20.842564727: call returned: [0, "11:0\n", ""] 01:16:20.842726471: calling as root: readlink -f /dev/block/'11:0' 01:16:21.034059933: call returned: [0, "/dev/sr0\n", ""] 01:16:21.034224686: calling as root: udevadm info --query=property --name='/dev/sr0' 01:16:21.316983779: call returned: [0, "DEVLINKS=/dev/dvd /dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/cdrom\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:uaccess:seat:\nUSEC_INITIALIZED=5804478\n", ""] 01:16:21.335914964: calling as root: udisksctl info --block-device '/dev/sda' 01:16:22.090591028: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:16:22.090846864: calling as root: udisksctl info --block-device '/dev/sda1' 01:16:22.500120016: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda1\n DeviceNumber: 2049\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-71BD-104A\n IdLabel: Tails\n IdType: vfat\n IdUUID: 71BD-104A\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/71BD-104A\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n", ""] 01:16:22.500442432: calling as root: mkdir -p /mnt/new 01:16:22.692931875: call returned: [0, "", ""] 01:16:22.693083297: calling as root: mount /dev/sda1 /mnt/new 01:16:22.995277591: call returned: [0, "", ""] 01:16:22.995491355: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 01:16:43.700657285: call returned: [0, "", ""] 01:16:43.700847621: calling as root: ls -1 /mnt/new/syslinux 01:16:45.049585328: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:16:45.049771122: calling as root: diff -q '/lib/live/mount/medium/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:16:45.313500050: call returned: [0, "", ""] 01:16:45.313705160: calling as root: diff -q '/lib/live/mount/medium/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:16:45.525402548: call returned: [0, "", ""] 01:16:45.525597523: calling as root: diff -q '/lib/live/mount/medium/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:16:45.724397017: call returned: [0, "", ""] 01:16:45.724572981: calling as root: diff -q '/lib/live/mount/medium/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:16:45.991524910: call returned: [0, "", ""] 01:16:45.991713034: calling as root: diff -q '/lib/live/mount/medium/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:16:46.230755542: call returned: [0, "", ""] 01:16:46.230939305: calling as root: diff -q '/lib/live/mount/medium/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:16:46.394283314: call returned: [0, "", ""] 01:16:46.394482733: calling as root: diff -q '/lib/live/mount/medium/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:16:46.621888890: call returned: [0, "", ""] 01:16:46.622082046: calling as root: diff -q '/lib/live/mount/medium/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:16:46.875213675: call returned: [0, "", ""] 01:16:46.875419122: calling as root: diff -q '/lib/live/mount/medium/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:16:47.050895271: call returned: [0, "", ""] 01:16:47.051121172: calling as root: diff -q '/lib/live/mount/medium/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:16:47.264315088: call returned: [0, "", ""] 01:16:47.264605132: calling as root: diff -q '/lib/live/mount/medium/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:16:47.493371853: call returned: [0, "", ""] 01:16:47.493597942: calling as root: diff -q '/lib/live/mount/medium/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:16:47.669385017: call returned: [0, "", ""] 01:16:47.669553224: calling as root: diff -q '/lib/live/mount/medium/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:16:47.879178804: call returned: [0, "", ""] 01:16:47.879361654: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:16:48.071090512: call returned: [0, "", ""] 01:16:48.071271251: calling as root: diff -q '/lib/live/mount/medium/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:16:48.325129592: call returned: [0, "", ""] 01:16:48.325303197: calling as root: diff -q '/lib/live/mount/medium/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:16:48.523938058: call returned: [0, "", ""] 01:16:48.524236739: calling as root: diff -q '/lib/live/mount/medium/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:16:48.773298084: call returned: [0, "", ""] 01:16:48.773473413: calling as root: diff -q '/lib/live/mount/medium/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:16:49.034827289: call returned: [0, "", ""] 01:16:49.035002701: calling as root: diff -q '/lib/live/mount/medium/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:16:49.589683905: call returned: [0, "", ""] 01:16:49.589869031: calling as root: diff -q '/lib/live/mount/medium/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:16:49.818011789: call returned: [0, "", ""] 01:16:49.818181914: calling as root: diff -q '/lib/live/mount/medium/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 01:16:50.023824111: call returned: [0, "", ""] 01:16:50.024075050: calling as root: diff -q '/lib/live/mount/medium/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:16:50.224024871: call returned: [0, "", ""] 01:16:50.224234969: calling as root: diff -q '/lib/live/mount/medium/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:16:50.495258707: call returned: [0, "", ""] 01:16:50.495441274: calling as root: diff -q '/lib/live/mount/medium/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:16:50.688427019: call returned: [0, "", ""] 01:16:50.688613837: calling as root: diff -q '/lib/live/mount/medium/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:16:50.882973533: call returned: [0, "", ""] 01:16:50.883171725: calling as root: umount /mnt/new 01:16:51.433296347: call returned: [0, "", ""] 01:16:51.433442836: calling as root: sync 01:16:51.615137887: call returned: [0, "", ""] Then the running Tails is installed on USB drive "to_upgrade" # features/step_definitions/usb.rb:292 And I unplug USB drive "to_upgrade" # features/step_definitions/usb.rb:63 # Depends on scenario: Upgrading an old Tails USB installation from a Tails DVD Scenario: Booting Tails from a USB drive upgraded from DVD with persistence enabled # features/usb_upgrade.feature:95 Given a computer # features/step_definitions/common_steps.rb:46 01:17:04.205655569: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:17:06.696700298: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:18:15.423356170: calling as root: echo 'hello?' 01:18:15.742350657: call returned: [0, "hello?\n", ""] 01:18:15.743401197: calling as root: service tor status 01:18:16.040418087: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:18:16.041235065: opening file /etc/tor/torrc in 'append' mode 01:18:16.272495405: append complete 01:18:17.054995212: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 01:18:22.358379303: [log] TYPE "asdf#ENTER." 01:18:23.157511007: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:18:23.157988584: calling as root: loginctl 01:18:23.354220088: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:18:24.354677994: calling as root: loginctl 01:18:24.606388558: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:18:44.370002327: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:18:44.508282948: call returned: [0, "", ""] 01:18:44.508615266: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:18:44.636237497: call returned: [0, "", ""] 01:18:44.636595182: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node218 = dogtail.tree.root.application('gnome-shell') 01:18:45.790903775: execution complete 01:18:46.514128202: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:18:46.514401742: executing Python as amnesia: node219 = node218.child('No Notifications', roleName='label') 01:18:48.153664623: execution complete 01:18:48.153849429: executing Python as amnesia: node220 = node218.child('No Notifications', roleName='label') 01:18:49.360074652: execution complete 01:18:49.402490059: [log] TYPE "#ESC." And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 01:18:49.404774542: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:18:49.604725821: call returned: [0, "", ""] 01:18:49.604882455: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:18:49.857520920: call returned: [0, "", ""] 01:18:49.857844555: calling as root: mount 01:18:50.328247944: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=ea0e6de9eb1c074c,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=30,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10607)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] Then all persistence presets from the old Tails version are enabled # features/step_definitions/usb.rb:365 01:18:50.336546192: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:18:50.550355130: call returned: [0, "8:1\n", ""] 01:18:50.550515168: calling as root: readlink -f /dev/block/'8:1' 01:18:50.803267764: call returned: [0, "/dev/sda1\n", ""] 01:18:50.803460808: calling as root: udevadm info --query=property --name='/dev/sda1' 01:18:51.136044830: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-uuid/71BD-104A /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b /dev/disk/by-label/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-partlabel/Tails\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=71BD-104A\nID_FS_UUID_ENC=71BD-104A\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=872330f6-e1b6-49f6-91f2-ba2aaab11a5b\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=847b3482-53bd-4442-8291-0b370d4a2bdb\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7256858\n", ""] 01:18:51.136337762: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:18:51.342344316: call returned: [0, "8:1\n", ""] 01:18:51.342558123: calling as root: readlink -f /dev/block/'8:1' 01:18:51.598499240: call returned: [0, "/dev/sda1\n", ""] And Tails is running from USB drive "to_upgrade" # features/step_definitions/usb.rb:418 01:18:51.651257285: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:18:51.824427168: call returned: [0, "8:1\n", ""] 01:18:51.824587879: calling as root: readlink -f /dev/block/'8:1' 01:18:52.044394012: call returned: [0, "/dev/sda1\n", ""] 01:18:52.044551969: calling as root: ls -1 /dev/sda* 01:18:52.276038632: call returned: [0, "/dev/sda\n/dev/sda1\n/dev/sda2\n", ""] 01:18:52.276220494: calling as root: cut -d':' -f1 /etc/passwd 01:18:52.539592064: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 01:18:52.539833249: calling as root: groups root 01:18:52.916220503: call returned: [0, "root : root\n", ""] 01:18:52.916432264: calling as root: groups daemon 01:18:53.093605852: call returned: [0, "daemon : daemon\n", ""] 01:18:53.093785088: calling as root: groups bin 01:18:53.315970307: call returned: [0, "bin : bin\n", ""] 01:18:53.316190045: calling as root: groups sys 01:18:53.553463843: call returned: [0, "sys : sys\n", ""] 01:18:53.553683640: calling as root: groups sync 01:18:53.784843556: call returned: [0, "sync : nogroup\n", ""] 01:18:53.785036596: calling as root: groups games 01:18:54.026428349: call returned: [0, "games : games\n", ""] 01:18:54.026668395: calling as root: groups man 01:18:54.238710322: call returned: [0, "man : man\n", ""] 01:18:54.238897045: calling as root: groups lp 01:18:54.477676018: call returned: [0, "lp : lp\n", ""] 01:18:54.477927753: calling as root: groups mail 01:18:54.718327470: call returned: [0, "mail : mail\n", ""] 01:18:54.718575412: calling as root: groups news 01:18:54.920848984: call returned: [0, "news : news\n", ""] 01:18:54.921097044: calling as root: groups uucp 01:18:55.170368739: call returned: [0, "uucp : uucp\n", ""] 01:18:55.170567192: calling as root: groups proxy 01:18:55.417453749: call returned: [0, "proxy : proxy\n", ""] 01:18:55.417631108: calling as root: groups www-data 01:18:55.712508428: call returned: [0, "www-data : www-data\n", ""] 01:18:55.712691593: calling as root: groups backup 01:18:55.945903628: call returned: [0, "backup : backup\n", ""] 01:18:55.946193206: calling as root: groups list 01:18:56.183427757: call returned: [0, "list : list\n", ""] 01:18:56.183596885: calling as root: groups irc 01:18:56.431108544: call returned: [0, "irc : irc\n", ""] 01:18:56.431375914: calling as root: groups gnats 01:18:56.704294357: call returned: [0, "gnats : gnats\n", ""] 01:18:56.704495069: calling as root: groups nobody 01:18:56.964690749: call returned: [0, "nobody : nogroup\n", ""] 01:18:56.964930383: calling as root: groups systemd-timesync 01:18:57.237430513: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 01:18:57.237602588: calling as root: groups systemd-network 01:18:57.467136884: call returned: [0, "systemd-network : systemd-network\n", ""] 01:18:57.467353048: calling as root: groups systemd-resolve 01:18:57.702204773: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 01:18:57.702409906: calling as root: groups systemd-bus-proxy 01:18:57.950521891: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 01:18:57.950727112: calling as root: groups _apt 01:18:58.218574529: call returned: [0, "_apt : nogroup\n", ""] 01:18:58.218782623: calling as root: groups messagebus 01:18:58.444435099: call returned: [0, "messagebus : messagebus\n", ""] 01:18:58.444634208: calling as root: groups memlockd 01:18:58.712799075: call returned: [0, "memlockd : memlockd\n", ""] 01:18:58.713010111: calling as root: groups monkeysphere 01:18:58.962386883: call returned: [0, "monkeysphere : monkeysphere\n", ""] 01:18:58.962596672: calling as root: groups debian-tor 01:18:59.249679023: call returned: [0, "debian-tor : debian-tor\n", ""] 01:18:59.249962393: calling as root: groups speech-dispatcher 01:18:59.557629967: call returned: [0, "speech-dispatcher : audio\n", ""] 01:18:59.557903148: calling as root: groups colord 01:18:59.786489235: call returned: [0, "colord : colord\n", ""] 01:18:59.786698115: calling as root: groups saned 01:19:00.040515050: call returned: [0, "saned : saned scanner\n", ""] 01:19:00.040778672: calling as root: groups pulse 01:19:00.246410858: call returned: [0, "pulse : pulse audio\n", ""] 01:19:00.246667706: calling as root: groups hplip 01:19:00.502417593: call returned: [0, "hplip : lp\n", ""] 01:19:00.502627329: calling as root: groups Debian-gdm 01:19:00.706673786: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 01:19:00.706915419: calling as root: groups tails-persistence-setup 01:19:00.947196215: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 01:19:00.947418629: calling as root: groups clearnet 01:19:01.256226459: call returned: [0, "clearnet : clearnet\n", ""] 01:19:01.256457321: calling as root: groups htp 01:19:01.644799346: call returned: [0, "htp : htp\n", ""] 01:19:01.645063474: calling as root: groups tails-iuk-get-target-file 01:19:01.948477195: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 01:19:01.948715232: calling as root: groups tails-upgrade-frontend 01:19:02.274324154: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 01:19:02.274524389: calling as root: groups tor-launcher 01:19:02.547709178: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 01:19:02.547900526: calling as root: groups tails-install-iuk 01:19:02.770539242: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 01:19:02.770729869: calling as root: groups amnesia 01:19:03.041140653: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 01:19:03.041334022: calling as root: stat -c %U /dev/sda 01:19:03.242916486: call returned: [0, "root\n", ""] 01:19:03.243093869: calling as root: stat -c %G /dev/sda 01:19:03.505072287: call returned: [0, "disk\n", ""] 01:19:03.505236118: calling as root: stat -c %a /dev/sda 01:19:03.742649288: call returned: [0, "660\n", ""] 01:19:03.743260549: calling as root: stat -c %U /dev/sda1 01:19:03.982616085: call returned: [0, "root\n", ""] 01:19:03.982837805: calling as root: stat -c %G /dev/sda1 01:19:04.235212509: call returned: [0, "disk\n", ""] 01:19:04.235354213: calling as root: stat -c %a /dev/sda1 01:19:04.499372422: call returned: [0, "660\n", ""] 01:19:04.499929817: calling as root: stat -c %U /dev/sda2 01:19:04.701764360: call returned: [0, "root\n", ""] 01:19:04.701987798: calling as root: stat -c %G /dev/sda2 01:19:04.901559458: call returned: [0, "disk\n", ""] 01:19:04.901710989: calling as root: stat -c %a /dev/sda2 01:19:05.150466076: call returned: [0, "660\n", ""] 01:19:05.151103848: calling as root: udisksctl info --block-device '/dev/sda' 01:19:05.607178794: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 01:19:05.609062305: calling as root: test -e /home/amnesia/Persistent/XXX_persist 01:19:05.837424430: call returned: [0, "", ""] 01:19:05.837672483: calling as root: test -e /home/amnesia/Persistent/XXX_gone 01:19:06.127710475: call returned: [1, "", ""] 01:19:06.127910343: calling as root: test -e /home/amnesia/.gnupg/XXX_persist 01:19:06.380372548: call returned: [0, "", ""] 01:19:06.380597359: calling as root: test -e /home/amnesia/.gnupg/XXX_gone 01:19:06.647863792: call returned: [1, "", ""] 01:19:06.648041334: calling as root: test -e /home/amnesia/.ssh/XXX_persist 01:19:06.982260954: call returned: [0, "", ""] 01:19:06.982436323: calling as root: test -e /home/amnesia/.ssh/XXX_gone 01:19:07.161503496: call returned: [1, "", ""] 01:19:07.161678202: calling as root: test -e /home/amnesia/.purple/XXX_persist 01:19:07.392503992: call returned: [0, "", ""] 01:19:07.392672348: calling as root: test -e /home/amnesia/.purple/XXX_gone 01:19:07.648871251: call returned: [1, "", ""] 01:19:07.649039374: calling as root: test -e /home/amnesia/.thunderbird/XXX_persist 01:19:07.912717770: call returned: [0, "", ""] 01:19:07.912897369: calling as root: test -e /home/amnesia/.thunderbird/XXX_gone 01:19:08.175812993: call returned: [1, "", ""] 01:19:08.175986594: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_persist 01:19:08.444306163: call returned: [0, "", ""] 01:19:08.444477855: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_gone 01:19:08.695928056: call returned: [1, "", ""] 01:19:08.696167471: calling as root: test -e /etc/NetworkManager/system-connections/XXX_persist 01:19:08.927173279: call returned: [0, "", ""] 01:19:08.927340131: calling as root: test -e /etc/NetworkManager/system-connections/XXX_gone 01:19:09.177523031: call returned: [1, "", ""] 01:19:09.177730313: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_persist 01:19:09.433424278: call returned: [0, "", ""] 01:19:09.433635102: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_gone 01:19:09.667566506: call returned: [1, "", ""] 01:19:09.667773256: calling as root: test -e /etc/cups/XXX_persist 01:19:09.944534167: call returned: [0, "", ""] 01:19:09.944767861: calling as root: test -e /etc/cups/XXX_gone 01:19:10.171695115: call returned: [1, "", ""] 01:19:10.171921475: calling as root: test -e /home/amnesia/.electrum/XXX_persist 01:19:10.426875653: call returned: [0, "", ""] 01:19:10.427166077: calling as root: test -e /home/amnesia/.electrum/XXX_gone 01:19:10.675896991: call returned: [1, "", ""] 01:19:10.676123771: calling as root: test -e /var/cache/apt/archives/XXX_persist 01:19:10.928744389: call returned: [0, "", ""] 01:19:10.928975374: calling as root: test -e /var/cache/apt/archives/XXX_gone 01:19:11.223680597: call returned: [1, "", ""] 01:19:11.223853609: calling as root: test -e /var/lib/apt/lists/XXX_persist 01:19:11.425868180: call returned: [0, "", ""] 01:19:11.426040154: calling as root: test -e /var/lib/apt/lists/XXX_gone 01:19:11.647866137: call returned: [1, "", ""] And the expected persistent files created with the old Tails version are present in the filesystem # features/step_definitions/usb.rb:565 01:19:11.649108863: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:19:11.878422311: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:19:11.878592467: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 01:19:12.274539185: call returned: [0, "", ""] 01:19:12.274788814: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 01:19:12.671263271: call returned: [0, "700\n", ""] 01:19:12.671442325: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 01:19:12.934568239: call returned: [0, "amnesia\n", ""] 01:19:12.934805369: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 01:19:13.202821528: call returned: [0, "", ""] 01:19:13.203091239: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 01:19:13.433871003: call returned: [0, "700\n", ""] 01:19:13.434093724: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 01:19:13.654134381: call returned: [0, "amnesia\n", ""] 01:19:13.654380005: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 01:19:13.842618341: call returned: [0, "", ""] 01:19:13.842831776: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 01:19:14.061467882: call returned: [0, "700\n", ""] 01:19:14.061677274: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 01:19:14.278292057: call returned: [0, "amnesia\n", ""] 01:19:14.278606423: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 01:19:14.470834337: call returned: [0, "", ""] 01:19:14.471062783: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 01:19:14.721276866: call returned: [0, "700\n", ""] 01:19:14.721450332: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 01:19:14.976266549: call returned: [0, "amnesia\n", ""] 01:19:14.976472652: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 01:19:15.284274514: call returned: [0, "", ""] 01:19:15.284463709: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 01:19:15.559929964: call returned: [0, "700\n", ""] 01:19:15.560108983: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 01:19:15.810408670: call returned: [0, "amnesia\n", ""] 01:19:15.810615522: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 01:19:16.067819653: call returned: [0, "", ""] 01:19:16.067997188: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:19:16.323186670: call returned: [0, "700\n", ""] 01:19:16.323371282: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:19:16.562248610: call returned: [0, "amnesia\n", ""] 01:19:16.562480260: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 01:19:16.811402618: call returned: [0, "", ""] 01:19:16.811583107: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 01:19:17.121067271: call returned: [0, "755\n", ""] 01:19:17.121246050: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 01:19:17.309442794: call returned: [0, "root\n", ""] 01:19:17.309654834: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 01:19:17.553197038: call returned: [0, "", ""] 01:19:17.553424067: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 01:19:17.822910420: call returned: [0, "700\n", ""] 01:19:17.823179855: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 01:19:18.137368533: call returned: [0, "amnesia\n", ""] 01:19:18.137570078: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 01:19:18.332973313: call returned: [0, "", ""] 01:19:18.333155142: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 01:19:18.576020816: call returned: [0, "755\n", ""] 01:19:18.576200725: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 01:19:18.876322404: call returned: [0, "root\n", ""] 01:19:18.876522087: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 01:19:19.090535637: call returned: [0, "", ""] 01:19:19.090770748: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 01:19:19.336847515: call returned: [0, "700\n", ""] 01:19:19.337025401: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 01:19:19.612059679: call returned: [0, "amnesia\n", ""] 01:19:19.612328656: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 01:19:19.841605611: call returned: [0, "", ""] 01:19:19.841784195: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 01:19:20.111288070: call returned: [0, "755\n", ""] 01:19:20.111467032: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 01:19:20.346235833: call returned: [0, "root\n", ""] 01:19:20.346454992: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 01:19:20.614177353: call returned: [0, "", ""] 01:19:20.614365515: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 01:19:20.821352595: call returned: [0, "755\n", ""] 01:19:20.821533167: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 01:19:21.045846831: call returned: [0, "root\n", ""] 01:19:21.046086661: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 01:19:21.305390873: call returned: [0, "", ""] 01:19:21.305615588: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 01:19:21.547624213: call returned: [0, "700\n", ""] 01:19:21.547818563: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 01:19:21.776888121: call returned: [0, "amnesia\n", ""] And all persistent directories from the old Tails version have safe access rights # features/step_definitions/usb.rb:500 # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation Scenario: Upgrading an old Tails USB installation from another Tails USB drive # features/usb_upgrade.feature:105 01:19:25.067737751: calling as root: echo 'hello?' 01:19:25.225693295: call returned: [0, "hello?\n", ""] 01:19:25.949857793: calling as root: nmcli device show eth0 01:19:25.968463649: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:19:26.251936226: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:19:26.268310245: calling as root: date -s '@1498728813' 01:19:26.430132382: call returned: [0, "Thu Jun 29 09:33:33 UTC 2017\n", ""] Given I have started Tails without network from a USB drive without a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 01:19:27.347268679: calling as root: loginctl 01:19:27.363373734: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:19:27.522914807: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:19:28.523353082: calling as root: loginctl 01:19:28.774517955: call returned: [0, " SESSION UID USER SEAT TTY \n 71 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:19:49.026355375: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:19:49.134331448: call returned: [0, "", ""] 01:19:49.134547457: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:19:49.244107204: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 And I clone USB drive "old" to a new USB drive "to_upgrade" # features/step_definitions/usb.rb:59 01:19:50.770161861: calling as root: test -b /dev/sdb 01:19:50.940534405: call returned: [1, "", ""] 01:19:51.959122867: calling as root: test -b /dev/sdb 01:19:52.199354025: call returned: [0, "", ""] And I plug USB drive "to_upgrade" # features/step_definitions/common_steps.rb:65 01:19:52.200708378: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:19:52.436379456: call returned: [1, "", ""] 01:19:52.516386173: calling as amnesia: xdotool key Super 01:19:52.811766131: call returned: [0, "", ""] 01:19:54.496539695: [log] TYPE "GNOME Terminal" 01:19:58.790883584: [log] ( Ctrl ) TYPE "#ENTER." 01:20:00.632147154: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:20:00.632353496: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node221 = dogtail.tree.root.application('tails-installer-launcher') 01:20:02.703120830: execution complete 01:20:02.703326789: executing Python as amnesia: node222 = node221.child('Tails Installer', roleName='frame') 01:20:02.747893414: execution complete 01:20:05.748256040: executing Python as amnesia: node223 = node222.button('Upgrade by cloning') 01:20:05.821427030: execution complete 01:20:05.821611772: executing Python as amnesia: node223.click() 01:20:06.877447280: execution complete 01:20:06.877668716: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node224 = dogtail.tree.root.application('tails-installer') 01:20:07.481681773: execution complete 01:20:07.481901300: executing Python as amnesia: node225 = node224.child('Tails Installer', roleName='frame') 01:20:07.541543722: execution complete 01:20:10.541882781: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:20:10.803504456: call returned: [0, "", ""] 01:20:10.823145129: executing Python as amnesia: node226 = node224.child('', roleName='text') 01:20:10.871854771: execution complete 01:20:10.872010818: executing Python as amnesia: print(node226.text) 01:20:10.904000820: execution complete 01:20:10.925695829: executing Python as amnesia: node227 = node224.child('Target Device:', roleName='label') 01:20:10.980201554: execution complete 01:20:10.980376919: executing Python as amnesia: node228 = node227.parent 01:20:11.007605699: execution complete 01:20:11.007764117: executing Python as amnesia: node229 = node228.child('', roleName='combo box', recursive=False) 01:20:11.056973362: execution complete 01:20:11.057126723: executing Python as amnesia: print(node229.name) 01:20:11.086864586: execution complete 01:20:11.087361088: executing Python as amnesia: node230 = node224.button('Install Tails') 01:20:11.149157627: execution complete 01:20:11.149363400: executing Python as amnesia: node230.click() 01:20:12.207025023: execution complete 01:20:12.207226582: executing Python as amnesia: node231 = node224.child('Question', roleName='alert') 01:20:12.279933831: execution complete 01:20:12.280150523: executing Python as amnesia: node232 = node231.button('Yes') 01:20:12.327189171: execution complete 01:20:12.327349091: executing Python as amnesia: node232.click() 01:20:13.394150891: execution complete 01:20:13.394451114: executing Python as amnesia: node233 = node224.child('Information', roleName='alert') 01:20:25.057117429: execution complete 01:20:26.057701627: executing Python as amnesia: node234 = node224.child('Information', roleName='alert') 01:20:37.262113968: execution complete 01:20:38.262535563: executing Python as amnesia: node235 = node224.child('Information', roleName='alert') 01:20:42.449782003: execution complete 01:20:42.450036156: executing Python as amnesia: node236 = node235.child('Installation complete!', roleName='label') 01:20:42.506451515: execution complete When I "Upgrade by cloning" Tails to USB drive "to_upgrade" # features/step_definitions/usb.rb:167 01:20:42.511504590: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:20:43.944537839: call returned: [0, "8:1\n", ""] 01:20:43.944698156: calling as root: readlink -f /dev/block/'8:1' 01:20:44.164922737: call returned: [0, "/dev/sda1\n", ""] 01:20:44.165078341: calling as root: udevadm info --query=property --name='/dev/sda1' 01:20:44.447819481: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-uuid/F410-3272 /dev/disk/by-partlabel/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7812087\n", ""] 01:20:44.468841320: calling as root: udisksctl info --block-device '/dev/sdb' 01:20:45.094921595: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdb:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdb\n DeviceNumber: 2064\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_3'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdb\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-3-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:3:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:20:45.095165807: calling as root: udisksctl info --block-device '/dev/sdb1' 01:20:45.456896236: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdb1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdb1\n DeviceNumber: 2065\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_3'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-71BD-104A\n IdLabel: Tails\n IdType: vfat\n IdUUID: 71BD-104A\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdb1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-3-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:3:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/71BD-104A\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sdb'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n", ""] 01:20:45.457208857: calling as root: mkdir -p /mnt/new 01:20:45.627509388: call returned: [0, "", ""] 01:20:45.627669444: calling as root: mount /dev/sdb1 /mnt/new 01:20:45.915932860: call returned: [0, "", ""] 01:20:45.916128488: calling as root: diff -qr '/lib/live/mount/medium/live' '/mnt/new/live' 01:21:06.637086359: call returned: [0, "", ""] 01:21:06.637347129: calling as root: ls -1 /mnt/new/syslinux 01:21:07.933864324: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:21:07.934090662: calling as root: diff -q '/lib/live/mount/medium/syslinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:21:08.197692307: call returned: [0, "", ""] 01:21:08.197958060: calling as root: diff -q '/lib/live/mount/medium/syslinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:21:08.390111632: call returned: [0, "", ""] 01:21:08.390297971: calling as root: diff -q '/lib/live/mount/medium/syslinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:21:08.579189397: call returned: [0, "", ""] 01:21:08.579377176: calling as root: diff -q '/lib/live/mount/medium/syslinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:21:08.753024325: call returned: [0, "", ""] 01:21:08.753215945: calling as root: diff -q '/lib/live/mount/medium/syslinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:21:08.963766637: call returned: [0, "", ""] 01:21:08.963947628: calling as root: diff -q '/lib/live/mount/medium/syslinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:21:09.148846444: call returned: [0, "", ""] 01:21:09.149037911: calling as root: diff -q '/lib/live/mount/medium/syslinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:21:09.373395409: call returned: [0, "", ""] 01:21:09.373645205: calling as root: diff -q '/lib/live/mount/medium/syslinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:21:09.542861680: call returned: [0, "", ""] 01:21:09.543057319: calling as root: diff -q '/lib/live/mount/medium/syslinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:21:09.796480202: call returned: [0, "", ""] 01:21:09.796650466: calling as root: diff -q '/lib/live/mount/medium/syslinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:21:10.011634462: call returned: [0, "", ""] 01:21:10.011812108: calling as root: diff -q '/lib/live/mount/medium/syslinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:21:10.246598739: call returned: [0, "", ""] 01:21:10.246776121: calling as root: diff -q '/lib/live/mount/medium/syslinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:21:10.499132817: call returned: [0, "", ""] 01:21:10.499381834: calling as root: diff -q '/lib/live/mount/medium/syslinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:21:10.687212946: call returned: [0, "", ""] 01:21:10.687426454: calling as root: diff -q '/lib/live/mount/medium/syslinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:21:10.878755060: call returned: [0, "", ""] 01:21:10.878966752: calling as root: diff -q '/lib/live/mount/medium/syslinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:21:11.322692291: call returned: [0, "", ""] 01:21:11.322904369: calling as root: diff -q '/lib/live/mount/medium/syslinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:21:11.675554682: call returned: [0, "", ""] 01:21:11.675756997: calling as root: diff -q '/lib/live/mount/medium/syslinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:21:11.906542282: call returned: [0, "", ""] 01:21:11.906728311: calling as root: diff -q '/lib/live/mount/medium/syslinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:21:12.132140388: call returned: [0, "", ""] 01:21:12.132315410: calling as root: diff -q '/lib/live/mount/medium/syslinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:21:12.310150516: call returned: [0, "", ""] 01:21:12.310325955: calling as root: diff -q '/lib/live/mount/medium/syslinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:21:12.563127092: call returned: [0, "", ""] 01:21:12.563318732: calling as root: diff -q '/lib/live/mount/medium/syslinux/splash.png' '/mnt/new/syslinux/splash.png' 01:21:12.755150284: call returned: [0, "", ""] 01:21:12.755391790: calling as root: diff -q '/lib/live/mount/medium/syslinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:21:12.945293929: call returned: [0, "", ""] 01:21:12.945470279: calling as root: diff -q '/lib/live/mount/medium/syslinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:21:13.206256643: call returned: [0, "", ""] 01:21:13.206448290: calling as root: diff -q '/lib/live/mount/medium/syslinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:21:13.457006391: call returned: [0, "", ""] 01:21:13.457193299: calling as root: diff -q '/lib/live/mount/medium/syslinux/syslinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:21:13.633481401: call returned: [0, "", ""] 01:21:13.633653339: calling as root: umount /mnt/new 01:21:14.216837142: call returned: [0, "", ""] 01:21:14.217024096: calling as root: sync 01:21:14.357569076: call returned: [0, "", ""] Then the running Tails is installed on USB drive "to_upgrade" # features/step_definitions/usb.rb:292 And I unplug USB drive "to_upgrade" # features/step_definitions/usb.rb:63 And I unplug USB drive "__internal" # features/step_definitions/usb.rb:63 # Depends on scenario: Upgrading an old Tails USB installation from another Tails USB drive Scenario: Booting Tails from a USB drive upgraded from USB with persistence enabled # features/usb_upgrade.feature:116 Given a computer # features/step_definitions/common_steps.rb:46 01:21:18.664102812: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:22:29.368975820: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:22:29.369409555: calling as root: echo 'hello?' 01:22:29.624291486: call returned: [0, "hello?\n", ""] 01:22:29.624810226: calling as root: service tor status 01:22:29.891654818: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:22:29.892101505: opening file /etc/tor/torrc in 'append' mode 01:22:30.121969865: append complete 01:22:30.909714499: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 01:22:31.116526296: [log] TYPE "asdf#ENTER." 01:22:36.955034557: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:22:36.955322982: calling as root: loginctl 01:22:37.141536672: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:22:38.141975295: calling as root: loginctl 01:22:38.399875306: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:22:52.318545171: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:22:52.443153400: call returned: [0, "", ""] 01:22:52.443341373: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:22:52.562699910: call returned: [0, "", ""] 01:22:52.563071862: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node237 = dogtail.tree.root.application('gnome-shell') 01:22:53.649562459: execution complete 01:22:54.376172876: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:22:54.377319086: executing Python as amnesia: node238 = node237.child('No Notifications', roleName='label') 01:22:56.110538492: execution complete 01:22:56.110736705: executing Python as amnesia: node239 = node237.child('No Notifications', roleName='label') 01:22:57.526207897: execution complete 01:22:57.568009238: [log] TYPE "#ESC." And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 01:22:57.569447593: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:22:57.808687601: call returned: [0, "", ""] 01:22:57.808838605: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:22:58.159855332: call returned: [0, "", ""] 01:22:58.160282648: calling as root: mount 01:22:58.749812872: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=c663aa7392e58515,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=38,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10844)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] Then all persistence presets from the old Tails version are enabled # features/step_definitions/usb.rb:365 01:22:58.755337997: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:22:58.939155121: call returned: [0, "8:1\n", ""] 01:22:58.939307438: calling as root: readlink -f /dev/block/'8:1' 01:22:59.158762143: call returned: [0, "/dev/sda1\n", ""] 01:22:59.158948872: calling as root: udevadm info --query=property --name='/dev/sda1' 01:22:59.501303911: call returned: [0, "DEVLINKS=/dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-uuid/71BD-104A /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b /dev/disk/by-label/Tails /dev/disk/by-partlabel/Tails\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=71BD-104A\nID_FS_UUID_ENC=71BD-104A\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=872330f6-e1b6-49f6-91f2-ba2aaab11a5b\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=847b3482-53bd-4442-8291-0b370d4a2bdb\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8121680\n", ""] 01:22:59.501627255: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:22:59.764264483: call returned: [0, "8:1\n", ""] 01:22:59.764464548: calling as root: readlink -f /dev/block/'8:1' 01:23:00.001295717: call returned: [0, "/dev/sda1\n", ""] And Tails is running from USB drive "to_upgrade" # features/step_definitions/usb.rb:418 01:23:00.061024806: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:23:00.228408095: call returned: [0, "8:1\n", ""] 01:23:00.228558133: calling as root: readlink -f /dev/block/'8:1' 01:23:00.532732153: call returned: [0, "/dev/sda1\n", ""] 01:23:00.532889492: calling as root: ls -1 /dev/sda* 01:23:00.727284943: call returned: [0, "/dev/sda\n/dev/sda1\n/dev/sda2\n", ""] 01:23:00.727512970: calling as root: cut -d':' -f1 /etc/passwd 01:23:00.962856167: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 01:23:00.963007082: calling as root: groups root 01:23:01.322935244: call returned: [0, "root : root\n", ""] 01:23:01.323139298: calling as root: groups daemon 01:23:01.543652823: call returned: [0, "daemon : daemon\n", ""] 01:23:01.543876422: calling as root: groups bin 01:23:01.798139981: call returned: [0, "bin : bin\n", ""] 01:23:01.798337071: calling as root: groups sys 01:23:02.084721843: call returned: [0, "sys : sys\n", ""] 01:23:02.084898580: calling as root: groups sync 01:23:02.295185179: call returned: [0, "sync : nogroup\n", ""] 01:23:02.295413808: calling as root: groups games 01:23:02.544859630: call returned: [0, "games : games\n", ""] 01:23:02.545064277: calling as root: groups man 01:23:02.748215846: call returned: [0, "man : man\n", ""] 01:23:02.748404052: calling as root: groups lp 01:23:03.019373317: call returned: [0, "lp : lp\n", ""] 01:23:03.019584562: calling as root: groups mail 01:23:03.210916697: call returned: [0, "mail : mail\n", ""] 01:23:03.211259032: calling as root: groups news 01:23:03.474870654: call returned: [0, "news : news\n", ""] 01:23:03.475090881: calling as root: groups uucp 01:23:03.733413031: call returned: [0, "uucp : uucp\n", ""] 01:23:03.733633381: calling as root: groups proxy 01:23:03.982318842: call returned: [0, "proxy : proxy\n", ""] 01:23:03.982505977: calling as root: groups www-data 01:23:04.215954551: call returned: [0, "www-data : www-data\n", ""] 01:23:04.216152690: calling as root: groups backup 01:23:04.454689828: call returned: [0, "backup : backup\n", ""] 01:23:04.454879837: calling as root: groups list 01:23:04.648578701: call returned: [0, "list : list\n", ""] 01:23:04.648760478: calling as root: groups irc 01:23:04.950287539: call returned: [0, "irc : irc\n", ""] 01:23:04.950525162: calling as root: groups gnats 01:23:05.282965008: call returned: [0, "gnats : gnats\n", ""] 01:23:05.283230828: calling as root: groups nobody 01:23:05.617541846: call returned: [0, "nobody : nogroup\n", ""] 01:23:05.617734128: calling as root: groups systemd-timesync 01:23:05.878038002: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 01:23:05.878281838: calling as root: groups systemd-network 01:23:06.167704499: call returned: [0, "systemd-network : systemd-network\n", ""] 01:23:06.167885680: calling as root: groups systemd-resolve 01:23:06.383253227: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 01:23:06.383516327: calling as root: groups systemd-bus-proxy 01:23:06.605956909: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 01:23:06.606171905: calling as root: groups _apt 01:23:06.877452387: call returned: [0, "_apt : nogroup\n", ""] 01:23:06.877674164: calling as root: groups messagebus 01:23:07.075676948: call returned: [0, "messagebus : messagebus\n", ""] 01:23:07.075900934: calling as root: groups memlockd 01:23:07.310394452: call returned: [0, "memlockd : memlockd\n", ""] 01:23:07.310617015: calling as root: groups monkeysphere 01:23:07.530691450: call returned: [0, "monkeysphere : monkeysphere\n", ""] 01:23:07.530872067: calling as root: groups debian-tor 01:23:07.762157799: call returned: [0, "debian-tor : debian-tor\n", ""] 01:23:07.762341708: calling as root: groups speech-dispatcher 01:23:08.001270929: call returned: [0, "speech-dispatcher : audio\n", ""] 01:23:08.001460468: calling as root: groups colord 01:23:08.229836164: call returned: [0, "colord : colord\n", ""] 01:23:08.230102208: calling as root: groups saned 01:23:08.509265490: call returned: [0, "saned : saned scanner\n", ""] 01:23:08.509533222: calling as root: groups pulse 01:23:08.763327527: call returned: [0, "pulse : pulse audio\n", ""] 01:23:08.763508571: calling as root: groups hplip 01:23:08.989384537: call returned: [0, "hplip : lp\n", ""] 01:23:08.989635678: calling as root: groups Debian-gdm 01:23:09.261442615: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 01:23:09.261622860: calling as root: groups tails-persistence-setup 01:23:09.505573591: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 01:23:09.505764948: calling as root: groups clearnet 01:23:09.731253052: call returned: [0, "clearnet : clearnet\n", ""] 01:23:09.731443334: calling as root: groups htp 01:23:09.989567687: call returned: [0, "htp : htp\n", ""] 01:23:09.989843006: calling as root: groups tails-iuk-get-target-file 01:23:10.209876158: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 01:23:10.210153542: calling as root: groups tails-upgrade-frontend 01:23:10.467263910: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 01:23:10.467536573: calling as root: groups tor-launcher 01:23:10.708885029: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 01:23:10.709119552: calling as root: groups tails-install-iuk 01:23:10.960087170: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 01:23:10.960348781: calling as root: groups amnesia 01:23:11.202349684: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 01:23:11.202570980: calling as root: stat -c %U /dev/sda 01:23:11.468024429: call returned: [0, "root\n", ""] 01:23:11.468168393: calling as root: stat -c %G /dev/sda 01:23:11.718350907: call returned: [0, "disk\n", ""] 01:23:11.718537009: calling as root: stat -c %a /dev/sda 01:23:11.959252007: call returned: [0, "660\n", ""] 01:23:11.960057925: calling as root: stat -c %U /dev/sda1 01:23:12.192950909: call returned: [0, "root\n", ""] 01:23:12.193236146: calling as root: stat -c %G /dev/sda1 01:23:12.443360906: call returned: [0, "disk\n", ""] 01:23:12.443526737: calling as root: stat -c %a /dev/sda1 01:23:12.664845074: call returned: [0, "660\n", ""] 01:23:12.665426470: calling as root: stat -c %U /dev/sda2 01:23:12.952942045: call returned: [0, "root\n", ""] 01:23:12.953102052: calling as root: stat -c %G /dev/sda2 01:23:13.173486429: call returned: [0, "disk\n", ""] 01:23:13.173637731: calling as root: stat -c %a /dev/sda2 01:23:13.387989667: call returned: [0, "660\n", ""] 01:23:13.388543938: calling as root: udisksctl info --block-device '/dev/sda' 01:23:13.828770261: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 01:23:13.830197677: calling as root: test -e /home/amnesia/Persistent/XXX_persist 01:23:13.987155749: call returned: [0, "", ""] 01:23:13.987386325: calling as root: test -e /home/amnesia/Persistent/XXX_gone 01:23:14.271850650: call returned: [1, "", ""] 01:23:14.272134164: calling as root: test -e /home/amnesia/.gnupg/XXX_persist 01:23:14.502027576: call returned: [0, "", ""] 01:23:14.502246714: calling as root: test -e /home/amnesia/.gnupg/XXX_gone 01:23:14.799309913: call returned: [1, "", ""] 01:23:14.799587688: calling as root: test -e /home/amnesia/.ssh/XXX_persist 01:23:15.095187173: call returned: [0, "", ""] 01:23:15.095389465: calling as root: test -e /home/amnesia/.ssh/XXX_gone 01:23:15.349945836: call returned: [1, "", ""] 01:23:15.350117748: calling as root: test -e /home/amnesia/.purple/XXX_persist 01:23:15.599176196: call returned: [0, "", ""] 01:23:15.599346255: calling as root: test -e /home/amnesia/.purple/XXX_gone 01:23:15.901167839: call returned: [1, "", ""] 01:23:15.901349571: calling as root: test -e /home/amnesia/.thunderbird/XXX_persist 01:23:16.215593990: call returned: [0, "", ""] 01:23:16.215766137: calling as root: test -e /home/amnesia/.thunderbird/XXX_gone 01:23:16.456477557: call returned: [1, "", ""] 01:23:16.456664506: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_persist 01:23:16.731396814: call returned: [0, "", ""] 01:23:16.731610588: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_gone 01:23:16.986641327: call returned: [1, "", ""] 01:23:16.986820877: calling as root: test -e /etc/NetworkManager/system-connections/XXX_persist 01:23:17.231412977: call returned: [0, "", ""] 01:23:17.231596503: calling as root: test -e /etc/NetworkManager/system-connections/XXX_gone 01:23:17.495480182: call returned: [1, "", ""] 01:23:17.495665049: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_persist 01:23:17.709531031: call returned: [0, "", ""] 01:23:17.709724555: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_gone 01:23:17.931946987: call returned: [1, "", ""] 01:23:17.932118803: calling as root: test -e /etc/cups/XXX_persist 01:23:18.167072610: call returned: [0, "", ""] 01:23:18.167280389: calling as root: test -e /etc/cups/XXX_gone 01:23:18.395332048: call returned: [1, "", ""] 01:23:18.395502770: calling as root: test -e /home/amnesia/.electrum/XXX_persist 01:23:18.674345261: call returned: [0, "", ""] 01:23:18.674550419: calling as root: test -e /home/amnesia/.electrum/XXX_gone 01:23:18.879028920: call returned: [1, "", ""] 01:23:18.879232702: calling as root: test -e /var/cache/apt/archives/XXX_persist 01:23:19.238579284: call returned: [0, "", ""] 01:23:19.238781320: calling as root: test -e /var/cache/apt/archives/XXX_gone 01:23:19.720872265: call returned: [1, "", ""] 01:23:19.721063534: calling as root: test -e /var/lib/apt/lists/XXX_persist 01:23:20.074110987: call returned: [0, "", ""] 01:23:20.074361408: calling as root: test -e /var/lib/apt/lists/XXX_gone 01:23:20.292140578: call returned: [1, "", ""] And the expected persistent files created with the old Tails version are present in the filesystem # features/step_definitions/usb.rb:565 01:23:20.293353539: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:23:20.576734860: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:23:20.576980610: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 01:23:20.737714260: call returned: [0, "", ""] 01:23:20.737956216: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 01:23:20.966751169: call returned: [0, "700\n", ""] 01:23:20.967008815: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 01:23:21.206799283: call returned: [0, "amnesia\n", ""] 01:23:21.207008318: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 01:23:21.413127841: call returned: [0, "", ""] 01:23:21.413306905: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 01:23:21.636757830: call returned: [0, "700\n", ""] 01:23:21.636956799: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 01:23:21.851661865: call returned: [0, "amnesia\n", ""] 01:23:21.851893491: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 01:23:22.088017028: call returned: [0, "", ""] 01:23:22.088234025: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 01:23:22.346995484: call returned: [0, "700\n", ""] 01:23:22.347223657: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 01:23:22.589751019: call returned: [0, "amnesia\n", ""] 01:23:22.590036969: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 01:23:22.872003634: call returned: [0, "", ""] 01:23:22.872212112: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 01:23:23.139849946: call returned: [0, "700\n", ""] 01:23:23.140056200: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 01:23:23.364230632: call returned: [0, "amnesia\n", ""] 01:23:23.364495332: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 01:23:23.598236326: call returned: [0, "", ""] 01:23:23.598470964: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 01:23:23.812513576: call returned: [0, "700\n", ""] 01:23:23.812688940: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 01:23:24.044129273: call returned: [0, "amnesia\n", ""] 01:23:24.044343045: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 01:23:24.273483406: call returned: [0, "", ""] 01:23:24.273690541: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:23:24.552346715: call returned: [0, "700\n", ""] 01:23:24.552573697: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:23:24.752867781: call returned: [0, "amnesia\n", ""] 01:23:24.753073856: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 01:23:24.965550821: call returned: [0, "", ""] 01:23:24.965727953: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 01:23:25.201158224: call returned: [0, "755\n", ""] 01:23:25.201379614: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 01:23:25.487315311: call returned: [0, "root\n", ""] 01:23:25.487560354: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 01:23:25.679353997: call returned: [0, "", ""] 01:23:25.679547740: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 01:23:25.873500178: call returned: [0, "700\n", ""] 01:23:25.873708578: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 01:23:26.139903330: call returned: [0, "amnesia\n", ""] 01:23:26.140127293: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 01:23:26.370796578: call returned: [0, "", ""] 01:23:26.370990042: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 01:23:26.590578663: call returned: [0, "755\n", ""] 01:23:26.590792795: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 01:23:26.855830236: call returned: [0, "root\n", ""] 01:23:26.856077090: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 01:23:27.090597493: call returned: [0, "", ""] 01:23:27.090780660: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 01:23:27.274198367: call returned: [0, "700\n", ""] 01:23:27.274377675: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 01:23:27.519032974: call returned: [0, "amnesia\n", ""] 01:23:27.519254154: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 01:23:27.721460960: call returned: [0, "", ""] 01:23:27.721693084: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 01:23:28.021000003: call returned: [0, "755\n", ""] 01:23:28.021241215: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 01:23:28.281655816: call returned: [0, "root\n", ""] 01:23:28.281913629: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 01:23:28.469131396: call returned: [0, "", ""] 01:23:28.469386568: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 01:23:28.698190805: call returned: [0, "755\n", ""] 01:23:28.698367000: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 01:23:29.040204249: call returned: [0, "root\n", ""] 01:23:29.040409037: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 01:23:29.290734855: call returned: [0, "", ""] 01:23:29.290976602: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 01:23:29.549321315: call returned: [0, "700\n", ""] 01:23:29.549617263: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 01:23:29.774239126: call returned: [0, "amnesia\n", ""] And all persistent directories from the old Tails version have safe access rights # features/step_definitions/usb.rb:500 # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation Scenario: Upgrading an old Tails USB installation from an ISO image, running on the old version # features/usb_upgrade.feature:126 Given a computer # features/step_definitions/common_steps.rb:46 And I clone USB drive "old" to a new USB drive "to_upgrade" # features/step_definitions/usb.rb:59 01:23:35.751322196: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:23:38.206774937: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:24:48.331180559: calling as root: echo 'hello?' 01:24:48.576390781: call returned: [0, "hello?\n", ""] 01:24:48.576870141: calling as root: service tor status 01:24:48.840428904: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:24:48.840872218: opening file /etc/tor/torrc in 'append' mode 01:24:49.062984350: append complete 01:24:49.843422421: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:24:49.843753409: calling as root: loginctl 01:24:50.049200289: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:24:51.049676326: calling as root: loginctl 01:24:51.384396037: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:25:11.569213727: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:25:11.682239245: call returned: [0, "", ""] 01:25:11.682471232: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:25:11.803525759: call returned: [0, "", ""] 01:25:11.803797119: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node240 = dogtail.tree.root.application('gnome-shell') 01:25:12.909793072: execution complete 01:25:13.634718659: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:25:13.635011825: executing Python as amnesia: node241 = node240.child('No Notifications', roleName='label') 01:25:15.321927325: execution complete 01:25:15.322111307: executing Python as amnesia: node242 = node240.child('No Notifications', roleName='label') 01:25:16.687225880: execution complete 01:25:16.729007319: [log] TYPE "#ESC." When I start Tails from USB drive "old" with network unplugged and I login # features/step_definitions/common_steps.rb:137 01:25:16.783502728: libguestfs: trace: set_autosync true 01:25:16.783636536: libguestfs: trace: set_autosync = 0 01:25:16.789427560: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/lkTqyfoQxu" "format:qcow2" 01:25:16.789538627: libguestfs: trace: add_drive = 0 01:25:16.789599725: libguestfs: trace: launch 01:25:16.789653788: libguestfs: trace: get_tmpdir 01:25:16.789863955: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:25:16.789947251: libguestfs: trace: get_backend_setting "force_tcg" 01:25:16.790008824: libguestfs: trace: get_backend_setting = NULL (error) 01:25:16.790067607: libguestfs: trace: get_cachedir 01:25:16.790245370: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:25:16.836177801: libguestfs: trace: get_cachedir 01:25:16.836347185: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:25:16.836508325: libguestfs: trace: get_sockdir 01:25:16.836823023: libguestfs: trace: get_sockdir = "/tmp" 01:25:16.837014520: libguestfs: trace: get_backend_setting "gdb" 01:25:16.837093471: libguestfs: trace: get_backend_setting = NULL (error) 01:25:20.112557765: libguestfs: trace: launch = 0 01:25:20.113365768: libguestfs: trace: list_devices 01:25:20.114104903: libguestfs: trace: list_devices = ["/dev/sda"] 01:25:20.114236137: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:25:20.178771906: libguestfs: trace: part_disk = 0 01:25:20.179088829: libguestfs: trace: part_set_name "/dev/sda" 1 "lkTqyfoQxu" 01:25:20.255592613: libguestfs: trace: part_set_name = 0 01:25:20.255792732: libguestfs: trace: list_partitions 01:25:20.257216196: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:25:20.257362094: libguestfs: trace: mkfs "ext4" "/dev/sda1" 01:25:20.411606130: libguestfs: trace: mkfs = 0 01:25:20.412169284: libguestfs: trace: close 01:25:20.412367793: libguestfs: trace: internal_autosync 01:25:20.415801664: libguestfs: trace: internal_autosync = 0 01:25:20.503294894: libguestfs: trace: set_autosync true 01:25:20.503591842: libguestfs: trace: set_autosync = 0 01:25:20.508343306: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/lkTqyfoQxu" "format:qcow2" 01:25:20.508681973: libguestfs: trace: add_drive = 0 01:25:20.508761413: libguestfs: trace: launch 01:25:20.508820873: libguestfs: trace: get_tmpdir 01:25:20.509002958: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:25:20.509113259: libguestfs: trace: get_backend_setting "force_tcg" 01:25:20.509181449: libguestfs: trace: get_backend_setting = NULL (error) 01:25:20.509240142: libguestfs: trace: get_cachedir 01:25:20.509451272: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:25:20.553547401: libguestfs: trace: get_cachedir 01:25:20.553704848: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:25:20.553857190: libguestfs: trace: get_sockdir 01:25:20.554138213: libguestfs: trace: get_sockdir = "/tmp" 01:25:20.554313167: libguestfs: trace: get_backend_setting "gdb" 01:25:20.554389980: libguestfs: trace: get_backend_setting = NULL (error) 01:25:24.846897247: libguestfs: trace: launch = 0 01:25:24.847757016: libguestfs: trace: list_devices 01:25:24.848697473: libguestfs: trace: list_devices = ["/dev/sda"] 01:25:24.848828639: libguestfs: trace: list_partitions 01:25:24.849372499: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:25:24.849986864: libguestfs: trace: mount "/dev/sda1" "/" 01:25:24.866273534: libguestfs: trace: mount = 0 01:25:24.866566097: libguestfs: trace: upload "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" 01:25:31.340933465: libguestfs: trace: upload = 0 01:25:31.341152574: libguestfs: trace: close 01:25:31.341318933: libguestfs: trace: internal_autosync 01:25:31.450526745: libguestfs: trace: internal_autosync = 0 01:25:31.640517632: calling as root: test -b /dev/sdb 01:25:31.826193985: call returned: [1, "", ""] 01:25:32.860903830: calling as root: test -b /dev/sdb 01:25:33.138279366: call returned: [0, "", ""] 01:25:33.138498888: calling as root: mktemp -d 01:25:33.359397312: call returned: [0, "/tmp/tmp.sLb5ISZfYQ\n", ""] 01:25:33.387168288: calling as root: mount /dev/sdb1 /tmp/tmp.sLb5ISZfYQ 01:25:34.099120367: call returned: [0, "", ""] 01:25:34.099298264: calling as root: chmod -R a+rX '/tmp/tmp.sLb5ISZfYQ' 01:25:34.285682875: call returned: [0, "", ""] And I plug and mount a USB drive containing the Tails ISO # features/step_definitions/usb.rb:182 01:25:34.436594370: calling as root: test -b /dev/sdc 01:25:34.578297528: call returned: [1, "", ""] 01:25:35.602324177: calling as root: test -b /dev/sdc 01:25:35.842044737: call returned: [0, "", ""] And I plug USB drive "to_upgrade" # features/step_definitions/common_steps.rb:65 01:25:35.844045792: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:25:36.119605669: call returned: [1, "", ""] 01:25:36.188622095: calling as amnesia: xdotool key Super 01:25:36.511291195: call returned: [0, "", ""] 01:25:38.175433933: [log] TYPE "GNOME Terminal" 01:25:42.730736197: [log] ( Ctrl ) TYPE "#ENTER." 01:25:44.569123165: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node243 = dogtail.tree.root.application('tails-installer-launcher') 01:25:44.591243190: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:25:46.250832171: execution complete 01:25:46.251077296: executing Python as amnesia: node244 = node243.child('Tails Installer', roleName='frame') 01:25:46.299806723: execution complete 01:25:49.300172459: executing Python as amnesia: node245 = node244.button('Upgrade from ISO') 01:25:49.351456684: execution complete 01:25:49.351753152: executing Python as amnesia: node245.click() 01:25:50.428039144: execution complete 01:25:50.428233150: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node246 = dogtail.tree.root.application('tails-installer') 01:25:50.888192944: execution complete 01:25:50.888391529: executing Python as amnesia: node247 = node246.child('Tails Installer', roleName='frame') 01:25:50.927228041: execution complete 01:25:53.927605111: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:25:54.172452739: call returned: [0, "", ""] 01:25:54.172863567: executing Python as amnesia: node248 = node246.child('Use existing Live system ISO:', roleName='label') 01:25:54.246764346: execution complete 01:25:54.246999239: executing Python as amnesia: node249 = node248.parent 01:25:54.287202873: execution complete 01:25:54.287456973: executing Python as amnesia: node250 = node249.button('(None)') 01:25:54.345535333: execution complete 01:25:54.345791197: executing Python as amnesia: node250.click() 01:25:55.409130018: execution complete 01:25:55.409378131: executing Python as amnesia: node251 = node246.child('Select a File', roleName='file chooser') 01:25:55.549041044: execution complete 01:25:55.615317393: [log] ( Ctrl ) TYPE "l" 01:25:55.616532297: executing Python as amnesia: node252 = node251.child(roleName='text') 01:25:55.769110809: execution complete 01:25:55.769288359: executing Python as amnesia: node252.typeText('/tmp/tmp.sLb5ISZfYQ/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso\n') 01:26:03.075143313: execution complete 01:26:03.075338170: executing Python as amnesia: node253 = node251.button('Open') 01:26:03.120994845: execution complete 01:26:03.121154007: executing Python as amnesia: node253.click() 01:26:04.164229121: execution complete 01:26:04.183386681: executing Python as amnesia: node254 = node246.child('', roleName='text') 01:26:04.298532322: execution complete 01:26:04.298687420: executing Python as amnesia: print(node254.text) 01:26:04.349315907: execution complete 01:26:04.368094020: executing Python as amnesia: node255 = node246.child('Target Device:', roleName='label') 01:26:04.476965579: execution complete 01:26:04.477136991: executing Python as amnesia: node256 = node255.parent 01:26:04.505083707: execution complete 01:26:04.505290519: executing Python as amnesia: node257 = node256.child('', roleName='combo box', recursive=False) 01:26:04.557162475: execution complete 01:26:04.557325184: executing Python as amnesia: print(node257.name) 01:26:04.591950192: execution complete 01:26:04.592291428: executing Python as amnesia: node258 = node246.button('Install Tails') 01:26:04.675668202: execution complete 01:26:04.675978585: executing Python as amnesia: node258.click() 01:26:05.732411221: execution complete 01:26:05.732701007: executing Python as amnesia: node259 = node246.child('Question', roleName='alert') 01:26:05.832435567: execution complete 01:26:05.832708815: executing Python as amnesia: node260 = node259.button('Yes') 01:26:05.875921971: execution complete 01:26:05.876168026: executing Python as amnesia: node260.click() 01:26:06.960952243: execution complete 01:26:06.961325955: executing Python as amnesia: node261 = node246.child('Information', roleName='alert') 01:26:19.298705675: execution complete 01:26:20.299092231: executing Python as amnesia: node262 = node246.child('Information', roleName='alert') 01:26:32.271899019: execution complete 01:26:33.272597043: executing Python as amnesia: node263 = node246.child('Information', roleName='alert') 01:26:36.737682989: execution complete 01:26:36.737909283: executing Python as amnesia: node264 = node263.child('Installation complete!', roleName='label') 01:26:36.801883312: execution complete And I do a "Upgrade from ISO" on USB drive "to_upgrade" # features/step_definitions/usb.rb:187 01:26:36.803799423: calling as root: mkdir -p /mnt/iso 01:26:38.310033024: call returned: [0, "", ""] 01:26:38.310185195: calling as root: mount -o loop /tmp/tmp.sLb5ISZfYQ/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso /mnt/iso 01:26:38.918826489: call returned: [0, "", "mount: /dev/loop1 is write-protected, mounting read-only\n"] 01:26:38.945251732: calling as root: udisksctl info --block-device '/dev/sdc' 01:26:39.841122329: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdc:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdc\n DeviceNumber: 2080\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_4'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdc\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-4-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:4:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:26:39.841365329: calling as root: udisksctl info --block-device '/dev/sdc1' 01:26:40.208954880: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdc1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdc1\n DeviceNumber: 2081\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_4'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-71BD-104A\n IdLabel: Tails\n IdType: vfat\n IdUUID: 71BD-104A\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdc1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-4-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:4:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/71BD-104A\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sdc'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n", ""] 01:26:40.209438570: calling as root: mkdir -p /mnt/new 01:26:40.405013627: call returned: [0, "", ""] 01:26:40.405159000: calling as root: mount /dev/sdc1 /mnt/new 01:26:40.651705523: call returned: [0, "", ""] 01:26:40.651857164: calling as root: diff -qr '/mnt/iso/live' '/mnt/new/live' 01:27:01.626681191: call returned: [0, "", ""] 01:27:01.626849008: calling as root: ls -1 /mnt/new/syslinux 01:27:02.801755767: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:27:02.801953614: calling as root: diff -q '/mnt/iso/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:27:03.063405470: call returned: [0, "", ""] 01:27:03.063625684: calling as root: diff -q '/mnt/iso/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:27:03.251533436: call returned: [0, "", ""] 01:27:03.251716319: calling as root: diff -q '/mnt/iso/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:27:03.491138449: call returned: [0, "", ""] 01:27:03.491399737: calling as root: diff -q '/mnt/iso/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:27:03.700660010: call returned: [0, "", ""] 01:27:03.700842818: calling as root: diff -q '/mnt/iso/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:27:03.936628222: call returned: [0, "", ""] 01:27:03.936800189: calling as root: diff -q '/mnt/iso/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:27:04.129661606: call returned: [0, "", ""] 01:27:04.129845308: calling as root: diff -q '/mnt/iso/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:27:04.328320966: call returned: [0, "", ""] 01:27:04.328492043: calling as root: diff -q '/mnt/iso/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:27:04.565611899: call returned: [0, "", ""] 01:27:04.565795525: calling as root: diff -q '/mnt/iso/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:27:04.754103905: call returned: [0, "", ""] 01:27:04.754279485: calling as root: diff -q '/mnt/iso/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:27:05.004032036: call returned: [0, "", ""] 01:27:05.004200808: calling as root: diff -q '/mnt/iso/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:27:05.203262909: call returned: [0, "", ""] 01:27:05.203433601: calling as root: diff -q '/mnt/iso/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:27:05.399204417: call returned: [0, "", ""] 01:27:05.399408884: calling as root: diff -q '/mnt/iso/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:27:05.711754655: call returned: [0, "", ""] 01:27:05.711929700: calling as root: diff -q '/mnt/iso/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:27:06.103333710: call returned: [0, "", ""] 01:27:06.103537001: calling as root: diff -q '/mnt/iso/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:27:06.341950724: call returned: [0, "", ""] 01:27:06.342129161: calling as root: diff -q '/mnt/iso/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:27:06.694968880: call returned: [0, "", ""] 01:27:06.695148857: calling as root: diff -q '/mnt/iso/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:27:07.015280613: call returned: [0, "", ""] 01:27:07.015500950: calling as root: diff -q '/mnt/iso/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:27:07.220801743: call returned: [0, "", ""] 01:27:07.220979737: calling as root: diff -q '/mnt/iso/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:27:07.374680870: call returned: [0, "", ""] 01:27:07.374844176: calling as root: diff -q '/mnt/iso/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:27:07.580449967: call returned: [0, "", ""] 01:27:07.580616274: calling as root: diff -q '/mnt/iso/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 01:27:07.773526448: call returned: [0, "", ""] 01:27:07.773697449: calling as root: diff -q '/mnt/iso/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:27:07.929629188: call returned: [0, "", ""] 01:27:07.929796312: calling as root: diff -q '/mnt/iso/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:27:08.117234382: call returned: [0, "", ""] 01:27:08.117411059: calling as root: diff -q '/mnt/iso/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:27:08.317023304: call returned: [0, "", ""] 01:27:08.317219006: calling as root: diff -q '/mnt/iso/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:27:08.552852405: call returned: [0, "", ""] 01:27:08.553036743: calling as root: umount /mnt/new 01:27:09.048302400: call returned: [0, "", ""] 01:27:09.048483678: calling as root: sync 01:27:09.236015428: call returned: [0, "", ""] 01:27:09.236188801: calling as root: umount /mnt/iso 01:27:09.882419677: call returned: [0, "", ""] Then the ISO's Tails is installed on USB drive "to_upgrade" # features/step_definitions/usb.rb:297 And I unplug USB drive "to_upgrade" # features/step_definitions/usb.rb:63 # Depends on scenario: Writing files to a read/write-enabled persistent partition with the old Tails USB installation Scenario: Upgrading an old Tails USB installation from an ISO image, running on the new version # features/usb_upgrade.feature:137 01:27:13.202273247: calling as root: echo 'hello?' 01:27:13.424891384: call returned: [0, "hello?\n", ""] 01:27:14.148463353: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:27:14.148661175: calling as root: nmcli device show eth0 01:27:14.480950289: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:27:14.499570323: calling as root: date -s '@1498729281' 01:27:14.685999519: call returned: [0, "Thu Jun 29 09:41:21 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:27:14.731312370: libguestfs: trace: set_autosync true 01:27:14.731436291: libguestfs: trace: set_autosync = 0 01:27:14.735133725: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/CcUgGGBbMW" "format:qcow2" 01:27:14.735317817: libguestfs: trace: add_drive = 0 01:27:14.735392298: libguestfs: trace: launch 01:27:14.735448360: libguestfs: trace: get_tmpdir 01:27:14.735501098: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:27:14.735711454: libguestfs: trace: get_backend_setting "force_tcg" 01:27:14.735780214: libguestfs: trace: get_backend_setting = NULL (error) 01:27:14.735842202: libguestfs: trace: get_cachedir 01:27:14.735897108: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:27:14.788856399: libguestfs: trace: get_cachedir 01:27:14.789017719: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:27:14.789181330: libguestfs: trace: get_sockdir 01:27:14.789250858: libguestfs: trace: get_sockdir = "/tmp" 01:27:14.789656232: libguestfs: trace: get_backend_setting "gdb" 01:27:14.789736678: libguestfs: trace: get_backend_setting = NULL (error) 01:27:18.042636117: libguestfs: trace: launch = 0 01:27:18.043115604: libguestfs: trace: list_devices 01:27:18.045757776: libguestfs: trace: list_devices = ["/dev/sda"] 01:27:18.045940894: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:27:18.124583934: libguestfs: trace: part_disk = 0 01:27:18.125703977: libguestfs: trace: part_set_name "/dev/sda" 1 "CcUgGGBbMW" 01:27:18.188300436: libguestfs: trace: part_set_name = 0 01:27:18.188550856: libguestfs: trace: list_partitions 01:27:18.189728222: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:27:18.189989889: libguestfs: trace: mkfs "ext4" "/dev/sda1" 01:27:18.325880187: libguestfs: trace: mkfs = 0 01:27:18.326161271: libguestfs: trace: close 01:27:18.327110987: libguestfs: trace: internal_autosync 01:27:18.330749224: libguestfs: trace: internal_autosync = 0 01:27:18.436594791: libguestfs: trace: set_autosync true 01:27:18.436780411: libguestfs: trace: set_autosync = 0 01:27:18.441928899: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/CcUgGGBbMW" "format:qcow2" 01:27:18.442350691: libguestfs: trace: add_drive = 0 01:27:18.442421878: libguestfs: trace: launch 01:27:18.442481759: libguestfs: trace: get_tmpdir 01:27:18.442536146: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:27:18.442633719: libguestfs: trace: get_backend_setting "force_tcg" 01:27:18.442906161: libguestfs: trace: get_backend_setting = NULL (error) 01:27:18.443034820: libguestfs: trace: get_cachedir 01:27:18.443125426: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:27:18.492859618: libguestfs: trace: get_cachedir 01:27:18.493057373: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:27:18.493562063: libguestfs: trace: get_sockdir 01:27:18.493639476: libguestfs: trace: get_sockdir = "/tmp" 01:27:18.493841561: libguestfs: trace: get_backend_setting "gdb" 01:27:18.493921623: libguestfs: trace: get_backend_setting = NULL (error) 01:27:21.808730421: libguestfs: trace: launch = 0 01:27:21.808985480: libguestfs: trace: list_devices 01:27:21.809852389: libguestfs: trace: list_devices = ["/dev/sda"] 01:27:21.809998136: libguestfs: trace: list_partitions 01:27:21.811160155: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:27:21.812132020: libguestfs: trace: mount "/dev/sda1" "/" 01:27:21.822815608: libguestfs: trace: mount = 0 01:27:21.823012353: libguestfs: trace: upload "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" "/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso" 01:27:27.728306480: libguestfs: trace: upload = 0 01:27:27.729240925: libguestfs: trace: close 01:27:27.729568467: libguestfs: trace: internal_autosync 01:27:27.859213281: libguestfs: trace: internal_autosync = 0 01:27:28.025261340: calling as root: test -b /dev/sda 01:27:28.170420446: call returned: [1, "", ""] 01:27:29.195156447: calling as root: test -b /dev/sda 01:27:29.336633350: call returned: [1, "", ""] 01:27:30.367951930: calling as root: test -b /dev/sda 01:27:30.632354676: call returned: [0, "", ""] 01:27:30.632664508: calling as root: mktemp -d 01:27:30.818487048: call returned: [0, "/tmp/tmp.tTHKd6fETN\n", ""] 01:27:30.843636545: calling as root: mount /dev/sda1 /tmp/tmp.tTHKd6fETN 01:27:31.580395213: call returned: [0, "", ""] 01:27:31.580592827: calling as root: chmod -R a+rX '/tmp/tmp.tTHKd6fETN' 01:27:31.828811432: call returned: [0, "", ""] And I plug and mount a USB drive containing the Tails ISO # features/step_definitions/usb.rb:182 And I clone USB drive "old" to a new USB drive "to_upgrade" # features/step_definitions/usb.rb:59 01:27:33.532476361: calling as root: test -b /dev/sdb 01:27:33.704571086: call returned: [1, "", ""] 01:27:34.726856786: calling as root: test -b /dev/sdb 01:27:34.976005163: call returned: [0, "", ""] And I plug USB drive "to_upgrade" # features/step_definitions/common_steps.rb:65 01:27:34.977313587: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:27:35.259394938: call returned: [1, "", ""] 01:27:35.335777011: calling as amnesia: xdotool key Super 01:27:35.627266048: call returned: [0, "", ""] 01:27:37.416996120: [log] TYPE "GNOME Terminal" 01:27:37.481505877: [log] ( Ctrl ) TYPE "#ENTER." 01:27:43.998702892: [log] TYPE "export DEBUG=1 ; tails-installer-launcher#ENTER." 01:27:43.999015790: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node265 = dogtail.tree.root.application('tails-installer-launcher') 01:27:46.209646830: execution complete 01:27:46.209853969: executing Python as amnesia: node266 = node265.child('Tails Installer', roleName='frame') 01:27:46.258533817: execution complete 01:27:49.258873281: executing Python as amnesia: node267 = node266.button('Upgrade from ISO') 01:27:49.321074947: execution complete 01:27:49.321261323: executing Python as amnesia: node267.click() 01:27:50.399638343: execution complete 01:27:50.399843717: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node268 = dogtail.tree.root.application('tails-installer') 01:27:50.911364456: execution complete 01:27:50.911548997: executing Python as amnesia: node269 = node268.child('Tails Installer', roleName='frame') 01:27:50.954392689: execution complete 01:27:53.955222422: calling as amnesia: xdotool search --name 'Tails Installer' windowactivate --sync 01:27:54.184294701: call returned: [0, "", ""] 01:27:54.184580507: executing Python as amnesia: node270 = node268.child('Use existing Live system ISO:', roleName='label') 01:27:54.242366760: execution complete 01:27:54.242538360: executing Python as amnesia: node271 = node270.parent 01:27:54.296853522: execution complete 01:27:54.297182655: executing Python as amnesia: node272 = node271.button('(None)') 01:27:54.343475483: execution complete 01:27:54.343665608: executing Python as amnesia: node272.click() 01:27:55.412833382: execution complete 01:27:55.413110946: executing Python as amnesia: node273 = node268.child('Select a File', roleName='file chooser') 01:27:55.515717723: execution complete 01:27:55.579703649: executing Python as amnesia: node274 = node273.child(roleName='text') 01:27:55.599020038: [log] ( Ctrl ) TYPE "l" 01:27:55.700677331: execution complete 01:27:55.700902310: executing Python as amnesia: node274.typeText('/tmp/tmp.tTHKd6fETN/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso\n') 01:28:02.958398353: execution complete 01:28:02.958590671: executing Python as amnesia: node275 = node273.button('Open') 01:28:03.007109178: execution complete 01:28:03.007253363: executing Python as amnesia: node275.click() 01:28:04.054224179: execution complete 01:28:04.075410729: executing Python as amnesia: node276 = node268.child('', roleName='text') 01:28:04.169996383: execution complete 01:28:04.170160447: executing Python as amnesia: print(node276.text) 01:28:04.217815104: execution complete 01:28:04.247810899: executing Python as amnesia: node277 = node268.child('Target Device:', roleName='label') 01:28:04.328741701: execution complete 01:28:04.328979545: executing Python as amnesia: node278 = node277.parent 01:28:04.370487511: execution complete 01:28:04.370667888: executing Python as amnesia: node279 = node278.child('', roleName='combo box', recursive=False) 01:28:04.417565533: execution complete 01:28:04.417711933: executing Python as amnesia: print(node279.name) 01:28:04.455693700: execution complete 01:28:04.455936287: executing Python as amnesia: node280 = node268.button('Install Tails') 01:28:04.580575734: execution complete 01:28:04.580736166: executing Python as amnesia: node280.click() 01:28:05.629122039: execution complete 01:28:05.629389754: executing Python as amnesia: node281 = node268.child('Question', roleName='alert') 01:28:05.762098870: execution complete 01:28:05.762304936: executing Python as amnesia: node282 = node281.button('Yes') 01:28:05.799993775: execution complete 01:28:05.800175610: executing Python as amnesia: node282.click() 01:28:06.884243625: execution complete 01:28:06.884547156: executing Python as amnesia: node283 = node268.child('Information', roleName='alert') 01:28:18.495255410: execution complete 01:28:19.495604411: executing Python as amnesia: node284 = node268.child('Information', roleName='alert') 01:28:31.368468648: execution complete 01:28:32.368808947: executing Python as amnesia: node285 = node268.child('Information', roleName='alert') 01:28:37.498912798: execution complete 01:28:37.499160654: executing Python as amnesia: node286 = node285.child('Installation complete!', roleName='label') 01:28:37.561794439: execution complete And I do a "Upgrade from ISO" on USB drive "to_upgrade" # features/step_definitions/usb.rb:187 01:28:37.563359425: calling as root: mkdir -p /mnt/iso 01:28:38.900255501: call returned: [0, "", ""] 01:28:38.900412634: calling as root: mount -o loop /tmp/tmp.tTHKd6fETN/tails-amd64-stable-3.1-20170629T0725Z-466e43c.iso /mnt/iso 01:28:39.289785049: call returned: [0, "", "mount: /dev/loop1 is write-protected, mounting read-only\n"] 01:28:39.316391708: calling as root: udisksctl info --block-device '/dev/sdb' 01:28:40.151439891: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdb:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdb\n DeviceNumber: 2064\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_3'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdb\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-3-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:3:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] 01:28:40.151720710: calling as root: udisksctl info --block-device '/dev/sdb1' 01:28:40.592287999: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sdb1:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sdb1\n DeviceNumber: 2065\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_3'\n HintAuto: true\n HintIconName: \n HintIgnore: true\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: false\n Id: by-uuid-71BD-104A\n IdLabel: Tails\n IdType: vfat\n IdUUID: 71BD-104A\n IdUsage: filesystem\n IdVersion: FAT32\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sdb1\n ReadOnly: false\n Size: 2621440000\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-3-0:0-part1\n /dev/disk/by-label/Tails\n /dev/disk/by-partlabel/Tails\n /dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:3:1.0-scsi-0:0:0:0-part1\n /dev/disk/by-uuid/71BD-104A\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n org.freedesktop.UDisks2.Partition:\n Flags: 14987979559889010693\n IsContained: false\n IsContainer: false\n Name: Tails\n Number: 1\n Offset: 1048576\n Size: 2621440000\n Table: '/org/freedesktop/UDisks2/block_devices/sdb'\n Type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b\n UUID: 872330f6-e1b6-49f6-91f2-ba2aaab11a5b\n", ""] 01:28:40.592662117: calling as root: mkdir -p /mnt/new 01:28:40.770862789: call returned: [0, "", ""] 01:28:40.771009333: calling as root: mount /dev/sdb1 /mnt/new 01:28:41.034635382: call returned: [0, "", ""] 01:28:41.034791991: calling as root: diff -qr '/mnt/iso/live' '/mnt/new/live' 01:29:03.449640985: call returned: [0, "", ""] 01:29:03.449867221: calling as root: ls -1 /mnt/new/syslinux 01:29:04.743180297: call returned: [0, "boot.cat\ncat.c32\nf10.txt\nf1.txt\nf2.txt\nf3.txt\nf4.txt\nf5.txt\nf6.txt\nf7.txt\nf8.txt\nf9.txt\nifcpu64.c32\nisolinux.bin\nldlinux.c32\nldlinux.sys\nlibcom32.c32\nlibutil.c32\nlive64.cfg\nlive.cfg\nmenu.cfg\nsorry32.txt\nsplash.png\nstdmenu.cfg\nsyslinux.cfg\ntails.cfg\nvesamenu.c32\n", ""] 01:29:04.743411367: calling as root: diff -q '/mnt/iso/isolinux/boot.cat' '/mnt/new/syslinux/boot.cat' 01:29:04.992486090: call returned: [0, "", ""] 01:29:04.992713275: calling as root: diff -q '/mnt/iso/isolinux/cat.c32' '/mnt/new/syslinux/cat.c32' 01:29:05.180162988: call returned: [0, "", ""] 01:29:05.180414001: calling as root: diff -q '/mnt/iso/isolinux/f10.txt' '/mnt/new/syslinux/f10.txt' 01:29:05.480908465: call returned: [0, "", ""] 01:29:05.481232910: calling as root: diff -q '/mnt/iso/isolinux/f1.txt' '/mnt/new/syslinux/f1.txt' 01:29:05.916265570: call returned: [0, "", ""] 01:29:05.916446240: calling as root: diff -q '/mnt/iso/isolinux/f2.txt' '/mnt/new/syslinux/f2.txt' 01:29:06.124344606: call returned: [0, "", ""] 01:29:06.124571206: calling as root: diff -q '/mnt/iso/isolinux/f3.txt' '/mnt/new/syslinux/f3.txt' 01:29:06.348097012: call returned: [0, "", ""] 01:29:06.348306158: calling as root: diff -q '/mnt/iso/isolinux/f4.txt' '/mnt/new/syslinux/f4.txt' 01:29:06.523321489: call returned: [0, "", ""] 01:29:06.523500654: calling as root: diff -q '/mnt/iso/isolinux/f5.txt' '/mnt/new/syslinux/f5.txt' 01:29:06.769411613: call returned: [0, "", ""] 01:29:06.769590033: calling as root: diff -q '/mnt/iso/isolinux/f6.txt' '/mnt/new/syslinux/f6.txt' 01:29:06.946696007: call returned: [0, "", ""] 01:29:06.946883801: calling as root: diff -q '/mnt/iso/isolinux/f7.txt' '/mnt/new/syslinux/f7.txt' 01:29:07.169105667: call returned: [0, "", ""] 01:29:07.169332165: calling as root: diff -q '/mnt/iso/isolinux/f8.txt' '/mnt/new/syslinux/f8.txt' 01:29:07.327080633: call returned: [0, "", ""] 01:29:07.327264634: calling as root: diff -q '/mnt/iso/isolinux/f9.txt' '/mnt/new/syslinux/f9.txt' 01:29:07.537353800: call returned: [0, "", ""] 01:29:07.537592760: calling as root: diff -q '/mnt/iso/isolinux/ifcpu64.c32' '/mnt/new/syslinux/ifcpu64.c32' 01:29:07.773147837: call returned: [0, "", ""] 01:29:07.773331367: calling as root: diff -q '/mnt/iso/isolinux/isolinux.bin' '/mnt/new/syslinux/isolinux.bin' 01:29:07.986672629: call returned: [0, "", ""] 01:29:07.986848701: calling as root: diff -q '/mnt/iso/isolinux/libcom32.c32' '/mnt/new/syslinux/libcom32.c32' 01:29:08.298456445: call returned: [0, "", ""] 01:29:08.298693609: calling as root: diff -q '/mnt/iso/isolinux/libutil.c32' '/mnt/new/syslinux/libutil.c32' 01:29:08.524826069: call returned: [0, "", ""] 01:29:08.525014071: calling as root: diff -q '/mnt/iso/isolinux/live64.cfg' '/mnt/new/syslinux/live64.cfg' 01:29:08.698855770: call returned: [0, "", ""] 01:29:08.699033319: calling as root: diff -q '/mnt/iso/isolinux/live.cfg' '/mnt/new/syslinux/live.cfg' 01:29:08.898080967: call returned: [0, "", ""] 01:29:08.898255035: calling as root: diff -q '/mnt/iso/isolinux/menu.cfg' '/mnt/new/syslinux/menu.cfg' 01:29:09.156127730: call returned: [0, "", ""] 01:29:09.156303866: calling as root: diff -q '/mnt/iso/isolinux/sorry32.txt' '/mnt/new/syslinux/sorry32.txt' 01:29:09.357666996: call returned: [0, "", ""] 01:29:09.357849182: calling as root: diff -q '/mnt/iso/isolinux/splash.png' '/mnt/new/syslinux/splash.png' 01:29:09.598552205: call returned: [0, "", ""] 01:29:09.598748333: calling as root: diff -q '/mnt/iso/isolinux/stdmenu.cfg' '/mnt/new/syslinux/stdmenu.cfg' 01:29:09.805879351: call returned: [0, "", ""] 01:29:09.806169219: calling as root: diff -q '/mnt/iso/isolinux/tails.cfg' '/mnt/new/syslinux/tails.cfg' 01:29:10.051646573: call returned: [0, "", ""] 01:29:10.051839559: calling as root: diff -q '/mnt/iso/isolinux/vesamenu.c32' '/mnt/new/syslinux/vesamenu.c32' 01:29:10.302764627: call returned: [0, "", ""] 01:29:10.302969086: calling as root: diff -q '/mnt/iso/isolinux/isolinux.cfg' '/mnt/new/syslinux/syslinux.cfg' 01:29:10.492418712: call returned: [0, "", ""] 01:29:10.492658767: calling as root: umount /mnt/new 01:29:10.995535972: call returned: [0, "", ""] 01:29:10.995702860: calling as root: sync 01:29:11.185472875: call returned: [0, "", ""] 01:29:11.185648163: calling as root: umount /mnt/iso 01:29:11.738370056: call returned: [0, "", ""] Then the ISO's Tails is installed on USB drive "to_upgrade" # features/step_definitions/usb.rb:297 And I unplug USB drive "to_upgrade" # features/step_definitions/usb.rb:63 # Depends on scenario: Upgrading an old Tails USB installation from an ISO image, running on the new version Scenario: Booting a USB drive upgraded from ISO with persistence enabled # features/usb_upgrade.feature:147 Given a computer # features/step_definitions/common_steps.rb:46 01:29:39.511671577: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:29:42.094439878: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:30:53.765506704: calling as root: echo 'hello?' 01:30:54.012633097: call returned: [0, "hello?\n", ""] 01:30:54.013101834: calling as root: service tor status 01:30:54.322934139: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:30:54.323451348: opening file /etc/tor/torrc in 'append' mode 01:30:54.574013051: append complete 01:30:55.359534907: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 01:30:55.571103467: [log] TYPE "asdf#ENTER." 01:31:01.751632338: calling as root: loginctl 01:31:01.768178617: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:31:01.984993784: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:31:02.985478869: calling as root: loginctl 01:31:03.271673335: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:31:17.511460587: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:31:17.644247627: call returned: [0, "", ""] 01:31:17.644426726: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:31:17.799906789: call returned: [0, "", ""] 01:31:17.800189201: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node287 = dogtail.tree.root.application('gnome-shell') 01:31:18.918191785: execution complete 01:31:19.640995269: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:31:19.641365250: executing Python as amnesia: node288 = node287.child('No Notifications', roleName='label') 01:31:21.414790822: execution complete 01:31:21.414987240: executing Python as amnesia: node289 = node287.child('No Notifications', roleName='label') 01:31:22.850233872: execution complete 01:31:22.892138501: [log] TYPE "#ESC." And I start Tails from USB drive "to_upgrade" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 01:31:22.893682350: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:31:23.164084404: call returned: [0, "", ""] 01:31:23.164245042: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:31:23.511465730: call returned: [0, "", ""] 01:31:23.511786081: calling as root: mount 01:31:24.011848926: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=87654def11f067a1,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=33,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10223)\ntmpfs on /var/tmp type tmpfs (rw)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] Then all persistence presets from the old Tails version are enabled # features/step_definitions/usb.rb:365 01:31:24.013197465: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:31:24.236726424: call returned: [0, "8:1\n", ""] 01:31:24.236983866: calling as root: readlink -f /dev/block/'8:1' 01:31:24.456889571: call returned: [0, "/dev/sda1\n", ""] 01:31:24.457045478: calling as root: udevadm info --query=property --name='/dev/sda1' 01:31:24.847239125: call returned: [0, "DEVLINKS=/dev/disk/by-partuuid/872330f6-e1b6-49f6-91f2-ba2aaab11a5b /dev/disk/by-label/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-uuid/71BD-104A /dev/disk/by-partlabel/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=71BD-104A\nID_FS_UUID_ENC=71BD-104A\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0xd000000000000005\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=872330f6-e1b6-49f6-91f2-ba2aaab11a5b\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=847b3482-53bd-4442-8291-0b370d4a2bdb\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=7366804\n", ""] 01:31:24.847567483: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:31:25.065450428: call returned: [0, "8:1\n", ""] 01:31:25.065598053: calling as root: readlink -f /dev/block/'8:1' 01:31:25.335764385: call returned: [0, "/dev/sda1\n", ""] And Tails is running from USB drive "to_upgrade" # features/step_definitions/usb.rb:418 01:31:25.391430561: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:31:25.565153745: call returned: [0, "8:1\n", ""] 01:31:25.565358440: calling as root: readlink -f /dev/block/'8:1' 01:31:25.839808007: call returned: [0, "/dev/sda1\n", ""] 01:31:25.840037002: calling as root: ls -1 /dev/sda* 01:31:26.094308167: call returned: [0, "/dev/sda\n/dev/sda1\n/dev/sda2\n", ""] 01:31:26.094518179: calling as root: cut -d':' -f1 /etc/passwd 01:31:26.424611629: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 01:31:26.424820310: calling as root: groups root 01:31:26.828532062: call returned: [0, "root : root\n", ""] 01:31:26.828769886: calling as root: groups daemon 01:31:27.036690934: call returned: [0, "daemon : daemon\n", ""] 01:31:27.037012072: calling as root: groups bin 01:31:27.275199236: call returned: [0, "bin : bin\n", ""] 01:31:27.275595164: calling as root: groups sys 01:31:27.532617671: call returned: [0, "sys : sys\n", ""] 01:31:27.532847811: calling as root: groups sync 01:31:27.778827611: call returned: [0, "sync : nogroup\n", ""] 01:31:27.779097282: calling as root: groups games 01:31:28.026454024: call returned: [0, "games : games\n", ""] 01:31:28.026703410: calling as root: groups man 01:31:28.250840168: call returned: [0, "man : man\n", ""] 01:31:28.251182954: calling as root: groups lp 01:31:28.490279593: call returned: [0, "lp : lp\n", ""] 01:31:28.490587399: calling as root: groups mail 01:31:28.757050722: call returned: [0, "mail : mail\n", ""] 01:31:28.757336007: calling as root: groups news 01:31:29.011168664: call returned: [0, "news : news\n", ""] 01:31:29.011390744: calling as root: groups uucp 01:31:29.242048171: call returned: [0, "uucp : uucp\n", ""] 01:31:29.242282893: calling as root: groups proxy 01:31:29.466367469: call returned: [0, "proxy : proxy\n", ""] 01:31:29.466555739: calling as root: groups www-data 01:31:29.802068778: call returned: [0, "www-data : www-data\n", ""] 01:31:29.802305643: calling as root: groups backup 01:31:30.034829459: call returned: [0, "backup : backup\n", ""] 01:31:30.035031719: calling as root: groups list 01:31:30.357295563: call returned: [0, "list : list\n", ""] 01:31:30.357469247: calling as root: groups irc 01:31:30.605437901: call returned: [0, "irc : irc\n", ""] 01:31:30.605656266: calling as root: groups gnats 01:31:30.837688323: call returned: [0, "gnats : gnats\n", ""] 01:31:30.837879156: calling as root: groups nobody 01:31:31.086089270: call returned: [0, "nobody : nogroup\n", ""] 01:31:31.086273724: calling as root: groups systemd-timesync 01:31:31.369771039: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 01:31:31.370013461: calling as root: groups systemd-network 01:31:31.655689790: call returned: [0, "systemd-network : systemd-network\n", ""] 01:31:31.655864514: calling as root: groups systemd-resolve 01:31:31.908781087: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 01:31:31.908963099: calling as root: groups systemd-bus-proxy 01:31:32.161792798: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 01:31:32.162115406: calling as root: groups _apt 01:31:32.430071731: call returned: [0, "_apt : nogroup\n", ""] 01:31:32.430258652: calling as root: groups messagebus 01:31:32.722948814: call returned: [0, "messagebus : messagebus\n", ""] 01:31:32.723271349: calling as root: groups memlockd 01:31:33.050805159: call returned: [0, "memlockd : memlockd\n", ""] 01:31:33.051100811: calling as root: groups monkeysphere 01:31:33.426164148: call returned: [0, "monkeysphere : monkeysphere\n", ""] 01:31:33.426413315: calling as root: groups debian-tor 01:31:33.684904262: call returned: [0, "debian-tor : debian-tor\n", ""] 01:31:33.685142992: calling as root: groups speech-dispatcher 01:31:33.915348596: call returned: [0, "speech-dispatcher : audio\n", ""] 01:31:33.915582968: calling as root: groups colord 01:31:34.185947487: call returned: [0, "colord : colord\n", ""] 01:31:34.186149772: calling as root: groups saned 01:31:34.470985472: call returned: [0, "saned : saned scanner\n", ""] 01:31:34.471284645: calling as root: groups pulse 01:31:34.697851936: call returned: [0, "pulse : pulse audio\n", ""] 01:31:34.698147616: calling as root: groups hplip 01:31:35.016067793: call returned: [0, "hplip : lp\n", ""] 01:31:35.016240385: calling as root: groups Debian-gdm 01:31:35.232944072: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 01:31:35.233127097: calling as root: groups tails-persistence-setup 01:31:35.480411336: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 01:31:35.480663596: calling as root: groups clearnet 01:31:35.747446446: call returned: [0, "clearnet : clearnet\n", ""] 01:31:35.747693917: calling as root: groups htp 01:31:36.024381116: call returned: [0, "htp : htp\n", ""] 01:31:36.024576518: calling as root: groups tails-iuk-get-target-file 01:31:36.299718816: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 01:31:36.299914940: calling as root: groups tails-upgrade-frontend 01:31:36.580200191: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 01:31:36.580394429: calling as root: groups tor-launcher 01:31:36.845270092: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 01:31:36.845514728: calling as root: groups tails-install-iuk 01:31:37.099127284: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 01:31:37.099343822: calling as root: groups amnesia 01:31:37.365530638: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 01:31:37.365765173: calling as root: stat -c %U /dev/sda 01:31:37.571354591: call returned: [0, "root\n", ""] 01:31:37.571510898: calling as root: stat -c %G /dev/sda 01:31:37.794796795: call returned: [0, "disk\n", ""] 01:31:37.794960611: calling as root: stat -c %a /dev/sda 01:31:38.051420905: call returned: [0, "660\n", ""] 01:31:38.052274716: calling as root: stat -c %U /dev/sda1 01:31:38.267559496: call returned: [0, "root\n", ""] 01:31:38.267750423: calling as root: stat -c %G /dev/sda1 01:31:38.478704080: call returned: [0, "disk\n", ""] 01:31:38.478862509: calling as root: stat -c %a /dev/sda1 01:31:38.739553695: call returned: [0, "660\n", ""] 01:31:38.740435928: calling as root: stat -c %U /dev/sda2 01:31:38.927370716: call returned: [0, "root\n", ""] 01:31:38.927562633: calling as root: stat -c %G /dev/sda2 01:31:39.148786932: call returned: [0, "disk\n", ""] 01:31:39.148942117: calling as root: stat -c %a /dev/sda2 01:31:39.358408954: call returned: [0, "660\n", ""] 01:31:39.359019097: calling as root: udisksctl info --block-device '/dev/sda' 01:31:39.731160320: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 01:31:39.732322753: calling as root: test -e /home/amnesia/Persistent/XXX_persist 01:31:39.904552881: call returned: [0, "", ""] 01:31:39.904853486: calling as root: test -e /home/amnesia/Persistent/XXX_gone 01:31:40.093738536: call returned: [1, "", ""] 01:31:40.093957938: calling as root: test -e /home/amnesia/.gnupg/XXX_persist 01:31:40.333793905: call returned: [0, "", ""] 01:31:40.333957960: calling as root: test -e /home/amnesia/.gnupg/XXX_gone 01:31:40.607844538: call returned: [1, "", ""] 01:31:40.608077254: calling as root: test -e /home/amnesia/.ssh/XXX_persist 01:31:40.859670669: call returned: [0, "", ""] 01:31:40.859845790: calling as root: test -e /home/amnesia/.ssh/XXX_gone 01:31:41.098056394: call returned: [1, "", ""] 01:31:41.098240716: calling as root: test -e /home/amnesia/.purple/XXX_persist 01:31:41.343544701: call returned: [0, "", ""] 01:31:41.343777780: calling as root: test -e /home/amnesia/.purple/XXX_gone 01:31:41.559324306: call returned: [1, "", ""] 01:31:41.559501369: calling as root: test -e /home/amnesia/.thunderbird/XXX_persist 01:31:41.773517289: call returned: [0, "", ""] 01:31:41.773691339: calling as root: test -e /home/amnesia/.thunderbird/XXX_gone 01:31:41.984740497: call returned: [1, "", ""] 01:31:41.984941465: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_persist 01:31:42.226925723: call returned: [0, "", ""] 01:31:42.227193601: calling as root: test -e /home/amnesia/.gnome2/keyrings/XXX_gone 01:31:42.491778978: call returned: [1, "", ""] 01:31:42.491986189: calling as root: test -e /etc/NetworkManager/system-connections/XXX_persist 01:31:42.736705958: call returned: [0, "", ""] 01:31:42.736881947: calling as root: test -e /etc/NetworkManager/system-connections/XXX_gone 01:31:42.983262049: call returned: [1, "", ""] 01:31:42.983441996: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_persist 01:31:43.253431584: call returned: [0, "", ""] 01:31:43.253615503: calling as root: test -e /home/amnesia/.mozilla/firefox/bookmarks/XXX_gone 01:31:43.545051391: call returned: [1, "", ""] 01:31:43.545224753: calling as root: test -e /etc/cups/XXX_persist 01:31:43.814036699: call returned: [0, "", ""] 01:31:43.814209565: calling as root: test -e /etc/cups/XXX_gone 01:31:44.266676271: call returned: [1, "", ""] 01:31:44.266901329: calling as root: test -e /home/amnesia/.electrum/XXX_persist 01:31:44.698222932: call returned: [0, "", ""] 01:31:44.698393752: calling as root: test -e /home/amnesia/.electrum/XXX_gone 01:31:45.002209549: call returned: [1, "", ""] 01:31:45.002417998: calling as root: test -e /var/cache/apt/archives/XXX_persist 01:31:45.235085626: call returned: [0, "", ""] 01:31:45.235255680: calling as root: test -e /var/cache/apt/archives/XXX_gone 01:31:45.496561063: call returned: [1, "", ""] 01:31:45.496728232: calling as root: test -e /var/lib/apt/lists/XXX_persist 01:31:45.771202237: call returned: [0, "", ""] 01:31:45.771378747: calling as root: test -e /var/lib/apt/lists/XXX_gone 01:31:46.010466854: call returned: [1, "", ""] And the expected persistent files created with the old Tails version are present in the filesystem # features/step_definitions/usb.rb:565 01:31:46.011682108: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:31:46.298198204: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:31:46.298427697: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 01:31:46.564487101: call returned: [0, "", ""] 01:31:46.564722923: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 01:31:46.831318293: call returned: [0, "700\n", ""] 01:31:46.831508594: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 01:31:47.074682096: call returned: [0, "amnesia\n", ""] 01:31:47.074912689: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 01:31:47.297629622: call returned: [0, "", ""] 01:31:47.297809021: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 01:31:47.579708949: call returned: [0, "700\n", ""] 01:31:47.579888969: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 01:31:47.823688973: call returned: [0, "amnesia\n", ""] 01:31:47.823903809: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 01:31:48.045728426: call returned: [0, "", ""] 01:31:48.045939202: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 01:31:48.316802636: call returned: [0, "700\n", ""] 01:31:48.316990558: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 01:31:48.655334428: call returned: [0, "amnesia\n", ""] 01:31:48.655533995: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 01:31:48.916499552: call returned: [0, "", ""] 01:31:48.916671793: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 01:31:49.175020581: call returned: [0, "700\n", ""] 01:31:49.175280920: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 01:31:49.475944037: call returned: [0, "amnesia\n", ""] 01:31:49.476147559: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 01:31:49.747084823: call returned: [0, "", ""] 01:31:49.747278565: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 01:31:49.958722544: call returned: [0, "700\n", ""] 01:31:49.958945829: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 01:31:50.230219689: call returned: [0, "amnesia\n", ""] 01:31:50.230480881: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 01:31:50.511888651: call returned: [0, "", ""] 01:31:50.512092998: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:31:50.779249709: call returned: [0, "700\n", ""] 01:31:50.779475314: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:31:50.984304828: call returned: [0, "amnesia\n", ""] 01:31:50.984570974: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 01:31:51.228345023: call returned: [0, "", ""] 01:31:51.228548452: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 01:31:51.484099279: call returned: [0, "755\n", ""] 01:31:51.484399586: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 01:31:51.677733983: call returned: [0, "root\n", ""] 01:31:51.677939335: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 01:31:51.886320693: call returned: [0, "", ""] 01:31:51.886511810: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 01:31:52.125062072: call returned: [0, "700\n", ""] 01:31:52.125238913: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 01:31:52.402457567: call returned: [0, "amnesia\n", ""] 01:31:52.402763881: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 01:31:52.607887844: call returned: [0, "", ""] 01:31:52.608104562: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 01:31:52.858324421: call returned: [0, "755\n", ""] 01:31:52.858566673: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 01:31:53.135361936: call returned: [0, "root\n", ""] 01:31:53.135568823: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 01:31:53.412427877: call returned: [0, "", ""] 01:31:53.412641085: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 01:31:53.641270859: call returned: [0, "700\n", ""] 01:31:53.641458187: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 01:31:53.972712264: call returned: [0, "amnesia\n", ""] 01:31:53.972964828: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 01:31:54.180263043: call returned: [0, "", ""] 01:31:54.180468538: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 01:31:54.432231800: call returned: [0, "755\n", ""] 01:31:54.432453664: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 01:31:54.700395154: call returned: [0, "root\n", ""] 01:31:54.700625012: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 01:31:54.901481575: call returned: [0, "", ""] 01:31:54.901665324: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 01:31:55.146246106: call returned: [0, "755\n", ""] 01:31:55.146466389: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 01:31:55.442998113: call returned: [0, "root\n", ""] 01:31:55.443233767: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 01:31:55.681279311: call returned: [0, "", ""] 01:31:55.681470360: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 01:31:55.960712363: call returned: [0, "700\n", ""] 01:31:55.960894719: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 01:31:56.250851717: call returned: [0, "amnesia\n", ""] And all persistent directories from the old Tails version have safe access rights # features/step_definitions/usb.rb:500 Scenario: Upgrading Tails with Tails Upgrader through an incremental upgrade # features/usb_upgrade.feature:156 01:32:00.565588131: calling as root: echo 'hello?' 01:32:00.892039475: call returned: [0, "hello?\n", ""] 01:32:01.617086426: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:32:01.617392079: calling as root: nmcli device show eth0 01:32:02.067029833: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:32:02.088617914: calling as root: date -s '@1498729568' 01:32:02.301327180: call returned: [0, "Thu Jun 29 09:46:08 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 01:32:02.303336585: calling as root: sed -i 's/^TAILS_VERSION_ID=.*$/TAILS_VERSION_ID="1.0~test"/' /etc/os-release 01:32:02.551174448: call returned: [0, "", ""] And Tails is fooled to think it is running version 1.0~test # features/step_definitions/common_steps.rb:892 01:32:02.553192094: calling as root: test -e '/some_new_file' 01:32:02.774050612: call returned: [1, "", ""] 01:32:02.774271850: calling as root: test -e '/etc/amnesia/version' 01:32:03.085242348: call returned: [0, "", ""] 01:32:03.085428794: calling as root: test -e '/etc/os-release' 01:32:03.351758399: call returned: [0, "", ""] 01:32:03.352018045: calling as root: test -e '/usr/share/common-licenses/BSD' 01:32:03.609086197: call returned: [0, "", ""] 01:32:03.609324741: calling as root: test -e '/lib/live/mount/medium/utils/linux/syslinux' 01:32:03.907007773: call returned: [0, "", ""] And the file system changes introduced in version 1.1~test are not present # features/step_definitions/usb.rb:642 When the network is plugged # features/step_definitions/common_steps.rb:79 01:32:04.044340886: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:04.591321953: call returned: [1, "", ""] 01:32:05.591652532: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:05.822803680: call returned: [1, "", ""] 01:32:06.823146869: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:07.049428746: call returned: [1, "", ""] 01:32:08.049776015: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:08.461774206: call returned: [1, "", ""] 01:32:09.462097222: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:09.691250556: call returned: [3, "", ""] 01:32:10.691549168: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:32:10.956080580: call returned: [0, "", ""] 01:32:10.956440648: calling as root: test -e /run/tordate/done 01:32:11.291436162: call returned: [0, "", ""] 01:32:11.291687540: calling as root: test -e /run/htpdate/success 01:32:11.687035039: call returned: [1, "", ""] 01:32:12.687418825: calling as root: test -e /run/htpdate/success 01:32:12.959325324: call returned: [1, "", ""] 01:32:13.959756881: calling as root: test -e /run/htpdate/success 01:32:14.193127599: call returned: [1, "", ""] 01:32:15.193497822: calling as root: test -e /run/htpdate/success 01:32:15.445997095: call returned: [0, "", ""] 01:32:15.446228604: calling as root: systemctl is-system-running 01:32:15.688622909: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:32:15.689854366: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node290 = dogtail.tree.root.application('gnome-shell') 01:32:16.835195740: execution complete 01:32:17.559194517: executing Python as amnesia: node291 = node290.child('No Notifications', roleName='label') 01:32:17.559380020: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:32:19.807389796: execution complete 01:32:19.807628085: executing Python as amnesia: node292 = node290.child('No Notifications', roleName='label') 01:32:21.637857908: execution complete 01:32:21.680441219: [log] TYPE "#ESC." And all notifications have disappeared # features/step_definitions/common_steps.rb:422 Then I am proposed to install an incremental upgrade to version 1.1~test # features/step_definitions/usb.rb:718 01:32:54.654524837: [log] CLICK on L(722,560)@S(0)[0,0 1024x768] And I can successfully install the incremental upgrade to version 1.1~test # features/step_definitions/usb.rb:734 01:33:07.309769494: spawning as root: poweroff Given I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 01:33:17.472485777: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:34:31.431693596: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:34:31.432038861: calling as root: echo 'hello?' 01:34:31.700587766: call returned: [0, "hello?\n", ""] 01:34:31.700970711: calling as root: service tor status 01:34:32.003967880: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:34:32.004578785: opening file /etc/tor/torrc in 'append' mode 01:34:32.248954607: append complete 01:34:33.043753082: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 01:34:33.261612079: [log] TYPE "asdf#ENTER." 01:34:39.852742015: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:34:39.853138287: calling as root: loginctl 01:34:40.079764982: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:34:41.080183909: calling as root: loginctl 01:34:41.324848453: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:34:55.589337579: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:34:55.698467374: call returned: [0, "", ""] 01:34:55.698646503: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:34:55.822893813: call returned: [0, "", ""] 01:34:55.823192954: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node293 = dogtail.tree.root.application('gnome-shell') 01:34:56.985766809: execution complete 01:34:57.708846807: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:34:57.709052261: executing Python as amnesia: node294 = node293.child('No Notifications', roleName='label') 01:34:59.248895456: execution complete 01:34:59.249095098: executing Python as amnesia: node295 = node293.child('No Notifications', roleName='label') 01:35:00.553875411: execution complete 01:35:00.598412668: [log] TYPE "#ESC." When I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 01:35:00.600752006: calling as root: tails-version 01:35:00.922460781: call returned: [0, "1.1~test - 20380119\nffffffffffffffffffffffffffffffffffffffff\nlive-build: 3.0.5+really+is+2.0.12-0.tails2\nlive-boot: 4.0.2-1\nlive-config: 4.0.4-1\n", ""] 01:35:00.922666299: opening file /etc/os-release in 'read' mode 01:35:00.956131747: read complete Then Tails is running version 1.1~test # features/step_definitions/common_steps.rb:900 01:35:00.957594379: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:35:01.240017894: call returned: [0, "", ""] 01:35:01.240226697: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:35:01.575904044: call returned: [0, "", ""] 01:35:01.576197725: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:35:03.519833042: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:35:03.520209069: calling as root: mount 01:35:04.024683572: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\n/dev/loop1 on /lib/live/mount/rootfs/1.1~test.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=bcbf9c2219c5cd98,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=38,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10522)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] And all persistence presets are enabled # features/step_definitions/usb.rb:365 01:35:04.026889590: calling as root: test -e '/some_new_file' 01:35:04.293836157: call returned: [0, "", ""] 01:35:04.294082450: opening file /some_new_file in 'read' mode 01:35:04.340578378: read complete 01:35:04.340768686: calling as root: test -e '/etc/amnesia/version' 01:35:04.643142221: call returned: [0, "", ""] 01:35:04.643325784: opening file /etc/amnesia/version in 'read' mode 01:35:04.684911542: read complete 01:35:04.685121747: calling as root: test -e '/etc/os-release' 01:35:04.913326173: call returned: [0, "", ""] 01:35:04.913491622: opening file /etc/os-release in 'read' mode 01:35:04.952615286: read complete 01:35:04.952824886: calling as root: test -e '/usr/share/common-licenses/BSD' 01:35:05.279630586: call returned: [1, "", ""] 01:35:05.279809697: calling as root: test -e '/lib/live/mount/medium/utils/linux/syslinux' 01:35:05.628186126: call returned: [1, "", ""] And the file system changes introduced in version 1.1~test are present # features/step_definitions/usb.rb:642 01:35:05.630113467: calling as root: date -s '@1498729752' 01:35:05.885262469: call returned: [0, "Thu Jun 29 09:49:12 UTC 2017\n", ""] Given Tails system time is magically synchronized # features/step_definitions/common_steps.rb:988 When the network is plugged # features/step_definitions/common_steps.rb:79 01:35:06.037068049: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:06.350202783: call returned: [1, "", ""] 01:35:07.350697929: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:07.647437541: call returned: [1, "", ""] 01:35:08.647804684: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:08.889209990: call returned: [1, "", ""] 01:35:09.889574118: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:10.255014138: call returned: [1, "", ""] 01:35:11.255364389: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:11.623174508: call returned: [3, "", ""] 01:35:12.623529872: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:12.959193282: call returned: [0, "", ""] 01:35:12.959679985: calling as root: test -e /run/tordate/done 01:35:13.187605771: call returned: [0, "", ""] 01:35:13.187888703: calling as root: test -e /run/htpdate/success 01:35:13.572434551: call returned: [1, "", ""] 01:35:14.572825910: calling as root: test -e /run/htpdate/success 01:35:14.931398903: call returned: [1, "", ""] 01:35:15.931741510: calling as root: test -e /run/htpdate/success 01:35:16.206025835: call returned: [0, "", ""] 01:35:16.206270585: calling as root: systemctl is-system-running 01:35:16.553410978: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:35:16.554739217: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node296 = dogtail.tree.root.application('gnome-shell') 01:35:16.747617299: execution complete 01:35:17.480437564: executing Python as amnesia: node297 = node296.child('No Notifications', roleName='label') 01:35:17.502299546: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:35:19.627944990: execution complete 01:35:19.628184291: executing Python as amnesia: node298 = node296.child('No Notifications', roleName='label') 01:35:21.845010750: execution complete 01:35:21.886912388: [log] TYPE "#ESC." And all notifications have disappeared # features/step_definitions/common_steps.rb:422 01:35:21.957692500: calling as amnesia: xdotool key Super 01:35:22.519165346: call returned: [0, "", ""] 01:35:24.078719698: [log] TYPE "Unsafe Browser" 01:35:28.866739034: [log] ( Ctrl ) TYPE "#ENTER." 01:35:28.955807577: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node299 = dogtail.tree.root.application('gnome-shell') 01:35:28.956149353: [log] TYPE "#RIGHT.#ENTER." 01:35:29.091347180: execution complete 01:35:29.091592833: executing Python as amnesia: node300 = node299.child('No Notifications', roleName='label', showingOnly=False) 01:35:31.075292761: execution complete 01:35:31.075498422: executing Python as amnesia: node301 = node300.parent 01:35:31.163128327: execution complete 01:35:31.163324809: executing Python as amnesia: node302 = node301.parent 01:35:31.198661280: execution complete 01:35:31.198926207: executing Python as amnesia: node303 = node302.child('Starting the Unsafe Browser...', roleName='label', showingOnly=False) 01:35:31.291116002: execution complete And I successfully start the Unsafe Browser # features/step_definitions/browser.rb:9 01:35:48.921845600: calling as root: test -e '/var/lib/unsafe-browser/chroot/some_new_file' 01:35:50.228214054: call returned: [0, "", ""] 01:35:50.228389506: opening file /var/lib/unsafe-browser/chroot/some_new_file in 'read' mode 01:35:50.258344199: read complete 01:35:50.258523853: calling as root: test -e '/var/lib/unsafe-browser/chroot/etc/amnesia/version' 01:35:50.853756451: call returned: [0, "", ""] 01:35:50.853923240: opening file /var/lib/unsafe-browser/chroot/etc/amnesia/version in 'read' mode 01:35:50.902640724: read complete 01:35:50.902832401: calling as root: test -e '/var/lib/unsafe-browser/chroot/etc/os-release' 01:35:51.397416934: call returned: [0, "", ""] 01:35:51.397582364: opening file /var/lib/unsafe-browser/chroot/etc/os-release in 'read' mode 01:35:51.427745518: read complete 01:35:51.427977803: calling as root: test -e '/var/lib/unsafe-browser/chroot/usr/share/common-licenses/BSD' 01:35:51.835258676: call returned: [1, "", ""] 01:35:51.835434860: calling as root: test -e '/lib/live/mount/medium/utils/linux/syslinux' 01:35:52.361996582: call returned: [1, "", ""] Then the file system changes introduced in version 1.1~test are present in the Unsafe Browser's chroot # features/step_definitions/usb.rb:642 @product Feature: Emergency shutdown # Test something close to real-world usage, without interfering, # i.e. without the "I prepare Tails for memory erasure tests" step; # and test that Tails eventually shuts down, which we don't do in # the following scenarios for test suite performance reasons. Scenario: Tails shuts down on DVD boot medium removal # features/emergency_shutdown.feature:8 01:35:55.872404753: calling as root: echo 'hello?' 01:35:56.078371732: call returned: [0, "hello?\n", ""] 01:35:56.815247319: calling as root: nmcli device show eth0 01:35:56.835110115: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:35:57.277316626: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:35:57.294623067: calling as root: date -s '@1498729804' 01:35:57.463155649: call returned: [0, "Thu Jun 29 09:50:04 UTC 2017\n", ""] Checkpoint: I have started Tails from DVD and logged in and the network is connected Given I have started Tails from DVD without network and logged in And the network is plugged 01:35:57.593977836: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:57.994870544: call returned: [1, "", ""] 01:35:58.995159765: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:35:59.222900944: call returned: [1, "", ""] 01:36:00.223204863: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:00.393115905: call returned: [1, "", ""] 01:36:01.393502949: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:01.575837450: call returned: [1, "", ""] 01:36:02.576136176: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:02.769777705: call returned: [1, "", ""] 01:36:03.770151084: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:03.962018483: call returned: [1, "", ""] 01:36:04.962351579: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:05.248051618: call returned: [1, "", ""] 01:36:06.248333494: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:06.425187672: call returned: [1, "", ""] 01:36:07.425503093: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:07.842855668: call returned: [1, "", ""] 01:36:08.843337634: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:09.080118603: call returned: [3, "", ""] 01:36:10.080385390: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:10.297585525: call returned: [3, "", ""] 01:36:11.297943808: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:36:11.708471445: call returned: [0, "", ""] 01:36:11.709437888: calling as root: test -e /run/tordate/done 01:36:12.081505846: call returned: [0, "", ""] 01:36:12.082076121: calling as root: test -e /run/htpdate/success 01:36:12.388200723: call returned: [1, "", ""] 01:36:13.388564510: calling as root: test -e /run/htpdate/success 01:36:13.645870165: call returned: [1, "", ""] 01:36:14.646209529: calling as root: test -e /run/htpdate/success 01:36:14.821227799: call returned: [0, "", ""] 01:36:14.821520931: calling as root: systemctl is-system-running 01:36:15.050785418: call returned: [0, "running\n", ""] And Tor is ready 01:36:15.051135879: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node304 = dogtail.tree.root.application('gnome-shell') 01:36:16.131912319: execution complete 01:36:16.856411382: executing Python as amnesia: node305 = node304.child('No Notifications', roleName='label') 01:36:16.874364783: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:36:19.146041503: execution complete 01:36:19.146229227: executing Python as amnesia: node306 = node304.child('No Notifications', roleName='label') 01:36:21.176623435: execution complete 01:36:21.221292530: [log] TYPE "#ESC." And all notifications have disappeared 01:36:21.221635113: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:21.454954134: call returned: [1, "", ""] 01:36:22.455309878: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:22.655062413: call returned: [1, "", ""] 01:36:23.655345396: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:23.820868332: call returned: [1, "", ""] 01:36:24.823481496: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:25.041745169: call returned: [1, "", ""] 01:36:26.042053153: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:26.205599421: call returned: [1, "", ""] 01:36:27.207365619: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:27.386731055: call returned: [1, "", ""] 01:36:28.387014529: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:28.581275646: call returned: [1, "", ""] 01:36:29.581549442: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:29.775073296: call returned: [1, "", ""] 01:36:30.775347265: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:30.933904345: call returned: [1, "", ""] 01:36:31.934217106: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:32.119362103: call returned: [1, "", ""] 01:36:33.119755341: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:33.274490207: call returned: [1, "", ""] 01:36:34.274835258: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:34.420933121: call returned: [1, "", ""] 01:36:35.421252525: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:35.615656409: call returned: [1, "", ""] 01:36:36.616004578: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:36.806250378: call returned: [1, "", ""] 01:36:37.806674571: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:37.994596963: call returned: [1, "", ""] 01:36:38.994909532: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:39.151009487: call returned: [1, "", ""] 01:36:40.151317500: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:40.324615926: call returned: [1, "", ""] 01:36:41.324899053: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:41.620327555: call returned: [1, "", ""] 01:36:42.620680796: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:42.909311789: call returned: [1, "", ""] 01:36:43.909606390: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:44.159908390: call returned: [1, "", ""] 01:36:45.160207146: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:45.372270386: call returned: [1, "", ""] 01:36:46.372560620: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:36:46.597649721: call returned: [0, "", ""] And available upgrades have been checked Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 01:36:50.958102522: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:36:51.203983955: call returned: [0, "11:0\n", ""] 01:36:51.204140897: calling as root: readlink -f /dev/block/'11:0' 01:36:51.437135834: call returned: [0, "/dev/sr0\n", ""] 01:36:51.437286540: calling as root: udevadm info --query=property --name='/dev/sr0' 01:36:51.682334222: call returned: [0, "DEVLINKS=/dev/cdrom /dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/dvd\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:uaccess:systemd:seat:\nUSEC_INITIALIZED=5804478\n", ""] 01:36:51.682669028: calling as root: /usr/bin/eject -m 01:36:51.879276070: call returned: [0, "", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:878 Then Tails eventually shuts down # features/step_definitions/common_steps.rb:503 Scenario: Tails erases memory on DVD boot medium removal: aufs read-write branch # features/emergency_shutdown.feature:13 01:37:09.549582812: calling as root: echo 'hello?' 01:37:09.811587148: call returned: [0, "hello?\n", ""] 01:37:10.543484789: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:37:10.544826582: calling as root: nmcli device show eth0 01:37:10.875550424: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:37:10.913112357: calling as root: date -s '@1498729877' 01:37:11.104958618: call returned: [0, "Thu Jun 29 09:51:17 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:37:11.106119915: calling as root: free -m | awk '/^Mem:/ { print $2 }' 01:37:11.386836679: call returned: [0, "2004\n", ""] 01:37:11.387102921: calling as root: echo 3 > /proc/sys/vm/drop_caches 01:37:11.929681008: call returned: [0, "", ""] 01:37:11.929935442: calling as root: touch /run/initramfs/tails_shutdown_debugging 01:37:13.575411781: call returned: [0, "", ""] 01:37:13.575708276: calling as root: sysctl vm.oom_kill_allocating_task=0 01:37:13.847662461: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 01:37:13.847919341: calling as root: sysctl vm.oom_dump_tasks=0 01:37:14.058530033: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 01:37:14.058703774: calling as root: sysctl vm.overcommit_memory=0 01:37:14.306846193: call returned: [0, "vm.overcommit_memory = 0\n", ""] 01:37:14.307125269: calling as root: sysctl vm.min_free_kbytes=65536 01:37:14.503915921: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 01:37:14.504095745: calling as root: sysctl vm.admin_reserve_kbytes=131072 01:37:14.711790450: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 01:37:14.711992201: calling as root: free -m | awk '/^Mem:/ { print $3 }' 01:37:14.988123803: call returned: [0, "547\n", ""] 01:37:14.988348283: calling as root: systemctl status initramfs-shutdown.service 01:37:15.356291900: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 1h 21min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 01:37:15.356489494: calling as root: systemctl status memlockd.service 01:37:15.644373734: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 21min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 01:37:15.644545510: calling as root: systemctl status tails-shutdown-on-media-removal.service 01:37:15.882167934: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 21min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 01:37:15.883370463: calling as root: for i in $(seq 1 8388608) ; do echo wipe_didnt_work >> '/xaOgpclYjX' ; done 01:38:31.456578558: call returned: [0, "", ""] And I fill a 128 MiB file with a known pattern on the root filesystem # features/step_definitions/erase_memory.rb:229 And patterns cover at least 128 MiB in the guest's memory # features/step_definitions/erase_memory.rb:189 Pattern coverage: 100.000% (128 MiB out of 128 MiB reference memory) 01:38:34.984709390: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:38:35.290456659: call returned: [0, "11:0\n", ""] 01:38:35.290667633: calling as root: readlink -f /dev/block/'11:0' 01:38:35.541476309: call returned: [0, "/dev/sr0\n", ""] 01:38:35.541627148: calling as root: udevadm info --query=property --name='/dev/sr0' 01:38:35.789287839: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/dvd /dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/cdrom /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:seat:systemd:uaccess:\nUSEC_INITIALIZED=5804478\n", ""] 01:38:35.789668657: calling as root: /usr/bin/eject -m 01:38:35.997408545: call returned: [0, "", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:878 And I wait for Tails to finish wiping the memory # features/step_definitions/erase_memory.rb:225 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1265 MiB reference memory) Scenario: Tails erases memory on DVD boot medium removal: vfat # features/emergency_shutdown.feature:22 01:39:10.694682476: calling as root: echo 'hello?' 01:39:10.938619176: call returned: [0, "hello?\n", ""] 01:39:11.667151237: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:39:11.667402332: calling as root: nmcli device show eth0 01:39:12.058084116: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:39:12.083108642: calling as root: date -s '@1498729998' 01:39:12.310072948: call returned: [0, "Thu Jun 29 09:53:18 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:39:12.311371828: calling as root: free -m | awk '/^Mem:/ { print $2 }' 01:39:12.586472978: call returned: [0, "2004\n", ""] 01:39:12.586767185: calling as root: echo 3 > /proc/sys/vm/drop_caches 01:39:13.167357265: call returned: [0, "", ""] 01:39:13.167651058: calling as root: touch /run/initramfs/tails_shutdown_debugging 01:39:14.896144464: call returned: [0, "", ""] 01:39:14.896397396: calling as root: sysctl vm.oom_kill_allocating_task=0 01:39:15.202144521: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 01:39:15.202342904: calling as root: sysctl vm.oom_dump_tasks=0 01:39:15.387468471: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 01:39:15.387698151: calling as root: sysctl vm.overcommit_memory=0 01:39:15.654568142: call returned: [0, "vm.overcommit_memory = 0\n", ""] 01:39:15.654847353: calling as root: sysctl vm.min_free_kbytes=65536 01:39:15.868673957: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 01:39:15.868903274: calling as root: sysctl vm.admin_reserve_kbytes=131072 01:39:16.054957548: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 01:39:16.055238660: calling as root: free -m | awk '/^Mem:/ { print $3 }' 01:39:16.381343310: call returned: [0, "546\n", ""] 01:39:16.381546871: calling as root: systemctl status initramfs-shutdown.service 01:39:16.778476959: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 1h 23min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 01:39:16.778791875: calling as root: systemctl status memlockd.service 01:39:17.101001807: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 23min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 01:39:17.101283734: calling as root: systemctl status tails-shutdown-on-media-removal.service 01:39:17.390131260: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 23min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 01:39:17.443145417: libguestfs: trace: set_autosync true 01:39:17.443366272: libguestfs: trace: set_autosync = 0 01:39:17.454915530: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/HbPWFpggOi" "format:qcow2" 01:39:17.459666551: libguestfs: trace: add_drive = 0 01:39:17.459765828: libguestfs: trace: launch 01:39:17.459859779: libguestfs: trace: get_tmpdir 01:39:17.459994935: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:39:17.460079036: libguestfs: trace: get_backend_setting "force_tcg" 01:39:17.460195362: libguestfs: trace: get_backend_setting = NULL (error) 01:39:17.460299180: libguestfs: trace: get_cachedir 01:39:17.460411679: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:39:17.506738890: libguestfs: trace: get_cachedir 01:39:17.506920382: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:39:17.507152997: libguestfs: trace: get_sockdir 01:39:17.507320766: libguestfs: trace: get_sockdir = "/tmp" 01:39:17.507502303: libguestfs: trace: get_backend_setting "gdb" 01:39:17.507680937: libguestfs: trace: get_backend_setting = NULL (error) 01:39:20.747058237: libguestfs: trace: launch = 0 01:39:20.747565149: libguestfs: trace: list_devices 01:39:20.748712263: libguestfs: trace: list_devices = ["/dev/sda"] 01:39:20.749238633: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:39:20.822347893: libguestfs: trace: part_disk = 0 01:39:20.822818291: libguestfs: trace: part_set_name "/dev/sda" 1 "HbPWFpggOi" 01:39:20.901075891: libguestfs: trace: part_set_name = 0 01:39:20.901785786: libguestfs: trace: list_partitions 01:39:20.902785309: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:39:20.902968378: libguestfs: trace: mkfs "vfat" "/dev/sda1" 01:39:20.923503480: libguestfs: trace: mkfs = 0 01:39:20.923739149: libguestfs: trace: close 01:39:20.924330876: libguestfs: trace: internal_autosync 01:39:20.934478234: libguestfs: trace: internal_autosync = 0 01:39:21.119831425: calling as root: test -b /dev/sda 01:39:21.315203219: call returned: [1, "", ""] 01:39:22.336885916: calling as root: test -b /dev/sda 01:39:22.539643629: call returned: [1, "", ""] 01:39:23.565910332: calling as root: test -b /dev/sda 01:39:23.900072873: call returned: [1, "", ""] 01:39:24.921340833: calling as root: test -b /dev/sda 01:39:25.182996712: call returned: [0, "", ""] 01:39:25.183324353: calling as root: mktemp -d 01:39:25.397401489: call returned: [0, "/tmp/tmp.wBBav9h2LK\n", ""] 01:39:25.418406465: calling as root: mount /dev/sda1 /tmp/tmp.wBBav9h2LK 01:39:26.101570656: call returned: [0, "", ""] 01:39:26.101780238: calling as root: df --output=avail '/tmp/tmp.wBBav9h2LK' 01:39:26.485373685: call returned: [0, " Avail\n130670\n", ""] And I plug and mount a 128 MiB USB drive with a vfat filesystem # features/step_definitions/common_steps.rb:957 01:39:26.489870895: calling as root: while echo wipe_didnt_work >> '/tmp/tmp.wBBav9h2LK/file'; do true ; done 01:40:25.919323908: call returned: [0, "", "sh: echo: I/O error\n"] 01:40:25.919506182: calling as root: df --output=avail '/tmp/tmp.wBBav9h2LK' 01:40:26.123288291: call returned: [0, "Avail\n 0\n", ""] And I fill the USB drive with a known pattern # features/step_definitions/erase_memory.rb:167 01:40:26.124613296: calling as root: cat /tmp/tmp.wBBav9h2LK/file >/dev/null 01:40:26.355630330: call returned: [0, "", ""] And I read the content of the test FS # features/step_definitions/erase_memory.rb:174 And patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 102.400% (127 MiB out of 124 MiB reference memory) 01:40:29.956937536: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:40:30.168121892: call returned: [0, "11:0\n", ""] 01:40:30.168472887: calling as root: readlink -f /dev/block/'11:0' 01:40:30.403555043: call returned: [0, "/dev/sr0\n", ""] 01:40:30.403816064: calling as root: udevadm info --query=property --name='/dev/sr0' 01:40:30.713271421: call returned: [0, "DEVLINKS=/dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/cdrom /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/dvd /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/disk/by-uuid/2017-06-13-05-06-30-00\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:seat:uaccess:systemd:\nUSEC_INITIALIZED=5804478\n", ""] 01:40:30.713574702: calling as root: /usr/bin/eject -m 01:40:30.973512100: call returned: [0, "", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:878 And I wait for Tails to finish wiping the memory # features/step_definitions/erase_memory.rb:225 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1266 MiB reference memory) Scenario: Tails erases memory on DVD boot medium removal: LUKS-encrypted ext4 # features/emergency_shutdown.feature:33 01:41:07.630662827: calling as root: echo 'hello?' 01:41:07.858139526: call returned: [0, "hello?\n", ""] 01:41:08.584943958: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:41:08.586246482: calling as root: nmcli device show eth0 01:41:08.942979555: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:41:08.961161459: calling as root: date -s '@1498730115' 01:41:09.150616860: call returned: [0, "Thu Jun 29 09:55:15 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:41:09.152001702: calling as root: free -m | awk '/^Mem:/ { print $2 }' 01:41:09.361882944: call returned: [0, "2004\n", ""] 01:41:09.362124878: calling as root: echo 3 > /proc/sys/vm/drop_caches 01:41:09.882618640: call returned: [0, "", ""] 01:41:09.882814381: calling as root: touch /run/initramfs/tails_shutdown_debugging 01:41:11.634203436: call returned: [0, "", ""] 01:41:11.634401357: calling as root: sysctl vm.oom_kill_allocating_task=0 01:41:11.904430181: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 01:41:11.904696023: calling as root: sysctl vm.oom_dump_tasks=0 01:41:12.107610411: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 01:41:12.107872056: calling as root: sysctl vm.overcommit_memory=0 01:41:12.335932560: call returned: [0, "vm.overcommit_memory = 0\n", ""] 01:41:12.336106908: calling as root: sysctl vm.min_free_kbytes=65536 01:41:12.538248066: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 01:41:12.538425825: calling as root: sysctl vm.admin_reserve_kbytes=131072 01:41:12.721333918: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 01:41:12.721526848: calling as root: free -m | awk '/^Mem:/ { print $3 }' 01:41:13.038662653: call returned: [0, "548\n", ""] 01:41:13.038876148: calling as root: systemctl status initramfs-shutdown.service 01:41:13.420476887: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:30:03 UTC; 1h 25min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3717 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:30:03 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 01:41:13.420706832: calling as root: systemctl status memlockd.service 01:41:13.690064541: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 25min ago\n Main PID: 3673 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3673 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/rm\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sh\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/sleep\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /bin/systemctl\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:29:55 localhost.localdomain memlockd[3673]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/eject\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/bin/pkill\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:29:56 localhost.localdomain memlockd[3673]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 01:41:13.690289593: calling as root: systemctl status tails-shutdown-on-media-removal.service 01:41:13.964286344: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:29:54 UTC; 1h 25min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3674 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3674 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3771 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0 cd\n\nJun 29 08:29:54 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 01:41:14.008637315: libguestfs: trace: set_autosync true 01:41:14.008759463: libguestfs: trace: set_autosync = 0 01:41:14.012505526: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/tgTtAaCJsr" "format:qcow2" 01:41:14.012733194: libguestfs: trace: add_drive = 0 01:41:14.012794387: libguestfs: trace: launch 01:41:14.012845068: libguestfs: trace: get_tmpdir 01:41:14.012895018: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:41:14.013114395: libguestfs: trace: get_backend_setting "force_tcg" 01:41:14.013181444: libguestfs: trace: get_backend_setting = NULL (error) 01:41:14.013239151: libguestfs: trace: get_cachedir 01:41:14.013384415: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:41:14.056555467: libguestfs: trace: get_cachedir 01:41:14.056709276: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:41:14.056861986: libguestfs: trace: get_sockdir 01:41:14.057129146: libguestfs: trace: get_sockdir = "/tmp" 01:41:14.057309727: libguestfs: trace: get_backend_setting "gdb" 01:41:14.057392958: libguestfs: trace: get_backend_setting = NULL (error) 01:41:17.377022277: libguestfs: trace: launch = 0 01:41:17.378018537: libguestfs: trace: list_devices 01:41:17.378766421: libguestfs: trace: list_devices = ["/dev/sda"] 01:41:17.378895885: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:41:17.442232960: libguestfs: trace: part_disk = 0 01:41:17.443162126: libguestfs: trace: part_set_name "/dev/sda" 1 "tgTtAaCJsr" 01:41:17.501825737: libguestfs: trace: part_set_name = 0 01:41:17.502023164: libguestfs: trace: list_partitions 01:41:17.502512399: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:41:17.503333800: libguestfs: trace: luks_format "/dev/sda1" "***" 0 01:41:21.383678204: libguestfs: trace: luks_format = 0 01:41:21.383899607: libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" 01:41:23.647520094: libguestfs: trace: luks_open = 0 01:41:23.647838929: libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" 01:41:23.759325998: libguestfs: trace: mkfs = 0 01:41:23.759532697: libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" 01:41:23.785949541: libguestfs: trace: luks_close = 0 01:41:23.786165491: libguestfs: trace: close 01:41:23.786279367: libguestfs: trace: internal_autosync 01:41:23.787648973: libguestfs: trace: internal_autosync = 0 01:41:23.970705635: calling as root: test -b /dev/sda 01:41:24.147117800: call returned: [1, "", ""] 01:41:25.174612853: calling as root: test -b /dev/sda 01:41:25.410666197: call returned: [1, "", ""] 01:41:26.439026340: calling as root: test -b /dev/sda 01:41:26.628769700: call returned: [1, "", ""] 01:41:27.652836705: calling as root: test -b /dev/sda 01:41:27.947271316: call returned: [0, "", ""] 01:41:27.947607617: calling as root: mktemp -d 01:41:28.183422281: call returned: [0, "/tmp/tmp.JQlXdu9IL6\n", ""] 01:41:28.205144305: calling as root: echo asdf | cryptsetup luksOpen /dev/sda1 tgTtAaCJsr_unlocked 01:41:31.477661758: call returned: [0, "", ""] 01:41:31.477891865: calling as root: mount /dev/mapper/tgTtAaCJsr_unlocked /tmp/tmp.JQlXdu9IL6 01:41:32.134028603: call returned: [0, "", ""] 01:41:32.134225308: calling as root: df --output=avail '/tmp/tmp.JQlXdu9IL6' 01:41:32.326325819: call returned: [0, " Avail\n110152\n", ""] And I plug and mount a 128 MiB USB drive with an ext4 filesystem encrypted with password "asdf" # features/step_definitions/common_steps.rb:957 01:41:32.327750911: calling as root: while echo wipe_didnt_work >> '/tmp/tmp.JQlXdu9IL6/file'; do true ; done 01:42:26.641081160: call returned: [0, "", "sh: echo: I/O error\n"] 01:42:26.641321975: calling as root: df --output=avail '/tmp/tmp.JQlXdu9IL6' 01:42:26.907306622: call returned: [0, "Avail\n 0\n", ""] And I fill the USB drive with a known pattern # features/step_definitions/erase_memory.rb:167 01:42:26.908488259: calling as root: cat /tmp/tmp.JQlXdu9IL6/file >/dev/null 01:42:27.158137529: call returned: [0, "", ""] And I read the content of the test FS # features/step_definitions/erase_memory.rb:174 And patterns cover at least 99% of the test FS size in the guest's memory # features/step_definitions/erase_memory.rb:178 Pattern coverage: 108.390% (113 MiB out of 105 MiB reference memory) 01:42:30.245771453: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:42:30.496721936: call returned: [0, "11:0\n", ""] 01:42:30.496982474: calling as root: readlink -f /dev/block/'11:0' 01:42:30.687588486: call returned: [0, "/dev/sr0\n", ""] 01:42:30.687745078: calling as root: udevadm info --query=property --name='/dev/sr0' 01:42:31.044160692: call returned: [0, "DEVLINKS=/dev/disk/by-uuid/2017-06-13-05-06-30-00 /dev/disk/by-path/pci-0000:00:1f.2-ata-3 /dev/dvd /dev/disk/by-label/TAILS\\x203.1\\x20-\\x2020170613 /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00005 /dev/cdrom\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_ATA_SATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FOR_SEAT=block-pci-0000_00_1f_2-ata-3\nID_FS_APPLICATION_ID=THE\\x20AMNESIC\\x20INCOGNITO\\x20LIVE\\x20SYSTEM\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_3.1_-_20170613\nID_FS_LABEL_ENC=TAILS\\x203.1\\x20-\\x2020170613\nID_FS_PUBLISHER_ID=HTTPS:\\x2f\\x2fTAILS.BOUM.ORG\\x2f\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2017-06-13-05-06-30-00\nID_FS_UUID_ENC=2017-06-13-05-06-30-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0000002a\nID_PATH=pci-0000:00:1f.2-ata-3\nID_PATH_TAG=pci-0000_00_1f_2-ata-3\nID_REVISION=2.5+\nID_SERIAL=QEMU_DVD-ROM_QM00005\nID_SERIAL_SHORT=QM00005\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:systemd:seat:uaccess:\nUSEC_INITIALIZED=5804478\n", ""] 01:42:31.044468605: calling as root: /usr/bin/eject -m 01:42:31.346460961: call returned: [0, "", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:878 And I wait for Tails to finish wiping the memory # features/step_definitions/erase_memory.rb:225 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1264 MiB reference memory) Scenario: Tails erases memory and shuts down on USB boot medium removal: persistent data # features/emergency_shutdown.feature:44 01:43:28.241368768: calling as root: echo 'hello?' 01:43:28.430398203: call returned: [0, "hello?\n", ""] 01:43:29.159686588: calling as root: nmcli device show eth0 01:43:29.190006068: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:43:29.663998764: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:43:29.684971662: calling as root: date -s '@1498730256' 01:43:29.897174167: call returned: [0, "Thu Jun 29 09:57:36 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 01:43:29.898389304: calling as root: free -m | awk '/^Mem:/ { print $2 }' 01:43:30.284776510: call returned: [0, "2004\n", ""] 01:43:30.284994745: calling as root: echo 3 > /proc/sys/vm/drop_caches 01:43:30.973706025: call returned: [0, "", ""] 01:43:30.973891996: calling as root: touch /run/initramfs/tails_shutdown_debugging 01:43:32.910003843: call returned: [0, "", ""] 01:43:32.910268900: calling as root: sysctl vm.oom_kill_allocating_task=0 01:43:33.297849553: call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] 01:43:33.298174114: calling as root: sysctl vm.oom_dump_tasks=0 01:43:33.506093038: call returned: [0, "vm.oom_dump_tasks = 0\n", ""] 01:43:33.506377299: calling as root: sysctl vm.overcommit_memory=0 01:43:33.757290048: call returned: [0, "vm.overcommit_memory = 0\n", ""] 01:43:33.757636561: calling as root: sysctl vm.min_free_kbytes=65536 01:43:34.031072473: call returned: [0, "vm.min_free_kbytes = 65536\n", ""] 01:43:34.031334067: calling as root: sysctl vm.admin_reserve_kbytes=131072 01:43:34.427526647: call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] 01:43:34.427757470: calling as root: free -m | awk '/^Mem:/ { print $3 }' 01:43:35.358974638: call returned: [0, "550\n", ""] 01:43:35.359242756: calling as root: systemctl status initramfs-shutdown.service 01:43:36.375578328: call returned: [0, "● initramfs-shutdown.service - Prepare /run/initramfs for shutdown\n Loaded: loaded (/lib/systemd/system/initramfs-shutdown.service; enabled; vendor preset: enabled)\n Active: active (exited) since Thu 2017-06-29 08:54:52 UTC; 1h 2min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3719 (code=exited, status=0/SUCCESS)\n Tasks: 0 (limit: 4915)\n CGroup: /system.slice/initramfs-shutdown.service\n\nJun 29 08:54:40 localhost.localdomain systemd[1]: Starting Prepare /run/initramfs for shutdown...\nJun 29 08:54:52 localhost.localdomain systemd[1]: Started Prepare /run/initramfs for shutdown.\n", ""] 01:43:36.375821374: calling as root: systemctl status memlockd.service 01:43:36.887602913: call returned: [0, "● memlockd.service - memlockd\n Loaded: loaded (/lib/systemd/system/memlockd.service; enabled; vendor preset: enabled)\n Drop-In: /lib/systemd/system/memlockd.service.d\n └─oom.conf\n Active: active (running) since Thu 2017-06-29 08:54:40 UTC; 1h 3min ago\n Main PID: 3702 (memlockd)\n Tasks: 1 (limit: 4915)\n CGroup: /system.slice/memlockd.service\n └─3702 /usr/sbin/memlockd -f -u memlockd\n\nJun 29 08:54:42 localhost.localdomain memlockd[3702]: Mapped file /bin/rm\nJun 29 08:54:42 localhost.localdomain memlockd[3702]: Mapped file /bin/sh\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /bin/sleep\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /bin/systemctl\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/systemd/system-shutdown/tails\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/systemd/systemd-shutdown\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/bin/eject\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/bin/pkill\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /usr/local/sbin/udev-watchdog\nJun 29 08:54:43 localhost.localdomain memlockd[3702]: Mapped file /lib/x86_64-linux-gnu/libudev.so.1\n", ""] 01:43:36.887896079: calling as root: systemctl status tails-shutdown-on-media-removal.service 01:43:37.502566256: call returned: [0, "● tails-shutdown-on-media-removal.service - Wipe memory on live media removal\n Loaded: loaded (/lib/systemd/system/tails-shutdown-on-media-removal.service; enabled; vendor preset: enabled)\n Active: active (running) since Thu 2017-06-29 08:54:40 UTC; 1h 3min ago\n Docs: https://tails.boum.org/contribute/design/memory_erasure/\n Main PID: 3703 (udev-watchdog-w)\n Tasks: 2 (limit: 4915)\n CGroup: /system.slice/tails-shutdown-on-media-removal.service\n ├─3703 /bin/sh /usr/local/lib/udev-watchdog-wrapper\n └─3827 /usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1 disk\n\nJun 29 08:54:40 localhost.localdomain systemd[1]: Started Wipe memory on live media removal.\n", ""] And I prepare Tails for memory erasure tests # features/step_definitions/erase_memory.rb:57 01:43:37.503864967: calling as root: for i in $(seq 1 8388608) ; do echo wipe_didnt_work >> '/home/amnesia/Persistent/AmBtaMnfwI' ; done 01:44:46.191331100: call returned: [0, "", ""] And I fill a 128 MiB file with a known pattern on the persistent filesystem # features/step_definitions/erase_memory.rb:229 And patterns cover at least 128 MiB in the guest's memory # features/step_definitions/erase_memory.rb:189 Pattern coverage: 100.000% (128 MiB out of 128 MiB reference memory) 01:44:50.043378273: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:44:50.390031709: call returned: [0, "8:1\n", ""] 01:44:50.390238640: calling as root: readlink -f /dev/block/'8:1' 01:44:50.647066961: call returned: [0, "/dev/sda1\n", ""] 01:44:50.647456838: calling as root: udevadm info --query=property --name='/dev/sda1' 01:44:51.115313221: call returned: [0, "DEVLINKS=/dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-uuid/F410-3272 /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-partlabel/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8188288\n", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:878 And I wait for Tails to finish wiping the memory # features/step_definitions/erase_memory.rb:225 Then I find very few patterns in the guest's memory # features/step_definitions/erase_memory.rb:213 Pattern coverage: 0.000% (0 MiB out of 1262 MiB reference memory) And Tails eventually shuts down # features/step_definitions/common_steps.rb:503 @source Feature: custom APT sources to build branches As a Tails developer, when I build Tails, I'd be happy if the proper APT sources were automatically picked depending on which Git branch I am working on. Scenario: build from an untagged stable branch where the config/APT_overlays.d directory is empty # features/build.feature:7 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 1.0 # features/step_definitions/build.rb:36 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'stable' suite # features/step_definitions/build.rb:113 Scenario: build from an untagged stable branch where config/APT_overlays.d is not empty # features/build.feature:15 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 1.0 # features/step_definitions/build.rb:36 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'stable' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '1.0' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged stable branch with no encoded time-based snapshot # features/build.feature:27 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged stable branch with encoded time-based snapshots # features/build.feature:41 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a tagged stable branch where the config/APT_overlays.d directory is empty # features/build.feature:55 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And I am working on the stable base branch # features/step_definitions/build.rb:70 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.10' suite # features/step_definitions/build.rb:113 Scenario: build from a tagged stable branch where config/APT_overlays.d is not empty # features/build.feature:64 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And I am working on the stable base branch # features/step_definitions/build.rb:70 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a tagged stable branch with no encoded time-based snapshot # features/build.feature:73 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a tagged stable branch with encoded time-based snapshots # features/build.feature:87 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a bugfix branch without overlays for a stable release # features/build.feature:101 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'stable' suite # features/step_definitions/build.rb:113 Scenario: build from a bugfix branch with overlays for a stable release # features/build.feature:110 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'bugfix-disable-gdomap' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'stable' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-disable-gdomap' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '0.10' suite # features/step_definitions/build.rb:118 Scenario: build from a bugfix branch with no encoded time-based snapshot for a stable release # features/build.feature:123 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a bugfix branch with encoded time-based snapshots for a stable release # features/build.feature:137 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged testing branch where the config/APT_overlays.d directory is empty # features/build.feature:151 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has not been released yet # features/step_definitions/build.rb:32 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'testing' suite # features/step_definitions/build.rb:109 And I should not see the '0.11' suite # features/step_definitions/build.rb:118 And I should not see the 'feature-foo' suite # features/step_definitions/build.rb:118 And I should not see the 'bugfix-bar' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged testing branch where config/APT_overlays.d is not empty # features/build.feature:162 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has not been released yet # features/step_definitions/build.rb:32 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'testing' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '0.11' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged testing branch with no encoded time-based snapshot # features/build.feature:174 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged testing branch with encoded time-based snapshots # features/build.feature:188 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a tagged testing branch where the config/APT_overlays.d directory is empty # features/build.feature:202 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.11' suite # features/step_definitions/build.rb:113 Scenario: build from a tagged testing branch where config/APT_overlays.d is not empty # features/build.feature:211 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a tagged testing branch with no encoded time-based snapshot # features/build.feature:220 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a tagged testing branch with encoded time-based snapshots # features/build.feature:234 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build a release candidate from a tagged testing branch # features/build.feature:248 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.12~rc1 # features/step_definitions/build.rb:36 And Tails 0.12-rc1 has been tagged # features/step_definitions/build.rb:28 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 And I checkout the 0.12-rc1 tag # features/step_definitions/build.rb:82 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.12-rc1' suite # features/step_definitions/build.rb:113 Scenario: build a release candidate from a tagged testing branch where config/APT_overlays.d is not empty # features/build.feature:258 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.12~rc1 # features/step_definitions/build.rb:36 And Tails 0.12-rc1 has been tagged # features/step_definitions/build.rb:28 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 And I checkout the 0.12-rc1 tag # features/step_definitions/build.rb:82 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a bugfix branch with no encoded time-based snapshot for a major release # features/build.feature:268 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10~rc1 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10 # features/step_definitions/build.rb:45 And Tails 0.10 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on testing # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a bugfix branch with encoded time-based snapshots for a major release # features/build.feature:283 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10~rc1 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10 # features/step_definitions/build.rb:45 And Tails 0.10 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on testing # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the devel branch without overlays # features/build.feature:298 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'devel' suite # features/step_definitions/build.rb:113 Scenario: build from the devel branch with overlays # features/build.feature:304 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from the devel branch with no encoded time-based snapshot # features/build.feature:313 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the devel branch with encoded time-based snapshots # features/build.feature:324 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the feature/jessie branch without overlays # features/build.feature:335 Given I am working on the feature/jessie base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'feature-jessie' suite # features/step_definitions/build.rb:113 Scenario: build from the feature/jessie branch with overlays # features/build.feature:341 Given I am working on the feature/jessie base branch # features/step_definitions/build.rb:70 And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'feature-jessie' suite # features/step_definitions/build.rb:109 And I should see the 'feature-7756-reintroduce-whisperback' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch with overlays based on devel # features/build.feature:348 Given I am working on the feature/thunderbird branch based on devel # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-thunderbird' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-thunderbird' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch without overlays based on devel # features/build.feature:357 Given I am working on the feature/thunderbird branch based on devel # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'devel' suite # features/step_definitions/build.rb:113 Scenario: build from a feature branch based on devel with no encoded time-based snapshot # features/build.feature:363 Given I am working on the feature/thunderbird branch based on devel # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a feature branch based on devel with encoded time-based snapshots # features/build.feature:374 Given I am working on the feature/thunderbird branch based on devel # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a feature branch with overlays based on feature/jessie # features/build.feature:385 Given I am working on the feature/7756-reintroduce-whisperback branch based on feature/jessie # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'feature-jessie' suite # features/step_definitions/build.rb:109 And I should see the 'feature-7756-reintroduce-whisperback' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch without overlays based on feature/jessie # features/build.feature:394 Given I am working on the feature/thunderbird branch based on feature/jessie # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'feature-jessie' suite # features/step_definitions/build.rb:113 Scenario: build from a feature branch based on devel with dots in its name # features/build.feature:400 Given I am working on the feature/live-boot-3.x branch based on devel # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-live-boot-3.x' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-live-boot-3.x' suite # features/step_definitions/build.rb:109 Scenario: build from a branch that has no config/APT_overlays.d directory # features/build.feature:407 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory does not exist # features/step_definitions/build.rb:139 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a branch that has no config/base_branch file # features/build.feature:413 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/base_branch file does not exist # features/step_definitions/build.rb:135 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a branch where config/base_branch is empty # features/build.feature:419 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/base_branch file is empty # features/step_definitions/build.rb:143 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 @product Feature: Getting a DHCP lease without leaking too much information As a Tails user when I connect to a network with a DHCP server I should be able to connect to the Internet and the hostname should not have been leaked on the network. Background: # features/dhcp.feature:8 01:47:05.659195828: calling as root: echo 'hello?' 01:47:05.893376355: call returned: [0, "hello?\n", ""] 01:47:06.619254750: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:47:06.619708776: calling as root: nmcli device show eth0 01:47:06.975398720: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:47:06.995469061: calling as root: date -s '@1498730473' 01:47:07.264817140: call returned: [0, "Thu Jun 29 10:01:13 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 And the network is plugged # features/step_definitions/common_steps.rb:79 01:47:07.450962283: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:07.811507745: call returned: [1, "", ""] 01:47:08.812019494: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:09.020928805: call returned: [1, "", ""] 01:47:10.021310094: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:10.227078956: call returned: [1, "", ""] 01:47:11.227495376: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:11.460227359: call returned: [1, "", ""] 01:47:12.460593854: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:12.630507830: call returned: [1, "", ""] 01:47:13.630882124: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:13.838723327: call returned: [1, "", ""] 01:47:14.839130022: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:15.020460457: call returned: [1, "", ""] 01:47:16.020853040: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:16.219108342: call returned: [1, "", ""] 01:47:17.219435323: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:17.506062574: call returned: [1, "", ""] 01:47:18.506402719: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:18.694649228: call returned: [3, "", ""] 01:47:19.694938923: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:47:20.040684413: call returned: [0, "", ""] 01:47:20.041304265: calling as root: test -e /run/tordate/done 01:47:20.335397405: call returned: [0, "", ""] 01:47:20.336816925: calling as root: test -e /run/htpdate/success 01:47:20.709189494: call returned: [1, "", ""] 01:47:21.709498091: calling as root: test -e /run/htpdate/success 01:47:21.904797609: call returned: [1, "", ""] 01:47:22.905175970: calling as root: test -e /run/htpdate/success 01:47:23.178865784: call returned: [0, "", ""] 01:47:23.179178212: calling as root: systemctl is-system-running 01:47:23.410880154: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:47:23.412202479: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node307 = dogtail.tree.root.application('gnome-shell') 01:47:24.476276526: execution complete 01:47:25.203899302: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:47:25.204159048: executing Python as amnesia: node308 = node307.child('No Notifications', roleName='label') 01:47:27.477263831: execution complete 01:47:27.477449657: executing Python as amnesia: node309 = node307.child('No Notifications', roleName='label') 01:47:29.432533875: execution complete 01:47:29.476246621: [log] TYPE "#ESC." And all notifications have disappeared # features/step_definitions/common_steps.rb:422 01:47:29.477395167: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:29.705431174: call returned: [1, "", ""] 01:47:30.705740894: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:30.880009119: call returned: [1, "", ""] 01:47:31.880318886: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:32.033055105: call returned: [1, "", ""] 01:47:33.033360422: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:33.277838353: call returned: [1, "", ""] 01:47:34.278142102: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:34.450880093: call returned: [1, "", ""] 01:47:35.451133826: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:35.619184685: call returned: [1, "", ""] 01:47:36.619491164: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:36.802124333: call returned: [1, "", ""] 01:47:37.802518878: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:38.012079254: call returned: [1, "", ""] 01:47:39.012442360: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:39.184616378: call returned: [1, "", ""] 01:47:40.184976106: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:40.354897188: call returned: [1, "", ""] 01:47:41.355248033: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:41.536368849: call returned: [1, "", ""] 01:47:42.536660501: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:42.737100828: call returned: [1, "", ""] 01:47:43.737433930: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:43.909936134: call returned: [1, "", ""] 01:47:44.911216804: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:45.062306190: call returned: [1, "", ""] 01:47:46.062671913: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:46.232909630: call returned: [1, "", ""] 01:47:47.233312505: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:47.447210650: call returned: [1, "", ""] 01:47:48.447553799: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:48.628332866: call returned: [1, "", ""] 01:47:49.628660828: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:49.823628412: call returned: [1, "", ""] 01:47:50.823942340: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:51.060578781: call returned: [1, "", ""] 01:47:52.060945737: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:52.353910693: call returned: [1, "", ""] 01:47:53.354255217: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:53.570231443: call returned: [1, "", ""] 01:47:54.570580247: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:54.811133786: call returned: [1, "", ""] 01:47:55.811479663: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:47:55.987601213: call returned: [0, "", ""] And available upgrades have been checked # features/step_definitions/common_steps.rb:360 Scenario: Getting a DHCP lease with the default NetworkManager connection # features/dhcp.feature:16 01:47:55.994700566: calling as root: hostname 01:47:56.189131820: call returned: [0, "localhost.localdomain\n", ""] Then the hostname should not have been leaked on the network # features/step_definitions/dhcp.rb:1 Scenario: Getting a DHCP lease with a manually configured NetworkManager connection # features/dhcp.feature:19 01:47:59.284293811: calling as root: echo 'hello?' 01:47:59.586022959: call returned: [0, "hello?\n", ""] 01:48:00.309948347: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:48:00.310140635: calling as root: nmcli device show eth0 01:48:00.776917540: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:48:00.794932523: calling as root: date -s '@1498730527' 01:48:00.972212963: call returned: [0, "Thu Jun 29 10:02:07 UTC 2017\n", ""] 01:48:01.104290692: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:01.523582614: call returned: [1, "", ""] 01:48:02.523921842: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:02.675559523: call returned: [1, "", ""] 01:48:03.675925592: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:03.898615054: call returned: [1, "", ""] 01:48:04.898906762: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:05.314496902: call returned: [1, "", ""] 01:48:06.314790828: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:06.526360283: call returned: [3, "", ""] 01:48:07.526699432: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:48:07.767263241: call returned: [0, "", ""] 01:48:07.767629323: calling as root: test -e /run/tordate/done 01:48:07.919450741: call returned: [0, "", ""] 01:48:07.919860425: calling as root: test -e /run/htpdate/success 01:48:08.291390358: call returned: [1, "", ""] 01:48:09.291707999: calling as root: test -e /run/htpdate/success 01:48:09.713746051: call returned: [1, "", ""] 01:48:10.714223119: calling as root: test -e /run/htpdate/success 01:48:10.975170350: call returned: [0, "", ""] 01:48:10.975617734: calling as root: systemctl is-system-running 01:48:11.282076899: call returned: [0, "running\n", ""] 01:48:11.283212920: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node310 = dogtail.tree.root.application('gnome-shell') 01:48:12.468150651: execution complete 01:48:13.191415000: executing Python as amnesia: node311 = node310.child('No Notifications', roleName='label') 01:48:13.207993329: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:48:15.590604051: execution complete 01:48:15.590813653: executing Python as amnesia: node312 = node310.child('No Notifications', roleName='label') 01:48:17.389752090: execution complete 01:48:17.435921491: [log] TYPE "#ESC." 01:48:17.436931080: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:17.629028988: call returned: [1, "", ""] 01:48:18.629310564: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:18.796795167: call returned: [1, "", ""] 01:48:19.797079776: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:19.982426551: call returned: [1, "", ""] 01:48:20.982751601: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:21.169502995: call returned: [1, "", ""] 01:48:22.169801628: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:22.349943285: call returned: [1, "", ""] 01:48:23.350261713: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:23.503751220: call returned: [1, "", ""] 01:48:24.504052367: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:24.685193618: call returned: [1, "", ""] 01:48:25.685466807: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:25.855821913: call returned: [1, "", ""] 01:48:26.856178772: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:27.027535582: call returned: [1, "", ""] 01:48:28.027879083: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:28.176386581: call returned: [1, "", ""] 01:48:29.176689833: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:29.329663647: call returned: [1, "", ""] 01:48:30.330039804: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:30.503395379: call returned: [1, "", ""] 01:48:31.503711562: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:31.685159373: call returned: [1, "", ""] 01:48:32.685517424: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:32.870124817: call returned: [1, "", ""] 01:48:33.870406125: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:34.029263651: call returned: [1, "", ""] 01:48:35.029649267: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:35.206218842: call returned: [1, "", ""] 01:48:36.206517005: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:36.369643901: call returned: [1, "", ""] 01:48:37.369945275: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:37.587263536: call returned: [1, "", ""] 01:48:38.587631668: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:38.841230967: call returned: [1, "", ""] 01:48:39.841567122: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:40.084635479: call returned: [1, "", ""] 01:48:41.084923366: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:41.335853446: call returned: [1, "", ""] 01:48:42.336148714: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:42.633409578: call returned: [1, "", ""] 01:48:43.633806308: calling as root: test -e '/run/tails-upgrader/checked_upgrades' 01:48:43.838664638: call returned: [0, "", ""] 01:48:43.840658864: calling as root: nmcli connection add con-name manually-added-con type ethernet autoconnect yes ifname eth0 01:48:44.143135269: call returned: [0, "Connection 'manually-added-con' (02c6d510-b823-447c-80e4-c6513eedb37e) successfully added.\n", ""] 01:48:44.143451933: calling as root: nmcli --terse --fields NAME connection show 01:48:44.381355566: call returned: [0, "Wired connection\nmanually-added-con\n", ""] When I add a wired DHCP NetworkManager connection called "manually-added-con" # features/step_definitions/common_steps.rb:548 01:48:44.383257555: calling as root: nmcli connection up id manually-added-con 01:48:44.978647741: call returned: [0, "Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)\n", ""] 01:48:44.978942856: calling as root: nmcli --terse --fields NAME,STATE connection show 01:48:45.260099229: call returned: [0, "manually-added-con:activated\nWired connection:--\n", ""] And I switch to the "manually-added-con" NetworkManager connection # features/step_definitions/common_steps.rb:575 01:48:45.261942503: calling as root: hostname 01:48:45.444469659: call returned: [0, "localhost.localdomain\n", ""] Then the hostname should not have been leaked on the network # features/step_definitions/dhcp.rb:1 @product @doc Feature: Tails documentation Scenario: The Report an Error launcher will open the support documentation # features/documentation.feature:4 01:48:48.566065129: calling as root: echo 'hello?' 01:48:48.781886737: call returned: [0, "hello?\n", ""] 01:48:49.505599769: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:48:49.505845481: calling as root: nmcli device show eth0 01:48:49.867398777: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:48:49.886846981: calling as root: date -s '@1498730576' 01:48:50.062230518: call returned: [0, "Thu Jun 29 10:02:56 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:48:50.064781367: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 01:48:50.313446362: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 01:48:50.313662667: calling as root: pgrep --uid amnesia --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/amnesia/.tor-browser/profile.default' 01:48:50.550802969: call returned: [1, "", ""] 01:48:51.692437251: [log] DOUBLE CLICK on L(66,137)@S(0)[0,0 1024x768] 01:48:51.693570300: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node313 = dogtail.tree.root.application('Firefox') 01:49:03.961384605: execution complete 01:49:04.961753314: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node314 = dogtail.tree.root.application('Firefox') 01:49:13.962932998: execution complete 01:49:13.963226159: executing Python as amnesia: node315 = node314.child(roleName='frame', recursive=False) 01:49:14.093498964: execution complete When I double-click on the Report an Error launcher on the desktop # features/step_definitions/common_steps.rb:701 01:49:14.095972266: executing Python as amnesia: node316 = node314.child('Tails - Support - Tor Browser', roleName='frame') 01:49:20.732360302: execution complete 01:49:20.732876528: executing Python as amnesia: node317 = node314.child('Reload current page', roleName='push button') 01:49:20.826729652: execution complete 01:49:20.826990627: executing Python as amnesia: node318 = node314.child('Tails - Support', roleName='document frame') 01:49:21.007663784: execution complete 01:49:21.007924747: executing Python as amnesia: nodes319 = node318.findChildren(dogtail.predicate.GenericPredicate(roleName='heading')) print(len(nodes319)) 01:49:21.340960431: execution complete 01:49:21.341144626: executing Python as amnesia: node320 = nodes319[0] 01:49:21.368360321: execution complete 01:49:21.368517759: executing Python as amnesia: node321 = nodes319[1] 01:49:21.397548284: execution complete 01:49:21.397704470: executing Python as amnesia: node322 = nodes319[2] 01:49:21.426646146: execution complete 01:49:21.426825101: executing Python as amnesia: node323 = nodes319[3] 01:49:21.454759346: execution complete 01:49:21.457212829: executing Python as amnesia: node324 = nodes319[4] 01:49:21.499983862: execution complete 01:49:21.500150364: executing Python as amnesia: node325 = nodes319[5] 01:49:21.550053168: execution complete 01:49:21.550294331: executing Python as amnesia: node326 = nodes319[6] 01:49:21.587157917: execution complete 01:49:21.587343043: executing Python as amnesia: node327 = nodes319[7] 01:49:21.622976922: execution complete 01:49:21.623170194: executing Python as amnesia: node328 = nodes319[8] 01:49:21.658103720: execution complete 01:49:21.658314339: executing Python as amnesia: node329 = nodes319[9] 01:49:21.705761564: execution complete 01:49:21.705959943: executing Python as amnesia: print(node320.text) 01:49:21.757105003: execution complete Then the support documentation page opens in Tor Browser # features/step_definitions/checks.rb:97 @product @check_tor_leaks Feature: Electrum Bitcoin client As a Tails user I might want to use a Bitcoin client And all Internet traffic should flow only through Tor Scenario: A warning will be displayed if Electrum is not persistent # features/electrum.feature:7 01:49:24.752205081: calling as root: echo 'hello?' 01:49:24.998941787: call returned: [0, "hello?\n", ""] 01:49:25.725512179: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:49:25.725750289: calling as root: nmcli device show eth0 01:49:26.089087272: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:49:26.116261923: calling as root: date -s '@1498730613' 01:49:26.319176427: call returned: [0, "Thu Jun 29 10:03:33 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:49:26.396853670: calling as amnesia: xdotool key Super 01:49:26.654911719: call returned: [0, "", ""] 01:49:28.722819876: [log] TYPE "Electrum Bitcoin Wallet" 01:49:28.795972862: [log] ( Ctrl ) TYPE "#ENTER." When I start Electrum through the GNOME menu # features/step_definitions/electrum.rb:1 01:49:28.798144767: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:49:32.747676181: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:49:32.747998741: calling as root: findmnt --noheadings --output SOURCE --target '/home/amnesia/.electrum' 01:49:32.984838959: call returned: [0, "aufs\n", ""] But persistence for "electrum" is not enabled # features/step_definitions/common_steps.rb:630 Then I see a warning that Electrum is not persistent # features/step_definitions/electrum.rb:40 @product Feature: Encryption and verification using GnuPG As a Tails user I want to be able to easily encrypt and sign messages using GnuPG And decrypt and verify GnuPG blocks Background: # features/encryption.feature:7 01:49:36.946940092: calling as root: echo 'hello?' 01:49:37.392866545: call returned: [0, "hello?\n", ""] 01:49:38.120506261: calling as root: nmcli device show eth0 01:49:38.143175999: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:49:38.533309600: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:49:38.555274254: calling as root: date -s '@1498730625' 01:49:38.754587012: call returned: [0, "Thu Jun 29 10:03:45 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:49:38.756742109: opening file /tmp/gpg_key_recipe in 'write' mode 01:49:38.862351034: write complete 01:49:38.862571420: calling as root: chown amnesia:amnesia /tmp/gpg_key_recipe 01:49:39.064089972: call returned: [0, "", ""] 01:49:39.064267841: calling as amnesia: gpg --batch --gen-key < /tmp/gpg_key_recipe 01:49:42.442672711: call returned: [0, "", "gpg: key 0x9D74C938528793D4 marked as ultimately trusted\ngpg: directory '/home/amnesia/.gnupg/openpgp-revocs.d' created\ngpg: revocation certificate stored as '/home/amnesia/.gnupg/openpgp-revocs.d/720BEFE137D60AF6B212955A9D74C938528793D4.rev'\n"] And I generate an OpenPGP key named "test" with password "asdf" # features/step_definitions/encryption.rb:11 @product Feature: Using Evince As a Tails user I want to view and print PDF files in Evince And AppArmor should prevent Evince from doing dangerous things Scenario: I cannot view a PDF file stored in non-persistent /home/amnesia/.gnupg # features/evince.feature:24 01:49:45.405713712: calling as root: echo 'hello?' 01:49:45.696819905: call returned: [0, "hello?\n", ""] 01:49:46.422761466: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:49:46.423188667: calling as root: nmcli device show eth0 01:49:46.781902160: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:49:46.808182443: calling as root: date -s '@1498730633' 01:49:46.993012556: call returned: [0, "Thu Jun 29 10:03:53 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:49:46.995486793: calling as amnesia: cp "/usr/share/cups/data/default-testpage.pdf" "/home/amnesia/.gnupg" 01:49:47.206412433: call returned: [0, "", ""] And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/common_steps.rb:618 01:49:47.208586494: calling as root: test -e '/home/amnesia/.gnupg/default-testpage.pdf' 01:49:47.366769576: call returned: [0, "", ""] Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:596 01:49:47.369248400: calling as root: test -e '/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf' 01:49:47.555737637: call returned: [0, "", ""] And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:596 01:49:47.557777747: calling as root: test -e '/live/overlay/home/amnesia/.gnupg/default-testpage.pdf' 01:49:47.742320966: call returned: [0, "", ""] And the file "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:596 01:49:47.744644484: calling as root: sysctl -w kernel.printk_ratelimit=0 01:49:48.018644852: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 01:49:48.018865743: calling as root: date +"%Y-%m-%d %H:%M:%S" 01:49:48.190523765: call returned: [0, "2017-06-29 10:03:54\n", ""] Given I start monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:836 01:49:48.193176713: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:49:48.392962572: call returned: [1, "", ""] 01:49:48.472418111: calling as amnesia: xdotool key Super 01:49:48.690969173: call returned: [0, "", ""] 01:49:50.432631473: [log] TYPE "GNOME Terminal" 01:49:56.619199858: [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "evince /home/amnesia/.gnupg/default-testpage.pdf#ENTER." When I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 01:49:59.287411877: calling as root: journalctl --full --no-pager --since='2017-06-29 10:03:54' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/home/amnesia/.gnupg/default-testpage.pdf"' 01:49:59.583171838: call returned: [0, "Jun 29 10:04:04 amnesia kernel: audit: type=1400 audit(1498730644.272:29): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=9155 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:04:04 amnesia kernel: audit: type=1400 audit(1498730644.272:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=9155 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:848 01:49:59.647992119: [log] ( Ctrl ) TYPE "w" 01:49:59.648979742: calling as root: pidof -x -o '%PPID' evince 01:49:59.839706864: call returned: [1, "", ""] When I close Evince # features/step_definitions/evince.rb:22 01:49:59.841663386: calling as root: sysctl -w kernel.printk_ratelimit=0 01:50:00.034548129: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 01:50:00.034807260: calling as root: date +"%Y-%m-%d %H:%M:%S" 01:50:00.242261268: call returned: [0, "2017-06-29 10:04:06\n", ""] Given I restart monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:836 01:50:00.244585709: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:50:00.488205569: call returned: [0, "8991\n", ""] 01:50:01.286108184: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 01:50:04.252621994: [log] TYPE "evince /lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf#ENTER." When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 01:50:05.358978235: calling as root: journalctl --full --no-pager --since='2017-06-29 10:04:06' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"' 01:50:05.631716168: call returned: [0, "Jun 29 10:04:10 amnesia kernel: audit: type=1400 audit(1498730650.696:31): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=9451 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:04:10 amnesia kernel: audit: type=1400 audit(1498730650.696:32): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=9451 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:848 01:50:05.705222883: calling as root: pidof -x -o '%PPID' evince 01:50:05.732242649: [log] ( Ctrl ) TYPE "w" 01:50:06.012636247: call returned: [1, "", ""] When I close Evince # features/step_definitions/evince.rb:22 01:50:06.013817702: calling as root: sysctl -w kernel.printk_ratelimit=0 01:50:06.158432519: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 01:50:06.158641312: calling as root: date +"%Y-%m-%d %H:%M:%S" 01:50:06.376036534: call returned: [0, "2017-06-29 10:04:12\n", ""] Given I restart monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:836 01:50:06.378565886: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:50:06.631177929: call returned: [0, "8991\n", ""] 01:50:07.425138889: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 01:50:09.980179561: [log] TYPE "evince /live/overlay/home/amnesia/.gnupg/default-testpage.pdf#ENTER." When I try to open "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 01:50:11.618175293: calling as root: journalctl --full --no-pager --since='2017-06-29 10:04:12' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"' 01:50:11.893268503: call returned: [0, "Jun 29 10:04:16 amnesia kernel: audit: type=1400 audit(1498730656.564:33): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=9707 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:04:16 amnesia kernel: audit: type=1400 audit(1498730656.588:34): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=9707 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:848 Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg # features/evince.feature:57 01:50:16.166543649: calling as root: echo 'hello?' 01:50:16.495922204: call returned: [0, "hello?\n", ""] 01:50:17.228518253: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:50:17.228943525: calling as root: nmcli device show eth0 01:50:17.646071681: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:50:17.667887237: calling as root: date -s '@1498730664' 01:50:17.955911257: call returned: [0, "Thu Jun 29 10:04:24 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 01:50:17.957260356: calling as amnesia: cp "/usr/share/cups/data/default-testpage.pdf" "/home/amnesia/.gnupg" 01:50:18.187702653: call returned: [0, "", ""] And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/common_steps.rb:618 01:50:18.189150553: calling as root: test -e '/home/amnesia/.gnupg/default-testpage.pdf' 01:50:18.383612441: call returned: [0, "", ""] Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:596 01:50:18.385119815: calling as root: sysctl -w kernel.printk_ratelimit=0 01:50:18.779021580: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 01:50:18.779297762: calling as root: date +"%Y-%m-%d %H:%M:%S" 01:50:19.032821335: call returned: [0, "2017-06-29 10:04:25\n", ""] Given I start monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:836 01:50:19.034268583: calling as root: pidof -x -o '%PPID' gnome-terminal-server 01:50:19.326748527: call returned: [1, "", ""] 01:50:19.399094549: calling as amnesia: xdotool key Super 01:50:19.658750105: call returned: [0, "", ""] 01:50:21.430644764: [log] TYPE "GNOME Terminal" 01:50:25.942060591: [log] ( Ctrl ) TYPE "#ENTER." 01:50:27.976902350: [log] TYPE "evince /home/amnesia/.gnupg/default-testpage.pdf#ENTER." And I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 01:50:30.739876261: calling as root: journalctl --full --no-pager --since='2017-06-29 10:04:25' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/home/amnesia/.gnupg/default-testpage.pdf"' 01:50:31.014760616: call returned: [0, "Jun 29 10:04:35 amnesia kernel: audit: type=1400 audit(1498730675.920:29): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=17215 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:04:35 amnesia kernel: audit: type=1400 audit(1498730675.920:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=17215 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:848 @product Feature: GNOME is well-integrated into Tails Scenario: A screenshot is taken when the PRINTSCREEN key is pressed # features/gnome.feature:4 01:50:33.975110379: calling as root: echo 'hello?' 01:50:34.220201598: call returned: [0, "hello?\n", ""] 01:50:34.944548864: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:50:34.944712735: calling as root: nmcli device show eth0 01:50:35.291949186: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:50:35.308160229: calling as root: date -s '@1498730682' 01:50:35.495118096: call returned: [0, "Thu Jun 29 10:04:42 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I wait 10 seconds # features/step_definitions/common_steps.rb:826 Slept for 10 seconds 01:50:45.500593733: calling as root: find '/home/amnesia/Pictures' -name 'Screenshot*.png' -maxdepth 1 01:50:45.690638791: call returned: [0, "", ""] And there is no screenshot in the live user's Pictures directory # features/step_definitions/gnome.rb:1 01:50:45.737652166: [log] TYPE "#PRINTSCREEN." When I press the "PRINTSCREEN" key # features/step_definitions/common_steps.rb:651 01:50:45.740560860: calling as root: find '/home/amnesia/Pictures' -name 'Screenshot*.png' -maxdepth 1 01:50:46.060176920: call returned: [0, "/home/amnesia/Pictures/Screenshot from 2017-06-29 10-04-52.png\n", ""] Then a screenshot is saved to the live user's Pictures directory # features/step_definitions/gnome.rb:9 Scenario: GNOME notifications are shown to the user # features/gnome.feature:11 01:50:48.962238357: calling as root: echo 'hello?' 01:50:49.278104004: call returned: [0, "hello?\n", ""] 01:50:50.015274997: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:50:50.017447779: calling as root: nmcli device show eth0 01:50:50.364180839: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:50:50.403379660: calling as root: date -s '@1498730697' 01:50:50.618110286: call returned: [0, "Thu Jun 29 10:04:57 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:50:50.620409321: calling as amnesia: notify-send 'Dogtail rules!' 01:50:50.749905657: call returned: [0, "", ""] When the "Dogtail rules!" notification is sent # features/step_definitions/gnome.rb:18 01:50:50.751910085: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node330 = dogtail.tree.root.application('gnome-shell') 01:50:51.947161922: execution complete 01:50:51.947390868: executing Python as amnesia: node331 = node330.child('Dogtail rules!') 01:50:52.411717725: execution complete Then the "Dogtail rules!" notification is shown to the user # features/step_definitions/gnome.rb:22 @product Feature: Hardening features Scenario: AppArmor is enabled and has enforced profiles # features/hardening.feature:4 01:50:55.181024893: calling as root: echo 'hello?' 01:50:55.595120029: call returned: [0, "hello?\n", ""] 01:50:56.319231798: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:50:56.319545476: calling as root: nmcli device show eth0 01:50:56.685303730: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:50:56.702164003: calling as root: date -s '@1498730703' 01:50:56.895557479: call returned: [0, "Thu Jun 29 10:05:03 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:50:56.897732538: calling as root: aa-status 01:50:57.295595675: call returned: [0, "apparmor module is loaded.\n27 profiles are loaded.\n24 profiles are in enforce mode.\n /usr/bin/evince\n /usr/bin/evince-previewer\n /usr/bin/evince-previewer//sanitized_helper\n /usr/bin/evince-thumbnailer\n /usr/bin/evince-thumbnailer//sanitized_helper\n /usr/bin/evince//sanitized_helper\n /usr/bin/irssi\n /usr/bin/onioncircuits\n /usr/bin/onionshare\n /usr/bin/onionshare-gui\n /usr/bin/pidgin\n /usr/bin/pidgin//sanitized_helper\n /usr/bin/totem\n /usr/bin/totem-audio-preview\n /usr/bin/totem-video-thumbnailer\n /usr/lib/cups/backend/cups-pdf\n /usr/local/lib/tor-browser/firefox\n /usr/sbin/apt-cacher-ng\n /usr/sbin/cupsd\n /usr/sbin/cupsd//third_party\n /usr/sbin/haveged\n /usr/sbin/tcpdump\n gst_plugin_scanner\n system_tor\n3 profiles are in complain mode.\n /usr/sbin/avahi-daemon\n /usr/{sbin/traceroute,bin/traceroute.db}\n ping\n2 processes have profiles defined.\n2 processes are in enforce mode.\n /usr/sbin/cupsd (7992) \n /usr/sbin/haveged (3115) \n0 processes are in complain mode.\n0 processes are unconfined but have a profile defined.\n", ""] Then AppArmor is enabled # features/step_definitions/checks.rb:144 01:50:57.297411961: calling as root: aa-status --enforced 01:50:57.532650923: call returned: [0, "24\n", ""] And some AppArmor profiles are enforced # features/step_definitions/checks.rb:148 Scenario: The tor process should be confined with Seccomp # features/hardening.feature:9 01:51:00.599601554: calling as root: echo 'hello?' 01:51:00.933372776: call returned: [0, "hello?\n", ""] 01:51:01.660115627: calling as root: nmcli device show eth0 01:51:01.678947226: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:51:02.073539774: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:51:02.093924617: calling as root: date -s '@1498730708' 01:51:02.319859884: call returned: [0, "Thu Jun 29 10:05:08 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And the network is plugged # features/step_definitions/common_steps.rb:79 01:51:02.407366444: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:51:02.859488892: call returned: [1, "", ""] 01:51:03.859796893: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:51:04.181266632: call returned: [1, "", ""] 01:51:05.181539048: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:51:05.424776443: call returned: [3, "", ""] 01:51:06.425042150: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:51:06.686870687: call returned: [0, "", ""] 01:51:06.687197977: calling as root: test -e /run/tordate/done 01:51:06.871705338: call returned: [0, "", ""] 01:51:06.872101779: calling as root: test -e /run/htpdate/success 01:51:07.183986542: call returned: [1, "", ""] 01:51:08.184290802: calling as root: test -e /run/htpdate/success 01:51:08.465053955: call returned: [1, "", ""] 01:51:09.465451633: calling as root: test -e /run/htpdate/success 01:51:09.700128056: call returned: [0, "", ""] 01:51:09.700614025: calling as root: systemctl is-system-running 01:51:09.949190123: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:51:09.950981423: calling as root: pidof -x -o '%PPID' tor 01:51:10.205263617: call returned: [0, "8868\n", ""] 01:51:10.205513290: calling as root: pidof -x -o '%PPID' tor 01:51:10.391075972: call returned: [0, "8868\n", ""] 01:51:10.391224487: opening file /proc/8868/status in 'read' mode 01:51:10.533700115: read complete Then the running process "tor" is confined with Seccomp in filter mode # features/step_definitions/checks.rb:177 @product Feature: Tails-related cryptographic keys are up-to-date Scenario: The shipped Tails OpenPGP keys are up-to-date # features/keys.feature:4 01:51:13.557946068: calling as root: echo 'hello?' 01:51:13.762370220: call returned: [0, "hello?\n", ""] 01:51:14.486913512: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:51:14.487168632: calling as root: nmcli device show eth0 01:51:14.854811553: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:51:14.887639787: calling as root: date -s '@1498730721' 01:51:15.054400767: call returned: [0, "Thu Jun 29 10:05:21 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:51:15.056535643: calling as amnesia: gpg --batch --with-colons --fingerprint --list-key 01:51:15.535645146: call returned: [0, "tru::1:1498724990:0:3:1:5\npub:-:4096:1:C436090F4BB47C6F:1405063050:::-:::escaESCA:::::::\nfpr:::::::::256DEB9077880CD681678528C436090F4BB47C6F:\nuid:-::::1405063074::902C3FABE8380E943B88E6E362C193D048018082::Tails accounting team (schleuder list) :\nuid:-::::1405063074::860DB6331C0F426D92DAD98F2BA7DA31AB280658::Tails accounting team (schleuder list) :\nuid:-::::1405063074::7B211AEF221E8740CE46D12D87A6C17D432003D7::Tails accounting team (schleuder list) :\nsub:-:4096:1:289A5B45A9E89475:1405063050::::::esa::::::\nfpr:::::::::7C0815E885B151F0F7B82273289A5B45A9E89475:\npub:-:4096:1:EC57B56EF0C43132:1374669910:1532349910::-:::scESC:::::::\nfpr:::::::::1F56EDD30741048035DAC1C5EC57B56EF0C43132:\nuid:-::::1391538574::40A7DC80C8A8587EC33E526D04006CCF84DD35D0::Tails bug squad :\nuid:-::::1391538574::3C8AD9F790E35644AAE05A8AF50215E17064C8AF::Tails bug squad (schleuder list) :\nuid:-::::1391538574::D6A38EAB24671D5465AF7FBA66EE4604FDAAF742::Tails bug squad (schleuder list) :\nuid:-::::1407873159::C7C338FDD8528B045BAE64637C70E204A58FB93B::Tails private user support :\nsub:-:4096:1:9D6D6472AFC1AD77:1374669910:1532349910:::::e::::::\nfpr:::::::::0012C2281573FE8D1C24E3509D6D6472AFC1AD77:\npub:-:4096:1:1D2975EDF93E735F:1250285293:1538386179::-:::scESC:::::::\nfpr:::::::::09F6BC8FEEC9D8EE005DBAA41D2975EDF93E735F:\nuid:-::::1475314183::CA2EF3B42A28EC119780E908046D4B9FCBF99BAB::Tails list (schleuder list) :\nuid:-::::1475314182::496A0F5D391DD8818EE1E2472139F14365130E19::Tails developers (Schleuder mailing-list) :\nuid:-::::1475314182::60E13D6723C9457B7304C3C6E5452D7B0D7DEDAD::Tails list (schleuder list) :\nuid:r::::::9933827C0B9BDC6F26DD5C4396AE098A27091851::Amnesia :\nuid:r::::::12DFA836D53698FFABE5061FB3DD3CD796DF26F9::T(A)ILS developers (Schleuder mailing-list) :\nsub:-:4096:1:D843C2F5E89382EB:1250285740:1538386153:::::e::::::\nfpr:::::::::C3948FE7B604C6114E294DDFD843C2F5E89382EB:\npub:-:4096:1:D2EDA621B572DD73:1461942131:::-:::escaESCA:::::::\nfpr:::::::::0B088E31D4F8E59A3D399137D2EDA621B572DD73:\nuid:-::::1461942160::501690F40D08AF49319172C14C924D5D5531C40B::Tails mirror pool managers (schleuder list) :\nuid:-::::1461942160::F9D65DB569B07586B0DA61F8DA4C9C8F732AC4AD::Tails mirror pool managers (schleuder list) :\nuid:-::::1461942160::C450DB00E0BE9AAB5E58FF748A7A221411EB0FE1::Tails mirror pool managers (schleuder list) :\nsub:-:4096:1:3DCFC1EB1C62C73C:1461942131::::::esa::::::\nfpr:::::::::C3B6EA2B3704474BCF2454C33DCFC1EB1C62C73C:\npub:-:4096:1:457080B5A072CBE3:1405062606:::-:::escaESCA:::::::\nfpr:::::::::F3CD9B7B4BDF9995DA22088E457080B5A072CBE3:\nuid:-::::1405062614::60FB6A85ED825EDFFDDB6848893F9F91D9B64EA1::Tails press team (schleuder list) :\nuid:-::::1405062614::A6BDD1625A8F0B65F154829FCEB33D68A6841624::Tails press team (schleuder list) :\nuid:-::::1405062613::2BA6F200D94205F82E9F3A809BD2D57B0EA9042F::Tails press team (schleuder list) :\nsub:-:4096:1:5748DE3BC338BFFC:1405062606::::::esa::::::\nfpr:::::::::79600454A497A88CC0D7F8685748DE3BC338BFFC:\npub:-:4096:1:DBB802B258ACD84F:1421590671:1515674944::-:::cSC:::::::\nfpr:::::::::A490D0F4D311A4153E2BB7CADBB802B258ACD84F:\nuid:-::::1472561354::0D4C42B79EBEDAF02E8F2FFF6CA5C5D6525200B2::Tails developers (offline long-term identity key) :\nuid:-::::1472561354::56CE2B43AA9493872A802884F36253ED9A504FF1::Tails developers :\nsub:-:4096:1:98FEC6BC752A3DB6:1421590835:1515674960:::::s::::::\nfpr:::::::::BA2C222F44AC00ED9899389398FEC6BC752A3DB6:\nsub:-:4096:1:3C83DCB52F699C56:1421595116:1515674976:::::s::::::\nfpr:::::::::A5091F72C746BA6B163D1C183C83DCB52F699C56:\nsub:r:4096:1:AA9E014656987A65:1421590930:1452522130:::::s::::::\nfpr:::::::::C3B6813CD95D79C212F5AA21AA9E014656987A65:\nsub:-:4096:1:AF292B44A0EDAA41:1472561457:1515675057:::::s::::::\nfpr:::::::::79192EE220449071F589AC00AF292B44A0EDAA41:\npub:-:4096:1:70F4F03116525F43:1345714920:1526494043::-:::scESC:::::::\nfpr:::::::::D113CB6D5131D34BA5F0FE9E70F4F03116525F43:\nuid:-::::1463422048::A8758F234F0FB0602F207E2DB08266621680432B::Tails system administrators :\nuid:-::::1463422059::DA6CF2C472639E55AB464CB7E1F76416FE91069C::Tails system administrators (schleuder list) :\nuid:-::::1463422059::0C10D3FD3B1C9750C5C547D5AE15A6B355950802::Tails system administrators (schleuder list) :\nsub:-:4096:1:58BA940CCA0A30B4:1345714920:1526494107:::::e::::::\nfpr:::::::::373DA2F425C9D097B95ADAD458BA940CCA0A30B4:\n", ""] 01:51:15.536794873: calling as amnesia: gpg --batch --list-key 256DEB9077880CD681678528C436090F4BB47C6F 01:51:15.674885989: call returned: [0, "pub rsa4096/0xC436090F4BB47C6F 2014-07-11 [SCEA]\n Key fingerprint = 256D EB90 7788 0CD6 8167 8528 C436 090F 4BB4 7C6F\nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nsub rsa4096/0x289A5B45A9E89475 2014-07-11 [SEA]\n\n", ""] 01:51:15.675886935: calling as amnesia: gpg --batch --list-key 7C0815E885B151F0F7B82273289A5B45A9E89475 01:51:15.830627559: call returned: [0, "pub rsa4096/0xC436090F4BB47C6F 2014-07-11 [SCEA]\n Key fingerprint = 256D EB90 7788 0CD6 8167 8528 C436 090F 4BB4 7C6F\nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nsub rsa4096/0x289A5B45A9E89475 2014-07-11 [SEA]\n\n", ""] 01:51:15.831767095: calling as amnesia: gpg --batch --list-key 1F56EDD30741048035DAC1C5EC57B56EF0C43132 01:51:15.998806934: call returned: [0, "pub rsa4096/0xEC57B56EF0C43132 2013-07-24 [SC] [expires: 2018-07-23]\n Key fingerprint = 1F56 EDD3 0741 0480 35DA C1C5 EC57 B56E F0C4 3132\nuid [ unknown] Tails bug squad \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails private user support \nsub rsa4096/0x9D6D6472AFC1AD77 2013-07-24 [E] [expires: 2018-07-23]\n\n", ""] 01:51:15.999970531: calling as amnesia: gpg --batch --list-key 0012C2281573FE8D1C24E3509D6D6472AFC1AD77 01:51:16.164165048: call returned: [0, "pub rsa4096/0xEC57B56EF0C43132 2013-07-24 [SC] [expires: 2018-07-23]\n Key fingerprint = 1F56 EDD3 0741 0480 35DA C1C5 EC57 B56E F0C4 3132\nuid [ unknown] Tails bug squad \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails private user support \nsub rsa4096/0x9D6D6472AFC1AD77 2013-07-24 [E] [expires: 2018-07-23]\n\n", ""] 01:51:16.165233067: calling as amnesia: gpg --batch --list-key 09F6BC8FEEC9D8EE005DBAA41D2975EDF93E735F 01:51:16.364370072: call returned: [0, "pub rsa4096/0x1D2975EDF93E735F 2009-08-14 [SC] [expires: 2018-10-01]\n Key fingerprint = 09F6 BC8F EEC9 D8EE 005D BAA4 1D29 75ED F93E 735F\nuid [ unknown] Tails list (schleuder list) \nuid [ unknown] Tails developers (Schleuder mailing-list) \nuid [ unknown] Tails list (schleuder list) \nsub rsa4096/0xD843C2F5E89382EB 2009-08-14 [E] [expires: 2018-10-01]\n\n", ""] 01:51:16.365568692: calling as amnesia: gpg --batch --list-key C3948FE7B604C6114E294DDFD843C2F5E89382EB 01:51:16.503417636: call returned: [0, "pub rsa4096/0x1D2975EDF93E735F 2009-08-14 [SC] [expires: 2018-10-01]\n Key fingerprint = 09F6 BC8F EEC9 D8EE 005D BAA4 1D29 75ED F93E 735F\nuid [ unknown] Tails list (schleuder list) \nuid [ unknown] Tails developers (Schleuder mailing-list) \nuid [ unknown] Tails list (schleuder list) \nsub rsa4096/0xD843C2F5E89382EB 2009-08-14 [E] [expires: 2018-10-01]\n\n", ""] 01:51:16.504533694: calling as amnesia: gpg --batch --list-key 0B088E31D4F8E59A3D399137D2EDA621B572DD73 01:51:16.654106380: call returned: [0, "pub rsa4096/0xD2EDA621B572DD73 2016-04-29 [SCEA]\n Key fingerprint = 0B08 8E31 D4F8 E59A 3D39 9137 D2ED A621 B572 DD73\nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nsub rsa4096/0x3DCFC1EB1C62C73C 2016-04-29 [SEA]\n\n", ""] 01:51:16.655044491: calling as amnesia: gpg --batch --list-key C3B6EA2B3704474BCF2454C33DCFC1EB1C62C73C 01:51:16.787257884: call returned: [0, "pub rsa4096/0xD2EDA621B572DD73 2016-04-29 [SCEA]\n Key fingerprint = 0B08 8E31 D4F8 E59A 3D39 9137 D2ED A621 B572 DD73\nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nsub rsa4096/0x3DCFC1EB1C62C73C 2016-04-29 [SEA]\n\n", ""] 01:51:16.788221829: calling as amnesia: gpg --batch --list-key F3CD9B7B4BDF9995DA22088E457080B5A072CBE3 01:51:16.943324697: call returned: [0, "pub rsa4096/0x457080B5A072CBE3 2014-07-11 [SCEA]\n Key fingerprint = F3CD 9B7B 4BDF 9995 DA22 088E 4570 80B5 A072 CBE3\nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nsub rsa4096/0x5748DE3BC338BFFC 2014-07-11 [SEA]\n\n", ""] 01:51:16.944243445: calling as amnesia: gpg --batch --list-key 79600454A497A88CC0D7F8685748DE3BC338BFFC 01:51:17.124648303: call returned: [0, "pub rsa4096/0x457080B5A072CBE3 2014-07-11 [SCEA]\n Key fingerprint = F3CD 9B7B 4BDF 9995 DA22 088E 4570 80B5 A072 CBE3\nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nsub rsa4096/0x5748DE3BC338BFFC 2014-07-11 [SEA]\n\n", ""] 01:51:17.125682144: calling as amnesia: gpg --batch --list-key A490D0F4D311A4153E2BB7CADBB802B258ACD84F 01:51:17.275266712: call returned: [0, "pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2018-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub rsa4096/0x98FEC6BC752A3DB6 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0x3C83DCB52F699C56 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0xAF292B44A0EDAA41 2016-08-30 [S] [expires: 2018-01-11]\n\n", ""] 01:51:17.276352655: calling as amnesia: gpg --batch --list-key BA2C222F44AC00ED9899389398FEC6BC752A3DB6 01:51:17.479517662: call returned: [0, "pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2018-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub rsa4096/0x98FEC6BC752A3DB6 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0x3C83DCB52F699C56 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0xAF292B44A0EDAA41 2016-08-30 [S] [expires: 2018-01-11]\n\n", ""] 01:51:17.480817212: calling as amnesia: gpg --batch --list-key A5091F72C746BA6B163D1C183C83DCB52F699C56 01:51:17.680276181: call returned: [0, "pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2018-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub rsa4096/0x98FEC6BC752A3DB6 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0x3C83DCB52F699C56 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0xAF292B44A0EDAA41 2016-08-30 [S] [expires: 2018-01-11]\n\n", ""] 01:51:17.681656802: calling as amnesia: gpg --batch --list-key C3B6813CD95D79C212F5AA21AA9E014656987A65 01:51:17.869422669: call returned: [0, "pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2018-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub rsa4096/0x98FEC6BC752A3DB6 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0x3C83DCB52F699C56 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0xAF292B44A0EDAA41 2016-08-30 [S] [expires: 2018-01-11]\n\n", ""] 01:51:17.870621062: calling as amnesia: gpg --batch --list-key 79192EE220449071F589AC00AF292B44A0EDAA41 01:51:18.058878622: call returned: [0, "pub rsa4096/0xDBB802B258ACD84F 2015-01-18 [C] [expires: 2018-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub rsa4096/0x98FEC6BC752A3DB6 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0x3C83DCB52F699C56 2015-01-18 [S] [expires: 2018-01-11]\nsub rsa4096/0xAF292B44A0EDAA41 2016-08-30 [S] [expires: 2018-01-11]\n\n", ""] 01:51:18.060023847: calling as amnesia: gpg --batch --list-key D113CB6D5131D34BA5F0FE9E70F4F03116525F43 01:51:18.212383131: call returned: [0, "pub rsa4096/0x70F4F03116525F43 2012-08-23 [SC] [expires: 2018-05-16]\n Key fingerprint = D113 CB6D 5131 D34B A5F0 FE9E 70F4 F031 1652 5F43\nuid [ unknown] Tails system administrators \nuid [ unknown] Tails system administrators (schleuder list) \nuid [ unknown] Tails system administrators (schleuder list) \nsub rsa4096/0x58BA940CCA0A30B4 2012-08-23 [E] [expires: 2018-05-16]\n\n", ""] 01:51:18.213550206: calling as amnesia: gpg --batch --list-key 373DA2F425C9D097B95ADAD458BA940CCA0A30B4 01:51:18.351004766: call returned: [0, "pub rsa4096/0x70F4F03116525F43 2012-08-23 [SC] [expires: 2018-05-16]\n Key fingerprint = D113 CB6D 5131 D34B A5F0 FE9E 70F4 F031 1652 5F43\nuid [ unknown] Tails system administrators \nuid [ unknown] Tails system administrators (schleuder list) \nuid [ unknown] Tails system administrators (schleuder list) \nsub rsa4096/0x58BA940CCA0A30B4 2012-08-23 [E] [expires: 2018-05-16]\n\n", ""] Then the OpenPGP keys shipped with Tails will be valid for the next 3 months # features/step_definitions/checks.rb:7 Scenario: The Tails Debian repository key is up-to-date # features/keys.feature:8 01:51:21.327990910: calling as root: echo 'hello?' 01:51:21.638668965: call returned: [0, "hello?\n", ""] 01:51:22.370548907: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:51:22.370708952: calling as root: nmcli device show eth0 01:51:22.739966303: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:51:22.760785548: calling as root: date -s '@1498730729' 01:51:23.018772234: call returned: [0, "Thu Jun 29 10:05:29 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 01:51:23.021022135: calling as root: apt-key adv --batch --list-key 221F9A3C6FA3E09E182E060BC7988EA7A358D82E 01:51:24.147480968: call returned: [0, "Executing: /tmp/apt-key-gpghome.RLdd2a0KZy/gpg.1.sh --batch --list-key 221F9A3C6FA3E09E182E060BC7988EA7A358D82E\npub rsa4096 2012-02-04 [SC] [expires: 2018-01-25]\n 221F9A3C6FA3E09E182E060BC7988EA7A358D82E\nuid [ unknown] deb.tails.boum.org archive signing key\n\n", "Warning: apt-key output should not be parsed (stdout is not a terminal)\n"] Then the shipped Debian repository key will be valid for the next 3 months # features/step_definitions/checks.rb:20 @product Feature: Localization As a Tails user I want Tails to be localized in my native language And various Tails features should still work @doc Scenario: The Report an Error launcher will open the support documentation in supported non-English locales # features/localization.feature:8 01:51:26.696280959: calling as root: echo 'hello?' 01:51:26.863216066: call returned: [0, "hello?\n", ""] 01:51:27.587085612: calling as root: nmcli device show eth0 01:51:27.606829077: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:51:27.885781293: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:51:27.903096014: calling as root: date -s '@1498730734' 01:51:28.068310489: call returned: [0, "Thu Jun 29 10:05:34 UTC 2017\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 01:51:28.987355910: [log] CLICK on L(273,333)@S(0)[0,0 1024x768] 01:51:29.822011310: [log] TYPE "German" 01:51:31.864010669: [log] TYPE "#ENTER." 01:51:32.781680426: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:51:32.782080088: calling as root: loginctl 01:51:32.985926790: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:51:33.986415478: calling as root: loginctl 01:51:34.536808928: call returned: [0, " SESSION UID USER SEAT TTY \n 8 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:51:50.479191964: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:51:50.585509062: call returned: [0, "", ""] 01:51:50.585741256: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:51:50.708472940: call returned: [0, "", ""] And I log in to a new session in German # features/step_definitions/common_steps.rb:257 01:51:50.710203677: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 01:51:50.976531733: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 01:51:50.976812579: calling as root: pgrep --uid amnesia --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/amnesia/.tor-browser/profile.default' 01:51:51.282996675: call returned: [1, "", ""] 01:51:52.407105309: [log] DOUBLE CLICK on L(66,47)@S(0)[0,0 1024x768] 01:51:52.407492638: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node332 = dogtail.tree.root.application('Firefox') 01:52:04.601925129: execution complete 01:52:05.602468170: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node333 = dogtail.tree.root.application('Firefox') 01:52:15.750901549: execution complete 01:52:15.751137153: executing Python as amnesia: node334 = node333.child(roleName='frame', recursive=False) 01:52:16.064532592: execution complete When I double-click on the Report an Error launcher on the desktop # features/step_definitions/common_steps.rb:701 01:52:16.067356865: executing Python as amnesia: node335 = node333.child('Tails - Hilfe & Support - Tor-Browser', roleName='frame') 01:52:23.072992603: execution complete 01:52:23.074103414: executing Python as amnesia: node336 = node333.child('Aktuelle Seite neu laden', roleName='push button') 01:52:23.185492674: execution complete 01:52:23.185777841: executing Python as amnesia: node337 = node333.child('Tails - Hilfe & Support', roleName='document frame') 01:52:23.321977928: execution complete 01:52:23.322177352: executing Python as amnesia: nodes338 = node337.findChildren(dogtail.predicate.GenericPredicate(roleName='heading')) print(len(nodes338)) 01:52:23.587664452: execution complete 01:52:23.587863881: executing Python as amnesia: node339 = nodes338[0] 01:52:23.625236350: execution complete 01:52:23.625457718: executing Python as amnesia: node340 = nodes338[1] 01:52:23.652181330: execution complete 01:52:23.652319374: executing Python as amnesia: node341 = nodes338[2] 01:52:23.690386545: execution complete 01:52:23.690545024: executing Python as amnesia: node342 = nodes338[3] 01:52:23.718045941: execution complete 01:52:23.718231626: executing Python as amnesia: node343 = nodes338[4] 01:52:23.746438640: execution complete 01:52:23.746582543: executing Python as amnesia: node344 = nodes338[5] 01:52:23.782398141: execution complete 01:52:23.782559895: executing Python as amnesia: node345 = nodes338[6] 01:52:23.814475160: execution complete 01:52:23.814625943: executing Python as amnesia: node346 = nodes338[7] 01:52:23.846721540: execution complete 01:52:23.846872938: executing Python as amnesia: node347 = nodes338[8] 01:52:23.882259464: execution complete 01:52:23.882407943: executing Python as amnesia: node348 = nodes338[9] 01:52:23.914597967: execution complete 01:52:23.914786874: executing Python as amnesia: print(node339.text) 01:52:23.944130821: execution complete Then the support documentation page opens in Tor Browser # features/step_definitions/checks.rb:97 @product Feature: Spoofing MAC addresses In order to not reveal information about the physical location As a Tails user I want to be able to control whether my network devices MAC addresses should be spoofed And I want this feature to fail safe and notify me in case of errors Background: # features/mac_spoofing.feature:8 01:52:26.759212979: calling as root: echo 'hello?' 01:52:26.969585712: call returned: [0, "hello?\n", ""] 01:52:27.694575681: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:52:27.694797388: calling as root: nmcli device show eth0 01:52:28.019174320: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:52:28.045423392: calling as root: date -s '@1498730794' 01:52:28.187996311: call returned: [0, "Thu Jun 29 10:06:34 UTC 2017\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 And the network is plugged # features/step_definitions/common_steps.rb:79 Scenario: MAC address spoofing is disabled # features/mac_spoofing.feature:13 01:52:29.176461164: [log] CLICK on L(244,615)@S(0)[0,0 1024x768] 01:52:30.619023407: [log] CLICK on L(408,298)@S(0)[0,0 1024x768] 01:52:32.088839116: [log] CLICK on L(410,458)@S(0)[0,0 1024x768] 01:52:33.016766243: [log] CLICK on L(685,196)@S(0)[0,0 1024x768] When I disable MAC spoofing in Tails Greeter # features/step_definitions/mac_spoofing.rb:7 01:52:34.419538766: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:52:34.420118944: calling as root: loginctl 01:52:34.641564001: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:52:35.642040120: calling as root: loginctl 01:52:35.853724081: call returned: [0, " SESSION UID USER SEAT TTY \n 8 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:52:51.482657415: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:52:51.737370768: call returned: [0, "", ""] 01:52:51.737545210: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:52:51.991158040: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 01:52:51.992521339: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:52:52.455007190: call returned: [0, "", ""] 01:52:52.455380850: calling as root: test -e /run/tordate/done 01:52:52.838955941: call returned: [0, "", ""] 01:52:52.839269312: calling as root: test -e /run/htpdate/success 01:52:53.172509103: call returned: [1, "", ""] 01:52:54.172852526: calling as root: test -e /run/htpdate/success 01:52:54.369167698: call returned: [1, "", ""] 01:52:55.369514825: calling as root: test -e /run/htpdate/success 01:52:55.578681957: call returned: [0, "", ""] 01:52:55.579023186: calling as root: systemctl is-system-running 01:52:55.772493127: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:52:55.774668112: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:52:55.992763930: call returned: [0, "eth0\n", ""] Then 1 network interface is enabled # features/step_definitions/mac_spoofing.rb:79 01:52:56.024756263: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 01:52:56.392950042: call returned: [0, "52:54:00:ac:dd:ee\n", ""] And the 1st network device has its real MAC address configured # features/step_definitions/mac_spoofing.rb:14 01:52:56.396358461: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:52:56.585779643: call returned: [0, "eth0\n", ""] 01:52:56.722683685: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:52:56.944720272: call returned: [0, "eth0\n", ""] 01:52:57.945517331: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:52:58.181901489: call returned: [0, "eth0\neth1\n", ""] When I hotplug a network device and wait for it to be initialized # features/step_definitions/mac_spoofing.rb:102 01:52:58.185615757: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:52:58.436040746: call returned: [0, "eth0\neth1\n", ""] Then 2 network interfaces are enabled # features/step_definitions/mac_spoofing.rb:79 01:52:58.455218612: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth1 01:52:58.632109257: call returned: [0, "52:54:00:11:22:33\n", ""] And the 2nd network device has its real MAC address configured # features/step_definitions/mac_spoofing.rb:14 And some network device leaked the real MAC address # features/step_definitions/mac_spoofing.rb:47 Scenario: MAC address spoofing is successful # features/mac_spoofing.feature:24 01:53:01.360523221: calling as root: echo 'hello?' 01:53:01.569233368: call returned: [0, "hello?\n", ""] 01:53:02.297557301: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:53:02.297707100: calling as root: nmcli device show eth0 01:53:02.630398682: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:53:02.660402461: calling as root: date -s '@1498730829' 01:53:02.838363922: call returned: [0, "Thu Jun 29 10:07:09 UTC 2017\n", ""] 01:53:03.760301137: calling as root: loginctl 01:53:03.786783677: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:53:03.956532987: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:53:04.957075627: calling as root: loginctl 01:53:05.191382204: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 8 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:53:26.009088720: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:53:26.156903728: call returned: [0, "", ""] 01:53:26.157151740: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:53:26.283746087: call returned: [0, "", ""] When I log in to a new session # features/step_definitions/common_steps.rb:257 01:53:26.285150534: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:53:26.558570551: call returned: [0, "", ""] 01:53:26.559157277: calling as root: test -e /run/tordate/done 01:53:26.707024746: call returned: [0, "", ""] 01:53:26.707483754: calling as root: test -e /run/htpdate/success 01:53:26.924826449: call returned: [1, "", ""] 01:53:27.925270653: calling as root: test -e /run/htpdate/success 01:53:28.115680577: call returned: [0, "", ""] 01:53:28.116225423: calling as root: systemctl is-system-running 01:53:28.330173438: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 01:53:28.331681185: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:53:28.496924313: call returned: [0, "eth0\n", ""] Then 1 network interface is enabled # features/step_definitions/mac_spoofing.rb:79 01:53:28.516679643: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 01:53:28.808722571: call returned: [0, "50:54:00:9f:5c:03\n", ""] And the 1st network device has a spoofed MAC address configured # features/step_definitions/mac_spoofing.rb:14 01:53:28.810376199: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:53:29.055666379: call returned: [0, "eth0\n", ""] 01:53:29.211630235: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:53:29.365269761: call returned: [0, "eth0\n", ""] 01:53:30.365921755: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:53:30.617619515: call returned: [0, "eth0\neth1\n", ""] When I hotplug a network device and wait for it to be initialized # features/step_definitions/mac_spoofing.rb:102 01:53:30.619257584: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:53:30.906837480: call returned: [0, "eth0\neth1\n", ""] Then 2 network interfaces are enabled # features/step_definitions/mac_spoofing.rb:79 01:53:30.927027049: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth1 01:53:31.150954792: call returned: [0, "50:54:00:8a:a7:be\n", ""] And the 2nd network device has a spoofed MAC address configured # features/step_definitions/mac_spoofing.rb:14 And no network device leaked the real MAC address # features/step_definitions/mac_spoofing.rb:38 Scenario: The MAC address is not leaked when booting Tails # features/mac_spoofing.feature:65 01:53:34.092780386: calling as root: echo 'hello?' 01:53:34.310028153: call returned: [0, "hello?\n", ""] 01:53:35.043763968: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:53:35.043963770: calling as root: nmcli device show eth0 01:53:35.366888704: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:53:35.386355477: calling as root: date -s '@1498730862' 01:53:35.532756656: call returned: [0, "Thu Jun 29 10:07:42 UTC 2017\n", ""] Given a computer # features/step_definitions/common_steps.rb:46 And I capture all network traffic # features/step_definitions/common_steps.rb:96 When I start the computer # features/step_definitions/common_steps.rb:109 01:53:39.693740305: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:53:42.203143393: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:54:42.700321957: calling as root: echo 'hello?' 01:54:42.950640175: call returned: [0, "hello?\n", ""] 01:54:42.951136292: calling as root: service tor status 01:54:43.256935193: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:54:43.257502533: opening file /etc/tor/torrc in 'append' mode 01:54:43.525312243: append complete Then the computer boots Tails # features/step_definitions/common_steps.rb:248 01:54:43.528493309: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:54:43.731640699: call returned: [0, "", ""] And no network interfaces are enabled # features/step_definitions/mac_spoofing.rb:79 And no network device leaked the real MAC address # features/step_definitions/mac_spoofing.rb:38 @product Feature: Metadata Anonymization Toolkit As a Tails user I want to be able to remove leaky metadata from documents and media files Scenario: MAT can clean a PNG file # features/mat.feature:6 Given a computer # features/step_definitions/common_steps.rb:46 01:54:46.836237378: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:55:51.185032167: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 01:55:51.185373962: calling as root: echo 'hello?' 01:55:51.431160086: call returned: [0, "hello?\n", ""] 01:55:51.431538436: calling as root: service tor status 01:55:51.702114635: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 01:55:51.702561848: opening file /etc/tor/torrc in 'append' mode 01:55:51.914079535: append complete 01:55:52.700227012: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:55:52.700902787: calling as root: loginctl 01:55:52.907723512: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:55:53.908245181: calling as root: loginctl 01:55:54.137757650: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 01:56:13.982204721: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:56:14.125844716: call returned: [0, "", ""] 01:56:14.126055751: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:56:14.246627115: call returned: [0, "", ""] 01:56:14.246968109: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node349 = dogtail.tree.root.application('gnome-shell') 01:56:15.304921893: execution complete 01:56:16.034506780: executing Python as amnesia: node350 = node349.child('No Notifications', roleName='label') 01:56:16.050020929: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:56:17.479018698: execution complete 01:56:17.479271264: executing Python as amnesia: node351 = node349.child('No Notifications', roleName='label') 01:56:18.688137171: execution complete 01:56:18.732017026: [log] TYPE "#ESC." And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 01:56:18.783410861: libguestfs: trace: set_autosync true 01:56:18.783526214: libguestfs: trace: set_autosync = 0 01:56:18.787341692: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/vYAmtQyXeY" "format:qcow2" 01:56:18.787596527: libguestfs: trace: add_drive = 0 01:56:18.787651948: libguestfs: trace: launch 01:56:18.787710417: libguestfs: trace: get_tmpdir 01:56:18.787757226: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:56:18.788004007: libguestfs: trace: get_backend_setting "force_tcg" 01:56:18.788068273: libguestfs: trace: get_backend_setting = NULL (error) 01:56:18.788125873: libguestfs: trace: get_cachedir 01:56:18.788173315: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:56:18.839559482: libguestfs: trace: get_cachedir 01:56:18.839718219: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:56:18.839877738: libguestfs: trace: get_sockdir 01:56:18.839947774: libguestfs: trace: get_sockdir = "/tmp" 01:56:18.840360817: libguestfs: trace: get_backend_setting "gdb" 01:56:18.840438520: libguestfs: trace: get_backend_setting = NULL (error) 01:56:22.080885053: libguestfs: trace: launch = 0 01:56:22.081140451: libguestfs: trace: list_devices 01:56:22.083605360: libguestfs: trace: list_devices = ["/dev/sda"] 01:56:22.083777572: libguestfs: trace: part_disk "/dev/sda" "gpt" 01:56:22.143873588: libguestfs: trace: part_disk = 0 01:56:22.144088499: libguestfs: trace: part_set_name "/dev/sda" 1 "vYAmtQyXeY" 01:56:22.200331947: libguestfs: trace: part_set_name = 0 01:56:22.201357347: libguestfs: trace: list_partitions 01:56:22.202014205: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:56:22.202152833: libguestfs: trace: mkfs "ext4" "/dev/sda1" 01:56:22.221450736: libguestfs: trace: mkfs = 0 01:56:22.222166831: libguestfs: trace: close 01:56:22.222470181: libguestfs: trace: internal_autosync 01:56:22.230875169: libguestfs: trace: internal_autosync = 0 01:56:22.319763349: libguestfs: trace: set_autosync true 01:56:22.320195624: libguestfs: trace: set_autosync = 0 01:56:22.324872658: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/vYAmtQyXeY" "format:qcow2" 01:56:22.324981811: libguestfs: trace: add_drive = 0 01:56:22.325044447: libguestfs: trace: launch 01:56:22.325118322: libguestfs: trace: get_tmpdir 01:56:22.325297056: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 01:56:22.325388885: libguestfs: trace: get_backend_setting "force_tcg" 01:56:22.325463981: libguestfs: trace: get_backend_setting = NULL (error) 01:56:22.325521789: libguestfs: trace: get_cachedir 01:56:22.325571549: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:56:22.369415916: libguestfs: trace: get_cachedir 01:56:22.369571037: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 01:56:22.369732844: libguestfs: trace: get_sockdir 01:56:22.369939278: libguestfs: trace: get_sockdir = "/tmp" 01:56:22.370140641: libguestfs: trace: get_backend_setting "gdb" 01:56:22.370218372: libguestfs: trace: get_backend_setting = NULL (error) 01:56:26.616412051: libguestfs: trace: launch = 0 01:56:26.616670823: libguestfs: trace: list_devices 01:56:26.617568137: libguestfs: trace: list_devices = ["/dev/sda"] 01:56:26.617711329: libguestfs: trace: list_partitions 01:56:26.618077087: libguestfs: trace: list_partitions = ["/dev/sda1"] 01:56:26.618202538: libguestfs: trace: mount "/dev/sda1" "/" 01:56:26.624195103: libguestfs: trace: mount = 0 01:56:26.624660142: libguestfs: trace: upload "/var/lib/jenkins/workspace/test_Tails_ISO_stable/features/misc_files/sample.png" "/sample.png" 01:56:26.627184227: libguestfs: trace: upload = 0 01:56:26.627324691: libguestfs: trace: close 01:56:26.627416518: libguestfs: trace: internal_autosync 01:56:26.637820396: libguestfs: trace: internal_autosync = 0 01:56:26.805621513: calling as root: test -b /dev/sda 01:56:27.007999553: call returned: [1, "", ""] 01:56:28.040689954: calling as root: test -b /dev/sda 01:56:28.197549215: call returned: [1, "", ""] 01:56:29.219414245: calling as root: test -b /dev/sda 01:56:29.398184055: call returned: [0, "", ""] 01:56:29.398536393: calling as root: mktemp -d 01:56:29.622343023: call returned: [0, "/tmp/tmp.ZADxiOdMK7\n", ""] 01:56:29.642241872: calling as root: mount /dev/sda1 /tmp/tmp.ZADxiOdMK7 01:56:30.402509712: call returned: [0, "", ""] 01:56:30.402706930: calling as root: chmod -R a+rX '/tmp/tmp.ZADxiOdMK7' 01:56:30.600167024: call returned: [0, "", ""] And I plug and mount a USB drive containing a sample PNG # features/step_definitions/checks.rb:114 01:56:30.602418158: calling as amnesia: cp "/tmp/tmp.ZADxiOdMK7/sample.png" "/home/amnesia/sample.png" 01:56:30.743668911: call returned: [0, "", ""] 01:56:30.743856912: calling as amnesia: grep --quiet --fixed-strings --text 'Created with GIMP' '/home/amnesia/sample.png' 01:56:30.848941028: call returned: [0, "", ""] 01:56:30.849184732: calling as amnesia: mat --check '/home/amnesia/sample.png' 01:56:31.827245511: call returned: [0, "[+] /home/amnesia/sample.png is not clean\n", ""] 01:56:31.827494634: calling as amnesia: mat '/home/amnesia/sample.png' 01:56:34.580909480: call returned: [0, "[*] Cleaning /home/amnesia/sample.png\n[+] /home/amnesia/sample.png cleaned!\n", ""] 01:56:34.581113152: calling as amnesia: mat --check '/home/amnesia/sample.png' 01:56:35.330001030: call returned: [0, "[+] /home/amnesia/sample.png is clean\n", ""] 01:56:35.330303268: calling as amnesia: grep --quiet --fixed-strings --text 'Created with GIMP' '/home/amnesia/sample.png' 01:56:35.463915038: call returned: [1, "", ""] 01:56:35.464126991: calling as root: rm '/home/amnesia/sample.png' 01:56:35.606593112: call returned: [0, "", ""] Then MAT can clean some sample PNG file # features/step_definitions/checks.rb:118 @product Feature: Networking Scenario: No initial network # features/networking.feature:4 01:56:38.511992447: calling as root: echo 'hello?' 01:56:38.740644885: call returned: [0, "hello?\n", ""] 01:56:39.469488285: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:56:39.469714975: calling as root: nmcli device show eth0 01:56:39.840081425: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:56:39.858446354: calling as root: date -s '@1498731046' 01:56:40.057871054: call returned: [0, "Thu Jun 29 10:10:46 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 And I wait between 30 and 60 seconds # features/step_definitions/common_steps.rb:826 Slept for 43 seconds Then the Tor Status icon tells me that Tor is not usable # features/step_definitions/checks.rb:227 When the network is plugged # features/step_definitions/common_steps.rb:79 01:57:23.386968483: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:57:23.864089468: call returned: [1, "", ""] 01:57:24.864449827: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:57:25.177258220: call returned: [1, "", ""] 01:57:26.177603244: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:57:26.342924705: call returned: [3, "", ""] 01:57:27.343272161: calling as root: /usr/local/sbin/tor-has-bootstrapped 01:57:27.629932875: call returned: [0, "", ""] 01:57:27.630382932: calling as root: test -e /run/tordate/done 01:57:27.982490964: call returned: [0, "", ""] 01:57:27.982879409: calling as root: test -e /run/htpdate/success 01:57:28.287272979: call returned: [1, "", ""] 01:57:29.287527102: calling as root: test -e /run/htpdate/success 01:57:29.464037718: call returned: [1, "", ""] 01:57:30.464419048: calling as root: test -e /run/htpdate/success 01:57:30.721023725: call returned: [1, "", ""] 01:57:31.721405266: calling as root: test -e /run/htpdate/success 01:57:31.878256405: call returned: [1, "", ""] 01:57:32.878648642: calling as root: test -e /run/htpdate/success 01:57:33.072264521: call returned: [0, "", ""] 01:57:33.072527156: calling as root: systemctl is-system-running 01:57:33.278568227: call returned: [0, "running\n", ""] Then Tor is ready # features/step_definitions/common_steps.rb:341 And the Tor Status icon tells me that Tor is usable # features/step_definitions/checks.rb:227 01:57:33.496155094: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node352 = dogtail.tree.root.application('gnome-shell') 01:57:34.585330779: execution complete 01:57:35.310295473: executing Python as amnesia: node353 = node352.child('No Notifications', roleName='label') 01:57:35.328316602: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 01:57:37.785464091: execution complete 01:57:37.785657565: executing Python as amnesia: node354 = node352.child('No Notifications', roleName='label') 01:57:39.887161722: execution complete And all notifications have disappeared # features/step_definitions/common_steps.rb:422 01:57:39.930721028: calling as root: test -e /run/tordate/done 01:57:39.956042042: [log] TYPE "#ESC." 01:57:40.160314531: call returned: [0, "", ""] 01:57:40.160572061: calling as root: test -e /run/htpdate/success 01:57:40.466298925: call returned: [0, "", ""] And the time has synced # features/step_definitions/common_steps.rb:354 Scenario: The Tails Greeter "disable all networking" option disables networking within Tails # features/networking.feature:14 01:57:43.021238846: calling as root: echo 'hello?' 01:57:43.180597352: call returned: [0, "hello?\n", ""] 01:57:43.909973563: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:57:43.910182523: calling as root: nmcli device show eth0 01:57:44.227827599: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:57:44.244605818: calling as root: date -s '@1498731111' 01:57:44.400372466: call returned: [0, "Thu Jun 29 10:11:51 UTC 2017\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 01:57:45.987590630: [log] CLICK on L(244,615)@S(0)[0,0 1024x768] 01:57:46.710541360: [log] CLICK on L(399,338)@S(0)[0,0 1024x768] 01:57:48.148232803: [log] CLICK on L(392,456)@S(0)[0,0 1024x768] And I disable all networking in the Tails Greeter # features/step_definitions/checks.rb:220 01:57:50.272067137: [log] CLICK on L(685,196)@S(0)[0,0 1024x768] 01:57:50.272397354: calling as root: loginctl 01:57:50.272647226: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 01:57:50.486074543: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:57:51.486529292: calling as root: loginctl 01:57:51.687048849: call returned: [0, " SESSION UID USER SEAT TTY \n 8 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:58:10.882748077: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:58:11.025869862: call returned: [0, "", ""] 01:58:11.026157963: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:58:11.161621406: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 01:58:11.163290887: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:58:11.384373622: call returned: [0, "", ""] Then no network interfaces are enabled # features/step_definitions/mac_spoofing.rb:79 When I hotplug a network device # features/step_definitions/mac_spoofing.rb:102 And I wait 10 seconds # features/step_definitions/common_steps.rb:826 Slept for 10 seconds 01:58:21.542939609: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics 01:58:21.707170815: call returned: [0, "", ""] Then no network interfaces are enabled # features/step_definitions/mac_spoofing.rb:79 @product Feature: Tails persistence As a Tails user I want to use Tails persistence feature Scenario: Booting Tails from a USB drive with a disabled persistent partition # features/persistence.feature:6 01:58:25.457912076: calling as root: echo 'hello?' 01:58:25.697225358: call returned: [0, "hello?\n", ""] 01:58:26.432253668: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:58:26.432482094: calling as root: nmcli device show eth0 01:58:26.790611088: call returned: [8, "", "Error: NetworkManager is not running.\n"] 01:58:26.808874806: calling as root: date -s '@1498731153' 01:58:26.977382066: call returned: [0, "Thu Jun 29 10:12:33 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 01:58:27.923563466: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 01:58:27.923852548: calling as root: loginctl 01:58:28.122273789: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 01:58:29.122792448: calling as root: loginctl 01:58:29.437411450: call returned: [0, " SESSION UID USER SEAT TTY \n 73 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 01:58:49.929055814: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 01:58:50.086732037: call returned: [0, "", ""] 01:58:50.087010632: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 01:58:50.218069740: call returned: [0, "", ""] When I log in to a new session # features/step_definitions/common_steps.rb:257 01:58:50.219398229: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:58:50.476525807: call returned: [0, "8:1\n", ""] 01:58:50.476706099: calling as root: readlink -f /dev/block/'8:1' 01:58:50.640566309: call returned: [0, "/dev/sda1\n", ""] 01:58:50.640799792: calling as root: udevadm info --query=property --name='/dev/sda1' 01:58:50.934705488: call returned: [0, "DEVLINKS=/dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-partlabel/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1 /dev/disk/by-label/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-uuid/F410-3272\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8188288\n", ""] 01:58:50.935058104: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:58:51.160836857: call returned: [0, "8:1\n", ""] 01:58:51.161043877: calling as root: readlink -f /dev/block/'8:1' 01:58:51.408299004: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "__internal" # features/step_definitions/usb.rb:418 01:58:51.470043284: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:58:51.665534977: call returned: [1, "", ""] And persistence is disabled # features/step_definitions/usb.rb:395 01:58:51.688949059: calling as root: udisksctl info --block-device '/dev/sda2' 01:58:52.089998461: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda2:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda2\n DeviceNumber: 2050\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: by-uuid-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdLabel: \n IdType: crypto_LUKS\n IdUUID: 6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdUsage: crypto\n IdVersion: 1\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda2\n ReadOnly: false\n Size: 1670364672\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part2\n /dev/disk/by-partlabel/TailsData\n /dev/disk/by-partuuid/d8ed5054-08cc-4017-96e8-239e227c1eb2\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part2\n /dev/disk/by-uuid/6f9c10b5-4034-4358-91c7-8738b6fb04ff\n org.freedesktop.UDisks2.Encrypted:\n org.freedesktop.UDisks2.Partition:\n Flags: 0\n IsContained: false\n IsContainer: false\n Name: TailsData\n Number: 2\n Offset: 2624585728\n Size: 1670364672\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: 0fc63daf-8483-4772-8e79-3d69d8477de4\n UUID: d8ed5054-08cc-4017-96e8-239e227c1eb2\n", ""] 01:58:52.090345425: calling as root: ls -1 --hide 'control' /dev/mapper/ 01:58:52.336192313: call returned: [0, "", ""] 01:58:52.336409875: calling as root: echo asdf | cryptsetup luksOpen /dev/sda2 __internal 01:58:55.312755441: call returned: [0, "", ""] 01:58:55.312964446: calling as root: udisksctl info --block-device '/dev/mapper/__internal' 01:58:55.754088675: call returned: [0, "/org/freedesktop/UDisks2/block_devices/dm_2d0:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sda2'\n Device: /dev/dm-0\n DeviceNumber: 65024\n Drive: '/'\n HintAuto: false\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: false\n HintSymbolicIconName: \n HintSystem: true\n Id: by-id-dm-name-__internal\n IdLabel: TailsData\n IdType: ext4\n IdUUID: 2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n IdUsage: filesystem\n IdVersion: 1.0\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/mapper/__internal\n ReadOnly: false\n Size: 1668267520\n Symlinks: /dev/disk/by-id/dm-name-__internal\n /dev/disk/by-id/dm-uuid-CRYPT-LUKS1-6f9c10b54034435891c78738b6fb04ff-__internal\n /dev/disk/by-label/TailsData\n /dev/disk/by-uuid/2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n /dev/mapper/__internal\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n", ""] 01:58:55.754427019: calling as root: mkdir -p /mnt/__internal 01:58:55.957701675: call returned: [0, "", ""] 01:58:55.957903343: calling as root: mount '/dev/mapper/__internal' /mnt/__internal 01:58:56.699494666: call returned: [0, "", ""] 01:58:56.699708540: calling as root: umount /mnt/__internal 01:58:57.006676451: call returned: [0, "", ""] 01:58:57.006823320: calling as root: sync 01:58:57.167154087: call returned: [0, "", ""] 01:58:57.167318200: calling as root: cryptsetup luksClose __internal 01:58:57.431584033: call returned: [0, "", ""] But a Tails persistence partition exists on USB drive "__internal" # features/step_definitions/usb.rb:311 Scenario: Booting Tails from a USB drive with an enabled persistent partition and reconfiguring it # features/persistence.feature:13 01:59:01.298971981: calling as root: echo 'hello?' 01:59:01.598207640: call returned: [0, "hello?\n", ""] 01:59:02.323885005: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:59:02.324118290: calling as root: nmcli device show eth0 01:59:02.750976106: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 01:59:02.774613153: calling as root: date -s '@1498731189' 01:59:03.029486887: call returned: [0, "Thu Jun 29 10:13:09 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 01:59:03.030694191: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:59:03.286604000: call returned: [0, "8:1\n", ""] 01:59:03.286816244: calling as root: readlink -f /dev/block/'8:1' 01:59:03.557569549: call returned: [0, "/dev/sda1\n", ""] 01:59:03.557731149: calling as root: udevadm info --query=property --name='/dev/sda1' 01:59:04.025404584: call returned: [0, "DEVLINKS=/dev/disk/by-uuid/F410-3272 /dev/disk/by-label/Tails /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-partlabel/Tails /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8188288\n", ""] 01:59:04.025722328: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 01:59:04.268751086: call returned: [0, "8:1\n", ""] 01:59:04.268965325: calling as root: readlink -f /dev/block/'8:1' 01:59:04.503972499: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "__internal" # features/step_definitions/usb.rb:418 01:59:04.565134472: calling as root: test -e '/var/lib/live/config/tails.persistence' 01:59:04.787281819: call returned: [0, "", ""] 01:59:04.787443592: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 01:59:05.042558344: call returned: [0, "", ""] 01:59:05.042869194: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:59:06.497510173: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:59:06.497887938: calling as root: mount 01:59:06.950537342: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=7ab626b1c0a8b106,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=26,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10497)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/Persistent type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\n", ""] And all persistence presets are enabled # features/step_definitions/usb.rb:365 01:59:06.951931727: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 01:59:08.424963474: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 01:59:08.425425260: calling as root: ls -1 -d /live/persistence/*_unlocked/ 01:59:08.842959277: call returned: [0, "/live/persistence/TailsData_unlocked/\n", ""] 01:59:08.843136283: calling as root: test -d /live/persistence/TailsData_unlocked//Persistent 01:59:09.197945925: call returned: [0, "", ""] 01:59:09.198123614: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//Persistent' 01:59:09.447756889: call returned: [0, "700\n", ""] 01:59:09.447937524: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//Persistent' 01:59:09.734939689: call returned: [0, "amnesia\n", ""] 01:59:09.735312154: calling as root: test -d /live/persistence/TailsData_unlocked//gnupg 01:59:09.959322423: call returned: [0, "", ""] 01:59:09.959574884: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnupg' 01:59:10.212011272: call returned: [0, "700\n", ""] 01:59:10.212192679: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnupg' 01:59:10.474950737: call returned: [0, "amnesia\n", ""] 01:59:10.475254434: calling as root: test -d /live/persistence/TailsData_unlocked//openssh-client 01:59:10.701787873: call returned: [0, "", ""] 01:59:10.702043668: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//openssh-client' 01:59:10.933482710: call returned: [0, "700\n", ""] 01:59:10.933706594: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//openssh-client' 01:59:11.228332523: call returned: [0, "amnesia\n", ""] 01:59:11.228556424: calling as root: test -d /live/persistence/TailsData_unlocked//pidgin 01:59:11.468148663: call returned: [0, "", ""] 01:59:11.468357443: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//pidgin' 01:59:11.653849915: call returned: [0, "700\n", ""] 01:59:11.654105985: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//pidgin' 01:59:11.940125825: call returned: [0, "amnesia\n", ""] 01:59:11.940371654: calling as root: test -d /live/persistence/TailsData_unlocked//thunderbird 01:59:12.145575910: call returned: [0, "", ""] 01:59:12.145762561: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//thunderbird' 01:59:12.447649459: call returned: [0, "700\n", ""] 01:59:12.447896889: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//thunderbird' 01:59:12.666530988: call returned: [0, "amnesia\n", ""] 01:59:12.666828073: calling as root: test -d /live/persistence/TailsData_unlocked//gnome-keyrings 01:59:12.912877843: call returned: [0, "", ""] 01:59:12.913130892: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:59:13.237174908: call returned: [0, "700\n", ""] 01:59:13.237362317: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//gnome-keyrings' 01:59:13.449655912: call returned: [0, "amnesia\n", ""] 01:59:13.449950934: calling as root: test -d /live/persistence/TailsData_unlocked//nm-system-connections 01:59:13.735379785: call returned: [0, "", ""] 01:59:13.735603183: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//nm-system-connections' 01:59:13.954241129: call returned: [0, "755\n", ""] 01:59:13.954474193: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//nm-system-connections' 01:59:14.250459223: call returned: [0, "root\n", ""] 01:59:14.250672237: calling as root: test -d /live/persistence/TailsData_unlocked//bookmarks 01:59:14.527437191: call returned: [0, "", ""] 01:59:14.527623908: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//bookmarks' 01:59:14.749887052: call returned: [0, "700\n", ""] 01:59:14.750111199: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//bookmarks' 01:59:15.002723675: call returned: [0, "amnesia\n", ""] 01:59:15.002958346: calling as root: test -d /live/persistence/TailsData_unlocked//cups-configuration 01:59:15.274801354: call returned: [0, "", ""] 01:59:15.274999561: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//cups-configuration' 01:59:15.526544085: call returned: [0, "755\n", ""] 01:59:15.526754199: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//cups-configuration' 01:59:15.871465693: call returned: [0, "root\n", ""] 01:59:15.871734646: calling as root: test -d /live/persistence/TailsData_unlocked//electrum 01:59:16.111960040: call returned: [0, "", ""] 01:59:16.112152907: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//electrum' 01:59:16.421070857: call returned: [0, "700\n", ""] 01:59:16.421251755: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//electrum' 01:59:16.679240543: call returned: [0, "amnesia\n", ""] 01:59:16.679450130: calling as root: test -d /live/persistence/TailsData_unlocked//apt/cache 01:59:16.891953550: call returned: [0, "", ""] 01:59:16.892139465: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/cache' 01:59:17.231065377: call returned: [0, "755\n", ""] 01:59:17.231295546: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/cache' 01:59:17.437950961: call returned: [0, "root\n", ""] 01:59:17.438164896: calling as root: test -d /live/persistence/TailsData_unlocked//apt/lists 01:59:17.684951160: call returned: [0, "", ""] 01:59:17.685129644: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//apt/lists' 01:59:17.958279984: call returned: [0, "755\n", ""] 01:59:17.958507897: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//apt/lists' 01:59:18.213865266: call returned: [0, "root\n", ""] 01:59:18.214141210: calling as root: test -d /live/persistence/TailsData_unlocked//dotfiles 01:59:18.474661107: call returned: [0, "", ""] 01:59:18.474886547: calling as root: stat -c %a '/live/persistence/TailsData_unlocked//dotfiles' 01:59:18.735193715: call returned: [0, "700\n", ""] 01:59:18.735417015: calling as root: stat -c %U '/live/persistence/TailsData_unlocked//dotfiles' 01:59:19.019965632: call returned: [0, "amnesia\n", ""] And all persistent directories have safe access rights # features/step_definitions/usb.rb:500 01:59:19.088291634: calling as amnesia: xdotool key Super 01:59:19.307627657: call returned: [0, "", ""] 01:59:21.405959488: [log] TYPE "Configure persistent volume" 01:59:21.470241401: [log] ( Ctrl ) TYPE "#ENTER." 01:59:29.372268045: [log] TYPE " " 01:59:30.094060242: [log] CLICK on L(517,708)@S(0)[0,0 1024x768] 01:59:30.786066657: [log] ( Alt ) TYPE "#F4." When I disable the first persistence preset # features/step_definitions/usb.rb:213 01:59:30.787731291: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 01:59:40.097695928: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 01:59:43.610820869: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 02:01:03.145338853: calling as root: echo 'hello?' 02:01:03.408708563: call returned: [0, "hello?\n", ""] 02:01:03.409285568: calling as root: service tor status 02:01:03.668211133: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 02:01:03.668601661: opening file /etc/tor/torrc in 'append' mode 02:01:03.885454148: append complete 02:01:04.683790127: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 02:01:04.904276923: [log] TYPE "asdf#ENTER." 02:01:11.086795255: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 02:01:11.088715624: calling as root: loginctl 02:01:11.293329367: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:01:12.293869666: calling as root: loginctl 02:01:12.528529816: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 02:01:37.167818589: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:01:37.318057276: call returned: [0, "", ""] 02:01:37.318253895: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:01:37.478447432: call returned: [0, "", ""] 02:01:37.478780546: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node355 = dogtail.tree.root.application('gnome-shell') 02:01:38.633856866: execution complete 02:01:39.360107182: executing Python as amnesia: node356 = node355.child('No Notifications', roleName='label') 02:01:39.386852887: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:01:40.959183971: execution complete 02:01:40.959377937: executing Python as amnesia: node357 = node355.child('No Notifications', roleName='label') 02:01:42.153174788: execution complete And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 02:01:42.199736986: calling as root: test -e '/var/lib/live/config/tails.persistence' 02:01:42.219582429: [log] TYPE "#ESC." 02:01:42.442427984: call returned: [0, "", ""] 02:01:42.442580029: calling as root: . '/var/lib/live/config/tails.persistence' && test "$TAILS_PERSISTENCE_ENABLED" = true 02:01:42.672663689: call returned: [0, "", ""] 02:01:42.674597244: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 02:01:44.519357270: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 02:01:44.519731482: calling as root: mount 02:01:44.993378200: call returned: [0, "sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\nudev on /dev type devtmpfs (rw,nosuid,relatime,size=1013608k,nr_inodes=253402,mode=755)\ndevpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)\ntmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=205244k,mode=755)\n/dev/sda1 on /lib/live/mount/medium type vfat (ro,noatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)\n/dev/loop0 on /lib/live/mount/rootfs/filesystem.squashfs type squashfs (ro,noatime)\ntmpfs on /lib/live/mount/overlay type tmpfs (rw,noatime,mode=755)\naufs on / type aufs (rw,noatime,si=b745b9c8ae84379a,noxino)\nsecurityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)\ntmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)\ntmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)\ncgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd)\npstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)\ncgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)\ncgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)\ncgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)\ncgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)\ncgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)\ncgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)\ncgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)\ncgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)\ncgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)\nsystemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=36,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=10862)\nhugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)\ndebugfs on /sys/kernel/debug type debugfs (rw,relatime)\nmqueue on /dev/mqueue type mqueue (rw,relatime)\ntmpfs on /var/tmp type tmpfs (rw)\ntmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)\ntmpfs on /run/user/114 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=114,gid=150)\n/dev/mapper/TailsData_unlocked on /live/persistence/TailsData_unlocked type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/cups type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /etc/NetworkManager/system-connections type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.electrum type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnome2/keyrings type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.gnupg type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.mozilla/firefox/bookmarks type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.purple type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.ssh type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /home/amnesia/.thunderbird type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/cache/apt/archives type ext4 (rw,noatime,data=ordered)\n/dev/mapper/TailsData_unlocked on /var/lib/apt/lists type ext4 (rw,noatime,data=ordered)\ntmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700,uid=1000,gid=1000)\ntmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=205244k,mode=700)\n", ""] Then all persistence presets but the first one are enabled # features/step_definitions/usb.rb:365 Scenario: Writing files to a read/write-enabled persistent partition # features/persistence.feature:23 02:01:48.736024498: calling as root: echo 'hello?' 02:01:48.987762349: call returned: [0, "hello?\n", ""] 02:01:49.726603948: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:01:49.727106463: calling as root: nmcli device show eth0 02:01:50.070218322: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:01:50.093075356: calling as root: date -s '@1498731356' 02:01:50.281430516: call returned: [0, "Thu Jun 29 10:15:56 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 And the network is plugged # features/step_definitions/common_steps.rb:79 02:01:50.360747042: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:01:50.959505602: call returned: [1, "", ""] 02:01:51.959905697: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:01:52.216658743: call returned: [1, "", ""] 02:01:53.217020640: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:01:53.502461424: call returned: [1, "", ""] 02:01:54.502752630: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:01:54.827198777: call returned: [3, "", ""] 02:01:55.827519201: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:01:56.199763467: call returned: [0, "", ""] 02:01:56.202216038: calling as root: test -e /run/tordate/done 02:01:56.806645090: call returned: [0, "", ""] 02:01:56.807081367: calling as root: test -e /run/htpdate/success 02:01:57.374074912: call returned: [1, "", ""] 02:01:58.374475251: calling as root: test -e /run/htpdate/success 02:01:58.576760948: call returned: [1, "", ""] 02:01:59.577133591: calling as root: test -e /run/htpdate/success 02:01:59.876804792: call returned: [0, "", ""] 02:01:59.877074965: calling as root: systemctl is-system-running 02:02:00.117008699: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:02:00.118351133: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 02:02:01.710035099: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 02:02:01.710546958: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 02:02:03.170078562: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] And I take note of which persistence presets are available # features/step_definitions/usb.rb:560 02:02:03.171367939: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 02:02:04.622351361: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 02:02:04.622675880: calling as root: stat -c %U /home/amnesia/Persistent 02:02:04.832858348: call returned: [0, "amnesia\n", ""] 02:02:04.833018956: calling as amnesia: touch /home/amnesia/Persistent/XXX_persist 02:02:04.970996657: call returned: [0, "", ""] 02:02:04.971191671: calling as root: stat -c %U /home/amnesia/.gnupg 02:02:05.226103153: call returned: [0, "amnesia\n", ""] 02:02:05.226249243: calling as amnesia: touch /home/amnesia/.gnupg/XXX_persist 02:02:05.362512519: call returned: [0, "", ""] 02:02:05.362714091: calling as root: stat -c %U /home/amnesia/.ssh 02:02:05.580156242: call returned: [0, "amnesia\n", ""] 02:02:05.580305971: calling as amnesia: touch /home/amnesia/.ssh/XXX_persist 02:02:05.707273062: call returned: [0, "", ""] 02:02:05.707441422: calling as root: stat -c %U /home/amnesia/.purple 02:02:05.941987237: call returned: [0, "amnesia\n", ""] 02:02:05.942193085: calling as amnesia: touch /home/amnesia/.purple/XXX_persist 02:02:06.082111539: call returned: [0, "", ""] 02:02:06.082280401: calling as root: stat -c %U /home/amnesia/.thunderbird 02:02:06.302260948: call returned: [0, "amnesia\n", ""] 02:02:06.302408214: calling as amnesia: touch /home/amnesia/.thunderbird/XXX_persist 02:02:06.440054286: call returned: [0, "", ""] 02:02:06.440258118: calling as root: stat -c %U /home/amnesia/.gnome2/keyrings 02:02:06.654284696: call returned: [0, "amnesia\n", ""] 02:02:06.654459047: calling as amnesia: touch /home/amnesia/.gnome2/keyrings/XXX_persist 02:02:06.778025692: call returned: [0, "", ""] 02:02:06.778226974: calling as root: stat -c %U /etc/NetworkManager/system-connections 02:02:07.007607088: call returned: [0, "root\n", ""] 02:02:07.007776261: calling as root: touch /etc/NetworkManager/system-connections/XXX_persist 02:02:07.283012198: call returned: [0, "", ""] 02:02:07.283235330: calling as root: stat -c %U /home/amnesia/.mozilla/firefox/bookmarks 02:02:07.511157395: call returned: [0, "amnesia\n", ""] 02:02:07.511322499: calling as amnesia: touch /home/amnesia/.mozilla/firefox/bookmarks/XXX_persist 02:02:07.614686621: call returned: [0, "", ""] 02:02:07.614881644: calling as root: stat -c %U /etc/cups 02:02:07.826493169: call returned: [0, "root\n", ""] 02:02:07.826716969: calling as root: touch /etc/cups/XXX_persist 02:02:08.087005219: call returned: [0, "", ""] 02:02:08.087216324: calling as root: stat -c %U /home/amnesia/.electrum 02:02:08.379675132: call returned: [0, "amnesia\n", ""] 02:02:08.379831392: calling as amnesia: touch /home/amnesia/.electrum/XXX_persist 02:02:08.527162983: call returned: [0, "", ""] 02:02:08.527424568: calling as root: stat -c %U /var/cache/apt/archives 02:02:08.754293154: call returned: [0, "root\n", ""] 02:02:08.754466917: calling as root: touch /var/cache/apt/archives/XXX_persist 02:02:08.964454237: call returned: [0, "", ""] 02:02:08.964634547: calling as root: stat -c %U /var/lib/apt/lists 02:02:09.224771431: call returned: [0, "root\n", ""] 02:02:09.224995379: calling as root: touch /var/lib/apt/lists/XXX_persist 02:02:09.469137741: call returned: [0, "", ""] When I write some files expected to persist # features/step_definitions/usb.rb:530 02:02:09.470444646: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 02:02:16.751410479: libguestfs: trace: set_autosync true 02:02:16.751586106: libguestfs: trace: set_autosync = 0 02:02:16.751663981: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/__internal" "readonly:true" "format:qcow2" 02:02:16.751750957: libguestfs: trace: get_tmpdir 02:02:16.751838634: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 02:02:16.751924442: libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfsfNmhuf/overlay1" "qcow2" -1 "backingfile:/tmp/TailsToaster/TailsToasterStorage/__internal" "backingformat:qcow2" 02:02:16.794536739: libguestfs: trace: disk_create = 0 02:02:16.794839699: libguestfs: trace: add_drive = 0 02:02:16.795084116: libguestfs: trace: launch 02:02:16.795287091: libguestfs: trace: get_backend_setting "force_tcg" 02:02:16.795430433: libguestfs: trace: get_backend_setting = NULL (error) 02:02:16.795622152: libguestfs: trace: get_cachedir 02:02:16.795773321: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:02:16.853947155: libguestfs: trace: get_cachedir 02:02:16.854305698: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:02:16.854492454: libguestfs: trace: get_sockdir 02:02:16.854678476: libguestfs: trace: get_sockdir = "/tmp" 02:02:16.855032700: libguestfs: trace: get_backend_setting "gdb" 02:02:16.855136469: libguestfs: trace: get_backend_setting = NULL (error) 02:02:20.152437573: libguestfs: trace: launch = 0 02:02:20.153071900: libguestfs: trace: list_devices 02:02:20.154066237: libguestfs: trace: list_devices = ["/dev/sda"] 02:02:20.154644268: libguestfs: trace: part_list "/dev/sda" 02:02:20.247581225: libguestfs: trace: part_list = 02:02:20.248169524: libguestfs: trace: blkid "/dev/sda1" 02:02:20.258374112: libguestfs: trace: blkid = ["DEVNAME", "/dev/sda1", "LABEL", "Tails", "UUID", "F410-3272", "VERSION", "FAT32", "TYPE", "vfat", "USAGE", "filesystem", "MINIMUM_IO_SIZE", "512", "PHYSICAL_SECTOR_SIZE", "512", "LOGICAL_SECTOR_SIZE", "512", "PART_ENTRY_SCHEME", "gpt", "PART_ENTRY_NAME", "Tails", "PART_ENTRY_UUID", "4312549e-4491-4f02-99a5-1e01ae79ffba", "PART_ENTRY_TYPE", "c12a7328-f81f-11d2-ba4b-00a0c93ec93b", "PART_ENTRY_FLAGS", "0x5", "PART_ENTRY_NUMBER", "1", "PART_ENTRY_OFFSET", "2048", "PART_ENTRY_SIZE", "5120000", "PART_ENTRY_DISK", "8:0"] 02:02:20.259085261: libguestfs: trace: blkid "/dev/sda2" 02:02:20.262617161: libguestfs: trace: blkid = ["DEVNAME", "/dev/sda2", "UUID", "6f9c10b5-4034-4358-91c7-8738b6fb04ff", "VERSION", "1", "TYPE", "crypto_LUKS", "USAGE", "crypto", "MINIMUM_IO_SIZE", "512", "PHYSICAL_SECTOR_SIZE", "512", "LOGICAL_SECTOR_SIZE", "512", "PART_ENTRY_SCHEME", "gpt", "PART_ENTRY_NAME", "TailsData", "PART_ENTRY_UUID", "d8ed5054-08cc-4017-96e8-239e227c1eb2", "PART_ENTRY_TYPE", "0fc63daf-8483-4772-8e79-3d69d8477de4", "PART_ENTRY_NUMBER", "2", "PART_ENTRY_OFFSET", "5126144", "PART_ENTRY_SIZE", "3262431", "PART_ENTRY_DISK", "8:0"] 02:02:20.263318963: libguestfs: trace: luks_open "/dev/sda2" "***" "sda2_unlocked" 02:02:22.500214006: libguestfs: trace: luks_open = 0 02:02:22.500897015: libguestfs: trace: mount "/dev/mapper/sda2_unlocked" "/" 02:02:22.510122837: libguestfs: trace: mount = 0 02:02:22.510666180: libguestfs: trace: exists "/Persistent/XXX_persist" 02:02:22.511813796: libguestfs: trace: exists = 1 02:02:22.512339818: libguestfs: trace: exists "/Persistent/XXX_gone" 02:02:22.512954326: libguestfs: trace: exists = 0 02:02:22.513348171: libguestfs: trace: exists "/gnupg/XXX_persist" 02:02:22.514447424: libguestfs: trace: exists = 1 02:02:22.514943246: libguestfs: trace: exists "/gnupg/XXX_gone" 02:02:22.515397357: libguestfs: trace: exists = 0 02:02:22.515790394: libguestfs: trace: exists "/openssh-client/XXX_persist" 02:02:22.516704494: libguestfs: trace: exists = 1 02:02:22.517073321: libguestfs: trace: exists "/openssh-client/XXX_gone" 02:02:22.517672522: libguestfs: trace: exists = 0 02:02:22.518248938: libguestfs: trace: exists "/pidgin/XXX_persist" 02:02:22.519810381: libguestfs: trace: exists = 1 02:02:22.520308797: libguestfs: trace: exists "/pidgin/XXX_gone" 02:02:22.527087856: libguestfs: trace: exists = 0 02:02:22.527501348: libguestfs: trace: exists "/thunderbird/XXX_persist" 02:02:22.529102826: libguestfs: trace: exists = 1 02:02:22.529378271: libguestfs: trace: exists "/thunderbird/XXX_gone" 02:02:22.529969192: libguestfs: trace: exists = 0 02:02:22.530322818: libguestfs: trace: exists "/gnome-keyrings/XXX_persist" 02:02:22.531106167: libguestfs: trace: exists = 1 02:02:22.531353375: libguestfs: trace: exists "/gnome-keyrings/XXX_gone" 02:02:22.531918331: libguestfs: trace: exists = 0 02:02:22.532113948: libguestfs: trace: exists "/nm-system-connections/XXX_persist" 02:02:22.532982712: libguestfs: trace: exists = 1 02:02:22.533287732: libguestfs: trace: exists "/nm-system-connections/XXX_gone" 02:02:22.533871092: libguestfs: trace: exists = 0 02:02:22.534235997: libguestfs: trace: exists "/bookmarks/XXX_persist" 02:02:22.534985503: libguestfs: trace: exists = 1 02:02:22.535377211: libguestfs: trace: exists "/bookmarks/XXX_gone" 02:02:22.535910160: libguestfs: trace: exists = 0 02:02:22.536299741: libguestfs: trace: exists "/cups-configuration/XXX_persist" 02:02:22.537116613: libguestfs: trace: exists = 1 02:02:22.537421720: libguestfs: trace: exists "/cups-configuration/XXX_gone" 02:02:22.538027466: libguestfs: trace: exists = 0 02:02:22.538301854: libguestfs: trace: exists "/electrum/XXX_persist" 02:02:22.539238548: libguestfs: trace: exists = 1 02:02:22.539446046: libguestfs: trace: exists "/electrum/XXX_gone" 02:02:22.539954353: libguestfs: trace: exists = 0 02:02:22.540177917: libguestfs: trace: exists "/apt/cache/XXX_persist" 02:02:22.541119584: libguestfs: trace: exists = 1 02:02:22.541483628: libguestfs: trace: exists "/apt/cache/XXX_gone" 02:02:22.541982015: libguestfs: trace: exists = 0 02:02:22.542251033: libguestfs: trace: exists "/apt/lists/XXX_persist" 02:02:22.543061534: libguestfs: trace: exists = 1 02:02:22.543425978: libguestfs: trace: exists "/apt/lists/XXX_gone" 02:02:22.544037959: libguestfs: trace: exists = 0 02:02:22.544394075: libguestfs: trace: umount "/" 02:02:22.548227882: libguestfs: trace: umount = 0 02:02:22.548531188: libguestfs: trace: luks_close "/dev/mapper/sda2_unlocked" 02:02:22.564294544: libguestfs: trace: luks_close = 0 02:02:22.564600544: libguestfs: trace: close 02:02:22.564808199: libguestfs: trace: internal_autosync 02:02:22.568490155: libguestfs: trace: internal_autosync = 0 Then only the expected files are present on the persistence partition on USB drive "__internal" # features/step_definitions/usb.rb:588 Scenario: Creating and using a persistent NetworkManager connection # features/persistence.feature:33 02:02:26.423865036: calling as root: echo 'hello?' 02:02:26.700210658: call returned: [0, "hello?\n", ""] 02:02:27.426939856: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:02:27.427120802: calling as root: nmcli device show eth0 02:02:27.894211121: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:02:27.913950039: calling as root: date -s '@1498731394' 02:02:28.177319250: call returned: [0, "Thu Jun 29 10:16:34 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 And the network is plugged # features/step_definitions/common_steps.rb:79 02:02:28.238176928: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:02:28.702059106: call returned: [1, "", ""] 02:02:29.702389751: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:02:29.953438408: call returned: [1, "", ""] 02:02:30.953770631: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:02:31.237388590: call returned: [3, "", ""] 02:02:32.237692608: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:02:32.494589304: call returned: [0, "", ""] 02:02:32.494971371: calling as root: test -e /run/tordate/done 02:02:32.802364178: call returned: [0, "", ""] 02:02:32.802806820: calling as root: test -e /run/htpdate/success 02:02:33.120431401: call returned: [1, "", ""] 02:02:34.120731046: calling as root: test -e /run/htpdate/success 02:02:34.611456391: call returned: [1, "", ""] 02:02:35.611770267: calling as root: test -e /run/htpdate/success 02:02:35.798971559: call returned: [1, "", ""] 02:02:36.799291169: calling as root: test -e /run/htpdate/success 02:02:36.964059811: call returned: [0, "", ""] 02:02:36.964269973: calling as root: systemctl is-system-running 02:02:37.215829187: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:02:37.217744970: calling as root: nmcli connection add con-name persistent-con-current type ethernet autoconnect yes ifname eth0 02:02:37.604749791: call returned: [0, "Connection 'persistent-con-current' (bb89fa92-9ed0-4452-ad17-2f47c5f584ff) successfully added.\n", ""] 02:02:37.604999934: calling as root: nmcli --terse --fields NAME connection show 02:02:37.830310373: call returned: [0, "Wired connection\npersistent-con-current\n", ""] And I add a current wired DHCP NetworkManager connection called "persistent-con-current" # features/step_definitions/common_steps.rb:548 02:02:37.831905282: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 02:02:49.654012017: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:02:53.049327725: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 02:04:03.952011464: calling as root: echo 'hello?' 02:04:04.249170710: call returned: [0, "hello?\n", ""] 02:04:04.249615312: calling as root: service tor status 02:04:04.522124770: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 02:04:04.522605654: opening file /etc/tor/torrc in 'append' mode 02:04:04.759811245: append complete 02:04:05.547168004: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 02:04:05.763279150: [log] TYPE "asdf#ENTER." 02:04:12.973429720: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 02:04:12.973809468: calling as root: loginctl 02:04:13.192032961: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:04:14.192491461: calling as root: loginctl 02:04:14.576406086: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 02:04:29.205150825: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:04:29.354599799: call returned: [0, "", ""] 02:04:29.354800528: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:04:29.490368198: call returned: [0, "", ""] 02:04:29.490660552: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node358 = dogtail.tree.root.application('gnome-shell') 02:04:30.649833950: execution complete 02:04:31.371718521: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:04:31.372051032: executing Python as amnesia: node359 = node358.child('No Notifications', roleName='label') 02:04:33.083248949: execution complete 02:04:33.083443064: executing Python as amnesia: node360 = node358.child('No Notifications', roleName='label') 02:04:34.565667413: execution complete Given I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 02:04:34.609704291: [log] TYPE "#ESC." And I capture all network traffic # features/step_definitions/common_steps.rb:96 And the network is plugged # features/step_definitions/common_steps.rb:79 02:04:34.719083401: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:35.348845471: call returned: [1, "", ""] 02:04:36.349201625: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:36.639306106: call returned: [1, "", ""] 02:04:37.639643580: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:38.041724043: call returned: [1, "", ""] 02:04:39.042088417: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:39.349486802: call returned: [1, "", ""] 02:04:40.349854188: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:40.687748649: call returned: [3, "", ""] 02:04:41.688032807: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:42.117383671: call returned: [0, "", ""] 02:04:42.117845255: calling as root: test -e /run/tordate/done 02:04:42.458653630: call returned: [0, "", ""] 02:04:42.458990802: calling as root: test -e /run/htpdate/success 02:04:42.828357315: call returned: [1, "", ""] 02:04:43.828690207: calling as root: test -e /run/htpdate/success 02:04:44.061088524: call returned: [1, "", ""] 02:04:45.061805333: calling as root: test -e /run/htpdate/success 02:04:45.407759249: call returned: [1, "", ""] 02:04:46.408088128: calling as root: test -e /run/htpdate/success 02:04:46.622414986: call returned: [0, "", ""] 02:04:46.622710094: calling as root: systemctl is-system-running 02:04:46.794233685: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:04:46.796092304: calling as root: nmcli connection up id persistent-con-current 02:04:47.519700834: call returned: [0, "Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)\n", ""] 02:04:47.519946926: calling as root: nmcli --terse --fields NAME,STATE connection show 02:04:47.881707387: call returned: [0, "persistent-con-current:activated\nWired connection:--\n", ""] And I switch to the "persistent-con-current" NetworkManager connection # features/step_definitions/common_steps.rb:575 02:04:47.900079825: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 02:04:48.242806797: call returned: [0, "50:54:00:3d:30:a8\n", ""] And the 1st network device has a spoofed MAC address configured # features/step_definitions/mac_spoofing.rb:14 And no network device leaked the real MAC address # features/step_definitions/mac_spoofing.rb:38 Scenario: Creating and using a Jessie-area persistent NetworkManager connection # features/persistence.feature:47 02:04:52.315384362: calling as root: echo 'hello?' 02:04:52.643286682: call returned: [0, "hello?\n", ""] 02:04:53.368491294: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:04:53.368656828: calling as root: nmcli device show eth0 02:04:53.760565838: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:04:53.782271715: calling as root: date -s '@1498731540' 02:04:54.075475506: call returned: [0, "Thu Jun 29 10:19:00 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 And the network is plugged # features/step_definitions/common_steps.rb:79 02:04:54.168117487: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:54.741809480: call returned: [1, "", ""] 02:04:55.742108933: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:55.950313528: call returned: [1, "", ""] 02:04:56.950611974: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:57.179313504: call returned: [3, "", ""] 02:04:58.179597322: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:04:58.445906522: call returned: [0, "", ""] 02:04:58.446336201: calling as root: test -e /run/tordate/done 02:04:58.646513325: call returned: [0, "", ""] 02:04:58.647234214: calling as root: test -e /run/htpdate/success 02:04:58.993672178: call returned: [1, "", ""] 02:04:59.993996908: calling as root: test -e /run/htpdate/success 02:05:00.431224705: call returned: [1, "", ""] 02:05:01.433856296: calling as root: test -e /run/htpdate/success 02:05:01.674138936: call returned: [1, "", ""] 02:05:02.674478906: calling as root: test -e /run/htpdate/success 02:05:02.923692575: call returned: [0, "", ""] 02:05:02.924122128: calling as root: systemctl is-system-running 02:05:03.283682916: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:05:03.285797648: calling as root: nmcli connection add con-name persistent-con-2.x type ethernet autoconnect yes ifname eth0 02:05:03.861110575: call returned: [0, "Connection 'persistent-con-2.x' (dd0aeef8-fffb-4676-8bdc-d4cd51305667) successfully added.\n", ""] 02:05:03.861457056: calling as root: nmcli --terse --fields NAME connection show 02:05:04.133813259: call returned: [0, "Wired connection\npersistent-con-2.x\n", ""] And I add a 2.x wired DHCP NetworkManager connection called "persistent-con-2.x" # features/step_definitions/common_steps.rb:548 02:05:04.135167953: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 02:05:14.709052299: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:06:27.881513482: calling as root: echo 'hello?' 02:06:27.881651002: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 02:06:28.157818168: call returned: [0, "hello?\n", ""] 02:06:28.158215465: calling as root: service tor status 02:06:28.429805531: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 02:06:28.430253020: opening file /etc/tor/torrc in 'append' mode 02:06:28.688053688: append complete 02:06:29.481727517: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 02:06:29.685013931: [log] TYPE "asdf#ENTER." 02:06:36.176646920: calling as root: loginctl 02:06:36.196675246: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 02:06:36.379979370: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:06:37.380427668: calling as root: loginctl 02:06:37.643995584: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n 5 1000 amnesia seat0 /dev/tty2 \n\n2 sessions listed.\n", ""] 02:06:52.701226931: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:06:52.844427063: call returned: [0, "", ""] 02:06:52.844603340: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:06:52.980533005: call returned: [0, "", ""] 02:06:52.980800018: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node361 = dogtail.tree.root.application('gnome-shell') 02:06:54.212238069: execution complete 02:06:54.937038707: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:06:54.937333000: executing Python as amnesia: node362 = node361.child('No Notifications', roleName='label') 02:06:56.562472577: execution complete 02:06:56.562723106: executing Python as amnesia: node363 = node361.child('No Notifications', roleName='label') 02:06:58.129743754: execution complete 02:06:58.172451619: [log] TYPE "#ESC." Given I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 And I capture all network traffic # features/step_definitions/common_steps.rb:96 And the network is plugged # features/step_definitions/common_steps.rb:79 02:06:58.272204667: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:06:58.784725308: call returned: [1, "", ""] 02:06:59.785158474: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:07:00.063860320: call returned: [1, "", ""] 02:07:01.064125190: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:07:01.414742522: call returned: [1, "", ""] 02:07:02.415069261: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:07:02.635454361: call returned: [1, "", ""] 02:07:03.635862840: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:07:03.887595483: call returned: [3, "", ""] 02:07:04.887986392: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:07:05.224647243: call returned: [0, "", ""] 02:07:05.225009217: calling as root: test -e /run/tordate/done 02:07:05.483330605: call returned: [0, "", ""] 02:07:05.483875974: calling as root: test -e /run/htpdate/success 02:07:05.832979619: call returned: [1, "", ""] 02:07:06.833354434: calling as root: test -e /run/htpdate/success 02:07:07.140825051: call returned: [1, "", ""] 02:07:08.141263900: calling as root: test -e /run/htpdate/success 02:07:08.347996612: call returned: [1, "", ""] 02:07:09.348425006: calling as root: test -e /run/htpdate/success 02:07:09.568340298: call returned: [0, "", ""] 02:07:09.568743244: calling as root: systemctl is-system-running 02:07:09.841469069: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:07:09.843747998: calling as root: nmcli connection up id persistent-con-2.x 02:07:10.652181957: call returned: [0, "Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)\n", ""] 02:07:10.652436461: calling as root: nmcli --terse --fields NAME,STATE connection show 02:07:10.993571557: call returned: [0, "persistent-con-2.x:activated\nWired connection:--\n", ""] And I switch to the "persistent-con-2.x" NetworkManager connection # features/step_definitions/common_steps.rb:575 02:07:11.012336467: calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 02:07:11.279524556: call returned: [0, "50:54:00:90:29:9b\n", ""] And the 1st network device has a spoofed MAC address configured # features/step_definitions/mac_spoofing.rb:14 And no network device leaked the real MAC address # features/step_definitions/mac_spoofing.rb:38 Scenario: Deleting a Tails persistent partition # features/persistence.feature:61 02:07:15.080874628: calling as root: echo 'hello?' 02:07:15.272586806: call returned: [0, "hello?\n", ""] 02:07:16.000973748: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:07:16.001198018: calling as root: nmcli device show eth0 02:07:16.346307478: call returned: [8, "", "Error: NetworkManager is not running.\n"] 02:07:16.367379548: calling as root: date -s '@1498731683' 02:07:16.501849195: call returned: [0, "Thu Jun 29 10:21:23 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:172 02:07:17.288654645: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 02:07:17.288950967: calling as root: loginctl 02:07:17.470857252: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:07:18.471437023: calling as root: loginctl 02:07:18.683592738: call returned: [0, " SESSION UID USER SEAT TTY \n 73 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 02:07:39.163100388: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:07:39.287260417: call returned: [0, "", ""] 02:07:39.287457603: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:07:39.405071062: call returned: [0, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:257 02:07:39.406355552: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 02:07:39.637321011: call returned: [0, "8:1\n", ""] 02:07:39.637478014: calling as root: readlink -f /dev/block/'8:1' 02:07:39.849470718: call returned: [0, "/dev/sda1\n", ""] 02:07:39.849630258: calling as root: udevadm info --query=property --name='/dev/sda1' 02:07:40.216913287: call returned: [0, "DEVLINKS=/dev/disk/by-partlabel/Tails /dev/disk/by-partuuid/4312549e-4491-4f02-99a5-1e01ae79ffba /dev/disk/by-label/Tails /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part1 /dev/disk/by-uuid/F410-3272 /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part1\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/0000:02:00.0/usb2/2-2/2-2:1.0/host6/target6:0:0/6:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_BUS=usb\nID_DRIVE_DETACHABLE=0\nID_FS_LABEL=Tails\nID_FS_LABEL_ENC=Tails\nID_FS_TYPE=vfat\nID_FS_USAGE=filesystem\nID_FS_UUID=F410-3272\nID_FS_UUID_ENC=F410-3272\nID_FS_VERSION=FAT32\nID_INSTANCE=0:0\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\nID_MODEL_ID=0001\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x5\nID_PART_ENTRY_NAME=Tails\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=2048\nID_PART_ENTRY_SCHEME=gpt\nID_PART_ENTRY_SIZE=5120000\nID_PART_ENTRY_TYPE=c12a7328-f81f-11d2-ba4b-00a0c93ec93b\nID_PART_ENTRY_UUID=4312549e-4491-4f02-99a5-1e01ae79ffba\nID_PART_TABLE_TYPE=gpt\nID_PART_TABLE_UUID=4bb0edd5-b271-4b94-8594-7e6418ff6aa6\nID_PATH=pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\nID_PATH_TAG=pci-0000_02_00_0-usb-0_2_1_0-scsi-0_0_0_0\nID_REVISION=2.5+\nID_SERIAL=QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\nID_SERIAL_SHORT=1-0000:00:01.1:00.0-2\nID_TYPE=disk\nID_USB_DRIVER=usb-storage\nID_USB_INTERFACES=:080650:\nID_USB_INTERFACE_NUM=00\nID_VENDOR=QEMU\nID_VENDOR_ENC=QEMU\\x20\\x20\\x20\\x20\nID_VENDOR_ID=46f4\nMAJOR=8\nMINOR=1\nPARTN=1\nPARTNAME=Tails\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUDISKS_SYSTEM=1\nUSEC_INITIALIZED=8188288\n", ""] 02:07:40.217247610: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 02:07:40.456121615: call returned: [0, "8:1\n", ""] 02:07:40.456275958: calling as root: readlink -f /dev/block/'8:1' 02:07:40.610628635: call returned: [0, "/dev/sda1\n", ""] Then Tails is running from USB drive "__internal" # features/step_definitions/usb.rb:418 02:07:40.671790294: calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium 02:07:40.875803907: call returned: [0, "8:1\n", ""] 02:07:40.875954069: calling as root: readlink -f /dev/block/'8:1' 02:07:41.099563164: call returned: [0, "/dev/sda1\n", ""] 02:07:41.099722385: calling as root: ls -1 /dev/sda* 02:07:41.271973812: call returned: [0, "/dev/sda\n/dev/sda1\n/dev/sda2\n", ""] 02:07:41.272157676: calling as root: cut -d':' -f1 /etc/passwd 02:07:41.557887496: call returned: [0, "root\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\nsystemd-timesync\nsystemd-network\nsystemd-resolve\nsystemd-bus-proxy\n_apt\nmessagebus\nmemlockd\nmonkeysphere\ndebian-tor\nspeech-dispatcher\ncolord\nsaned\npulse\nhplip\nDebian-gdm\ntails-persistence-setup\nclearnet\nhtp\ntails-iuk-get-target-file\ntails-upgrade-frontend\ntor-launcher\ntails-install-iuk\namnesia\n", ""] 02:07:41.558129522: calling as root: groups root 02:07:41.772710182: call returned: [0, "root : root\n", ""] 02:07:41.772900459: calling as root: groups daemon 02:07:41.955432143: call returned: [0, "daemon : daemon\n", ""] 02:07:41.955703658: calling as root: groups bin 02:07:42.163684766: call returned: [0, "bin : bin\n", ""] 02:07:42.163874660: calling as root: groups sys 02:07:42.355883820: call returned: [0, "sys : sys\n", ""] 02:07:42.356131275: calling as root: groups sync 02:07:42.535691660: call returned: [0, "sync : nogroup\n", ""] 02:07:42.535879811: calling as root: groups games 02:07:42.710021976: call returned: [0, "games : games\n", ""] 02:07:42.710232839: calling as root: groups man 02:07:42.887726083: call returned: [0, "man : man\n", ""] 02:07:42.887930160: calling as root: groups lp 02:07:43.094495465: call returned: [0, "lp : lp\n", ""] 02:07:43.094685574: calling as root: groups mail 02:07:43.367213586: call returned: [0, "mail : mail\n", ""] 02:07:43.367429514: calling as root: groups news 02:07:43.541732444: call returned: [0, "news : news\n", ""] 02:07:43.541917313: calling as root: groups uucp 02:07:43.778893894: call returned: [0, "uucp : uucp\n", ""] 02:07:43.779088473: calling as root: groups proxy 02:07:43.925367505: call returned: [0, "proxy : proxy\n", ""] 02:07:43.925569556: calling as root: groups www-data 02:07:44.194952887: call returned: [0, "www-data : www-data\n", ""] 02:07:44.195249466: calling as root: groups backup 02:07:44.362549239: call returned: [0, "backup : backup\n", ""] 02:07:44.362810567: calling as root: groups list 02:07:44.573650837: call returned: [0, "list : list\n", ""] 02:07:44.573829567: calling as root: groups irc 02:07:44.755110502: call returned: [0, "irc : irc\n", ""] 02:07:44.755309722: calling as root: groups gnats 02:07:44.985115532: call returned: [0, "gnats : gnats\n", ""] 02:07:44.985320344: calling as root: groups nobody 02:07:45.262804401: call returned: [0, "nobody : nogroup\n", ""] 02:07:45.262991799: calling as root: groups systemd-timesync 02:07:45.438106437: call returned: [0, "systemd-timesync : systemd-timesync\n", ""] 02:07:45.438356336: calling as root: groups systemd-network 02:07:45.609806385: call returned: [0, "systemd-network : systemd-network\n", ""] 02:07:45.610030990: calling as root: groups systemd-resolve 02:07:45.815566507: call returned: [0, "systemd-resolve : systemd-resolve\n", ""] 02:07:45.815771196: calling as root: groups systemd-bus-proxy 02:07:46.022521670: call returned: [0, "systemd-bus-proxy : systemd-bus-proxy\n", ""] 02:07:46.022734549: calling as root: groups _apt 02:07:46.215848377: call returned: [0, "_apt : nogroup\n", ""] 02:07:46.216066797: calling as root: groups messagebus 02:07:46.410026938: call returned: [0, "messagebus : messagebus\n", ""] 02:07:46.410214741: calling as root: groups memlockd 02:07:46.669811482: call returned: [0, "memlockd : memlockd\n", ""] 02:07:46.669994663: calling as root: groups monkeysphere 02:07:46.915765025: call returned: [0, "monkeysphere : monkeysphere\n", ""] 02:07:46.915953978: calling as root: groups debian-tor 02:07:47.103565524: call returned: [0, "debian-tor : debian-tor\n", ""] 02:07:47.103757450: calling as root: groups speech-dispatcher 02:07:47.287784044: call returned: [0, "speech-dispatcher : audio\n", ""] 02:07:47.287991148: calling as root: groups colord 02:07:47.462070590: call returned: [0, "colord : colord\n", ""] 02:07:47.462321291: calling as root: groups saned 02:07:47.726350004: call returned: [0, "saned : saned scanner\n", ""] 02:07:47.726604621: calling as root: groups pulse 02:07:47.886700005: call returned: [0, "pulse : pulse audio\n", ""] 02:07:47.886942565: calling as root: groups hplip 02:07:48.085219212: call returned: [0, "hplip : lp\n", ""] 02:07:48.085398048: calling as root: groups Debian-gdm 02:07:48.340974938: call returned: [0, "Debian-gdm : Debian-gdm\n", ""] 02:07:48.341153699: calling as root: groups tails-persistence-setup 02:07:48.497715906: call returned: [0, "tails-persistence-setup : tails-persistence-setup\n", ""] 02:07:48.497930511: calling as root: groups clearnet 02:07:48.692814514: call returned: [0, "clearnet : clearnet\n", ""] 02:07:48.693022548: calling as root: groups htp 02:07:48.911134392: call returned: [0, "htp : htp\n", ""] 02:07:48.911359679: calling as root: groups tails-iuk-get-target-file 02:07:49.083608957: call returned: [0, "tails-iuk-get-target-file : tails-iuk-get-target-file\n", ""] 02:07:49.083798536: calling as root: groups tails-upgrade-frontend 02:07:49.287772003: call returned: [0, "tails-upgrade-frontend : tails-upgrade-frontend\n", ""] 02:07:49.287972085: calling as root: groups tor-launcher 02:07:49.445544429: call returned: [0, "tor-launcher : tor-launcher debian-tor\n", ""] 02:07:49.445729897: calling as root: groups tails-install-iuk 02:07:49.643104705: call returned: [0, "tails-install-iuk : tails-install-iuk tails-iuk-get-target-file\n", ""] 02:07:49.643368657: calling as root: groups amnesia 02:07:49.833047852: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] 02:07:49.833300934: calling as root: stat -c %U /dev/sda 02:07:50.039346718: call returned: [0, "root\n", ""] 02:07:50.039503532: calling as root: stat -c %G /dev/sda 02:07:50.199394710: call returned: [0, "disk\n", ""] 02:07:50.199541261: calling as root: stat -c %a /dev/sda 02:07:50.336210889: call returned: [0, "660\n", ""] 02:07:50.336758878: calling as root: stat -c %U /dev/sda1 02:07:50.594521884: call returned: [0, "root\n", ""] 02:07:50.594673884: calling as root: stat -c %G /dev/sda1 02:07:50.749241800: call returned: [0, "disk\n", ""] 02:07:50.749464270: calling as root: stat -c %a /dev/sda1 02:07:50.933451718: call returned: [0, "660\n", ""] 02:07:50.934054264: calling as root: stat -c %U /dev/sda2 02:07:51.157014153: call returned: [0, "root\n", ""] 02:07:51.157197366: calling as root: stat -c %G /dev/sda2 02:07:51.311495511: call returned: [0, "disk\n", ""] 02:07:51.311686794: calling as root: stat -c %a /dev/sda2 02:07:51.533816241: call returned: [0, "660\n", ""] 02:07:51.534448583: calling as root: udisksctl info --block-device '/dev/sda' 02:07:51.891714790: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda\n DeviceNumber: 2048\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: \n IdLabel: \n IdType: \n IdUUID: \n IdUsage: \n IdVersion: \n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda\n ReadOnly: false\n Size: 4294967296\n Symlinks: /dev/TailsBootDev\n /dev/bilibop\n /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0\n org.freedesktop.UDisks2.PartitionTable:\n Type: gpt\n", ""] And the boot device has safe access rights # features/step_definitions/usb.rb:438 02:07:51.892788280: calling as root: test -e '/var/lib/live/config/tails.persistence' 02:07:52.056875202: call returned: [1, "", ""] And persistence is disabled # features/step_definitions/usb.rb:395 02:07:52.075951887: calling as root: udisksctl info --block-device '/dev/sda2' 02:07:52.433780236: call returned: [0, "/org/freedesktop/UDisks2/block_devices/sda2:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/'\n Device: /dev/sda2\n DeviceNumber: 2050\n Drive: '/org/freedesktop/UDisks2/drives/QEMU_QEMU_HARDDISK_1_0000_3a00_3a01_2e1_3a00_2e0_2'\n HintAuto: true\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: true\n HintSymbolicIconName: \n HintSystem: true\n Id: by-uuid-6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdLabel: \n IdType: crypto_LUKS\n IdUUID: 6f9c10b5-4034-4358-91c7-8738b6fb04ff\n IdUsage: crypto\n IdVersion: 1\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/sda2\n ReadOnly: false\n Size: 1670364672\n Symlinks: /dev/disk/by-id/usb-QEMU_QEMU_HARDDISK_1-0000:00:01.1:00.0-2-0:0-part2\n /dev/disk/by-partlabel/TailsData\n /dev/disk/by-partuuid/d8ed5054-08cc-4017-96e8-239e227c1eb2\n /dev/disk/by-path/pci-0000:02:00.0-usb-0:2:1.0-scsi-0:0:0:0-part2\n /dev/disk/by-uuid/6f9c10b5-4034-4358-91c7-8738b6fb04ff\n org.freedesktop.UDisks2.Encrypted:\n org.freedesktop.UDisks2.Partition:\n Flags: 0\n IsContained: false\n IsContainer: false\n Name: TailsData\n Number: 2\n Offset: 2624585728\n Size: 1670364672\n Table: '/org/freedesktop/UDisks2/block_devices/sda'\n Type: 0fc63daf-8483-4772-8e79-3d69d8477de4\n UUID: d8ed5054-08cc-4017-96e8-239e227c1eb2\n", ""] 02:07:52.434090294: calling as root: ls -1 --hide 'control' /dev/mapper/ 02:07:52.627927039: call returned: [0, "", ""] 02:07:52.628149345: calling as root: echo asdf | cryptsetup luksOpen /dev/sda2 __internal 02:07:55.430596173: call returned: [0, "", ""] 02:07:55.430823092: calling as root: udisksctl info --block-device '/dev/mapper/__internal' 02:07:55.861680203: call returned: [0, "/org/freedesktop/UDisks2/block_devices/dm_2d0:\n org.freedesktop.UDisks2.Block:\n Configuration: []\n CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sda2'\n Device: /dev/dm-0\n DeviceNumber: 65024\n Drive: '/'\n HintAuto: false\n HintIconName: \n HintIgnore: false\n HintName: \n HintPartitionable: false\n HintSymbolicIconName: \n HintSystem: true\n Id: by-id-dm-name-__internal\n IdLabel: TailsData\n IdType: ext4\n IdUUID: 2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n IdUsage: filesystem\n IdVersion: 1.0\n MDRaid: '/'\n MDRaidMember: '/'\n PreferredDevice: /dev/mapper/__internal\n ReadOnly: false\n Size: 1668267520\n Symlinks: /dev/disk/by-id/dm-name-__internal\n /dev/disk/by-id/dm-uuid-CRYPT-LUKS1-6f9c10b54034435891c78738b6fb04ff-__internal\n /dev/disk/by-label/TailsData\n /dev/disk/by-uuid/2a868ecc-07cd-49fd-8ae0-1916cccf2d41\n /dev/mapper/__internal\n org.freedesktop.UDisks2.Filesystem:\n MountPoints: \n", ""] 02:07:55.861978673: calling as root: mkdir -p /mnt/__internal 02:07:56.019351077: call returned: [0, "", ""] 02:07:56.019502729: calling as root: mount '/dev/mapper/__internal' /mnt/__internal 02:07:56.947624004: call returned: [0, "", ""] 02:07:56.947844568: calling as root: umount /mnt/__internal 02:07:57.228944941: call returned: [0, "", ""] 02:07:57.229086761: calling as root: sync 02:07:57.394477090: call returned: [0, "", ""] 02:07:57.394654456: calling as root: cryptsetup luksClose __internal 02:07:57.665413915: call returned: [0, "", ""] But a Tails persistence partition exists on USB drive "__internal" # features/step_definitions/usb.rb:311 02:07:57.666607262: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node364 = dogtail.tree.root.application('gnome-shell') 02:07:58.843394452: execution complete 02:07:59.565975426: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:07:59.566307115: executing Python as amnesia: node365 = node364.child('No Notifications', roleName='label') 02:08:01.625691605: execution complete 02:08:01.625879382: executing Python as amnesia: node366 = node364.child('No Notifications', roleName='label') 02:08:03.621998176: execution complete 02:08:03.664270042: [log] TYPE "#ESC." And all notifications have disappeared # features/step_definitions/common_steps.rb:422 02:08:03.752302401: calling as amnesia: xdotool key Super 02:08:04.025601523: call returned: [0, "", ""] 02:08:14.037914222: [log] TYPE "Delete persistent volume" [log] ( Ctrl ) TYPE "#ENTER." 02:08:15.545158156: [log] TYPE " " When I delete the persistent partition # features/step_definitions/usb.rb:626 02:08:15.562775725: calling as root: test -b /dev/sda2 02:08:15.710677534: call returned: [1, "", ""] Then there is no persistence partition on USB drive "__internal" # features/step_definitions/usb.rb:305 Scenario: Dotfiles persistence # features/persistence.feature:72 02:08:19.794656708: calling as root: echo 'hello?' 02:08:20.050239217: call returned: [0, "hello?\n", ""] 02:08:20.774341649: calling as root: nmcli device show eth0 02:08:20.774576568: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:08:21.217094187: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:08:21.235359935: calling as root: date -s '@1498731748' 02:08:21.462636959: call returned: [0, "Thu Jun 29 10:22:28 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 02:08:21.464546451: calling as amnesia: touch /live/persistence/TailsData_unlocked/dotfiles/.XXX_persist 02:08:21.570668648: call returned: [0, "", ""] When I write some dotfile expected to persist # features/step_definitions/usb.rb:538 02:08:21.571754657: spawning as root: poweroff And I shutdown Tails and wait for the computer to power off # features/step_definitions/common_steps.rb:514 02:08:30.798887914: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:08:34.201665760: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 02:09:40.914016644: calling as root: echo 'hello?' 02:09:41.207298933: call returned: [0, "hello?\n", ""] 02:09:41.208252647: calling as root: service tor status 02:09:41.462547724: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 02:09:41.463087704: opening file /etc/tor/torrc in 'append' mode 02:09:41.653184322: append complete 02:09:42.452926118: [log] CLICK on L(404,469)@S(0)[0,0 1024x768] 02:09:42.659315458: [log] TYPE "asdf#ENTER." 02:09:49.381839512: [log] CLICK on L(767,154)@S(0)[0,0 1024x768] 02:09:49.382544327: calling as root: loginctl 02:09:49.564038138: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:09:50.564532097: calling as root: loginctl 02:09:50.870917250: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 02:10:05.594245602: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:10:05.726959209: call returned: [0, "", ""] 02:10:05.727187370: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:10:05.835337364: call returned: [0, "", ""] 02:10:05.835657995: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node367 = dogtail.tree.root.application('gnome-shell') 02:10:07.064611508: execution complete 02:10:07.793018891: executing Python as amnesia: node368 = node367.child('No Notifications', roleName='label') 02:10:07.811112392: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:10:09.601642800: execution complete 02:10:09.601874003: executing Python as amnesia: node369 = node367.child('No Notifications', roleName='label') 02:10:10.928027064: execution complete And I start Tails from USB drive "__internal" with network unplugged and I login with persistence enabled # features/step_definitions/common_steps.rb:137 02:10:10.977593331: calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' 02:10:10.999735636: [log] TYPE "#ESC." 02:10:12.992442026: call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.thunderbird:source=thunderbird\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] 02:10:12.992944376: calling as root: test -L /home/amnesia/.XXX_persist 02:10:13.195211269: call returned: [0, "", ""] 02:10:13.195394492: calling as root: test -e $(readlink -f /home/amnesia/.XXX_persist) 02:10:13.444788055: call returned: [0, "", ""] Then the expected persistent dotfile is present in the filesystem # features/step_definitions/usb.rb:580 @product Feature: Chatting anonymously using Pidgin As a Tails user when I chat using Pidgin I should be able to use OTR And I should be able to persist my Pidgin configuration And AppArmor should prevent Pidgin from doing dangerous things And all Internet traffic should flow only through Tor Scenario: Adding a certificate to Pidgin # features/pidgin.feature:74 02:10:16.496018072: calling as root: echo 'hello?' 02:10:16.701913902: call returned: [0, "hello?\n", ""] 02:10:17.424824381: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:10:17.425039684: calling as root: nmcli device show eth0 02:10:17.825368541: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:10:17.846236705: calling as root: systemctl --quiet is-active tor@default.service 02:10:18.024929079: call returned: [0, "", ""] 02:10:18.025111276: calling as root: systemctl stop tor@default.service 02:10:18.258526622: call returned: [0, "", ""] 02:10:18.258719161: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:10:18.506708696: call returned: [0, "", ""] 02:10:18.506964455: calling as root: date -s '@1498731865' 02:10:18.739850153: call returned: [0, "Thu Jun 29 10:24:25 UTC 2017\n", ""] 02:10:18.740013055: calling as root: systemctl start tor@default.service 02:10:20.094148061: call returned: [0, "", ""] 02:10:20.094410971: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:10:20.319026436: call returned: [3, "", ""] 02:10:21.319387681: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:10:21.575015191: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:10:21.638689294: calling as amnesia: xdotool key Super 02:10:21.877727506: call returned: [0, "", ""] 02:10:24.118931983: [log] TYPE "Pidgin Internet Messenger" And I start "Pidgin Internet Messenger" via GNOME Activities Overview # features/step_definitions/common_steps.rb:639 02:10:42.049751575: [log] ( Ctrl ) TYPE "#ENTER." And I see Pidgin's account manager window # features/step_definitions/pidgin.rb:300 02:10:42.967131232: [log] CLICK on L(711,527)@S(0)[0,0 1024x768] And I close Pidgin's account manager window # features/step_definitions/pidgin.rb:304 02:10:42.969573908: calling as amnesia: cp "/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt" "/home/amnesia/test.crt" 02:10:43.111427111: call returned: [0, "", ""] 02:10:43.111705724: calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync 02:10:43.308005146: call returned: [0, "", ""] 02:10:44.251415784: [log] CLICK on L(322,183)@S(0)[0,0 1024x768] 02:10:45.604003709: [log] CLICK on L(361,241)@S(0)[0,0 1024x768] 02:10:48.197644665: [log] CLICK on L(643,272)@S(0)[0,0 1024x768] 02:10:48.923542707: [log] CLICK on L(145,286)@S(0)[0,0 1024x768] 02:10:51.329450363: [log] CLICK on L(123,135)@S(0)[0,0 1024x768] [log] ( Alt ) TYPE "l" [log] TYPE "/home/amnesia/test.crt#ENTER." 02:10:52.672850401: [log] TYPE "XXX test XXX#ENTER." Then I can add a certificate from the "/home/amnesia" directory to Pidgin # features/step_definitions/pidgin.rb:455 Scenario: Failing to add a certificate to Pidgin # features/pidgin.feature:81 02:10:55.998851789: calling as root: echo 'hello?' 02:10:56.173314039: call returned: [0, "hello?\n", ""] 02:10:56.904484816: calling as root: nmcli device show eth0 02:10:56.923411405: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:10:57.253664461: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:10:57.271734129: calling as root: systemctl --quiet is-active tor@default.service 02:10:57.458876375: call returned: [0, "", ""] 02:10:57.459191792: calling as root: systemctl stop tor@default.service 02:10:57.687608034: call returned: [0, "", ""] 02:10:57.687757182: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:10:57.887413601: call returned: [0, "", ""] 02:10:57.887677284: calling as root: date -s '@1498731904' 02:10:58.148772801: call returned: [0, "Thu Jun 29 10:25:04 UTC 2017\n", ""] 02:10:58.149008188: calling as root: systemctl start tor@default.service 02:10:59.223594333: call returned: [0, "", ""] 02:10:59.223888579: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:10:59.447006704: call returned: [3, "", ""] 02:11:00.447320215: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:11:00.692121351: call returned: [3, "", ""] 02:11:01.692490943: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:11:01.915174424: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:11:01.994193052: calling as amnesia: xdotool key Super 02:11:02.258152604: call returned: [0, "", ""] 02:11:04.482092951: [log] TYPE "Pidgin Internet Messenger" When I start "Pidgin Internet Messenger" via GNOME Activities Overview # features/step_definitions/common_steps.rb:639 02:11:22.595906677: [log] ( Ctrl ) TYPE "#ENTER." And I see Pidgin's account manager window # features/step_definitions/pidgin.rb:300 02:11:23.389533400: [log] CLICK on L(711,527)@S(0)[0,0 1024x768] And I close Pidgin's account manager window # features/step_definitions/pidgin.rb:304 02:11:23.392137044: calling as amnesia: cp "/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt" "/home/amnesia/.gnupg/test.crt" 02:11:23.533963364: call returned: [0, "", ""] 02:11:23.534172039: calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync 02:11:23.763794273: call returned: [0, "", ""] 02:11:24.546158829: [log] CLICK on L(322,183)@S(0)[0,0 1024x768] 02:11:25.898775552: [log] CLICK on L(361,241)@S(0)[0,0 1024x768] 02:11:27.299423184: [log] CLICK on L(643,272)@S(0)[0,0 1024x768] 02:11:29.016394229: [log] CLICK on L(145,286)@S(0)[0,0 1024x768] 02:11:30.278473311: [log] CLICK on L(123,135)@S(0)[0,0 1024x768] 02:11:31.571272712: [log] ( Alt ) TYPE "l" [log] TYPE "/home/amnesia/.gnupg/test.crt#ENTER." Then I cannot add a certificate from the "/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:462 02:11:32.571070062: [log] TYPE "#ESC." When I close Pidgin's certificate import failure dialog # features/step_definitions/pidgin.rb:474 02:11:33.371665521: [log] TYPE "#ESC." And I close Pidgin's certificate manager # features/step_definitions/pidgin.rb:467 02:11:34.138183205: calling as amnesia: cp "/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt" "/lib/live/mount/overlay/home/amnesia/.gnupg/test.crt" 02:11:34.255494686: call returned: [0, "", ""] 02:11:34.255730884: calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync 02:11:34.450264781: call returned: [0, "", ""] 02:11:35.242783635: [log] CLICK on L(322,183)@S(0)[0,0 1024x768] 02:11:36.754200940: [log] CLICK on L(361,241)@S(0)[0,0 1024x768] 02:11:38.266339424: [log] CLICK on L(643,272)@S(0)[0,0 1024x768] 02:11:49.336840799: [log] CLICK on L(123,135)@S(0)[0,0 1024x768] 02:11:51.593008113: [log] ( Alt ) TYPE "l" [log] TYPE "/lib/live/mount/overlay/home/amnesia/.gnupg/test.crt#ENTER." Then I cannot add a certificate from the "/lib/live/mount/overlay/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:462 02:11:52.568559548: [log] TYPE "#ESC." When I close Pidgin's certificate import failure dialog # features/step_definitions/pidgin.rb:474 02:11:53.373232428: [log] TYPE "#ESC." And I close Pidgin's certificate manager # features/step_definitions/pidgin.rb:467 02:11:54.171365826: calling as amnesia: cp "/usr/share/ca-certificates/mozilla/CNNIC_ROOT.crt" "/live/overlay/home/amnesia/.gnupg/test.crt" 02:11:54.314215547: call returned: [0, "", ""] 02:11:54.314410727: calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync 02:11:54.514068709: call returned: [0, "", ""] 02:11:55.294376373: [log] CLICK on L(322,183)@S(0)[0,0 1024x768] 02:11:56.666067896: [log] CLICK on L(361,241)@S(0)[0,0 1024x768] 02:11:58.104869905: [log] CLICK on L(643,272)@S(0)[0,0 1024x768] 02:12:09.135495134: [log] CLICK on L(123,135)@S(0)[0,0 1024x768] 02:12:10.979412054: [log] ( Alt ) TYPE "l" [log] TYPE "/live/overlay/home/amnesia/.gnupg/test.crt#ENTER." Then I cannot add a certificate from the "/live/overlay/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:462 @source Feature: check PO files As a Tails developer, when I build Tails, I want to make sure the PO files in use are correct. @doc Scenario: check all PO files # features/po.feature:7 Given I am in the Git branch being tested # features/step_definitions/po.rb:1 Then all the PO files should be correct # features/step_definitions/po.rb:5 @product Feature: Regressions tests Scenario: tails-debugging-info does not leak information # features/regression_tests.feature:4 02:12:20.556062790: calling as root: echo 'hello?' 02:12:20.817276104: call returned: [0, "hello?\n", ""] 02:12:21.544604954: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:12:21.544810896: calling as root: nmcli device show eth0 02:12:21.904839658: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:12:21.921948762: calling as root: date -s '@1498731988' 02:12:22.102206975: call returned: [0, "Thu Jun 29 10:26:28 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 02:12:22.104442590: opening file /secret in 'append' mode 02:12:22.147480867: append complete 02:12:22.147630195: calling as root: chmod u=rw,go= /secret 02:12:22.298064246: call returned: [0, "", ""] 02:12:22.298300495: calling as root: chown root:root /secret 02:12:22.474572650: call returned: [0, "", ""] 02:12:22.474755790: opening file /usr/local/sbin/tails-debugging-info in 'read' mode 02:12:22.920436862: read complete 02:12:22.921017715: calling as root: rm /var/log/gdm3/tails-greeter.errors 02:12:23.155236356: call returned: [1, "", "rm: cannot remove '/var/log/gdm3/tails-greeter.errors': No such file or directory\n"] Then tails-debugging-info is not susceptible to symlink attacks # features/step_definitions/checks.rb:188 @product Feature: Tails has a sane default configuration Scenario: The live user is setup correctly # features/sane_defaults.feature:4 02:12:25.966938462: calling as root: echo 'hello?' 02:12:26.195554079: call returned: [0, "hello?\n", ""] 02:12:26.923267472: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:12:26.923441637: calling as root: nmcli device show eth0 02:12:27.291705734: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:12:27.318415923: calling as root: date -s '@1498731994' 02:12:27.474969225: call returned: [0, "Thu Jun 29 10:26:34 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 02:12:27.477269144: calling as root: test -e /var/lib/live/config/user-setup 02:12:27.661943531: call returned: [0, "", ""] 02:12:27.662216285: calling as root: . /etc/live/config/username.conf; echo $LIVE_USERNAME 02:12:27.854530842: call returned: [0, "amnesia\n", ""] Then the live user has been setup by live-boot # features/step_definitions/checks.rb:38 02:12:27.856727802: calling as root: groups amnesia 02:12:28.087797708: call returned: [0, "amnesia : amnesia lp dialout cdrom floppy video plugdev netdev vboxsf lpadmin scanner\n", ""] And the live user is a member of only its own group and "cdrom dialout floppy video plugdev netdev scanner lp lpadmin vboxsf" # features/step_definitions/checks.rb:46 02:12:28.089814208: calling as root: test -d /home/amnesia 02:12:28.286732937: call returned: [0, "", ""] 02:12:28.286906006: calling as root: stat -c %U:%G /home/amnesia 02:12:28.504086602: call returned: [0, "amnesia:amnesia\n", ""] 02:12:28.504285725: calling as root: stat -c %a /home/amnesia 02:12:28.704453100: call returned: [0, "700\n", ""] And the live user owns its home dir and it has normal permissions # features/step_definitions/checks.rb:57 Scenario: No unexpected network services # features/sane_defaults.feature:10 02:12:31.540144604: calling as root: echo 'hello?' 02:12:31.819144839: call returned: [0, "hello?\n", ""] 02:12:32.569898350: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:12:32.570243785: calling as root: nmcli device show eth0 02:12:32.910417660: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:12:32.926938306: calling as root: date -s '@1498731999' 02:12:33.149772361: call returned: [0, "Thu Jun 29 10:26:39 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 When the network is plugged # features/step_definitions/common_steps.rb:79 02:12:33.220488054: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:33.695470403: call returned: [1, "", ""] 02:12:34.695852910: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:34.870925615: call returned: [1, "", ""] 02:12:35.871253970: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:36.113230978: call returned: [1, "", ""] 02:12:37.113562201: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:37.372006160: call returned: [1, "", ""] 02:12:38.372552158: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:38.580036199: call returned: [1, "", ""] 02:12:39.580410362: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:39.802732422: call returned: [1, "", ""] 02:12:40.803156389: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:40.979023069: call returned: [1, "", ""] 02:12:41.979470646: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:42.244193238: call returned: [1, "", ""] 02:12:43.244520491: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:43.531692212: call returned: [1, "", ""] 02:12:44.532163057: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:44.773481051: call returned: [3, "", ""] 02:12:45.773830456: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:46.118837993: call returned: [0, "", ""] 02:12:46.119252034: calling as root: test -e /run/tordate/done 02:12:46.470072186: call returned: [0, "", ""] 02:12:46.470326290: calling as root: test -e /run/htpdate/success 02:12:46.927450277: call returned: [1, "", ""] 02:12:47.927709023: calling as root: test -e /run/htpdate/success 02:12:48.101077754: call returned: [1, "", ""] 02:12:49.101366594: calling as root: test -e /run/htpdate/success 02:12:49.298749623: call returned: [0, "", ""] 02:12:49.299115864: calling as root: systemctl is-system-running 02:12:49.512099959: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:12:49.513889695: calling as root: ss -ltupn 02:12:49.984656147: call returned: [0, "Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port \nudp UNCONN 0 0 *:68 *:* users:((\"dhclient\",pid=8705,fd=6))\nudp UNCONN 0 0 127.0.0.1:5353 *:* users:((\"tor\",pid=9241,fd=10))\ntcp LISTEN 0 128 127.0.0.1:9040 *:* users:((\"tor\",pid=9241,fd=11))\ntcp LISTEN 0 5 127.0.0.1:631 *:* users:((\"cupsd\",pid=7992,fd=9))\ntcp LISTEN 0 128 127.0.0.1:6136 *:* users:((\"monkeysphere-va\",pid=6381,fd=4))\ntcp LISTEN 0 128 127.0.0.1:9050 *:* users:((\"tor\",pid=9241,fd=6))\ntcp LISTEN 0 5 127.0.0.1:9051 *:* users:((\"onion-grater\",pid=3718,fd=3))\ntcp LISTEN 0 128 127.0.0.1:9052 *:* users:((\"tor\",pid=9241,fd=12))\ntcp LISTEN 0 128 127.0.0.1:9150 *:* users:((\"tor\",pid=9241,fd=9))\ntcp LISTEN 0 128 127.0.0.1:9061 *:* users:((\"tor\",pid=9241,fd=7))\ntcp LISTEN 0 128 127.0.0.1:9062 *:* users:((\"tor\",pid=9241,fd=8))\n", ""] Then no unexpected services are listening for network connections # features/step_definitions/checks.rb:67 Service 'dhclient' is listening on *:68 but has an exception @product Feature: Shutdown applet Scenario: The shutdown applet can shutdown Tails # features/shutdown_applet.feature:4 02:12:53.238052416: calling as root: echo 'hello?' 02:12:53.432626614: call returned: [0, "hello?\n", ""] 02:12:54.158634925: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:12:54.158888383: calling as root: nmcli device show eth0 02:12:54.546664540: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:12:54.565960472: calling as root: systemctl --quiet is-active tor@default.service 02:12:54.761091302: call returned: [0, "", ""] 02:12:54.761248239: calling as root: systemctl stop tor@default.service 02:12:55.029063966: call returned: [0, "", ""] 02:12:55.029231931: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:12:55.253789130: call returned: [0, "", ""] 02:12:55.253995385: calling as root: date -s '@1498732022' 02:12:55.487439423: call returned: [0, "Thu Jun 29 10:27:02 UTC 2017\n", ""] 02:12:55.487628779: calling as root: systemctl start tor@default.service 02:12:56.831603958: call returned: [0, "", ""] 02:12:56.833394165: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:57.062678319: call returned: [3, "", ""] 02:12:58.063153520: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:58.272798486: call returned: [3, "", ""] 02:12:59.273066703: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:12:59.504545237: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:13:00.992449718: [log] CLICK on L(981,12)@S(0)[0,0 1024x768] 02:13:06.912910851: [log] CLICK on L(948,181)@S(0)[0,0 1024x768] When I request a shutdown using the emergency shutdown applet # features/step_definitions/common_steps.rb:519 Slept for 5 seconds Then Tails eventually shuts down # features/step_definitions/common_steps.rb:503 Scenario: The shutdown applet can reboot Tails # features/shutdown_applet.feature:9 02:13:16.903126007: calling as root: echo 'hello?' 02:13:17.062132001: call returned: [0, "hello?\n", ""] 02:13:17.788454119: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:13:17.788721285: calling as root: nmcli device show eth0 02:13:18.156299135: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:13:18.173153472: calling as root: systemctl --quiet is-active tor@default.service 02:13:18.379306642: call returned: [0, "", ""] 02:13:18.379485631: calling as root: systemctl stop tor@default.service 02:13:18.608978192: call returned: [0, "", ""] 02:13:18.609142968: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:13:18.838168503: call returned: [0, "", ""] 02:13:18.838404667: calling as root: date -s '@1498732045' 02:13:19.004394939: call returned: [0, "Thu Jun 29 10:27:25 UTC 2017\n", ""] 02:13:19.004545716: calling as root: systemctl start tor@default.service 02:13:20.133156551: call returned: [0, "", ""] 02:13:20.133401910: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:13:20.297596315: call returned: [3, "", ""] 02:13:21.297931671: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:13:21.491841591: call returned: [3, "", ""] 02:13:22.492220684: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:13:22.777505760: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:13:24.073367977: [log] CLICK on L(981,12)@S(0)[0,0 1024x768] 02:13:30.019475238: [log] CLICK on L(861,181)@S(0)[0,0 1024x768] When I request a reboot using the emergency shutdown applet # features/step_definitions/common_steps.rb:534 Slept for 5 seconds Then Tails eventually restarts # features/step_definitions/common_steps.rb:503 @product Feature: Logging in via SSH As a Tails user When I connect to SSH servers on the Internet all Internet traffic should flow only through Tor Background: # features/ssh.feature:7 02:14:26.111787035: calling as root: echo 'hello?' 02:14:26.312182308: call returned: [0, "hello?\n", ""] 02:14:27.036578624: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:14:27.036789805: calling as root: nmcli device show eth0 02:14:27.412829629: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:14:27.436690968: calling as root: systemctl --quiet is-active tor@default.service 02:14:27.609951774: call returned: [0, "", ""] 02:14:27.610105292: calling as root: systemctl stop tor@default.service 02:14:27.840006335: call returned: [0, "", ""] 02:14:27.840163435: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:14:28.015450754: call returned: [0, "", ""] 02:14:28.015616986: calling as root: date -s '@1498732114' 02:14:28.223768403: call returned: [0, "Thu Jun 29 10:28:34 UTC 2017\n", ""] 02:14:28.223977143: calling as root: systemctl start tor@default.service 02:14:29.468772682: call returned: [0, "", ""] 02:14:29.469010885: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:29.702567618: call returned: [3, "", ""] 02:14:30.702871534: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:30.934072841: call returned: [3, "", ""] 02:14:31.934375840: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:32.187762054: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 @check_tor_leaks Scenario: Connecting to an SSH server on the Internet # features/ssh.feature:11 02:14:32.190762171: calling as amnesia: install -m 0700 -d '/home/amnesia/.ssh/' 02:14:32.274565565: call returned: [0, "", ""] 02:14:32.275626533: calling as amnesia: echo '-----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEA1dzPWseaW9KIw/LdrnqP6kaJAgNf+nyJggQzvwmKtNMZ5C4k rbmmFO+dMe7pCmy5du2hGeuM6hQVejhX3YsXXnUfoFGgKC0s8A/XF/Ii7mdb9Xtl ComR9xF/HHfuSeRXskVApiH5UkArjss5FNidwYrSTgIaUzUwpJh0mTzGiEQBWUBD kQ9LpNouxsz7mDZcwXXtf+J8+AfTFByWc+FZLIJAghQlIsmqJucMBfkM2/AkmgUX DqQKmigmyqorVWV4msl0Pb7EFLA2kab6y+mnQR9Iwa4pVrWSc+9Y+lb8l0Um2q5v ldeDqukECTBWFwMu7C1vs7tzZ3zY+whTzx37FLkBjkO668joqWoYk17iQb6kLlVj CKO3S7X26y+uiTzmR2ipXPQsbSQHC3HfbgcBlNqfWE2iS/iD7NjLxL2TSi0lXx8J fhdWI/q748h1qt+/a2QT//GjzxXptq0p/+mLbyn5ZgCLhBOVxPBfOby5GkJs8YNg qEHV3ovdXur+rY00GKmEwd86uPJuDGaQGQyWYr0yYPRIkUpCt9yIdJbZ+5/o0ODU BAWHTSAC5+rqV8hTfoqeNaLxo5TD1yVYzF2zb9LZX9mTmAz6whw+l2oHs2CTKlYS SNsDWUGjbZW/XJZpKj1hLJhGzTWX668elcABsCqSAsuAove3LSrCwsj11r0CAwEA AQKCAgEAu53JMySk4CUk4nJv1B+lnatfiqqXStJyd+Nj2hZu3w/LSQjKGLYjY36K c0Hao9CaLCFwEaM5rikMZnqDatIZID60DhtN27E2GSxsUI+V4Xw/im5ESChEK3Ho B3uXSq/N15E1lAl+BpBRJiZW31jhnOdCdDkYCyNAl0VAFSbiLK0sWbYtEFdQz0Cx hKpTlkcqvHXOc0CozZdfr+ccfnCVoJxsJzGxGoG8igBr5dmFVHWqRoxsm+WBf5f1 4BnFhldMpM5S8dAniNbGKKVKpBVJK7JcS72UeoM0Bg1WC9jAI50A5xvcvKGi2w8t ATqsa+fZBE0gD5dFOOaoHCJEFBGDMCFrm0eEfrrAtp2lAf1iFmWeq6TY9kgYEX+X 6QDE9cCIpYfx1RTvMtvlLryFt3TTZppKv3GQYI6DWmVx/+sHI29JAghhgJnjtQgM 7yqt0ap36WsGZhlnwk7bGW3AQIkxtpuHz1pMFJupBwR/zD2REltW9Gagqmtw4Om6 fUniQfuXBgRuYtPgQ8T2LLp6Z7rDx8AVDS89kz36UwApBdIk/Ull0VR4xACmq1WN 5Z+wPh+Sq3vAK/FJO5hQ0IPf2zFhFNSYEx/iE/j1SVQy11dtVbJEW0LOUzKnKDDX nB1YBKhD4tLWkLJgLBEh5jBsZMVD5JYpIC3Xeo4leaMTm6f+14ECggEBAPm4k9Dc ADY4qLbdJC/mLSDZuKYvW6Sr6qXKmf1u0nbrRW37aePySRushvjDjzJPdcYGaisI 6IAOWjeAobsHjEcbmzwXBk1JB/Sz0U9pJqZuFKjOgoCvxAdcn3d1n8tvhHxvMvCU +i5LkFtIfP5uLxMX4pZKV8sy7twrZ7C4gCRs8yjtZ6cxPnrRB6OTIDSYfeOOopfH dOiqdRxHS1h7KrVrMLrx0rNA6bNxuQQeyDwN6qMhKKoWZs6cj5jpiLs7ryLVVNwE orVmd1uuzoN5z1XUi/KM3G+Qlcq1bybCT77b5AlJ3yZpRqXaR+cFD5zxi4JeS8vj Faj6EpLWE34qvI0CggEBANs9aojQe9CrtEzXSYV47vmeCNiiqoZZhA/61jhkyMg2 xVBXmW2o98S+md+vzhPdso2ffFVOfqCvT3+e8ni7ZFGKafIoz/1lzUsHnxkJZer/ aScCIB+qo2WMpy13+D1yE36AFEIus0C/qbl43sFixrmQIxbrXk+HEfE0fqhNBGj6 bwkdwRCU78Vf3hC5581+oFesJQCUp+JnEpI/8PB0WgCJB63wHk+r73DWD26gwP/w W8N1klS+pcTufKE+nmseybyc29ZTSOVNF9D5K/9RG3YWrRqf2rdUHeE940SpPhrP nRta2eK+qHC0vxVyxrg0p84IbL3zDwYEn4UjRVR9LvECggEAUibeuf8mMrBBEKd/ mCJpBj2Z+VHrHClScGhOcIlcw7JyjNQA6fRzCJ+hZ4UuPqbVX+gMVUwA8N/H3ip7 CkRZaaszTnlkoVg9PctKOI2nIWllcoM9e4hXPPTDoVEY2Jw/QZBzeaIJC+HgA6e9 NxaYdfeNm1OpvjdrTRMacZDA1zrgY752MxKIM29AzBdCqQrhn1L1OmlrlH8/N6Zc qycZzcUNqvKTFlVsjJQFAc3+oYMShcgK0Km9+IqY0v1A9heUbikwWZFM1dB3w7mm Rqp0AxCBWbHtcuZl4OH/Rwj1oxxD0Kp0tvY7P6SnsuB/Wmo8Mw9CcDisj4J1SckT cJYuoQKCAQEAqw0T3YKr13bfyUP+/MAJ039Vb5Aac4/L1ZvjH0Si0nLJJ5HxBvnZ tgrvivJjWmSSNqTEINqJOV0OLYgZrdCmyGexmVn2TMHslilwG9yVQ+/aXrDt10cP DN/cX0FG0Mn8I6pSJADDojTneumvAjrKyWSHvA4PGwVLHmHSoATW+ADMONSaGRHa sKfHXk1taYruFvkcNYPGKII6nxh8J17gCaLf9vls7MQ8oFCi4bFSY11oeut0K+JC +48GddehSfpPc3T+oA2CxkSL3GNLzHu/bTbr/+XQg1CBr4bVlnBlIA3zibAsZxhR 2v1qSJWwLXAHrFwuW1UT16Irw3htUyoIQQKCAQBVUAkFfDTeQygHCl6I/wmGIqXK DXF8ng9vvo8yN6pNzHhx+0us59AfpMiyNm+PaC6cgGb9ni83H6Iwwzxqy0tKRP1z FPQl2jdA95ZQwMuVPzWbNPq8a9dc3YRhhzBb8M8Nsk2ByjFEfTObaPeDDr7g2lZG ImIY1kylD2ZgrAkoC3CDH3ptY3QbViBEPzC/d73CONdx4752LG2Gqg8MytotUup3 P/1tJ97Z0fwJnO1mlRKSeuPI9+nMO9IVgKZR8LIw+9CFgS4JWBOht8Agd2oIK4km PY1JkftKOwjRvNuZrt8P95wNKL+h/KYTdn+qsvBU7nO0PbDegRSm5hqVQAW3 -----END RSA PRIVATE KEY----- ' > '/home/amnesia/.ssh/id_rsa' 02:14:32.848825063: call returned: [0, "", ""] 02:14:32.849035061: calling as amnesia: echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV3M9ax5pb0ojD8t2ueo/qRokCA1/6fImCBDO/CYq00xnkLiStuaYU750x7ukKbLl27aEZ64zqFBV6OFfdixdedR+gUaAoLSzwD9cX8iLuZ1v1e2UKiZH3EX8cd+5J5FeyRUCmIflSQCuOyzkU2J3BitJOAhpTNTCkmHSZPMaIRAFZQEORD0uk2i7GzPuYNlzBde1/4nz4B9MUHJZz4VksgkCCFCUiyaom5wwF+Qzb8CSaBRcOpAqaKCbKqitVZXiayXQ9vsQUsDaRpvrL6adBH0jBrilWtZJz71j6VvyXRSbarm+V14Oq6QQJMFYXAy7sLW+zu3NnfNj7CFPPHfsUuQGOQ7rryOipahiTXuJBvqQuVWMIo7dLtfbrL66JPOZHaKlc9CxtJAcLcd9uBwGU2p9YTaJL+IPs2MvEvZNKLSVfHwl+F1Yj+rvjyHWq379rZBP/8aPPFem2rSn/6YtvKflmAIuEE5XE8F85vLkaQmzxg2CoQdXei91e6v6tjTQYqYTB3zq48m4MZpAZDJZivTJg9EiRSkK33Ih0ltn7n+jQ4NQEBYdNIALn6upXyFN+ip41ovGjlMPXJVjMXbNv0tlf2ZOYDPrCHD6XagezYJMqVhJI2wNZQaNtlb9clmkqPWEsmEbNNZfrrx6VwAGwKpICy4Ci97ctKsLCyPXWvQ== user@isotester' > '/home/amnesia/.ssh/id_rsa.pub' 02:14:33.066864441: call returned: [0, "", ""] 02:14:33.067133515: calling as amnesia: chmod 0600 '/home/amnesia/.ssh/'id* 02:14:33.159174426: call returned: [0, "", ""] Given I have the SSH key pair for an SSH server # features/step_definitions/ssh.rb:41 02:14:33.161654353: calling as root: pidof -x -o '%PPID' ssh 02:14:33.342409760: call returned: [1, "", ""] 02:14:33.343430557: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:14:33.548127570: call returned: [1, "", ""] 02:14:33.627997958: calling as amnesia: xdotool key Super 02:14:33.858270094: call returned: [0, "", ""] 02:14:40.453646662: [log] TYPE "GNOME Terminal" [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "ssh autotest-ssh@misc.lizard #ENTER." 02:14:40.455620850: calling as root: pidof -x -o '%PPID' ssh 02:14:40.686963786: call returned: [0, "11112\n", ""] When I connect to an SSH server on the Internet # features/step_definitions/ssh.rb:83 02:14:42.970610783: [log] TYPE "yes#ENTER." Then I have sucessfully logged into the SSH server # features/step_definitions/ssh.rb:112 @check_tor_leaks Scenario: Connecting to an SSH server on the LAN # features/ssh.feature:17 02:14:46.417755570: calling as root: echo 'hello?' 02:14:46.649946369: call returned: [0, "hello?\n", ""] 02:14:47.376402986: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:14:47.378842418: calling as root: nmcli device show eth0 02:14:47.807140567: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:14:47.824931103: calling as root: systemctl --quiet is-active tor@default.service 02:14:48.010235394: call returned: [0, "", ""] 02:14:48.010411383: calling as root: systemctl stop tor@default.service 02:14:48.251908313: call returned: [0, "", ""] 02:14:48.252124160: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:14:48.488722961: call returned: [0, "", ""] 02:14:48.488896846: calling as root: date -s '@1498732135' 02:14:48.689669061: call returned: [0, "Thu Jun 29 10:28:55 UTC 2017\n", ""] 02:14:48.689816019: calling as root: systemctl start tor@default.service 02:14:49.776604722: call returned: [0, "", ""] 02:14:49.776914982: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:50.003130992: call returned: [3, "", ""] 02:14:51.003457773: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:51.229079231: call returned: [3, "", ""] 02:14:52.229468029: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:14:52.480799816: call returned: [0, "", ""] 02:14:52.481685891: calling as amnesia: install -m 0700 -d '/home/amnesia/.ssh/' 02:14:52.574287433: call returned: [0, "", ""] 02:14:52.574790829: calling as amnesia: echo '-----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEA1dzPWseaW9KIw/LdrnqP6kaJAgNf+nyJggQzvwmKtNMZ5C4k rbmmFO+dMe7pCmy5du2hGeuM6hQVejhX3YsXXnUfoFGgKC0s8A/XF/Ii7mdb9Xtl ComR9xF/HHfuSeRXskVApiH5UkArjss5FNidwYrSTgIaUzUwpJh0mTzGiEQBWUBD kQ9LpNouxsz7mDZcwXXtf+J8+AfTFByWc+FZLIJAghQlIsmqJucMBfkM2/AkmgUX DqQKmigmyqorVWV4msl0Pb7EFLA2kab6y+mnQR9Iwa4pVrWSc+9Y+lb8l0Um2q5v ldeDqukECTBWFwMu7C1vs7tzZ3zY+whTzx37FLkBjkO668joqWoYk17iQb6kLlVj CKO3S7X26y+uiTzmR2ipXPQsbSQHC3HfbgcBlNqfWE2iS/iD7NjLxL2TSi0lXx8J fhdWI/q748h1qt+/a2QT//GjzxXptq0p/+mLbyn5ZgCLhBOVxPBfOby5GkJs8YNg qEHV3ovdXur+rY00GKmEwd86uPJuDGaQGQyWYr0yYPRIkUpCt9yIdJbZ+5/o0ODU BAWHTSAC5+rqV8hTfoqeNaLxo5TD1yVYzF2zb9LZX9mTmAz6whw+l2oHs2CTKlYS SNsDWUGjbZW/XJZpKj1hLJhGzTWX668elcABsCqSAsuAove3LSrCwsj11r0CAwEA AQKCAgEAu53JMySk4CUk4nJv1B+lnatfiqqXStJyd+Nj2hZu3w/LSQjKGLYjY36K c0Hao9CaLCFwEaM5rikMZnqDatIZID60DhtN27E2GSxsUI+V4Xw/im5ESChEK3Ho B3uXSq/N15E1lAl+BpBRJiZW31jhnOdCdDkYCyNAl0VAFSbiLK0sWbYtEFdQz0Cx hKpTlkcqvHXOc0CozZdfr+ccfnCVoJxsJzGxGoG8igBr5dmFVHWqRoxsm+WBf5f1 4BnFhldMpM5S8dAniNbGKKVKpBVJK7JcS72UeoM0Bg1WC9jAI50A5xvcvKGi2w8t ATqsa+fZBE0gD5dFOOaoHCJEFBGDMCFrm0eEfrrAtp2lAf1iFmWeq6TY9kgYEX+X 6QDE9cCIpYfx1RTvMtvlLryFt3TTZppKv3GQYI6DWmVx/+sHI29JAghhgJnjtQgM 7yqt0ap36WsGZhlnwk7bGW3AQIkxtpuHz1pMFJupBwR/zD2REltW9Gagqmtw4Om6 fUniQfuXBgRuYtPgQ8T2LLp6Z7rDx8AVDS89kz36UwApBdIk/Ull0VR4xACmq1WN 5Z+wPh+Sq3vAK/FJO5hQ0IPf2zFhFNSYEx/iE/j1SVQy11dtVbJEW0LOUzKnKDDX nB1YBKhD4tLWkLJgLBEh5jBsZMVD5JYpIC3Xeo4leaMTm6f+14ECggEBAPm4k9Dc ADY4qLbdJC/mLSDZuKYvW6Sr6qXKmf1u0nbrRW37aePySRushvjDjzJPdcYGaisI 6IAOWjeAobsHjEcbmzwXBk1JB/Sz0U9pJqZuFKjOgoCvxAdcn3d1n8tvhHxvMvCU +i5LkFtIfP5uLxMX4pZKV8sy7twrZ7C4gCRs8yjtZ6cxPnrRB6OTIDSYfeOOopfH dOiqdRxHS1h7KrVrMLrx0rNA6bNxuQQeyDwN6qMhKKoWZs6cj5jpiLs7ryLVVNwE orVmd1uuzoN5z1XUi/KM3G+Qlcq1bybCT77b5AlJ3yZpRqXaR+cFD5zxi4JeS8vj Faj6EpLWE34qvI0CggEBANs9aojQe9CrtEzXSYV47vmeCNiiqoZZhA/61jhkyMg2 xVBXmW2o98S+md+vzhPdso2ffFVOfqCvT3+e8ni7ZFGKafIoz/1lzUsHnxkJZer/ aScCIB+qo2WMpy13+D1yE36AFEIus0C/qbl43sFixrmQIxbrXk+HEfE0fqhNBGj6 bwkdwRCU78Vf3hC5581+oFesJQCUp+JnEpI/8PB0WgCJB63wHk+r73DWD26gwP/w W8N1klS+pcTufKE+nmseybyc29ZTSOVNF9D5K/9RG3YWrRqf2rdUHeE940SpPhrP nRta2eK+qHC0vxVyxrg0p84IbL3zDwYEn4UjRVR9LvECggEAUibeuf8mMrBBEKd/ mCJpBj2Z+VHrHClScGhOcIlcw7JyjNQA6fRzCJ+hZ4UuPqbVX+gMVUwA8N/H3ip7 CkRZaaszTnlkoVg9PctKOI2nIWllcoM9e4hXPPTDoVEY2Jw/QZBzeaIJC+HgA6e9 NxaYdfeNm1OpvjdrTRMacZDA1zrgY752MxKIM29AzBdCqQrhn1L1OmlrlH8/N6Zc qycZzcUNqvKTFlVsjJQFAc3+oYMShcgK0Km9+IqY0v1A9heUbikwWZFM1dB3w7mm Rqp0AxCBWbHtcuZl4OH/Rwj1oxxD0Kp0tvY7P6SnsuB/Wmo8Mw9CcDisj4J1SckT cJYuoQKCAQEAqw0T3YKr13bfyUP+/MAJ039Vb5Aac4/L1ZvjH0Si0nLJJ5HxBvnZ tgrvivJjWmSSNqTEINqJOV0OLYgZrdCmyGexmVn2TMHslilwG9yVQ+/aXrDt10cP DN/cX0FG0Mn8I6pSJADDojTneumvAjrKyWSHvA4PGwVLHmHSoATW+ADMONSaGRHa sKfHXk1taYruFvkcNYPGKII6nxh8J17gCaLf9vls7MQ8oFCi4bFSY11oeut0K+JC +48GddehSfpPc3T+oA2CxkSL3GNLzHu/bTbr/+XQg1CBr4bVlnBlIA3zibAsZxhR 2v1qSJWwLXAHrFwuW1UT16Irw3htUyoIQQKCAQBVUAkFfDTeQygHCl6I/wmGIqXK DXF8ng9vvo8yN6pNzHhx+0us59AfpMiyNm+PaC6cgGb9ni83H6Iwwzxqy0tKRP1z FPQl2jdA95ZQwMuVPzWbNPq8a9dc3YRhhzBb8M8Nsk2ByjFEfTObaPeDDr7g2lZG ImIY1kylD2ZgrAkoC3CDH3ptY3QbViBEPzC/d73CONdx4752LG2Gqg8MytotUup3 P/1tJ97Z0fwJnO1mlRKSeuPI9+nMO9IVgKZR8LIw+9CFgS4JWBOht8Agd2oIK4km PY1JkftKOwjRvNuZrt8P95wNKL+h/KYTdn+qsvBU7nO0PbDegRSm5hqVQAW3 -----END RSA PRIVATE KEY----- ' > '/home/amnesia/.ssh/id_rsa' 02:14:53.212523323: call returned: [0, "", ""] 02:14:53.212715105: calling as amnesia: echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV3M9ax5pb0ojD8t2ueo/qRokCA1/6fImCBDO/CYq00xnkLiStuaYU750x7ukKbLl27aEZ64zqFBV6OFfdixdedR+gUaAoLSzwD9cX8iLuZ1v1e2UKiZH3EX8cd+5J5FeyRUCmIflSQCuOyzkU2J3BitJOAhpTNTCkmHSZPMaIRAFZQEORD0uk2i7GzPuYNlzBde1/4nz4B9MUHJZz4VksgkCCFCUiyaom5wwF+Qzb8CSaBRcOpAqaKCbKqitVZXiayXQ9vsQUsDaRpvrL6adBH0jBrilWtZJz71j6VvyXRSbarm+V14Oq6QQJMFYXAy7sLW+zu3NnfNj7CFPPHfsUuQGOQ7rryOipahiTXuJBvqQuVWMIo7dLtfbrL66JPOZHaKlc9CxtJAcLcd9uBwGU2p9YTaJL+IPs2MvEvZNKLSVfHwl+F1Yj+rvjyHWq379rZBP/8aPPFem2rSn/6YtvKflmAIuEE5XE8F85vLkaQmzxg2CoQdXei91e6v6tjTQYqYTB3zq48m4MZpAZDJZivTJg9EiRSkK33Ih0ltn7n+jQ4NQEBYdNIALn6upXyFN+ip41ovGjlMPXJVjMXbNv0tlf2ZOYDPrCHD6XagezYJMqVhJI2wNZQaNtlb9clmkqPWEsmEbNNZfrrx6VwAGwKpICy4Ci97ctKsLCyPXWvQ== user@isotester' > '/home/amnesia/.ssh/id_rsa.pub' 02:14:53.436537575: call returned: [0, "", ""] 02:14:53.436795865: calling as amnesia: chmod 0600 '/home/amnesia/.ssh/'id* 02:14:53.549584037: call returned: [0, "", ""] Given I have the SSH key pair for an SSH server # features/step_definitions/ssh.rb:41 And an SSH server is running on the LAN # features/step_definitions/ssh.rb:74 02:14:53.880053483: calling as root: pidof -x -o '%PPID' ssh 02:14:54.074085171: call returned: [1, "", ""] 02:14:54.075750580: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:14:54.264783232: call returned: [1, "", ""] 02:14:54.372942064: calling as amnesia: xdotool key Super 02:14:54.608402513: call returned: [0, "", ""] 02:14:56.662846997: [log] TYPE "GNOME Terminal" 02:14:56.726909856: [log] ( Ctrl ) TYPE "#ENTER." 02:15:01.439245975: [log] TYPE "ssh user@10.2.1.1 -p 38713#ENTER." 02:15:01.440070000: calling as root: pidof -x -o '%PPID' ssh 02:15:01.669782243: call returned: [0, "11115\n", ""] When I connect to an SSH server on the LAN # features/step_definitions/ssh.rb:83 02:15:02.991307030: [log] TYPE "yes#ENTER." Then I am prompted to verify the SSH fingerprint for the SSH server # features/step_definitions/ssh.rb:61 02:15:04.156890880: [log] TYPE "yes#ENTER." @check_tor_leaks Scenario: Connecting to an SFTP server on the Internet using the GNOME "Connect to Server" feature # features/ssh.feature:24 02:15:07.424894827: calling as root: echo 'hello?' 02:15:07.612929968: call returned: [0, "hello?\n", ""] 02:15:08.335786512: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:15:08.336068350: calling as root: nmcli device show eth0 02:15:08.691266971: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:15:08.709544363: calling as root: systemctl --quiet is-active tor@default.service 02:15:08.914603763: call returned: [0, "", ""] 02:15:08.914785810: calling as root: systemctl stop tor@default.service 02:15:09.149225476: call returned: [0, "", ""] 02:15:09.149401838: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:15:09.392161538: call returned: [0, "", ""] 02:15:09.392335280: calling as root: date -s '@1498732156' 02:15:09.575361133: call returned: [0, "Thu Jun 29 10:29:16 UTC 2017\n", ""] 02:15:09.575512875: calling as root: systemctl start tor@default.service 02:15:10.741139989: call returned: [0, "", ""] 02:15:10.741375836: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:15:10.939801812: call returned: [3, "", ""] 02:15:11.940112307: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:15:12.145091988: call returned: [0, "", ""] 02:15:12.146771292: calling as amnesia: install -m 0700 -d '/home/amnesia/.ssh/' 02:15:12.249950201: call returned: [0, "", ""] 02:15:12.250588641: calling as amnesia: echo '-----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEA1dzPWseaW9KIw/LdrnqP6kaJAgNf+nyJggQzvwmKtNMZ5C4k rbmmFO+dMe7pCmy5du2hGeuM6hQVejhX3YsXXnUfoFGgKC0s8A/XF/Ii7mdb9Xtl ComR9xF/HHfuSeRXskVApiH5UkArjss5FNidwYrSTgIaUzUwpJh0mTzGiEQBWUBD kQ9LpNouxsz7mDZcwXXtf+J8+AfTFByWc+FZLIJAghQlIsmqJucMBfkM2/AkmgUX DqQKmigmyqorVWV4msl0Pb7EFLA2kab6y+mnQR9Iwa4pVrWSc+9Y+lb8l0Um2q5v ldeDqukECTBWFwMu7C1vs7tzZ3zY+whTzx37FLkBjkO668joqWoYk17iQb6kLlVj CKO3S7X26y+uiTzmR2ipXPQsbSQHC3HfbgcBlNqfWE2iS/iD7NjLxL2TSi0lXx8J fhdWI/q748h1qt+/a2QT//GjzxXptq0p/+mLbyn5ZgCLhBOVxPBfOby5GkJs8YNg qEHV3ovdXur+rY00GKmEwd86uPJuDGaQGQyWYr0yYPRIkUpCt9yIdJbZ+5/o0ODU BAWHTSAC5+rqV8hTfoqeNaLxo5TD1yVYzF2zb9LZX9mTmAz6whw+l2oHs2CTKlYS SNsDWUGjbZW/XJZpKj1hLJhGzTWX668elcABsCqSAsuAove3LSrCwsj11r0CAwEA AQKCAgEAu53JMySk4CUk4nJv1B+lnatfiqqXStJyd+Nj2hZu3w/LSQjKGLYjY36K c0Hao9CaLCFwEaM5rikMZnqDatIZID60DhtN27E2GSxsUI+V4Xw/im5ESChEK3Ho B3uXSq/N15E1lAl+BpBRJiZW31jhnOdCdDkYCyNAl0VAFSbiLK0sWbYtEFdQz0Cx hKpTlkcqvHXOc0CozZdfr+ccfnCVoJxsJzGxGoG8igBr5dmFVHWqRoxsm+WBf5f1 4BnFhldMpM5S8dAniNbGKKVKpBVJK7JcS72UeoM0Bg1WC9jAI50A5xvcvKGi2w8t ATqsa+fZBE0gD5dFOOaoHCJEFBGDMCFrm0eEfrrAtp2lAf1iFmWeq6TY9kgYEX+X 6QDE9cCIpYfx1RTvMtvlLryFt3TTZppKv3GQYI6DWmVx/+sHI29JAghhgJnjtQgM 7yqt0ap36WsGZhlnwk7bGW3AQIkxtpuHz1pMFJupBwR/zD2REltW9Gagqmtw4Om6 fUniQfuXBgRuYtPgQ8T2LLp6Z7rDx8AVDS89kz36UwApBdIk/Ull0VR4xACmq1WN 5Z+wPh+Sq3vAK/FJO5hQ0IPf2zFhFNSYEx/iE/j1SVQy11dtVbJEW0LOUzKnKDDX nB1YBKhD4tLWkLJgLBEh5jBsZMVD5JYpIC3Xeo4leaMTm6f+14ECggEBAPm4k9Dc ADY4qLbdJC/mLSDZuKYvW6Sr6qXKmf1u0nbrRW37aePySRushvjDjzJPdcYGaisI 6IAOWjeAobsHjEcbmzwXBk1JB/Sz0U9pJqZuFKjOgoCvxAdcn3d1n8tvhHxvMvCU +i5LkFtIfP5uLxMX4pZKV8sy7twrZ7C4gCRs8yjtZ6cxPnrRB6OTIDSYfeOOopfH dOiqdRxHS1h7KrVrMLrx0rNA6bNxuQQeyDwN6qMhKKoWZs6cj5jpiLs7ryLVVNwE orVmd1uuzoN5z1XUi/KM3G+Qlcq1bybCT77b5AlJ3yZpRqXaR+cFD5zxi4JeS8vj Faj6EpLWE34qvI0CggEBANs9aojQe9CrtEzXSYV47vmeCNiiqoZZhA/61jhkyMg2 xVBXmW2o98S+md+vzhPdso2ffFVOfqCvT3+e8ni7ZFGKafIoz/1lzUsHnxkJZer/ aScCIB+qo2WMpy13+D1yE36AFEIus0C/qbl43sFixrmQIxbrXk+HEfE0fqhNBGj6 bwkdwRCU78Vf3hC5581+oFesJQCUp+JnEpI/8PB0WgCJB63wHk+r73DWD26gwP/w W8N1klS+pcTufKE+nmseybyc29ZTSOVNF9D5K/9RG3YWrRqf2rdUHeE940SpPhrP nRta2eK+qHC0vxVyxrg0p84IbL3zDwYEn4UjRVR9LvECggEAUibeuf8mMrBBEKd/ mCJpBj2Z+VHrHClScGhOcIlcw7JyjNQA6fRzCJ+hZ4UuPqbVX+gMVUwA8N/H3ip7 CkRZaaszTnlkoVg9PctKOI2nIWllcoM9e4hXPPTDoVEY2Jw/QZBzeaIJC+HgA6e9 NxaYdfeNm1OpvjdrTRMacZDA1zrgY752MxKIM29AzBdCqQrhn1L1OmlrlH8/N6Zc qycZzcUNqvKTFlVsjJQFAc3+oYMShcgK0Km9+IqY0v1A9heUbikwWZFM1dB3w7mm Rqp0AxCBWbHtcuZl4OH/Rwj1oxxD0Kp0tvY7P6SnsuB/Wmo8Mw9CcDisj4J1SckT cJYuoQKCAQEAqw0T3YKr13bfyUP+/MAJ039Vb5Aac4/L1ZvjH0Si0nLJJ5HxBvnZ tgrvivJjWmSSNqTEINqJOV0OLYgZrdCmyGexmVn2TMHslilwG9yVQ+/aXrDt10cP DN/cX0FG0Mn8I6pSJADDojTneumvAjrKyWSHvA4PGwVLHmHSoATW+ADMONSaGRHa sKfHXk1taYruFvkcNYPGKII6nxh8J17gCaLf9vls7MQ8oFCi4bFSY11oeut0K+JC +48GddehSfpPc3T+oA2CxkSL3GNLzHu/bTbr/+XQg1CBr4bVlnBlIA3zibAsZxhR 2v1qSJWwLXAHrFwuW1UT16Irw3htUyoIQQKCAQBVUAkFfDTeQygHCl6I/wmGIqXK DXF8ng9vvo8yN6pNzHhx+0us59AfpMiyNm+PaC6cgGb9ni83H6Iwwzxqy0tKRP1z FPQl2jdA95ZQwMuVPzWbNPq8a9dc3YRhhzBb8M8Nsk2ByjFEfTObaPeDDr7g2lZG ImIY1kylD2ZgrAkoC3CDH3ptY3QbViBEPzC/d73CONdx4752LG2Gqg8MytotUup3 P/1tJ97Z0fwJnO1mlRKSeuPI9+nMO9IVgKZR8LIw+9CFgS4JWBOht8Agd2oIK4km PY1JkftKOwjRvNuZrt8P95wNKL+h/KYTdn+qsvBU7nO0PbDegRSm5hqVQAW3 -----END RSA PRIVATE KEY----- ' > '/home/amnesia/.ssh/id_rsa' 02:15:12.854531454: call returned: [0, "", ""] 02:15:12.854825389: calling as amnesia: echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV3M9ax5pb0ojD8t2ueo/qRokCA1/6fImCBDO/CYq00xnkLiStuaYU750x7ukKbLl27aEZ64zqFBV6OFfdixdedR+gUaAoLSzwD9cX8iLuZ1v1e2UKiZH3EX8cd+5J5FeyRUCmIflSQCuOyzkU2J3BitJOAhpTNTCkmHSZPMaIRAFZQEORD0uk2i7GzPuYNlzBde1/4nz4B9MUHJZz4VksgkCCFCUiyaom5wwF+Qzb8CSaBRcOpAqaKCbKqitVZXiayXQ9vsQUsDaRpvrL6adBH0jBrilWtZJz71j6VvyXRSbarm+V14Oq6QQJMFYXAy7sLW+zu3NnfNj7CFPPHfsUuQGOQ7rryOipahiTXuJBvqQuVWMIo7dLtfbrL66JPOZHaKlc9CxtJAcLcd9uBwGU2p9YTaJL+IPs2MvEvZNKLSVfHwl+F1Yj+rvjyHWq379rZBP/8aPPFem2rSn/6YtvKflmAIuEE5XE8F85vLkaQmzxg2CoQdXei91e6v6tjTQYqYTB3zq48m4MZpAZDJZivTJg9EiRSkK33Ih0ltn7n+jQ4NQEBYdNIALn6upXyFN+ip41ovGjlMPXJVjMXbNv0tlf2ZOYDPrCHD6XagezYJMqVhJI2wNZQaNtlb9clmkqPWEsmEbNNZfrrx6VwAGwKpICy4Ci97ctKsLCyPXWvQ== user@isotester' > '/home/amnesia/.ssh/id_rsa.pub' 02:15:13.022390016: call returned: [0, "", ""] 02:15:13.022612771: calling as amnesia: chmod 0600 '/home/amnesia/.ssh/'id* 02:15:13.128742116: call returned: [0, "", ""] Given I have the SSH key pair for an SFTP server # features/step_definitions/ssh.rb:41 02:15:13.195977901: calling as amnesia: xdotool key Super 02:15:13.442671041: call returned: [0, "", ""] 02:15:14.941658011: [log] TYPE "Nautilus" [log] ( Ctrl ) TYPE "#ENTER." 02:15:14.942609463: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node370 = dogtail.tree.root.application('nautilus') 02:15:17.037845077: execution complete 02:15:17.038084139: executing Python as amnesia: node371 = node370.child(roleName='frame') 02:15:17.091575586: execution complete 02:15:17.091802270: executing Python as amnesia: node372 = node370.child('Other Locations', roleName='label') 02:15:17.642699791: execution complete 02:15:17.642858241: executing Python as amnesia: node372.click() 02:15:18.716504707: execution complete 02:15:18.716715486: executing Python as amnesia: node373 = node370.child('Connect to Server', roleName='label') 02:15:18.894713665: execution complete 02:15:18.894887087: executing Python as amnesia: node374 = node373.parent 02:15:18.949014100: execution complete 02:15:18.949206497: executing Python as amnesia: node375 = node374.child(roleName='filler', recursive=False) 02:15:18.996671717: execution complete 02:15:18.996906247: executing Python as amnesia: node376 = node375.child(roleName='text', recursive=False) 02:15:19.038935821: execution complete 02:15:19.039136592: executing Python as amnesia: node376.text = 'sftp://autotest-sftp@misc.lizard:22' 02:15:19.075184657: execution complete 02:15:19.075365930: executing Python as amnesia: node377 = node374.button('Connect', recursive=False) 02:15:19.119081376: execution complete 02:15:19.119241234: executing Python as amnesia: node377.click() 02:15:20.164607978: execution complete 02:15:20.165750905: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node378 = dogtail.tree.root.application('gnome-shell') 02:15:20.326151988: execution complete 02:15:20.326343439: executing Python as amnesia: node379 = node378.child('Log In Anyway') 02:15:21.065504387: execution complete 02:15:21.110801808: [log] TYPE "#ENTER." When I connect to an SFTP server on the Internet # features/step_definitions/ssh.rb:116 02:15:21.115682620: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node380 = dogtail.tree.root.application('nautilus') 02:15:21.394805981: execution complete 02:15:21.395009328: executing Python as amnesia: node381 = node380.child('autotest-sftp on misc.lizard') 02:15:22.811989346: execution complete Then I successfully connect to the SFTP server # features/step_definitions/ssh.rb:151 #11465 @product @check_tor_leaks Feature: Thunderbird email client As a Tails user I may want to use an email client Background: # features/thunderbird.feature:7 02:15:26.342074132: calling as root: echo 'hello?' 02:15:26.590288130: call returned: [0, "hello?\n", ""] 02:15:27.313876904: calling as root: nmcli device show eth0 02:15:27.331878439: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:15:27.696240805: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:15:27.725100586: calling as root: systemctl --quiet is-active tor@default.service 02:15:27.993614993: call returned: [0, "", ""] 02:15:27.993777909: calling as root: systemctl stop tor@default.service 02:15:28.221534803: call returned: [0, "", ""] 02:15:28.221715185: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:15:28.463970103: call returned: [0, "", ""] 02:15:28.464137753: calling as root: date -s '@1498732175' 02:15:28.672610930: call returned: [0, "Thu Jun 29 10:29:35 UTC 2017\n", ""] 02:15:28.672757961: calling as root: systemctl start tor@default.service 02:15:29.937836380: call returned: [0, "", ""] 02:15:29.938089182: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:15:30.158967460: call returned: [3, "", ""] 02:15:31.159281885: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:15:31.330784778: call returned: [3, "", ""] 02:15:32.331055299: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:15:32.559147262: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:15:32.560976151: calling as root: test -e '/home/amnesia/.thunderbird/profile.default/prefs.js' 02:15:32.712234269: call returned: [1, "", ""] And I have not configured an email account # features/step_definitions/thunderbird.rb:38 02:15:32.713891781: opening file /etc/thunderbird/pref/thunderbird.js in 'append' mode 02:15:32.756682608: append complete 02:15:32.822809650: calling as amnesia: xdotool key Super 02:15:33.048400154: call returned: [0, "", ""] 02:15:34.559201957: [log] TYPE "Thunderbird" 02:15:34.622784691: [log] ( Ctrl ) TYPE "#ENTER." 02:15:34.623186614: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node382 = dogtail.tree.root.application('Thunderbird') 02:15:47.153858294: execution complete 02:15:48.154327145: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node383 = dogtail.tree.root.application('Thunderbird') 02:15:51.132613244: execution complete 02:15:51.132898120: executing Python as amnesia: node384 = node383.child(roleName='frame') 02:15:51.194302258: execution complete When I start Thunderbird # features/step_definitions/thunderbird.rb:24 02:15:51.196223773: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node385 = dogtail.tree.root.application('Thunderbird') 02:15:51.519622727: execution complete 02:15:51.519838606: executing Python as amnesia: node386 = node385.child('Mail Account Setup', roleName='frame') 02:15:51.752955034: execution complete Then I am prompted to setup an email account # features/step_definitions/thunderbird.rb:46 Scenario: Only the expected addons are installed # features/thunderbird.feature:13 02:15:51.757298303: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node387 = dogtail.tree.root.application('Thunderbird') 02:15:51.879659906: execution complete 02:15:51.879900993: executing Python as amnesia: node388 = node387.child('Mail Account Setup', roleName='frame') 02:15:52.075510222: execution complete 02:15:52.075707498: executing Python as amnesia: node389 = node388.button('Cancel') 02:15:52.147022893: execution complete 02:15:52.147218689: executing Python as amnesia: node389.click() 02:15:53.187574799: execution complete Given I cancel setting up an email account # features/step_definitions/thunderbird.rb:50 02:15:53.189863601: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node390 = dogtail.tree.root.application('Thunderbird') 02:15:53.273428229: execution complete 02:15:53.273668453: executing Python as amnesia: node391 = node390.child(roleName='frame') 02:15:53.313052189: execution complete 02:15:53.313287113: executing Python as amnesia: node392 = node391.button('AppMenu') 02:15:53.411807644: execution complete 02:15:53.412088914: executing Python as amnesia: node392.click() 02:15:54.470181554: execution complete 02:15:54.470516712: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node393 = dogtail.tree.root.application('Thunderbird') 02:15:54.566083074: execution complete 02:15:54.566272738: executing Python as amnesia: node394 = node393.child(roleName='frame') 02:15:54.600675777: execution complete 02:15:54.600856813: executing Python as amnesia: node395 = node394.child('Add-ons', roleName='menu item') 02:15:54.734093470: execution complete 02:15:54.734261713: executing Python as amnesia: node395.click() 02:15:55.770225214: execution complete 02:15:55.770529400: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node396 = dogtail.tree.root.application('Thunderbird') 02:15:56.193631743: execution complete 02:15:56.193956500: executing Python as amnesia: node397 = node396.child('Add-ons Manager - Mozilla Thunderbird', roleName='frame') 02:15:56.282906229: execution complete When I open Thunderbird's Add-ons Manager # features/step_definitions/thunderbird.rb:54 02:15:56.285148521: executing Python as amnesia: node398 = node397.child('Extensions', roleName='list item') 02:15:56.568064449: execution complete 02:15:56.568366566: executing Python as amnesia: node398.click() 02:15:57.611869409: execution complete And I click the extensions tab # features/step_definitions/thunderbird.rb:62 02:15:57.613823904: executing Python as amnesia: node399 = node397.child('TorBirdy', roleName='label') 02:15:57.767413007: execution complete 02:15:57.767667094: executing Python as amnesia: node400 = node399.parent 02:15:57.805325951: execution complete 02:15:57.805479482: executing Python as amnesia: node401 = node400.parent 02:15:57.838284280: execution complete 02:15:57.838508514: executing Python as amnesia: nodes402 = node401.findChildren(dogtail.predicate.GenericPredicate(roleName='list item'), recursive=False) print(len(nodes402)) 02:15:57.890031635: execution complete 02:15:57.890206974: executing Python as amnesia: node403 = nodes402[0] 02:15:57.927285491: execution complete 02:15:57.927461148: executing Python as amnesia: node404 = nodes402[1] 02:15:57.958895004: execution complete 02:15:57.959025971: executing Python as amnesia: print(node403.name) 02:15:58.010846165: execution complete 02:15:58.011109412: executing Python as amnesia: print(node404.name) 02:15:58.071601526: execution complete Then I see that only the Enigmail and TorBirdy addons are enabled in Thunderbird # features/step_definitions/thunderbird.rb:66 Scenario: Torbirdy is configured to use Tor # features/thunderbird.feature:19 02:16:01.599961289: calling as root: echo 'hello?' 02:16:01.808382674: call returned: [0, "hello?\n", ""] 02:16:02.532061899: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:16:02.532273640: calling as root: nmcli device show eth0 02:16:02.916785475: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:16:02.939205540: calling as root: systemctl --quiet is-active tor@default.service 02:16:03.142069607: call returned: [0, "", ""] 02:16:03.142220939: calling as root: systemctl stop tor@default.service 02:16:03.382497046: call returned: [0, "", ""] 02:16:03.382645863: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:16:03.578966552: call returned: [0, "", ""] 02:16:03.579166791: calling as root: date -s '@1498732210' 02:16:03.753976859: call returned: [0, "Thu Jun 29 10:30:10 UTC 2017\n", ""] 02:16:03.754133160: calling as root: systemctl start tor@default.service 02:16:04.762211275: call returned: [0, "", ""] 02:16:04.762500058: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:04.985369449: call returned: [3, "", ""] 02:16:05.985700956: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:06.223382766: call returned: [3, "", ""] 02:16:07.223713010: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:07.451823798: call returned: [0, "", ""] 02:16:07.453068269: calling as root: test -e '/home/amnesia/.thunderbird/profile.default/prefs.js' 02:16:07.636317503: call returned: [1, "", ""] 02:16:07.637505125: opening file /etc/thunderbird/pref/thunderbird.js in 'append' mode 02:16:07.673006608: append complete 02:16:07.757517680: calling as amnesia: xdotool key Super 02:16:08.028079994: call returned: [0, "", ""] 02:16:09.519284104: [log] TYPE "Thunderbird" 02:16:09.586931083: [log] ( Ctrl ) TYPE "#ENTER." 02:16:09.587335968: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node405 = dogtail.tree.root.application('Thunderbird') 02:16:22.472799251: execution complete 02:16:23.473218298: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node406 = dogtail.tree.root.application('Thunderbird') 02:16:26.484184422: execution complete 02:16:26.484427345: executing Python as amnesia: node407 = node406.child(roleName='frame') 02:16:26.532003960: execution complete 02:16:26.532939520: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node408 = dogtail.tree.root.application('Thunderbird') 02:16:26.703147735: execution complete 02:16:26.703455012: executing Python as amnesia: node409 = node408.child('Mail Account Setup', roleName='frame') 02:16:26.864596391: execution complete 02:16:26.865442089: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node410 = dogtail.tree.root.application('Thunderbird') 02:16:26.933129504: execution complete 02:16:26.933364477: executing Python as amnesia: node411 = node410.child('Mail Account Setup', roleName='frame') 02:16:27.107990991: execution complete 02:16:27.108212913: executing Python as amnesia: node412 = node411.button('Cancel') 02:16:27.194585989: execution complete 02:16:27.194772123: executing Python as amnesia: node412.click() 02:16:28.240886179: execution complete Given I cancel setting up an email account # features/step_definitions/thunderbird.rb:50 02:16:28.242718734: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node413 = dogtail.tree.root.application('Thunderbird') 02:16:28.341824178: execution complete 02:16:28.342007743: executing Python as amnesia: node414 = node413.child(roleName='frame') 02:16:28.380220635: execution complete 02:16:28.380448842: executing Python as amnesia: node415 = node414.child(roleName='status bar') 02:16:28.462036582: execution complete 02:16:28.462270967: executing Python as amnesia: node416 = node415.child('TorBirdy Enabled: Tor', roleName='label') 02:16:28.502114195: execution complete Then I see that Torbirdy is configured to use Tor # features/step_definitions/thunderbird.rb:80 @product Feature: The Tor enforcement is effective As a Tails user I want all direct Internet connections I do by mistake or applications do by misconfiguration or buggy leaks to be blocked And as a Tails developer I want to ensure that the automated test suite detects firewall leaks reliably Scenario: The firewall configuration is very restrictive # features/tor_enforcement.feature:8 02:16:31.732100553: calling as root: echo 'hello?' 02:16:31.964152919: call returned: [0, "hello?\n", ""] 02:16:32.688955161: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:16:32.689162250: calling as root: nmcli device show eth0 02:16:33.053749860: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:16:33.074124898: calling as root: systemctl --quiet is-active tor@default.service 02:16:33.260750393: call returned: [0, "", ""] 02:16:33.260924346: calling as root: systemctl stop tor@default.service 02:16:33.508336539: call returned: [0, "", ""] 02:16:33.508488063: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:16:33.760343439: call returned: [0, "", ""] 02:16:33.760510879: calling as root: date -s '@1498732240' 02:16:33.911797353: call returned: [0, "Thu Jun 29 10:30:40 UTC 2017\n", ""] 02:16:33.911962322: calling as root: systemctl start tor@default.service 02:16:35.101520317: call returned: [0, "", ""] 02:16:35.101828316: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:35.300746380: call returned: [3, "", ""] 02:16:36.301119877: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:36.485455319: call returned: [3, "", ""] 02:16:37.485815376: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:37.726274976: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:16:37.728684288: calling as root: iptables-save -c -t filter | iptables-xml 02:16:38.778432778: call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 119\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 120\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 114\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 17600:17650\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 116\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 108\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

tcp

\n
\n \n 137\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 137\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] Then the firewall's policy is to DROP all IPv4 traffic # features/step_definitions/tor.rb:55 02:16:38.827477017: calling as root: id -u clearnet 02:16:39.032385680: call returned: [0, "116\n", ""] 02:16:39.032586282: calling as root: id -u debian-tor 02:16:39.201165697: call returned: [0, "108\n", ""] 02:16:39.201425106: calling as root: iptables-save -c -t filter | iptables-xml 02:16:40.253830167: call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 119\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 120\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 104\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 114\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 17600:17650\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 116\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 108\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

tcp

\n
\n \n 137\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 137\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the firewall is configured to only allow the clearnet and debian-tor users to connect directly to the Internet over IPv4 # features/step_definitions/tor.rb:65 02:16:40.336776035: calling as root: iptables-save -c -t nat | iptables-xml 02:16:40.605740190: call returned: [0, "\n\n \n \n \n \n \n 127.192.0.0/10\n

tcp

\n
\n
\n \n \n 9040\n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n

udp

\n
\n \n 53\n \n
\n \n \n 5353\n \n \n\n
\n\n
\n \n \n \n
\n\n
\n", ""] And the firewall's NAT rules only redirect traffic for Tor's TransPort and DNSPort # features/step_definitions/tor.rb:120 02:16:40.614547882: calling as root: ip6tables-save -c -t filter | iptables-xml 02:16:41.084637444: call returned: [0, "\n\n \n \n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n
\n \n \n \n\n
\n\n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n ESTABLISHED\n \n
\n \n \n \n\n
\n\n
\n \n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n 114\n \n
\n \n \n \n\n
\n\n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n ESTABLISHED\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp6-port-unreachable\n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the firewall is configured to block all external IPv6 traffic # features/step_definitions/tor.rb:156 Scenario: Anti test: Detecting TCP leaks from the Unsafe Browser with the firewall leak detector # features/tor_enforcement.feature:15 02:16:44.148179757: calling as root: echo 'hello?' 02:16:44.416188258: call returned: [0, "hello?\n", ""] 02:16:45.143171560: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:16:45.143346255: calling as root: nmcli device show eth0 02:16:45.529221498: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:16:45.546119496: calling as root: systemctl --quiet is-active tor@default.service 02:16:45.737968048: call returned: [0, "", ""] 02:16:45.738163746: calling as root: systemctl stop tor@default.service 02:16:46.017000875: call returned: [0, "", ""] 02:16:46.017161415: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:16:46.214956687: call returned: [0, "", ""] 02:16:46.215155580: calling as root: date -s '@1498732253' 02:16:46.389849190: call returned: [0, "Thu Jun 29 10:30:53 UTC 2017\n", ""] 02:16:46.390082673: calling as root: systemctl start tor@default.service 02:16:47.554626518: call returned: [0, "", ""] 02:16:47.554925828: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:47.757595686: call returned: [3, "", ""] 02:16:48.757882383: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:48.969285388: call returned: [3, "", ""] 02:16:49.969618711: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:16:50.220392702: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 02:16:50.335338906: calling as amnesia: xdotool key Super 02:16:50.553943725: call returned: [0, "", ""] 02:16:52.243360059: [log] TYPE "Unsafe Browser" 02:16:56.785672768: [log] ( Ctrl ) TYPE "#ENTER." 02:16:56.881038629: [log] TYPE "#RIGHT.#ENTER." 02:16:56.881496299: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node417 = dogtail.tree.root.application('gnome-shell') 02:16:57.060332476: execution complete 02:16:57.060589289: executing Python as amnesia: node418 = node417.child('No Notifications', roleName='label', showingOnly=False) 02:16:59.174601112: execution complete 02:16:59.174791274: executing Python as amnesia: node419 = node418.parent 02:16:59.211552124: execution complete 02:16:59.211747332: executing Python as amnesia: node420 = node419.parent 02:16:59.247940424: execution complete 02:16:59.248367370: executing Python as amnesia: node421 = node420.child('Starting the Unsafe Browser...', roleName='label', showingOnly=False) 02:16:59.323953505: execution complete When I successfully start the Unsafe Browser # features/step_definitions/browser.rb:9 02:17:15.889518943: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 02:17:16.147935496: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 02:17:17.074181860: [log] CLICK on L(243,80)@S(0)[0,0 1024x768] 02:17:17.813340382: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 02:17:18.365704562: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 02:17:19.149687963: [log] CLICK on L(147,114)@S(0)[0,0 1024x768] 02:17:24.149654369: calling as amnesia: echo -n 'https://tails.boum.org' | xsel --input --clipboard 02:17:24.353634955: call returned: [0, "", ""] 02:17:25.408297621: [log] ( Ctrl ) TYPE "v" [log] TYPE "#ENTER." And I open Tails homepage in the Unsafe Browser # features/step_definitions/browser.rb:201 And Tails homepage loads in the Unsafe Browser # features/step_definitions/browser.rb:210 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 Scenario: Anti test: Detecting TCP leaks of DNS lookups with the firewall leak detector # features/tor_enforcement.feature:23 02:17:29.162985573: calling as root: echo 'hello?' 02:17:29.351174166: call returned: [0, "hello?\n", ""] 02:17:30.078838550: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:17:30.079083770: calling as root: nmcli device show eth0 02:17:30.488191005: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:17:30.505156085: calling as root: systemctl --quiet is-active tor@default.service 02:17:30.685349275: call returned: [0, "", ""] 02:17:30.685504136: calling as root: systemctl stop tor@default.service 02:17:30.963390745: call returned: [0, "", ""] 02:17:30.963565798: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:17:31.142733241: call returned: [0, "", ""] 02:17:31.142941351: calling as root: date -s '@1498732298' 02:17:31.388038393: call returned: [0, "Thu Jun 29 10:31:38 UTC 2017\n", ""] 02:17:31.388265007: calling as root: systemctl start tor@default.service 02:17:32.457749769: call returned: [0, "", ""] 02:17:32.458069736: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:32.697972707: call returned: [3, "", ""] 02:17:33.698288306: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:33.925312934: call returned: [3, "", ""] 02:17:34.925595374: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:35.138196787: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 02:17:35.164195759: calling as root: /usr/local/lib/do_not_ever_run_me 02:17:35.490543480: call returned: [0, "", ""] 02:17:35.490713750: calling as root: iptables -L -n -v 02:17:35.662665306: call returned: [0, "Chain INPUT (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 1 packets, 40 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 02:17:35.664759567: calling as amnesia: host -T -t A torproject.org 208.67.222.222 02:17:36.276640082: call returned: [0, "Using domain server:\nName: 208.67.222.222\nAddress: 208.67.222.222#53\nAliases: \n\ntorproject.org has address 38.229.72.16\ntorproject.org has address 89.45.235.21\ntorproject.org has address 138.201.14.197\ntorproject.org has address 82.195.75.101\ntorproject.org has address 154.35.132.70\n", ""] When I do a TCP DNS lookup of "torproject.org" # features/step_definitions/firewall_leaks.rb:19 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 Scenario: Anti test: Detecting UDP leaks of DNS lookups with the firewall leak detector # features/tor_enforcement.feature:30 02:17:39.767626616: calling as root: echo 'hello?' 02:17:39.979493054: call returned: [0, "hello?\n", ""] 02:17:40.702359763: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:17:40.702576798: calling as root: nmcli device show eth0 02:17:41.091745987: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:17:41.111018633: calling as root: systemctl --quiet is-active tor@default.service 02:17:41.324139012: call returned: [0, "", ""] 02:17:41.324332885: calling as root: systemctl stop tor@default.service 02:17:41.567246685: call returned: [0, "", ""] 02:17:41.567394072: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:17:41.823846885: call returned: [0, "", ""] 02:17:41.824014246: calling as root: date -s '@1498732308' 02:17:42.021144009: call returned: [0, "Thu Jun 29 10:31:48 UTC 2017\n", ""] 02:17:42.021351245: calling as root: systemctl start tor@default.service 02:17:43.157962862: call returned: [0, "", ""] 02:17:43.158393456: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:43.418302490: call returned: [3, "", ""] 02:17:44.418806006: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:44.612727915: call returned: [3, "", ""] 02:17:45.613012523: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:45.834034139: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 02:17:45.862492723: calling as root: /usr/local/lib/do_not_ever_run_me 02:17:46.195620159: call returned: [0, "", ""] 02:17:46.195771845: calling as root: iptables -L -n -v 02:17:46.381438563: call returned: [0, "Chain INPUT (policy ACCEPT 1 packets, 71 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 2 packets, 80 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 02:17:46.383773475: calling as amnesia: host -t A torproject.org 208.67.222.222 02:17:47.165918358: call returned: [0, "Using domain server:\nName: 208.67.222.222\nAddress: 208.67.222.222#53\nAliases: \n\ntorproject.org has address 89.45.235.21\ntorproject.org has address 154.35.132.70\ntorproject.org has address 138.201.14.197\ntorproject.org has address 38.229.72.16\ntorproject.org has address 82.195.75.101\n", ""] When I do a UDP DNS lookup of "torproject.org" # features/step_definitions/firewall_leaks.rb:24 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 Scenario: Anti test: Detecting ICMP leaks of ping with the firewall leak detector # features/tor_enforcement.feature:37 02:17:50.326595205: calling as root: echo 'hello?' 02:17:50.646874869: call returned: [0, "hello?\n", ""] 02:17:51.370675557: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:17:51.370952170: calling as root: nmcli device show eth0 02:17:51.707108996: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:17:51.728914897: calling as root: systemctl --quiet is-active tor@default.service 02:17:51.940803768: call returned: [0, "", ""] 02:17:51.940959312: calling as root: systemctl stop tor@default.service 02:17:52.183468171: call returned: [0, "", ""] 02:17:52.183633360: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:17:52.398456738: call returned: [0, "", ""] 02:17:52.398639225: calling as root: date -s '@1498732319' 02:17:52.617386008: call returned: [0, "Thu Jun 29 10:31:59 UTC 2017\n", ""] 02:17:52.617535775: calling as root: systemctl start tor@default.service 02:17:53.756301455: call returned: [0, "", ""] 02:17:53.756594025: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:53.962897858: call returned: [3, "", ""] 02:17:54.963378329: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:55.171088285: call returned: [3, "", ""] 02:17:56.171379784: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:17:56.362204643: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 And I capture all network traffic # features/step_definitions/common_steps.rb:96 02:17:56.385134154: calling as root: /usr/local/lib/do_not_ever_run_me 02:17:56.685597517: call returned: [0, "", ""] 02:17:56.685793122: calling as root: iptables -L -n -v 02:17:56.887191614: call returned: [0, "Chain INPUT (policy ACCEPT 3 packets, 1749 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 5 packets, 1829 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 02:17:56.889472460: calling as root: ping -c 5 208.67.222.222 02:18:01.267310166: call returned: [0, "PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data.\n64 bytes from 208.67.222.222: icmp_seq=1 ttl=60 time=0.753 ms\n64 bytes from 208.67.222.222: icmp_seq=2 ttl=60 time=1.25 ms\n64 bytes from 208.67.222.222: icmp_seq=3 ttl=60 time=0.876 ms\n64 bytes from 208.67.222.222: icmp_seq=4 ttl=60 time=0.908 ms\n64 bytes from 208.67.222.222: icmp_seq=5 ttl=60 time=0.768 ms\n\n--- 208.67.222.222 ping statistics ---\n5 packets transmitted, 5 received, 0% packet loss, time 4033ms\nrtt min/avg/max/mdev = 0.753/0.912/1.259/0.187 ms\n", ""] When I send some ICMP pings # features/step_definitions/firewall_leaks.rb:29 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 @check_tor_leaks Scenario: The Tor enforcement is effective at blocking untorified TCP connection attempts # features/tor_enforcement.feature:45 02:18:04.611195028: calling as root: echo 'hello?' 02:18:04.803029879: call returned: [0, "hello?\n", ""] 02:18:05.527209731: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:18:05.527412561: calling as root: nmcli device show eth0 02:18:05.902089472: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:18:05.919829648: calling as root: systemctl --quiet is-active tor@default.service 02:18:06.107157674: call returned: [0, "", ""] 02:18:06.107383717: calling as root: systemctl stop tor@default.service 02:18:06.343339123: call returned: [0, "", ""] 02:18:06.343490464: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:18:06.536211409: call returned: [0, "", ""] 02:18:06.536381514: calling as root: date -s '@1498732333' 02:18:06.821115681: call returned: [0, "Thu Jun 29 10:32:13 UTC 2017\n", ""] 02:18:06.821262949: calling as root: systemctl start tor@default.service 02:18:08.215455910: call returned: [0, "", ""] 02:18:08.215765809: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:08.441201628: call returned: [3, "", ""] 02:18:09.441537565: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:09.687197396: call returned: [3, "", ""] 02:18:10.687498938: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:10.916046046: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:18:10.918112498: calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=TCP .* DPT=42 ' 02:18:11.115856422: call returned: [1, "", ""] 02:18:11.116056696: calling as amnesia: echo | nc.traditional 1.2.3.4 42 02:18:12.288073996: call returned: [1, "", "(UNKNOWN) [1.2.3.4] 42 (nameserver) : Connection refused\n"] When I open an untorified TCP connection to 1.2.3.4 on port 42 # features/step_definitions/tor.rb:187 Then the untorified connection fails # features/step_definitions/tor.rb:211 02:18:12.291124754: calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=TCP .* DPT=42 ' 02:18:12.524298841: call returned: [0, "", ""] And the untorified connection is logged as dropped by the firewall # features/step_definitions/tor.rb:225 @check_tor_leaks Scenario: The Tor enforcement is effective at blocking untorified UDP connection attempts # features/tor_enforcement.feature:52 02:18:15.873355948: calling as root: echo 'hello?' 02:18:16.203963820: call returned: [0, "hello?\n", ""] 02:18:16.926566006: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:18:16.926739240: calling as root: nmcli device show eth0 02:18:17.311547985: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:18:17.332769273: calling as root: systemctl --quiet is-active tor@default.service 02:18:17.538189920: call returned: [0, "", ""] 02:18:17.538373707: calling as root: systemctl stop tor@default.service 02:18:17.791998992: call returned: [0, "", ""] 02:18:17.792191904: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:18:18.003626812: call returned: [0, "", ""] 02:18:18.003795225: calling as root: date -s '@1498732344' 02:18:18.212587355: call returned: [0, "Thu Jun 29 10:32:24 UTC 2017\n", ""] 02:18:18.212768052: calling as root: systemctl start tor@default.service 02:18:19.439082378: call returned: [0, "", ""] 02:18:19.439413157: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:19.629999498: call returned: [3, "", ""] 02:18:20.630346275: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:20.788203882: call returned: [3, "", ""] 02:18:21.788514368: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:21.966322972: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:18:21.968542259: calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=UDP .* DPT=42 ' 02:18:22.142062515: call returned: [1, "", ""] 02:18:22.142340050: calling as amnesia: echo | nc.traditional -u 1.2.3.4 42 02:18:22.385212512: call returned: [1, "", ""] When I open an untorified UDP connection to 1.2.3.4 on port 42 # features/step_definitions/tor.rb:187 02:18:22.386516145: calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=UDP .* DPT=42 ' 02:18:22.620147162: call returned: [0, "", ""] And the untorified connection is logged as dropped by the firewall # features/step_definitions/tor.rb:225 Scenario: The system DNS is always set up to use Tor's DNSPort # features/tor_enforcement.feature:64 02:18:25.919832348: calling as root: echo 'hello?' 02:18:26.191723917: call returned: [0, "hello?\n", ""] 02:18:26.915220265: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:18:26.915388233: calling as root: nmcli device show eth0 02:18:27.325400219: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:18:27.342676265: calling as root: date -s '@1498732354' 02:18:27.492236747: call returned: [0, "Thu Jun 29 10:32:34 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 02:18:27.494123517: opening file /etc/resolv.conf in 'read' mode 02:18:27.518526150: read complete And the system DNS is using the local DNS resolver # features/step_definitions/tor.rb:232 And the network is plugged # features/step_definitions/common_steps.rb:79 02:18:27.591774497: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:28.114632784: call returned: [1, "", ""] 02:18:29.114945782: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:29.329396032: call returned: [1, "", ""] 02:18:30.329674118: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:30.533187268: call returned: [1, "", ""] 02:18:31.533478506: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:31.735084372: call returned: [1, "", ""] 02:18:32.735383939: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:32.919789800: call returned: [1, "", ""] 02:18:33.920095101: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:34.078909007: call returned: [1, "", ""] 02:18:35.079395804: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:35.266027842: call returned: [1, "", ""] 02:18:36.266394358: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:36.488782065: call returned: [1, "", ""] 02:18:37.489177043: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:37.768846626: call returned: [1, "", ""] 02:18:38.769154621: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:38.935152342: call returned: [3, "", ""] 02:18:39.935522096: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:40.184965834: call returned: [0, "", ""] 02:18:40.185285891: calling as root: test -e /run/tordate/done 02:18:40.412718527: call returned: [0, "", ""] 02:18:40.413176548: calling as root: test -e /run/htpdate/success 02:18:40.729236670: call returned: [1, "", ""] 02:18:41.729567295: calling as root: test -e /run/htpdate/success 02:18:42.007776676: call returned: [1, "", ""] 02:18:43.008087687: calling as root: test -e /run/htpdate/success 02:18:43.320052211: call returned: [0, "", ""] 02:18:43.320396285: calling as root: systemctl is-system-running 02:18:43.656391238: call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:341 02:18:43.658102040: opening file /etc/resolv.conf in 'read' mode 02:18:43.686768486: read complete Then the system DNS is still using the local DNS resolver # features/step_definitions/tor.rb:232 @product @check_tor_leaks Feature: Tor stream isolation is effective As a Tails user I want my Torified sessions to be sensibly isolated from each other to prevent identity correlation Background: # features/tor_stream_isolation.feature:6 02:18:46.775711590: calling as root: echo 'hello?' 02:18:46.958733511: call returned: [0, "hello?\n", ""] 02:18:47.683011432: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:18:47.683217061: calling as root: nmcli device show eth0 02:18:48.067498821: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:18:48.084197362: calling as root: systemctl --quiet is-active tor@default.service 02:18:48.280076065: call returned: [0, "", ""] 02:18:48.280297176: calling as root: systemctl stop tor@default.service 02:18:48.527900605: call returned: [0, "", ""] 02:18:48.528052545: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:18:48.716030138: call returned: [0, "", ""] 02:18:48.716206996: calling as root: date -s '@1498732375' 02:18:48.930933432: call returned: [0, "Thu Jun 29 10:32:55 UTC 2017\n", ""] 02:18:48.931106295: calling as root: systemctl start tor@default.service 02:18:49.949617195: call returned: [0, "", ""] 02:18:49.949846749: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:50.115530270: call returned: [3, "", ""] 02:18:51.115830554: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:51.360393170: call returned: [3, "", ""] 02:18:52.360652315: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:18:52.564007584: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 Scenario: tails-security-check is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:9 02:18:52.567493729: spawning as root: while true; do ss -taupen | grep 'users:(("tails-security-"'; sleep 0.1; done > /tmp/ss.log When I monitor the network connections of tails-security-check # features/step_definitions/tor.rb:285 02:18:52.721578699: calling as amnesia: tails-security-check 02:18:54.092725292: call returned: [0, "", ""] And I re-run tails-security-check # features/step_definitions/tor.rb:311 02:18:54.094928003: opening file /tmp/ss.log in 'read' mode 02:18:54.133249541: read complete Then I see that tails-security-check is properly stream isolated # features/step_definitions/tor.rb:294 Scenario: htpdate is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:14 02:18:57.497668243: calling as root: echo 'hello?' 02:18:57.688795122: call returned: [0, "hello?\n", ""] 02:18:58.411761465: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:18:58.412129641: calling as root: nmcli device show eth0 02:18:58.796905401: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:18:58.814799410: calling as root: systemctl --quiet is-active tor@default.service 02:18:59.046253682: call returned: [0, "", ""] 02:18:59.046408822: calling as root: systemctl stop tor@default.service 02:18:59.289621250: call returned: [0, "", ""] 02:18:59.289787729: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:18:59.524363435: call returned: [0, "", ""] 02:18:59.524653772: calling as root: date -s '@1498732386' 02:18:59.835756869: call returned: [0, "Thu Jun 29 10:33:06 UTC 2017\n", ""] 02:18:59.835946363: calling as root: systemctl start tor@default.service 02:19:00.889397868: call returned: [0, "", ""] 02:19:00.889677959: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:01.169881585: call returned: [3, "", ""] 02:19:02.170260481: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:02.426525270: call returned: [3, "", ""] 02:19:03.426812029: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:03.606975571: call returned: [0, "", ""] 02:19:03.609271130: spawning as root: while true; do ss -taupen | grep 'users:(("curl"'; sleep 0.1; done > /tmp/ss.log When I monitor the network connections of htpdate # features/step_definitions/tor.rb:285 02:19:03.813238033: calling as root: service htpdate stop && rm -f /run/htpdate/* && systemctl --no-block start htpdate.service 02:19:04.502675807: call returned: [0, "", ""] 02:19:04.502960294: calling as root: test -e /run/tordate/done 02:19:04.676922920: call returned: [0, "", ""] 02:19:04.677333340: calling as root: test -e /run/htpdate/success 02:19:04.871232333: call returned: [1, "", ""] 02:19:05.871544085: calling as root: test -e /run/htpdate/success 02:19:06.043638461: call returned: [1, "", ""] 02:19:07.043931637: calling as root: test -e /run/htpdate/success 02:19:07.231760557: call returned: [0, "", ""] And I re-run htpdate # features/step_definitions/tor.rb:315 02:19:07.233801579: opening file /tmp/ss.log in 'read' mode 02:19:07.467279523: read complete Then I see that htpdate is properly stream isolated # features/step_definitions/tor.rb:294 Scenario: tails-upgrade-frontend-wrapper is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:19 02:19:10.744884218: calling as root: echo 'hello?' 02:19:10.949286219: call returned: [0, "hello?\n", ""] 02:19:11.675219658: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:19:11.675574067: calling as root: nmcli device show eth0 02:19:12.087499376: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:19:12.106307599: calling as root: systemctl --quiet is-active tor@default.service 02:19:12.290165908: call returned: [0, "", ""] 02:19:12.290362888: calling as root: systemctl stop tor@default.service 02:19:12.523616753: call returned: [0, "", ""] 02:19:12.523807662: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:19:12.739187915: call returned: [0, "", ""] 02:19:12.739381599: calling as root: date -s '@1498732399' 02:19:12.933516444: call returned: [0, "Thu Jun 29 10:33:19 UTC 2017\n", ""] 02:19:12.933739786: calling as root: systemctl start tor@default.service 02:19:14.039856819: call returned: [0, "", ""] 02:19:14.040088385: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:14.250836018: call returned: [3, "", ""] 02:19:15.251220696: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:15.484809609: call returned: [3, "", ""] 02:19:16.485100465: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:16.683136668: call returned: [0, "", ""] 02:19:16.684885383: spawning as root: while true; do ss -taupen | grep 'users:(("tails-iuk-get-u"'; sleep 0.1; done > /tmp/ss.log When I monitor the network connections of tails-upgrade-frontend-wrapper # features/step_definitions/tor.rb:285 02:19:16.912555057: calling as amnesia: tails-upgrade-frontend-wrapper 02:19:51.896730666: call returned: [0, "localuser:tails-upgrade-frontend being added to access control list\nThe system is up-to-date\nlocaluser:tails-upgrade-frontend being removed from access control list\n", "Prototype mismatch: sub Tails::MirrorPool::assert ($;$) vs none at /usr/share/perl5/Tails/MirrorPool.pm line 28.\nPrototype mismatch: sub Tails::IUK::Frontend::assert ($;$) vs none at /usr/share/perl5/Tails/IUK/Frontend.pm line 42.\n"] And I re-run tails-upgrade-frontend-wrapper # features/step_definitions/tor.rb:322 02:19:51.898457682: opening file /tmp/ss.log in 'read' mode 02:19:51.960828033: read complete Then I see that tails-upgrade-frontend-wrapper is properly stream isolated # features/step_definitions/tor.rb:294 Scenario: SSH is using the default SocksPort # features/tor_stream_isolation.feature:39 02:19:55.514847995: calling as root: echo 'hello?' 02:19:55.708158121: call returned: [0, "hello?\n", ""] 02:19:56.432206828: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:19:56.432372948: calling as root: nmcli device show eth0 02:19:56.854817159: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:19:56.871831157: calling as root: systemctl --quiet is-active tor@default.service 02:19:57.060851164: call returned: [0, "", ""] 02:19:57.061076309: calling as root: systemctl stop tor@default.service 02:19:57.305323117: call returned: [0, "", ""] 02:19:57.305567243: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:19:57.474462603: call returned: [0, "", ""] 02:19:57.474733538: calling as root: date -s '@1498732444' 02:19:57.725097584: call returned: [0, "Thu Jun 29 10:34:04 UTC 2017\n", ""] 02:19:57.725261480: calling as root: systemctl start tor@default.service 02:19:59.159793081: call returned: [0, "", ""] 02:19:59.160160635: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:19:59.412304241: call returned: [3, "", ""] 02:20:00.412665159: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:00.648955368: call returned: [3, "", ""] 02:20:01.649368444: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:01.865009400: call returned: [0, "", ""] 02:20:01.867496019: spawning as root: while true; do ss -taupen | grep 'users:(("\(nc\|ssh\)"'; sleep 0.1; done > /tmp/ss.log When I monitor the network connections of SSH # features/step_definitions/tor.rb:285 02:20:02.048525533: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:20:02.325571508: call returned: [1, "", ""] 02:20:02.422566126: calling as amnesia: xdotool key Super 02:20:02.661870407: call returned: [0, "", ""] 02:20:04.414500700: [log] TYPE "GNOME Terminal" 02:20:08.305243920: [log] ( Ctrl ) TYPE "#ENTER." And I run "ssh lizard.tails.boum.org" in GNOME Terminal # features/step_definitions/common_steps.rb:587 02:20:09.985333866: [log] TYPE "ssh lizard.tails.boum.org#ENTER." And I see "SSHAuthVerification.png" after at most 60 seconds # features/step_definitions/common_steps.rb:437 02:20:09.987392546: opening file /tmp/ss.log in 'read' mode 02:20:10.079840600: read complete Then I see that SSH is properly stream isolated # features/step_definitions/tor.rb:294 Scenario: whois lookups use the default SocksPort # features/tor_stream_isolation.feature:45 02:20:13.291835691: calling as root: echo 'hello?' 02:20:13.476286512: call returned: [0, "hello?\n", ""] 02:20:14.209225937: calling as root: nmcli device show eth0 02:20:14.232093562: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:20:14.610410591: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:20:14.627603055: calling as root: systemctl --quiet is-active tor@default.service 02:20:14.803035073: call returned: [0, "", ""] 02:20:14.803226632: calling as root: systemctl stop tor@default.service 02:20:15.059148174: call returned: [0, "", ""] 02:20:15.059292747: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:20:15.272138420: call returned: [0, "", ""] 02:20:15.272326893: calling as root: date -s '@1498732462' 02:20:15.468315501: call returned: [0, "Thu Jun 29 10:34:22 UTC 2017\n", ""] 02:20:15.468516609: calling as root: systemctl start tor@default.service 02:20:16.393661497: call returned: [0, "", ""] 02:20:16.393980681: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:16.575908085: call returned: [3, "", ""] 02:20:17.576275315: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:17.774946494: call returned: [3, "", ""] 02:20:18.775431779: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:19.013693448: call returned: [3, "", ""] 02:20:20.014081371: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:20.253019492: call returned: [0, "", ""] 02:20:20.254836716: spawning as root: while true; do ss -taupen | grep 'users:(("whois"'; sleep 0.1; done > /tmp/ss.log When I monitor the network connections of whois # features/step_definitions/tor.rb:285 02:20:20.437658548: calling as amnesia: whois 'boum.org' 02:20:21.307652161: call returned: [0, "Domain Name: BOUM.ORG\nRegistry Domain ID: D103677623-LROR\nRegistrar WHOIS Server:\nRegistrar URL: http://www.gandi.net\nUpdated Date: 2011-11-21T00:31:40Z\nCreation Date: 2004-01-07T17:49:42Z\nRegistry Expiry Date: 2019-01-07T17:49:42Z\nRegistrar Registration Expiration Date:\nRegistrar: Gandi SAS\nRegistrar IANA ID: 81\nRegistrar Abuse Contact Email:\nRegistrar Abuse Contact Phone:\nReseller:\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: C7178308-LROR\nRegistrant Name: Ben voui\nRegistrant Organization: Ben voui\nRegistrant Street: 5 rue Orfila\nRegistrant City: Paris\nRegistrant State/Province:\nRegistrant Postal Code: 75020\nRegistrant Country: FR\nRegistrant Phone: +33.143664644\nRegistrant Phone Ext:\nRegistrant Fax:\nRegistrant Fax Ext:\nRegistrant Email: 600dcd01d46cf5fe42f3e8fd48edf086-599038@contact.gandi.net\nRegistry Admin ID: C7178507-LROR\nAdmin Name: Ben voui\nAdmin Organization:\nAdmin Street: 5 rue Orfila\nAdmin City: Paris\nAdmin State/Province:\nAdmin Postal Code: 75020\nAdmin Country: FR\nAdmin Phone: +33.143664644\nAdmin Phone Ext:\nAdmin Fax:\nAdmin Fax Ext:\nAdmin Email: 60a04aeab747f1964c5ee769feac8cba-203074@contact.gandi.net\nRegistry Tech ID: C7178507-LROR\nTech Name: Ben voui\nTech Organization:\nTech Street: 5 rue Orfila\nTech City: Paris\nTech State/Province:\nTech Postal Code: 75020\nTech Country: FR\nTech Phone: +33.143664644\nTech Phone Ext:\nTech Fax:\nTech Fax Ext:\nTech Email: 60a04aeab747f1964c5ee769feac8cba-203074@contact.gandi.net\nName Server: NS.BOUM.ORG\nName Server: NS2.BOUM.ORG\nDNSSEC: unsigned\nURL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/\n>>> Last update of WHOIS database: 2017-06-29T10:33:27Z <<<\n\nFor more information on Whois status codes, please visit https://icann.org/epp\n\nAccess to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.\n", ""] And I query the whois directory service for "boum.org" # features/step_definitions/torified_misc.rb:3 And the whois command is successful # features/step_definitions/torified_misc.rb:35 02:20:21.310950903: opening file /tmp/ss.log in 'read' mode 02:20:21.374095336: read complete Then I see that whois is properly stream isolated # features/step_definitions/tor.rb:294 @product Feature: Browsing the web using the Tor Browser As a Tails user when I browse the web using the Tor Browser all Internet traffic should flow only through Tor @doc Scenario: The Tails documentation launcher on the desktop works # features/torified_browsing.feature:106 02:20:24.879820157: calling as root: echo 'hello?' 02:20:25.123891507: call returned: [0, "hello?\n", ""] 02:20:25.850969435: calling as root: nmcli device show eth0 02:20:25.868467646: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:20:26.229034898: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:20:26.258138859: calling as root: systemctl --quiet is-active tor@default.service 02:20:26.435795822: call returned: [0, "", ""] 02:20:26.435950246: calling as root: systemctl stop tor@default.service 02:20:26.717574794: call returned: [0, "", ""] 02:20:26.717799452: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:20:26.943507782: call returned: [0, "", ""] 02:20:26.943848301: calling as root: date -s '@1498732473' 02:20:27.214872591: call returned: [0, "Thu Jun 29 10:34:33 UTC 2017\n", ""] 02:20:27.215032889: calling as root: systemctl start tor@default.service 02:20:28.297168953: call returned: [0, "", ""] 02:20:28.297445595: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:28.528594797: call returned: [3, "", ""] 02:20:29.528876061: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:20:29.742329428: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:20:29.744960442: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 02:20:30.051913400: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 02:20:30.052127486: calling as root: pgrep --uid amnesia --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/amnesia/.tor-browser/profile.default' 02:20:30.255842169: call returned: [1, "", ""] 02:20:31.282927681: [log] DOUBLE CLICK on L(66,239)@S(0)[0,0 1024x768] 02:20:31.283337056: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node422 = dogtail.tree.root.application('Firefox') 02:20:41.993569266: execution complete 02:20:42.993982181: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node423 = dogtail.tree.root.application('Firefox') 02:20:53.070052104: execution complete 02:20:53.070420790: executing Python as amnesia: node424 = node423.child(roleName='frame', recursive=False) 02:20:53.232007182: execution complete When I double-click on the Tails documentation launcher on the desktop # features/step_definitions/common_steps.rb:701 02:20:53.233371747: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node425 = dogtail.tree.root.application('Firefox') 02:20:53.415951441: execution complete 02:20:53.416142660: executing Python as amnesia: node426 = node425.child(roleName='frame', recursive=False) 02:20:53.478198636: execution complete Then the Tor Browser has started # features/step_definitions/common_steps.rb:379 02:20:53.480210388: executing Python as amnesia: node427 = node425.child('Tails - Getting started... - Tor Browser', roleName='frame') 02:20:59.654250495: execution complete 02:20:59.654548779: executing Python as amnesia: node428 = node425.child('Reload current page', roleName='push button') 02:20:59.837669459: execution complete And "Tails - Getting started..." has loaded in the Tor Browser # features/step_definitions/browser.rb:103 Scenario: The Tor Browser uses TBB's shared libraries # features/torified_browsing.feature:112 02:21:02.774050014: calling as root: echo 'hello?' 02:21:02.968986934: call returned: [0, "hello?\n", ""] 02:21:03.691501232: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:21:03.691774689: calling as root: nmcli device show eth0 02:21:04.061965409: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:21:04.080973277: calling as root: systemctl --quiet is-active tor@default.service 02:21:04.249357833: call returned: [0, "", ""] 02:21:04.249505014: calling as root: systemctl stop tor@default.service 02:21:04.552353666: call returned: [0, "", ""] 02:21:04.552509194: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:21:04.740774992: call returned: [0, "", ""] 02:21:04.741027082: calling as root: date -s '@1498732511' 02:21:04.887718365: call returned: [0, "Thu Jun 29 10:35:11 UTC 2017\n", ""] 02:21:04.887873601: calling as root: systemctl start tor@default.service 02:21:06.046884355: call returned: [0, "", ""] 02:21:06.047180959: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:21:06.257563042: call returned: [3, "", ""] 02:21:07.257840579: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:21:07.474801122: call returned: [3, "", ""] 02:21:08.475164277: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:21:08.693305120: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:21:08.791861765: calling as amnesia: xdotool key Super 02:21:09.071119201: call returned: [0, "", ""] 02:21:10.640535906: [log] TYPE "Tor Browser" 02:21:10.704042177: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node429 = dogtail.tree.root.application('Firefox') 02:21:10.704336411: [log] ( Ctrl ) TYPE "#ENTER." 02:21:23.303680843: execution complete 02:21:24.304179037: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node430 = dogtail.tree.root.application('Firefox') 02:21:34.185526435: execution complete 02:21:34.185730109: executing Python as amnesia: node431 = node430.child(roleName='frame', recursive=False) 02:21:34.391306113: execution complete When I start the Tor Browser # features/step_definitions/common_steps.rb:366 02:21:34.393502744: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox 02:21:35.242102511: call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] 02:21:35.242447523: calling as root: pgrep --uid amnesia --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/amnesia/.tor-browser/profile.default' 02:21:35.474203401: call returned: [0, "10937\n", ""] 02:21:35.474889000: calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && ls -1 ${TBB_INSTALL}/*.so 02:21:35.793272460: call returned: [0, "/usr/local/lib/tor-browser/libfreeblpriv3.so\n/usr/local/lib/tor-browser/liblgpllibs.so\n/usr/local/lib/tor-browser/libmozavcodec.so\n/usr/local/lib/tor-browser/libmozavutil.so\n/usr/local/lib/tor-browser/libmozsandbox.so\n/usr/local/lib/tor-browser/libmozsqlite3.so\n/usr/local/lib/tor-browser/libnspr4.so\n/usr/local/lib/tor-browser/libnss3.so\n/usr/local/lib/tor-browser/libnssckbi.so\n/usr/local/lib/tor-browser/libnssdbm3.so\n/usr/local/lib/tor-browser/libnssutil3.so\n/usr/local/lib/tor-browser/libplc4.so\n/usr/local/lib/tor-browser/libplds4.so\n/usr/local/lib/tor-browser/libsmime3.so\n/usr/local/lib/tor-browser/libsoftokn3.so\n/usr/local/lib/tor-browser/libssl3.so\n/usr/local/lib/tor-browser/libxul.so\n", ""] 02:21:35.793471002: calling as root: pmap --show-path 10937 02:21:39.115457058: call returned: [0, "10937: /usr/local/lib/tor-browser/firefox -allow-remote --class Tor Browser -profile /home/amnesia/.tor-browser/profile.default\n0000035a1ddd9000 64K ----- [ anon ]\n0000035a1dde9000 128K r-x-- [ anon ]\n0000035a1de09000 64K r-x-- [ anon ]\n0000035a1de19000 64K ----- [ anon ]\n0000035a1de29000 128K r-x-- [ anon ]\n0000035a1de49000 64K ----- [ anon ]\n0000035a1de59000 256K r-x-- [ anon ]\n0000035a1de99000 64K ----- [ anon ]\n0000035a1dea9000 64K r-x-- [ anon ]\n0000035a1deb9000 64K r-x-- [ anon ]\n0000035a1dec9000 64K ----- [ anon ]\n0000035a1ded9000 64K r-x-- [ anon ]\n0000035a1dee9000 64K ----- [ anon ]\n0000035a1def9000 128K r-x-- [ anon ]\n0000035a1df19000 64K ----- [ anon ]\n0000035a1df29000 128K r-x-- [ anon ]\n0000035a1df49000 64K ----- [ anon ]\n0000035a1df59000 128K r-x-- [ anon ]\n0000035a1df79000 64K ----- [ anon ]\n0000035a1df89000 128K r-x-- [ anon ]\n0000035a1dfa9000 64K ----- [ anon ]\n0000035a1dfb9000 4K r-x-- [ anon ]\n0000035a1dfba000 60K r-x-- [ anon ]\n0000035a1dfc9000 64K ----- [ anon ]\n0000035a1dfd9000 64K r-x-- [ anon ]\n0000035a1dfe9000 64K ----- [ anon ]\n0000035a1dff9000 64K r-x-- [ anon ]\n0000035a1e009000 64K r-x-- [ anon ]\n0000035a1e019000 64K r-x-- [ anon ]\n0000035a1e029000 192K r-x-- [ anon ]\n0000035a1e059000 64K r-x-- [ anon ]\n0000035a1e069000 64K ----- [ anon ]\n0000035a1e079000 64K r-x-- [ anon ]\n0000035a1e089000 64K r-x-- [ anon ]\n0000035a1e099000 64K ----- [ anon ]\n0000035a1e0a9000 64K r-x-- [ anon ]\n0000035a1e0b9000 192K r-x-- [ anon ]\n0000035a1e0e9000 64K ----- [ anon ]\n0000035a1e0f9000 64K r-x-- [ anon ]\n0000035a1e109000 64K ----- [ anon ]\n0000035a1e119000 192K r-x-- [ anon ]\n0000035a1e149000 64K ----- [ anon ]\n0000035a1e159000 64K r-x-- [ anon ]\n0000035a1e169000 64K ----- [ anon ]\n0000035a1e179000 12K r-x-- [ anon ]\n0000035a1e17c000 52K r-x-- [ anon ]\n0000035a1e189000 64K r-x-- [ anon ]\n0000035a1e199000 64K ----- [ anon ]\n0000035a1e1a9000 128K r-x-- [ anon ]\n0000035a1e1c9000 64K ----- [ anon ]\n0000035a1e1d9000 128K r-x-- [ anon ]\n0000035a1e1f9000 64K ----- [ anon ]\n0000035a1e209000 192K r-x-- [ anon ]\n0000035a1e239000 64K ----- [ anon ]\n0000035a1e249000 64K r-x-- [ anon ]\n0000035a1e259000 64K ----- [ anon ]\n0000035a1e269000 192K r-x-- [ anon ]\n0000035a1e299000 64K ----- [ anon ]\n0000035a1e2a9000 128K r-x-- [ anon ]\n0000035a1e2c9000 64K ----- [ anon ]\n0000035a1e2d9000 128K r-x-- [ anon ]\n0000035a1e2f9000 64K ----- [ anon ]\n0000035a1e309000 64K r-x-- [ anon ]\n0000035a1e319000 320K r-x-- [ anon ]\n0000035a1e369000 64K ----- [ anon ]\n0000035a1e379000 64K r-x-- [ anon ]\n0000035a1e389000 128K ----- [ anon ]\n0000035a1e3a9000 64K r-x-- [ anon ]\n0000035a1e3b9000 172K r-x-- [ anon ]\n0000035a1e3e4000 20K r-x-- [ anon ]\n0000035a1e3e9000 100K r-x-- [ anon ]\n0000035a1e402000 28K r-x-- [ anon ]\n0000035a1e409000 128K r-x-- [ anon ]\n0000035a1e429000 64K ----- [ anon ]\n0000035a1e439000 128K r-x-- [ anon ]\n0000035a1e459000 64K ----- [ anon ]\n0000035a1e469000 64K r-x-- [ anon ]\n0000035a1e479000 64K ----- [ anon ]\n0000035a1e489000 192K r-x-- [ anon ]\n0000035a1e4b9000 64K ----- [ anon ]\n0000035a1e4c9000 4K r-x-- [ anon ]\n0000035a1e4ca000 60K r-x-- [ anon ]\n0000035a1e4d9000 64K ----- [ anon ]\n0000035a1e4e9000 192K r-x-- [ anon ]\n0000035a1e519000 64K ----- [ anon ]\n0000035a1e529000 64K r-x-- [ anon ]\n0000035a1e539000 64K ----- [ anon ]\n0000035a1e549000 128K r-x-- [ anon ]\n0000035a1e569000 128K r-x-- [ anon ]\n0000035a1e589000 64K ----- [ anon ]\n0000035a1e599000 64K r-x-- [ anon ]\n0000035a1e5a9000 256K r-x-- [ anon ]\n0000035a1e5e9000 64K ----- [ anon ]\n0000035a1e5f9000 64K r-x-- [ anon ]\n0000035a1e609000 64K ----- [ anon ]\n0000035a1e619000 64K r-x-- [ anon ]\n0000035a1e629000 64K ----- [ anon ]\n0000035a1e639000 128K r-x-- [ anon ]\n0000035a1e659000 64K ----- [ anon ]\n0000035a1e669000 64K r-x-- [ anon ]\n0000035a1e679000 72K r-x-- [ anon ]\n0000035a1e68b000 56K r-x-- [ anon ]\n0000035a1e699000 64K r-x-- [ anon ]\n0000035a1e6a9000 64K ----- [ anon ]\n0000035a1e6b9000 128K r-x-- [ anon ]\n0000035a1e6d9000 64K ----- [ anon ]\n0000035a1e6e9000 64K r-x-- [ anon ]\n0000035a1e6f9000 64K ----- [ anon ]\n0000035a1e709000 12K r-x-- [ anon ]\n0000035a1e70c000 52K r-x-- [ anon ]\n0000035a1e719000 1039104K ----- [ anon ]\n0000561b848e7000 124K r-x-- /usr/local/lib/tor-browser/firefox\n0000561b84906000 4K r---- /usr/local/lib/tor-browser/firefox\n0000561b84907000 4K rw--- /usr/local/lib/tor-browser/firefox\n00007f99327c5000 2684K rw-s- [ shmid=0xd8005 ]\n00007f9932a64000 2684K rw-s- [ shmid=0xd0007 ]\n00007f9932f31000 2876K r---- /usr/local/share/tor-browser-extensions/https-everywhere-eff@eff.org.xpi\n00007f9933200000 1024K rw--- [ anon ]\n00007f9933500000 113664K rw--- [ anon ]\n00007f993a4ff000 4K ----- [ anon ]\n00007f993a500000 9216K rw--- [ anon ]\n00007f993aeef000 4K ----- [ anon ]\n00007f993aef0000 8192K rw--- [ anon ]\n00007f993b6f0000 4K ----- [ anon ]\n00007f993b6f1000 8192K rw--- [ anon ]\n00007f993bef1000 4K ----- [ anon ]\n00007f993bef2000 8192K rw--- [ anon ]\n00007f993c700000 95232K rw--- [ anon ]\n00007f99424fd000 8K r-x-- /usr/lib/x86_64-linux-gnu/libXss.so.1.0.0\n00007f99424ff000 2048K ----- /usr/lib/x86_64-linux-gnu/libXss.so.1.0.0\n00007f99426ff000 4K rw--- /usr/lib/x86_64-linux-gnu/libXss.so.1.0.0\n00007f9942700000 7168K rw--- [ anon ]\n00007f9942eff000 4K ----- [ anon ]\n00007f9942f00000 11264K rw--- [ anon ]\n00007f9943afc000 4K ----- [ anon ]\n00007f9943afd000 8192K rw--- [ anon ]\n00007f99442fd000 4K ----- [ anon ]\n00007f99442fe000 8192K rw--- [ anon ]\n00007f9944afe000 4K ----- [ anon ]\n00007f9944aff000 8192K rw--- [ anon ]\n00007f99452ff000 4K ----- [ anon ]\n00007f9945300000 3072K rw--- [ anon ]\n00007f99456fc000 4K ----- [ anon ]\n00007f99456fd000 8192K rw--- [ anon ]\n00007f9945efd000 4K ----- [ anon ]\n00007f9945efe000 8192K rw--- [ anon ]\n00007f99466fe000 4K ----- [ anon ]\n00007f99466ff000 8192K rw--- [ anon ]\n00007f9946eff000 4K ----- [ anon ]\n00007f9946f00000 17408K rw--- [ anon ]\n00007f9948000000 1024K rw--- [ anon ]\n00007f9948155000 20K r-x-- /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\n00007f994815a000 2044K ----- /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\n00007f9948359000 4K r---- /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\n00007f994835a000 4K rw--- /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\n00007f994835b000 1484K r---- /usr/lib/locale/C.UTF-8/LC_COLLATE\n00007f99484ce000 192K r-x-- /usr/lib/x86_64-linux-gnu/libgconf-2.so.4.1.5\n00007f99484fe000 2044K ----- /usr/lib/x86_64-linux-gnu/libgconf-2.so.4.1.5\n00007f99486fd000 4K r---- /usr/lib/x86_64-linux-gnu/libgconf-2.so.4.1.5\n00007f99486fe000 4K rw--- /usr/lib/x86_64-linux-gnu/libgconf-2.so.4.1.5\n00007f99486ff000 4K ----- [ anon ]\n00007f9948700000 89088K rw--- [ anon ]\n00007f994de31000 2876K r---- /usr/local/share/tor-browser-extensions/https-everywhere-eff@eff.org.xpi\n00007f994e100000 3072K rw--- [ anon ]\n00007f994e400000 18432K rw--- [ anon ]\n00007f994f67f000 512K rw-s- [ shmid=0xc8006 ]\n00007f994f6ff000 4K ----- [ anon ]\n00007f994f700000 10240K rw--- [ anon ]\n00007f9950130000 820K r---- /usr/local/share/tor-browser-extensions/torbutton@torproject.org.xpi\n00007f99501fd000 4K ----- [ anon ]\n00007f99501fe000 8192K rw--- [ anon ]\n00007f99509fe000 4K ----- [ anon ]\n00007f99509ff000 2048K rw--- [ anon ]\n00007f9950bff000 4K ----- [ anon ]\n00007f9950c00000 18432K rw--- [ anon ]\n00007f9951e25000 4K ----- [ anon ]\n00007f9951e26000 8192K rw--- [ anon ]\n00007f9952626000 564K r-x-- /usr/lib/x86_64-linux-gnu/libvorbisenc.so.2.0.11\n00007f99526b3000 2044K ----- /usr/lib/x86_64-linux-gnu/libvorbisenc.so.2.0.11\n00007f99528b2000 112K r---- /usr/lib/x86_64-linux-gnu/libvorbisenc.so.2.0.11\n00007f99528ce000 4K rw--- /usr/lib/x86_64-linux-gnu/libvorbisenc.so.2.0.11\n00007f99528cf000 172K r-x-- /usr/lib/x86_64-linux-gnu/libvorbis.so.0.4.8\n00007f99528fa000 2044K ----- /usr/lib/x86_64-linux-gnu/libvorbis.so.0.4.8\n00007f9952af9000 4K r---- /usr/lib/x86_64-linux-gnu/libvorbis.so.0.4.8\n00007f9952afa000 4K rw--- /usr/lib/x86_64-linux-gnu/libvorbis.so.0.4.8\n00007f9952afb000 28K r-x-- /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2\n00007f9952b02000 2048K ----- /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2\n00007f9952d02000 4K r---- /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2\n00007f9952d03000 4K rw--- /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2\n00007f9952d04000 468K r-x-- /usr/lib/x86_64-linux-gnu/libFLAC.so.8.3.0\n00007f9952d79000 2048K ----- /usr/lib/x86_64-linux-gnu/libFLAC.so.8.3.0\n00007f9952f79000 4K r---- /usr/lib/x86_64-linux-gnu/libFLAC.so.8.3.0\n00007f9952f7a000 4K rw--- /usr/lib/x86_64-linux-gnu/libFLAC.so.8.3.0\n00007f9952f7b000 80K r-x-- /lib/x86_64-linux-gnu/libnsl-2.24.so\n00007f9952f8f000 2048K ----- /lib/x86_64-linux-gnu/libnsl-2.24.so\n00007f995318f000 4K r---- /lib/x86_64-linux-gnu/libnsl-2.24.so\n00007f9953190000 4K rw--- /lib/x86_64-linux-gnu/libnsl-2.24.so\n00007f9953191000 8K rw--- [ anon ]\n00007f9953193000 20K r-x-- /usr/lib/x86_64-linux-gnu/libasyncns.so.0.3.1\n00007f9953198000 2044K ----- /usr/lib/x86_64-linux-gnu/libasyncns.so.0.3.1\n00007f9953397000 4K r---- /usr/lib/x86_64-linux-gnu/libasyncns.so.0.3.1\n00007f9953398000 4K rw--- /usr/lib/x86_64-linux-gnu/libasyncns.so.0.3.1\n00007f9953399000 460K r-x-- /usr/lib/x86_64-linux-gnu/libsndfile.so.1.0.27\n00007f995340c000 2044K ----- /usr/lib/x86_64-linux-gnu/libsndfile.so.1.0.27\n00007f995360b000 12K r---- /usr/lib/x86_64-linux-gnu/libsndfile.so.1.0.27\n00007f995360e000 4K rw--- /usr/lib/x86_64-linux-gnu/libsndfile.so.1.0.27\n00007f995360f000 8K rw--- [ anon ]\n00007f9953611000 32K r-x-- /lib/x86_64-linux-gnu/libwrap.so.0.7.6\n00007f9953619000 2048K ----- /lib/x86_64-linux-gnu/libwrap.so.0.7.6\n00007f9953819000 4K r---- /lib/x86_64-linux-gnu/libwrap.so.0.7.6\n00007f995381a000 4K rw--- /lib/x86_64-linux-gnu/libwrap.so.0.7.6\n00007f995381b000 20K r-x-- /usr/lib/x86_64-linux-gnu/libXtst.so.6.1.0\n00007f9953820000 2044K ----- /usr/lib/x86_64-linux-gnu/libXtst.so.6.1.0\n00007f9953a1f000 4K r---- /usr/lib/x86_64-linux-gnu/libXtst.so.6.1.0\n00007f9953a20000 4K rw--- /usr/lib/x86_64-linux-gnu/libXtst.so.6.1.0\n00007f9953a21000 16K r-x-- /lib/x86_64-linux-gnu/libcap.so.2.25\n00007f9953a25000 2048K ----- /lib/x86_64-linux-gnu/libcap.so.2.25\n00007f9953c25000 4K r---- /lib/x86_64-linux-gnu/libcap.so.2.25\n00007f9953c26000 4K rw--- /lib/x86_64-linux-gnu/libcap.so.2.25\n00007f9953c27000 512K r-x-- /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-10.0.so\n00007f9953ca7000 2048K ----- /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-10.0.so\n00007f9953ea7000 8K r---- /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-10.0.so\n00007f9953ea9000 4K rw--- /usr/lib/x86_64-linux-gnu/pulseaudio/libpulsecommon-10.0.so\n00007f9953eaa000 312K r-x-- /usr/lib/x86_64-linux-gnu/libpulse.so.0.20.1\n00007f9953ef8000 2048K ----- /usr/lib/x86_64-linux-gnu/libpulse.so.0.20.1\n00007f99540f8000 8K r---- /usr/lib/x86_64-linux-gnu/libpulse.so.0.20.1\n00007f99540fa000 4K rw--- /usr/lib/x86_64-linux-gnu/libpulse.so.0.20.1\n00007f99540fb000 4K ----- [ anon ]\n00007f99540fc000 8192K rw--- [ anon ]\n00007f99548fc000 4K ----- [ anon ]\n00007f99548fd000 8192K rw--- [ anon ]\n00007f99550fd000 4K ----- [ anon ]\n00007f99550fe000 8192K rw--- [ anon ]\n00007f99558fe000 4K ----- [ anon ]\n00007f99558ff000 8192K rw--- [ anon ]\n00007f99560ff000 4K ----- [ anon ]\n00007f9956100000 17408K rw--- [ anon ]\n00007f9957200000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\n00007f995728e000 8K r-x-- /lib/x86_64-linux-gnu/libutil-2.24.so\n00007f9957290000 2044K ----- /lib/x86_64-linux-gnu/libutil-2.24.so\n00007f995748f000 4K r---- /lib/x86_64-linux-gnu/libutil-2.24.so\n00007f9957490000 4K rw--- /lib/x86_64-linux-gnu/libutil-2.24.so\n00007f9957491000 216K r-x-- /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so\n00007f99574c7000 2048K ----- /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so\n00007f99576c7000 24K r---- /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so\n00007f99576cd000 4K rw--- /usr/lib/x86_64-linux-gnu/gvfs/libgvfscommon.so\n00007f99576ce000 188K r-x-- /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so\n00007f99576fd000 2048K ----- /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so\n00007f99578fd000 8K r---- /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so\n00007f99578ff000 4K rw--- /usr/lib/x86_64-linux-gnu/gio/modules/libgvfsdbus.so\n00007f9957900000 5120K rw--- [ anon ]\n00007f9957e05000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\n00007f9957e93000 392K r-x-- /usr/lib/x86_64-linux-gnu/libibus-1.0.so.5.0.514\n00007f9957ef5000 2044K ----- /usr/lib/x86_64-linux-gnu/libibus-1.0.so.5.0.514\n00007f99580f4000 12K r---- /usr/lib/x86_64-linux-gnu/libibus-1.0.so.5.0.514\n00007f99580f7000 4K rw--- /usr/lib/x86_64-linux-gnu/libibus-1.0.so.5.0.514\n00007f99580f8000 24K r-x-- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\n00007f99580fe000 2048K ----- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\n00007f99582fe000 4K r---- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\n00007f99582ff000 4K rw--- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\n00007f9958300000 3072K rw--- [ anon ]\n00007f9958600000 2048K rw--- [ anon ]\n00007f9958816000 384K rw-s- [ shmid=0x98001 ]\n00007f9958876000 548K r---- /usr/local/share/tor-browser-extensions/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\n00007f99588ff000 4K ----- [ anon ]\n00007f9958900000 13312K rw--- [ anon ]\n00007f995961b000 4K ----- [ anon ]\n00007f995961c000 256K rw--- [ anon ]\n00007f995965c000 496K r-x-- /usr/local/lib/tor-browser/libnssckbi.so\n00007f99596d8000 84K r---- /usr/local/lib/tor-browser/libnssckbi.so\n00007f99596ed000 48K rw--- /usr/local/lib/tor-browser/libnssckbi.so\n00007f99596f9000 4K ----- [ anon ]\n00007f99596fa000 8192K rw--- [ anon ]\n00007f9959efa000 4K ----- [ anon ]\n00007f9959efb000 8192K rw--- [ anon ]\n00007f995a6fb000 4K ----- [ anon ]\n00007f995a6fc000 8192K rw--- [ anon ]\n00007f995aefc000 4K ----- [ anon ]\n00007f995aefd000 8192K rw--- [ anon ]\n00007f995b6fd000 4K ----- [ anon ]\n00007f995b6fe000 8192K rw--- [ anon ]\n00007f995befe000 4K ----- [ anon ]\n00007f995beff000 8192K rw--- [ anon ]\n00007f995c6ff000 4K ----- [ anon ]\n00007f995c700000 9216K rw--- [ anon ]\n00007f995d011000 196K r---- /usr/lib/locale/C.UTF-8/LC_CTYPE\n00007f995d042000 496K r-x-- /usr/local/lib/tor-browser/libfreeblpriv3.so\n00007f995d0be000 4K ----- /usr/local/lib/tor-browser/libfreeblpriv3.so\n00007f995d0bf000 8K r---- /usr/local/lib/tor-browser/libfreeblpriv3.so\n00007f995d0c1000 4K rw--- /usr/local/lib/tor-browser/libfreeblpriv3.so\n00007f995d0c2000 16K rw--- [ anon ]\n00007f995d0c6000 212K r-x-- /usr/local/lib/tor-browser/libsoftokn3.so\n00007f995d0fb000 8K r---- /usr/local/lib/tor-browser/libsoftokn3.so\n00007f995d0fd000 4K rw--- /usr/local/lib/tor-browser/libsoftokn3.so\n00007f995d0fe000 4K ----- [ anon ]\n00007f995d0ff000 8192K rw--- [ anon ]\n00007f995d8ff000 4K ----- [ anon ]\n00007f995d900000 9216K rw--- [ anon ]\n00007f995e203000 132K r--s- /usr/share/mime/mime.cache\n00007f995e224000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\n00007f995e2b2000 10656K r--s- /usr/local/lib/tor-browser/icudt58l.dat\n00007f995ed1a000 12172K r---- /usr/local/lib/tor-browser/browser/omni.ja\n00007f995f8fd000 5704K r---- /usr/local/lib/tor-browser/omni.ja\n00007f995fe8f000 40K r-x-- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\n00007f995fe99000 2044K ----- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\n00007f9960098000 4K r---- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\n00007f9960099000 4K rw--- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\n00007f996009a000 8K r-x-- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\n00007f996009c000 2048K ----- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\n00007f996029c000 4K r---- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\n00007f996029d000 4K rw--- /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\n00007f996029e000 180K r-x-- /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0\n00007f99602cb000 2044K ----- /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0\n00007f99604ca000 4K r---- /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0\n00007f99604cb000 8K rw--- /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0\n00007f99604cd000 180K r-x-- /usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1\n00007f99604fa000 2048K ----- /usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1\n00007f99606fa000 12K r---- /usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1\n00007f99606fd000 4K rw--- /usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1\n00007f99606fe000 4K r-x-- /usr/lib/x86_64-linux-gnu/gtk-2.0/modules/libatk-bridge.so\n00007f99606ff000 2044K ----- /usr/lib/x86_64-linux-gnu/gtk-2.0/modules/libatk-bridge.so\n00007f99608fe000 4K r---- /usr/lib/x86_64-linux-gnu/gtk-2.0/modules/libatk-bridge.so\n00007f99608ff000 4K rw--- /usr/lib/x86_64-linux-gnu/gtk-2.0/modules/libatk-bridge.so\n00007f9960900000 1024K rw--- [ anon ]\n00007f9960a10000 32K rw-s- /home/amnesia/.tor-browser/profile.default/webappsstore.sqlite-shm\n00007f9960a18000 1216K r---- /usr/lib/locale/aa_DJ.utf8/LC_COLLATE\n00007f9960b48000 4K ----- [ anon ]\n00007f9960b49000 8192K rw--- [ anon ]\n00007f9961349000 12K r-x-- /usr/lib/x86_64-linux-gnu/gconv/UTF-16.so\n00007f996134c000 2044K ----- /usr/lib/x86_64-linux-gnu/gconv/UTF-16.so\n00007f996154b000 4K r---- /usr/lib/x86_64-linux-gnu/gconv/UTF-16.so\n00007f996154c000 4K rw--- /usr/lib/x86_64-linux-gnu/gconv/UTF-16.so\n00007f996154d000 76K r-x-- /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0\n00007f9961560000 2044K ----- /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0\n00007f996175f000 4K r---- /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0\n00007f9961760000 4K rw--- /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0\n00007f9961761000 16K r-x-- /lib/x86_64-linux-gnu/libuuid.so.1.3.0\n00007f9961765000 2044K ----- /lib/x86_64-linux-gnu/libuuid.so.1.3.0\n00007f9961964000 4K r---- /lib/x86_64-linux-gnu/libuuid.so.1.3.0\n00007f9961965000 4K rw--- /lib/x86_64-linux-gnu/libuuid.so.1.3.0\n00007f9961966000 76K r-x-- /lib/x86_64-linux-gnu/libbsd.so.0.8.3\n00007f9961979000 2048K ----- /lib/x86_64-linux-gnu/libbsd.so.0.8.3\n00007f9961b79000 4K r---- /lib/x86_64-linux-gnu/libbsd.so.0.8.3\n00007f9961b7a000 4K rw--- /lib/x86_64-linux-gnu/libbsd.so.0.8.3\n00007f9961b7b000 4K rw--- [ anon ]\n00007f9961b7c000 28K r-x-- /usr/lib/x86_64-linux-gnu/libdatrie.so.1.3.3\n00007f9961b83000 2044K ----- /usr/lib/x86_64-linux-gnu/libdatrie.so.1.3.3\n00007f9961d82000 4K r---- /usr/lib/x86_64-linux-gnu/libdatrie.so.1.3.3\n00007f9961d83000 4K rw--- /usr/lib/x86_64-linux-gnu/libdatrie.so.1.3.3\n00007f9961d84000 172K r-x-- /usr/lib/x86_64-linux-gnu/libgraphite2.so.3.0.1\n00007f9961daf000 2044K ----- /usr/lib/x86_64-linux-gnu/libgraphite2.so.3.0.1\n00007f9961fae000 8K r---- /usr/lib/x86_64-linux-gnu/libgraphite2.so.3.0.1\n00007f9961fb0000 4K rw--- /usr/lib/x86_64-linux-gnu/libgraphite2.so.3.0.1\n00007f9961fb1000 260K r-x-- /lib/x86_64-linux-gnu/libblkid.so.1.1.0\n00007f9961ff2000 2044K ----- /lib/x86_64-linux-gnu/libblkid.so.1.1.0\n00007f99621f1000 16K r---- /lib/x86_64-linux-gnu/libblkid.so.1.1.0\n00007f99621f5000 4K rw--- /lib/x86_64-linux-gnu/libblkid.so.1.1.0\n00007f99621f6000 4K rw--- [ anon ]\n00007f99621f7000 1052K r-x-- /lib/x86_64-linux-gnu/libgcrypt.so.20.1.6\n00007f99622fe000 2044K ----- /lib/x86_64-linux-gnu/libgcrypt.so.20.1.6\n00007f99624fd000 8K r---- /lib/x86_64-linux-gnu/libgcrypt.so.20.1.6\n00007f99624ff000 28K rw--- /lib/x86_64-linux-gnu/libgcrypt.so.20.1.6\n00007f9962506000 68K r-x-- /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1\n00007f9962517000 2044K ----- /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1\n00007f9962716000 4K r---- /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1\n00007f9962717000 4K rw--- /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1\n00007f9962718000 148K r-x-- /lib/x86_64-linux-gnu/liblzma.so.5.2.2\n00007f996273d000 2044K ----- /lib/x86_64-linux-gnu/liblzma.so.5.2.2\n00007f996293c000 4K r---- /lib/x86_64-linux-gnu/liblzma.so.5.2.2\n00007f996293d000 4K rw--- /lib/x86_64-linux-gnu/liblzma.so.5.2.2\n00007f996293e000 92K r-x-- /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0\n00007f9962955000 2048K ----- /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0\n00007f9962b55000 4K r---- /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0\n00007f9962b56000 4K rw--- /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0\n00007f9962b57000 16K rw--- [ anon ]\n00007f9962b5b000 28K r-x-- /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1\n00007f9962b62000 2044K ----- /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1\n00007f9962d61000 4K r---- /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1\n00007f9962d62000 4K rw--- /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1\n00007f9962d63000 20K r-x-- /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0\n00007f9962d68000 2044K ----- /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0\n00007f9962f67000 4K r---- /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0\n00007f9962f68000 4K rw--- /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0\n00007f9962f69000 12K r-x-- /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0\n00007f9962f6c000 2044K ----- /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0\n00007f996316b000 4K r---- /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0\n00007f996316c000 4K rw--- /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0\n00007f996316d000 48K r-x-- /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0\n00007f9963179000 2048K ----- /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0\n00007f9963379000 4K r---- /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0\n00007f996337a000 4K rw--- /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0\n00007f996337b000 632K r-x-- /usr/lib/x86_64-linux-gnu/libpixman-1.so.0.34.0\n00007f9963419000 2048K ----- /usr/lib/x86_64-linux-gnu/libpixman-1.so.0.34.0\n00007f9963619000 32K r---- /usr/lib/x86_64-linux-gnu/libpixman-1.so.0.34.0\n00007f9963621000 4K rw--- /usr/lib/x86_64-linux-gnu/libpixman-1.so.0.34.0\n00007f9963622000 32K r-x-- /usr/lib/x86_64-linux-gnu/libthai.so.0.3.0\n00007f996362a000 2048K ----- /usr/lib/x86_64-linux-gnu/libthai.so.0.3.0\n00007f996382a000 4K r---- /usr/lib/x86_64-linux-gnu/libthai.so.0.3.0\n00007f996382b000 4K rw--- /usr/lib/x86_64-linux-gnu/libthai.so.0.3.0\n00007f996382c000 40K r-x-- /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2\n00007f9963836000 2044K ----- /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2\n00007f9963a35000 4K r---- /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2\n00007f9963a36000 4K rw--- /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2\n00007f9963a37000 40K r-x-- /usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0\n00007f9963a41000 2044K ----- /usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0\n00007f9963c40000 4K r---- /usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0\n00007f9963c41000 4K rw--- /usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0\n00007f9963c42000 60K r-x-- /usr/lib/x86_64-linux-gnu/libXi.so.6.1.0\n00007f9963c51000 2044K ----- /usr/lib/x86_64-linux-gnu/libXi.so.6.1.0\n00007f9963e50000 4K r---- /usr/lib/x86_64-linux-gnu/libXi.so.6.1.0\n00007f9963e51000 4K rw--- /usr/lib/x86_64-linux-gnu/libXi.so.6.1.0\n00007f9963e52000 8K r-x-- /usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0\n00007f9963e54000 2044K ----- /usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0\n00007f9964053000 4K r---- /usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0\n00007f9964054000 4K rw--- /usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0\n00007f9964055000 588K r-x-- /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0.10400.2\n00007f99640e8000 2044K ----- /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0.10400.2\n00007f99642e7000 8K r---- /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0.10400.2\n00007f99642e9000 4K rw--- /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0.10400.2\n00007f99642ea000 296K r-x-- /lib/x86_64-linux-gnu/libmount.so.1.1.0\n00007f9964334000 2048K ----- /lib/x86_64-linux-gnu/libmount.so.1.1.0\n00007f9964534000 4K r---- /lib/x86_64-linux-gnu/libmount.so.1.1.0\n00007f9964535000 4K rw--- /lib/x86_64-linux-gnu/libmount.so.1.1.0\n00007f9964536000 8K rw--- [ anon ]\n00007f9964538000 80K r-x-- /lib/x86_64-linux-gnu/libresolv-2.24.so\n00007f996454c000 2044K ----- /lib/x86_64-linux-gnu/libresolv-2.24.so\n00007f996474b000 4K r---- /lib/x86_64-linux-gnu/libresolv-2.24.so\n00007f996474c000 4K rw--- /lib/x86_64-linux-gnu/libresolv-2.24.so\n00007f996474d000 8K rw--- [ anon ]\n00007f996474f000 148K r-x-- /lib/x86_64-linux-gnu/libselinux.so.1\n00007f9964774000 2044K ----- /lib/x86_64-linux-gnu/libselinux.so.1\n00007f9964973000 4K r---- /lib/x86_64-linux-gnu/libselinux.so.1\n00007f9964974000 4K rw--- /lib/x86_64-linux-gnu/libselinux.so.1\n00007f9964975000 8K rw--- [ anon ]\n00007f9964977000 20K r-x-- /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0\n00007f996497c000 2044K ----- /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0\n00007f9964b7b000 4K r---- /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0\n00007f9964b7c000 4K rw--- /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0\n00007f9964b7d000 8K r-x-- /usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0\n00007f9964b7f000 2044K ----- /usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0\n00007f9964d7e000 4K r---- /usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0\n00007f9964d7f000 4K rw--- /usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0\n00007f9964d80000 8K r-x-- /usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0\n00007f9964d82000 2044K ----- /usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0\n00007f9964f81000 4K r---- /usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0\n00007f9964f82000 4K rw--- /usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0\n00007f9964f83000 12K r-x-- /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.5000.3\n00007f9964f86000 2044K ----- /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.5000.3\n00007f9965185000 4K r---- /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.5000.3\n00007f9965186000 4K rw--- /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.5000.3\n00007f9965187000 456K r-x-- /lib/x86_64-linux-gnu/libpcre.so.3.13.3\n00007f99651f9000 2044K ----- /lib/x86_64-linux-gnu/libpcre.so.3.13.3\n00007f99653f8000 4K r---- /lib/x86_64-linux-gnu/libpcre.so.3.13.3\n00007f99653f9000 4K rw--- /lib/x86_64-linux-gnu/libpcre.so.3.13.3\n00007f99653fa000 28K r-x-- /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4\n00007f9965401000 2048K ----- /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4\n00007f9965601000 4K r---- /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4\n00007f9965602000 4K rw--- /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4\n00007f9965603000 528K r-x-- /lib/x86_64-linux-gnu/libsystemd.so.0.17.0\n00007f9965687000 4K ----- /lib/x86_64-linux-gnu/libsystemd.so.0.17.0\n00007f9965688000 12K r---- /lib/x86_64-linux-gnu/libsystemd.so.0.17.0\n00007f996568b000 4K rw--- /lib/x86_64-linux-gnu/libsystemd.so.0.17.0\n00007f996568c000 4K rw--- [ anon ]\n00007f996568d000 156K r-x-- /lib/x86_64-linux-gnu/libexpat.so.1.6.2\n00007f99656b4000 2048K ----- /lib/x86_64-linux-gnu/libexpat.so.1.6.2\n00007f99658b4000 8K r---- /lib/x86_64-linux-gnu/libexpat.so.1.6.2\n00007f99658b6000 4K rw--- /lib/x86_64-linux-gnu/libexpat.so.1.6.2\n00007f99658b7000 196K r-x-- /usr/lib/x86_64-linux-gnu/libpng16.so.16.28.0\n00007f99658e8000 2048K ----- /usr/lib/x86_64-linux-gnu/libpng16.so.16.28.0\n00007f9965ae8000 4K r---- /usr/lib/x86_64-linux-gnu/libpng16.so.16.28.0\n00007f9965ae9000 4K rw--- /usr/lib/x86_64-linux-gnu/libpng16.so.16.28.0\n00007f9965aea000 100K r-x-- /lib/x86_64-linux-gnu/libz.so.1.2.8\n00007f9965b03000 2044K ----- /lib/x86_64-linux-gnu/libz.so.1.2.8\n00007f9965d02000 4K r---- /lib/x86_64-linux-gnu/libz.so.1.2.8\n00007f9965d03000 4K rw--- /lib/x86_64-linux-gnu/libz.so.1.2.8\n00007f9965d04000 4K r-x-- /usr/lib/x86_64-linux-gnu/libgthread-2.0.so.0.5000.3\n00007f9965d05000 2044K ----- /usr/lib/x86_64-linux-gnu/libgthread-2.0.so.0.5000.3\n00007f9965f04000 4K r---- /usr/lib/x86_64-linux-gnu/libgthread-2.0.so.0.5000.3\n00007f9965f05000 4K rw--- /usr/lib/x86_64-linux-gnu/libgthread-2.0.so.0.5000.3\n00007f9965f06000 392K r-x-- /usr/lib/x86_64-linux-gnu/libXt.so.6.0.0\n00007f9965f68000 2048K ----- /usr/lib/x86_64-linux-gnu/libXt.so.6.0.0\n00007f9966168000 4K r---- /usr/lib/x86_64-linux-gnu/libXt.so.6.0.0\n00007f9966169000 20K rw--- /usr/lib/x86_64-linux-gnu/libXt.so.6.0.0\n00007f996616e000 4K rw--- [ anon ]\n00007f996616f000 68K r-x-- /usr/lib/x86_64-linux-gnu/libXext.so.6.4.0\n00007f9966180000 2044K ----- /usr/lib/x86_64-linux-gnu/libXext.so.6.4.0\n00007f996637f000 4K r---- /usr/lib/x86_64-linux-gnu/libXext.so.6.4.0\n00007f9966380000 4K rw--- /usr/lib/x86_64-linux-gnu/libXext.so.6.4.0\n00007f9966381000 1256K r-x-- /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0\n00007f99664bb000 2048K ----- /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0\n00007f99666bb000 4K r---- /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0\n00007f99666bc000 20K rw--- /usr/lib/x86_64-linux-gnu/libX11.so.6.3.0\n00007f99666c1000 156K r-x-- /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0\n00007f99666e8000 2044K ----- /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0\n00007f99668e7000 4K r---- /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0\n00007f99668e8000 4K rw--- /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0\n00007f99668e9000 8K r-x-- /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0\n00007f99668eb000 2048K ----- /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0\n00007f9966aeb000 4K r---- /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0\n00007f9966aec000 4K rw--- /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0\n00007f9966aed000 4K r-x-- /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1.0.0\n00007f9966aee000 2044K ----- /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1.0.0\n00007f9966ced000 4K r---- /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1.0.0\n00007f9966cee000 4K rw--- /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1.0.0\n00007f9966cef000 1080K r-x-- /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8\n00007f9966dfd000 2048K ----- /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8\n00007f9966ffd000 12K r---- /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8\n00007f9967000000 4K rw--- /usr/lib/x86_64-linux-gnu/libcairo.so.2.11400.8\n00007f9967001000 8K rw--- [ anon ]\n00007f9967003000 292K r-x-- /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.4000.5\n00007f996704c000 2044K ----- /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.4000.5\n00007f996724b000 12K r---- /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.4000.5\n00007f996724e000 4K rw--- /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.4000.5\n00007f996724f000 136K r-x-- /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.3600.5\n00007f9967271000 2044K ----- /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.3600.5\n00007f9967470000 4K r---- /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.3600.5\n00007f9967471000 4K rw--- /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.3600.5\n00007f9967472000 48K r-x-- /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0.4000.5\n00007f996747e000 2044K ----- /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0.4000.5\n00007f996767d000 4K r---- /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0.4000.5\n00007f996767e000 4K rw--- /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0.4000.5\n00007f996767f000 704K r-x-- /usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0.2400.31\n00007f996772f000 2044K ----- /usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0.2400.31\n00007f996792e000 16K r---- /usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0.2400.31\n00007f9967932000 8K rw--- /usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0.2400.31\n00007f9967934000 80K r-x-- /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.4000.5\n00007f9967948000 2048K ----- /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.4000.5\n00007f9967b48000 4K r---- /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.4000.5\n00007f9967b49000 4K rw--- /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.4000.5\n00007f9967b4a000 1588K r-x-- /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.5000.3\n00007f9967cd7000 2048K ----- /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.5000.3\n00007f9967ed7000 20K r---- /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.5000.3\n00007f9967edc000 12K rw--- /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.5000.3\n00007f9967edf000 4K rw--- [ anon ]\n00007f9967ee0000 140K r-x-- /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.22209.1\n00007f9967f03000 2044K ----- /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.22209.1\n00007f9968102000 12K r---- /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.22209.1\n00007f9968105000 4K rw--- /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.22209.1\n00007f9968106000 4336K r-x-- /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31\n00007f9968542000 2044K ----- /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31\n00007f9968741000 28K r---- /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31\n00007f9968748000 16K rw--- /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.31\n00007f996874c000 12K rw--- [ anon ]\n00007f996874f000 1096K r-x-- /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3\n00007f9968861000 2044K ----- /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3\n00007f9968a60000 4K r---- /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3\n00007f9968a61000 4K rw--- /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3\n00007f9968a62000 4K rw--- [ anon ]\n00007f9968a63000 328K r-x-- /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3\n00007f9968ab5000 2044K ----- /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3\n00007f9968cb4000 4K r---- /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3\n00007f9968cb5000 4K rw--- /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3\n00007f9968cb6000 308K r-x-- /lib/x86_64-linux-gnu/libdbus-1.so.3.14.11\n00007f9968d03000 2048K ----- /lib/x86_64-linux-gnu/libdbus-1.so.3.14.11\n00007f9968f03000 8K r---- /lib/x86_64-linux-gnu/libdbus-1.so.3.14.11\n00007f9968f05000 4K rw--- /lib/x86_64-linux-gnu/libdbus-1.so.3.14.11\n00007f9968f06000 152K r-x-- /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2.3.3\n00007f9968f2c000 2044K ----- /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2.3.3\n00007f996912b000 4K r---- /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2.3.3\n00007f996912c000 4K rw--- /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2.3.3\n00007f996912d000 36K r-x-- /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0\n00007f9969136000 2044K ----- /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0\n00007f9969335000 4K r---- /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0\n00007f9969336000 4K rw--- /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0\n00007f9969337000 240K r-x-- /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0\n00007f9969373000 2044K ----- /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0\n00007f9969572000 8K r---- /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0\n00007f9969574000 4K rw--- /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0\n00007f9969575000 672K r-x-- /usr/lib/x86_64-linux-gnu/libfreetype.so.6.12.3\n00007f996961d000 2048K ----- /usr/lib/x86_64-linux-gnu/libfreetype.so.6.12.3\n00007f996981d000 24K r---- /usr/lib/x86_64-linux-gnu/libfreetype.so.6.12.3\n00007f9969823000 4K rw--- /usr/lib/x86_64-linux-gnu/libfreetype.so.6.12.3\n00007f9969824000 69380K r-x-- /usr/local/lib/tor-browser/libxul.so\n00007f996dbe5000 4136K r---- /usr/local/lib/tor-browser/libxul.so\n00007f996dfef000 312K rw--- /usr/local/lib/tor-browser/libxul.so\n00007f996e03d000 356K rw--- [ anon ]\n00007f996e096000 112K r-x-- /usr/local/lib/tor-browser/liblgpllibs.so\n00007f996e0b2000 8K r---- /usr/local/lib/tor-browser/liblgpllibs.so\n00007f996e0b4000 4K rw--- /usr/local/lib/tor-browser/liblgpllibs.so\n00007f996e0b5000 644K rw--- [ anon ]\n00007f996e156000 656K r-x-- /usr/local/lib/tor-browser/libmozsqlite3.so\n00007f996e1fa000 12K r---- /usr/local/lib/tor-browser/libmozsqlite3.so\n00007f996e1fd000 8K rw--- /usr/local/lib/tor-browser/libmozsqlite3.so\n00007f996e1ff000 2052K rw--- [ anon ]\n00007f996e407000 324K r---- /usr/lib/locale/aa_DJ.utf8/LC_CTYPE\n00007f996e458000 240K r-x-- /usr/local/lib/tor-browser/libssl3.so\n00007f996e494000 4K ----- /usr/local/lib/tor-browser/libssl3.so\n00007f996e495000 16K r---- /usr/local/lib/tor-browser/libssl3.so\n00007f996e499000 4K rw--- /usr/local/lib/tor-browser/libssl3.so\n00007f996e49a000 1620K r-x-- /lib/x86_64-linux-gnu/libc-2.24.so\n00007f996e62f000 2048K ----- /lib/x86_64-linux-gnu/libc-2.24.so\n00007f996e82f000 16K r---- /lib/x86_64-linux-gnu/libc-2.24.so\n00007f996e833000 8K rw--- /lib/x86_64-linux-gnu/libc-2.24.so\n00007f996e835000 16K rw--- [ anon ]\n00007f996e839000 88K r-x-- /lib/x86_64-linux-gnu/libgcc_s.so.1\n00007f996e84f000 2044K ----- /lib/x86_64-linux-gnu/libgcc_s.so.1\n00007f996ea4e000 4K r---- /lib/x86_64-linux-gnu/libgcc_s.so.1\n00007f996ea4f000 4K rw--- /lib/x86_64-linux-gnu/libgcc_s.so.1\n00007f996ea50000 1036K r-x-- /lib/x86_64-linux-gnu/libm-2.24.so\n00007f996eb53000 2044K ----- /lib/x86_64-linux-gnu/libm-2.24.so\n00007f996ed52000 4K r---- /lib/x86_64-linux-gnu/libm-2.24.so\n00007f996ed53000 4K rw--- /lib/x86_64-linux-gnu/libm-2.24.so\n00007f996ed54000 1532K r-x-- /usr/local/lib/tor-browser/libstdc++.so.6\n00007f996eed3000 2048K ----- /usr/local/lib/tor-browser/libstdc++.so.6\n00007f996f0d3000 48K r---- /usr/local/lib/tor-browser/libstdc++.so.6\n00007f996f0df000 4K rw--- /usr/local/lib/tor-browser/libstdc++.so.6\n00007f996f0e0000 12K rw--- [ anon ]\n00007f996f0e3000 28K r-x-- /lib/x86_64-linux-gnu/librt-2.24.so\n00007f996f0ea000 2044K ----- /lib/x86_64-linux-gnu/librt-2.24.so\n00007f996f2e9000 4K r---- /lib/x86_64-linux-gnu/librt-2.24.so\n00007f996f2ea000 4K rw--- /lib/x86_64-linux-gnu/librt-2.24.so\n00007f996f2eb000 12K r-x-- /lib/x86_64-linux-gnu/libdl-2.24.so\n00007f996f2ee000 2044K ----- /lib/x86_64-linux-gnu/libdl-2.24.so\n00007f996f4ed000 4K r---- /lib/x86_64-linux-gnu/libdl-2.24.so\n00007f996f4ee000 4K rw--- /lib/x86_64-linux-gnu/libdl-2.24.so\n00007f996f4ef000 96K r-x-- /lib/x86_64-linux-gnu/libpthread-2.24.so\n00007f996f507000 2044K ----- /lib/x86_64-linux-gnu/libpthread-2.24.so\n00007f996f706000 4K r---- /lib/x86_64-linux-gnu/libpthread-2.24.so\n00007f996f707000 4K rw--- /lib/x86_64-linux-gnu/libpthread-2.24.so\n00007f996f708000 16K rw--- [ anon ]\n00007f996f70c000 140K r-x-- /lib/x86_64-linux-gnu/ld-2.24.so\n00007f996f730000 32K rw-s- /home/amnesia/.mozilla/firefox/bookmarks/places.sqlite-shm\n00007f996f738000 4K r---- /usr/lib/locale/C.UTF-8/LC_NUMERIC\n00007f996f739000 4K r---- /usr/lib/locale/C.UTF-8/LC_TIME\n00007f996f73a000 4K r---- /usr/lib/locale/C.UTF-8/LC_MONETARY\n00007f996f73b000 4K r---- /usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES\n00007f996f73c000 4K r---- /usr/lib/locale/C.UTF-8/LC_PAPER\n00007f996f73d000 4K r---- /usr/lib/locale/C.UTF-8/LC_NAME\n00007f996f73e000 4K r---- /usr/lib/locale/C.UTF-8/LC_ADDRESS\n00007f996f73f000 4K r---- /usr/lib/locale/C.UTF-8/LC_TELEPHONE\n00007f996f740000 4K r---- /usr/lib/locale/C.UTF-8/LC_MEASUREMENT\n00007f996f741000 4K r---- /usr/lib/locale/C.UTF-8/LC_IDENTIFICATION\n00007f996f742000 4K ----- [ anon ]\n00007f996f743000 128K rw--- [ anon ]\n00007f996f763000 4K r---- /usr/lib/locale/aa_ET/LC_NUMERIC\n00007f996f764000 4K r---- /usr/lib/locale/en_US.utf8/LC_TIME\n00007f996f765000 4K r---- /usr/lib/locale/chr_US/LC_MONETARY\n00007f996f766000 124K r-x-- /usr/local/lib/tor-browser/libsmime3.so\n00007f996f785000 4K ----- /usr/local/lib/tor-browser/libsmime3.so\n00007f996f786000 12K r---- /usr/local/lib/tor-browser/libsmime3.so\n00007f996f789000 4K rw--- /usr/local/lib/tor-browser/libsmime3.so\n00007f996f78a000 944K r-x-- /usr/local/lib/tor-browser/libnss3.so\n00007f996f876000 4K ----- /usr/local/lib/tor-browser/libnss3.so\n00007f996f877000 28K r---- /usr/local/lib/tor-browser/libnss3.so\n00007f996f87e000 4K rw--- /usr/local/lib/tor-browser/libnss3.so\n00007f996f87f000 8K rw--- [ anon ]\n00007f996f881000 140K r-x-- /usr/local/lib/tor-browser/libnssutil3.so\n00007f996f8a4000 28K r---- /usr/local/lib/tor-browser/libnssutil3.so\n00007f996f8ab000 4K rw--- /usr/local/lib/tor-browser/libnssutil3.so\n00007f996f8ac000 204K r-x-- /usr/local/lib/tor-browser/libnspr4.so\n00007f996f8df000 8K r---- /usr/local/lib/tor-browser/libnspr4.so\n00007f996f8e1000 4K rw--- /usr/local/lib/tor-browser/libnspr4.so\n00007f996f8e2000 12K rw--- [ anon ]\n00007f996f8e5000 152K r-x-- /usr/local/lib/tor-browser/libmozsandbox.so\n00007f996f90b000 4K ----- /usr/local/lib/tor-browser/libmozsandbox.so\n00007f996f90c000 4K r---- /usr/local/lib/tor-browser/libmozsandbox.so\n00007f996f90d000 4K rw--- /usr/local/lib/tor-browser/libmozsandbox.so\n00007f996f90e000 20K rw--- [ anon ]\n00007f996f913000 4K r---- /usr/lib/locale/en_AG/LC_MESSAGES/SYS_LC_MESSAGES\n00007f996f914000 4K r---- /usr/lib/locale/chr_US/LC_PAPER\n00007f996f915000 4K r---- /usr/lib/locale/chr_US/LC_NAME\n00007f996f916000 4K r---- /usr/lib/locale/en_US.utf8/LC_ADDRESS\n00007f996f917000 4K r---- /usr/lib/locale/chr_US/LC_TELEPHONE\n00007f996f918000 4K r---- /usr/lib/locale/chr_US/LC_MEASUREMENT\n00007f996f919000 4K r---- /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION\n00007f996f91a000 28K r--s- /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache\n00007f996f921000 12K r-x-- /usr/local/lib/tor-browser/libplds4.so\n00007f996f924000 4K r---- /usr/local/lib/tor-browser/libplds4.so\n00007f996f925000 4K rw--- /usr/local/lib/tor-browser/libplds4.so\n00007f996f926000 16K r-x-- /usr/local/lib/tor-browser/libplc4.so\n00007f996f92a000 4K r---- /usr/local/lib/tor-browser/libplc4.so\n00007f996f92b000 4K rw--- /usr/local/lib/tor-browser/libplc4.so\n00007f996f92c000 12K rw--- [ anon ]\n00007f996f92f000 4K r---- /lib/x86_64-linux-gnu/ld-2.24.so\n00007f996f930000 4K rw--- /lib/x86_64-linux-gnu/ld-2.24.so\n00007f996f931000 4K rw--- [ anon ]\n00007ffc96183000 132K rw--- [ stack ]\n00007ffc961ce000 8K r---- [ anon ]\n00007ffc961d0000 8K r-x-- [ anon ]\n total 2037604K\n", ""] 02:21:39.115836399: calling as root: find /usr/lib /lib -name "libfreeblpriv3.so" 02:21:40.620853194: call returned: [0, "/usr/lib/x86_64-linux-gnu/nss/libfreeblpriv3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/nss/libfreeblpriv3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libfreeblpriv3.so\n", ""] 02:21:40.621467625: calling as root: find /usr/lib /lib -name "liblgpllibs.so" 02:21:41.707346706: call returned: [0, "/usr/lib/thunderbird/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/thunderbird/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/liblgpllibs.so\n", ""] 02:21:41.707770183: calling as root: find /usr/lib /lib -name "libmozavcodec.so" 02:21:42.995331400: call returned: [0, "/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozavcodec.so\n", ""] 02:21:42.995675259: calling as root: find /usr/lib /lib -name "libmozavutil.so" 02:21:44.530472934: call returned: [0, "/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozavutil.so\n", ""] 02:21:44.530854072: calling as root: find /usr/lib /lib -name "libmozsandbox.so" 02:21:45.669155870: call returned: [0, "/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsandbox.so\n", ""] 02:21:45.669525984: calling as root: find /usr/lib /lib -name "libmozsqlite3.so" 02:21:46.443718889: call returned: [0, "/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsqlite3.so\n", ""] 02:21:46.444041144: calling as root: find /usr/lib /lib -name "libnspr4.so" 02:21:47.333133580: call returned: [0, "/usr/lib/x86_64-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnspr4.so\n", ""] 02:21:47.333744880: calling as root: find /usr/lib /lib -name "libnss3.so" 02:21:48.216102224: call returned: [0, "/usr/lib/x86_64-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnss3.so\n", ""] 02:21:48.216745868: calling as root: find /usr/lib /lib -name "libnssckbi.so" 02:21:49.211400938: call returned: [0, "/usr/lib/x86_64-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssckbi.so\n", ""] 02:21:49.211912404: calling as root: find /usr/lib /lib -name "libnssdbm3.so" 02:21:50.035895792: call returned: [0, "/usr/lib/x86_64-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssdbm3.so\n", ""] 02:21:50.036489314: calling as root: find /usr/lib /lib -name "libnssutil3.so" 02:21:50.942525424: call returned: [0, "/usr/lib/x86_64-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssutil3.so\n", ""] 02:21:50.943065262: calling as root: find /usr/lib /lib -name "libplc4.so" 02:21:51.849159311: call returned: [0, "/usr/lib/x86_64-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplc4.so\n", ""] 02:21:51.849680196: calling as root: find /usr/lib /lib -name "libplds4.so" 02:21:52.652823743: call returned: [0, "/usr/lib/x86_64-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplds4.so\n", ""] 02:21:52.653414537: calling as root: find /usr/lib /lib -name "libsmime3.so" 02:21:53.407376366: call returned: [0, "/usr/lib/x86_64-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsmime3.so\n", ""] 02:21:53.407895747: calling as root: find /usr/lib /lib -name "libsoftokn3.so" 02:21:54.222767684: call returned: [0, "/usr/lib/x86_64-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsoftokn3.so\n", ""] 02:21:54.223303097: calling as root: find /usr/lib /lib -name "libssl3.so" 02:21:55.214175495: call returned: [0, "/usr/lib/x86_64-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/x86_64-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libssl3.so\n", ""] 02:21:55.214673485: calling as root: find /usr/lib /lib -name "libxul.so" 02:21:56.054663867: call returned: [0, "/usr/lib/thunderbird/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/thunderbird/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libxul.so\n", ""] Then the Tor Browser uses all expected TBB shared libraries # features/step_definitions/browser.rb:153 @product @check_tor_leaks Feature: Cloning a Git repository As a Tails user when I clone a Git repository all Internet traffic should flow only through Tor Background: # features/torified_git.feature:7 02:21:59.016662733: calling as root: echo 'hello?' 02:21:59.234870700: call returned: [0, "hello?\n", ""] 02:21:59.959922897: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:21:59.960135157: calling as root: nmcli device show eth0 02:22:00.357252276: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:22:00.375895557: calling as root: systemctl --quiet is-active tor@default.service 02:22:00.589024862: call returned: [0, "", ""] 02:22:00.589264868: calling as root: systemctl stop tor@default.service 02:22:00.834254665: call returned: [0, "", ""] 02:22:00.834410099: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:22:01.041539171: call returned: [0, "", ""] 02:22:01.041770051: calling as root: date -s '@1498732567' 02:22:01.304387170: call returned: [0, "Thu Jun 29 10:36:07 UTC 2017\n", ""] 02:22:01.304577939: calling as root: systemctl start tor@default.service 02:22:02.321501248: call returned: [0, "", ""] 02:22:02.321773879: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:02.564360607: call returned: [3, "", ""] 02:22:03.564693912: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:03.797456104: call returned: [3, "", ""] 02:22:04.797874025: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:05.020026136: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 Scenario: Cloning a Git repository anonymously over the Git protocol # features/torified_git.feature:16 02:22:05.023105176: calling as root: test -d '/home/amnesia/testing' 02:22:05.212467736: call returned: [1, "", ""] 02:22:05.213533908: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:22:05.454351271: call returned: [1, "", ""] 02:22:05.518551048: calling as amnesia: xdotool key Super 02:22:05.754655944: call returned: [0, "", ""] 02:22:07.461795030: [log] TYPE "GNOME Terminal" 02:22:11.149253875: [log] ( Ctrl ) TYPE "#ENTER." 02:22:13.809342115: [log] TYPE "git clone git://git.tails.boum.org/myprivatekeyispublic/testing#ENTER." 02:22:13.811230762: calling as root: pidof -x -o '%PPID' /usr/bin/git 02:22:14.098229774: call returned: [0, "11059\n", ""] 02:22:15.098535945: calling as root: pidof -x -o '%PPID' /usr/bin/git 02:22:15.280574598: call returned: [1, "", ""] 02:22:15.281030625: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node432 = dogtail.tree.root.application('gnome-terminal-server') 02:22:15.452079979: execution complete 02:22:15.452276294: executing Python as amnesia: node433 = node432.child('Terminal', roleName='terminal') 02:22:15.553072751: execution complete 02:22:15.553233187: executing Python as amnesia: print(node433.text) 02:22:15.612821218: execution complete When I clone the Git repository "git://git.tails.boum.org/myprivatekeyispublic/testing" in GNOME Terminal # features/step_definitions/git.rb:1 02:22:15.616050658: calling as root: test -d '/home/amnesia/testing/.git' 02:22:15.784219089: call returned: [0, "", ""] 02:22:15.784419340: calling as root: test -e '/home/amnesia/testing/.git/config' 02:22:15.961451214: call returned: [0, "", ""] 02:22:15.961652894: calling as amnesia: cd '/home/amnesia/testing/' && git status 02:22:16.139554988: call returned: [0, "On branch master\nYour branch is up-to-date with 'origin/master'.\nnothing to commit, working tree clean\n", ""] Then the Git repository "testing" has been cloned successfully # features/step_definitions/git.rb:27 Scenario: Cloning git repository over SSH # features/torified_git.feature:20 02:22:19.424988953: calling as root: echo 'hello?' 02:22:19.627712905: call returned: [0, "hello?\n", ""] 02:22:20.357000321: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:22:20.357185054: calling as root: nmcli device show eth0 02:22:20.732750822: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:22:20.755488340: calling as root: systemctl --quiet is-active tor@default.service 02:22:20.959816719: call returned: [0, "", ""] 02:22:20.960017884: calling as root: systemctl stop tor@default.service 02:22:21.196079635: call returned: [0, "", ""] 02:22:21.196302060: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:22:21.406226229: call returned: [0, "", ""] 02:22:21.406385865: calling as root: date -s '@1498732588' 02:22:21.591298556: call returned: [0, "Thu Jun 29 10:36:28 UTC 2017\n", ""] 02:22:21.591571640: calling as root: systemctl start tor@default.service 02:22:22.901635672: call returned: [0, "", ""] 02:22:22.901846011: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:23.147617831: call returned: [3, "", ""] 02:22:24.147921736: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:24.302454494: call returned: [3, "", ""] 02:22:25.302759392: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:25.579430259: call returned: [0, "", ""] 02:22:25.582142848: calling as amnesia: install -m 0700 -d '/home/amnesia/.ssh/' 02:22:25.711164926: call returned: [0, "", ""] 02:22:25.711424314: calling as amnesia: echo '-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAvMUNgUUM/kyuo26m+Xw7igG6zgGFMFbS3u8m5StGsJOn7zLi J8P5Mml/R+4tdOS6owVU4RaZTPsNZZK/ClYmOPhmNvJ04pVChk2DZ8AARg/TANj3 qjKs3D+MeKbk1bt6EsA55kgGsTUky5Ti8cc2Wna25jqjagIiyM822PGG9mmI6/zL YR6QLUizNaciXrRM3Q4R4sQkEreVlHeonPEiGUs9zx0swCpLtPM5UIYte1PVHgkw ePsU6vM8UqVTK/VwtLLgLanXnsMFuzq7DTAXPq49+XSFNq4JlxbEF6+PQXZvYZ5N eW00Gq7NSpPP8uoHr6f1J+mMxxnM85jzYtRx+QIDAQABAoIBAA8Bs1MlhCTrP67q awfGYo1UGd+qq0XugREL/hGV4SbEdkNDzkrO/46MaHv1aVOzo0q2b8r9Gu7NvoDm q51Mv/kjdizEFZq1tvYqT1n+H4dyVpnopbe4E5nmy2oECokbQFchRPkTnMSVrvko OupxpdaHPX8MBlW1GcLRBlE00j/gfK1SXX5rcxkF5EHVND1b6iHddTPearDbU8yr wga1XO6WeohAYzqmGtMD0zk6lOk0LmnTNG6WvHiFTAc/0yTiKub6rNOIEMS/82+V l437H0hKcIN/7/mf6FpqRNPJTuhOVFf+L4G/ZQ8zHoMGVIbhuTiIPqZ/KMu3NaUF R634jckCgYEA+jJ31hom/d65LfxWPkmiSkNTEOTfjbfcgpfc7sS3enPsYnfnmn5L O3JJzAKShSVP8NVuPN5Mg5FGp9QLKrN3kV6QWQ3EnqeW748DXMU6zKGJQ5wo7ZVm w2DhJ/3PAuBTL/5X4mjPQL+dr86Aq2JBDC7LHJs40I8O7UbhnsdMxKcCgYEAwSXc 3znAkAX8o2g37RiAl36HdONgxr2eaGK7OExp03pbKmoISw6bFbVpicBy6eTytn0A 2PuFcBKJRfKrViHyiE8UfAJ31JbUaxpg4bFF6UEszN4CmgKS8fnwEe1aX0qSjvkE NQSuhN5AfykXY/1WVIaWuC500uB7Ow6M16RDyF8CgYEAqFTeNYlg5Hs+Acd9SukF rItBTuN92P5z+NUtyuNFQrjNuK5Nf68q9LL/Hag5ZiVldHZUddVmizpp3C6Y2MDo WEDUQ2Y0/D1rGoAQ1hDIb7bbAEcHblmPSzJaKirkZV4B+g9Yl7bGghypfggkn6o6 c3TkKLnybrdhZpjC4a3bY48CgYBnWRYdD27c4Ycz/GDoaZLs/NQIFF5FGVL4cdPR pPl/IdpEEKZNWwxaik5lWedjBZFlWe+pKrRUqmZvWhCZruJyUzYXwM5Tnz0b7epm +Q76Z1hMaoKj27q65UyymvkfQey3ucCpic7D45RJNjiA1R5rbfSZqqnx6BGoIPn1 rLxkKwKBgDXiWeUKJCydj0NfHryGBkQvaDahDE3Yigcma63b8vMZPBrJSC4SGAHJ NWema+bArbaF0rKVJpwvpkZWGcr6qRn94Ts0kJAzR+VIVTOjB9sVwdxjadwWHRs5 kKnpY0tnSF7hyVRwN7GOsNDJEaFjCW7k4+55D2ZNBy2iN3beW8CZ -----END RSA PRIVATE KEY----- ' > '/home/amnesia/.ssh/id_rsa' 02:22:26.020130245: call returned: [0, "", ""] 02:22:26.020365495: calling as amnesia: echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8xQ2BRQz+TK6jbqb5fDuKAbrOAYUwVtLe7yblK0awk6fvMuInw/kyaX9H7i105LqjBVThFplM+w1lkr8KViY4+GY28nTilUKGTYNnwABGD9MA2PeqMqzcP4x4puTVu3oSwDnmSAaxNSTLlOLxxzZadrbmOqNqAiLIzzbY8Yb2aYjr/MthHpAtSLM1pyJetEzdDhHixCQSt5WUd6ic8SIZSz3PHSzAKku08zlQhi17U9UeCTB4+xTq8zxSpVMr9XC0suAtqdeewwW7OrsNMBc+rj35dIU2rgmXFsQXr49Bdm9hnk15bTQars1Kk8/y6gevp/Un6YzHGczzmPNi1HH5 amnesia@amnesia' > '/home/amnesia/.ssh/id_rsa.pub' 02:22:26.171394813: call returned: [0, "", ""] 02:22:26.171570005: calling as amnesia: chmod 0600 '/home/amnesia/.ssh/'id* 02:22:26.278425910: call returned: [0, "", ""] Given I have the SSH key pair for a Git repository # features/step_definitions/ssh.rb:41 02:22:26.280446265: calling as root: test -d '/home/amnesia/testing' 02:22:26.426990918: call returned: [1, "", ""] 02:22:26.428056907: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:22:26.651717616: call returned: [1, "", ""] 02:22:26.722032188: calling as amnesia: xdotool key Super 02:22:26.985341516: call returned: [0, "", ""] 02:22:28.798317911: [log] TYPE "GNOME Terminal" 02:22:28.862483987: [log] ( Ctrl ) TYPE "#ENTER." 02:22:35.269407279: [log] TYPE "git clone tails@git.tails.boum.org:myprivatekeyispublic/testing#ENTER." 02:22:38.124562940: [log] TYPE "yes#ENTER." 02:22:38.126683509: calling as root: pidof -x -o '%PPID' /usr/bin/git 02:22:38.369974910: call returned: [0, "11112\n", ""] 02:22:39.370299620: calling as root: pidof -x -o '%PPID' /usr/bin/git 02:22:39.625068714: call returned: [0, "11112\n", ""] 02:22:40.625490303: calling as root: pidof -x -o '%PPID' /usr/bin/git 02:22:40.789871224: call returned: [1, "", ""] 02:22:40.790235344: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node434 = dogtail.tree.root.application('gnome-terminal-server') 02:22:40.933027721: execution complete 02:22:40.933230610: executing Python as amnesia: node435 = node434.child('Terminal', roleName='terminal') 02:22:41.080524627: execution complete 02:22:41.080804763: executing Python as amnesia: print(node435.text) 02:22:41.172580516: execution complete When I clone the Git repository "tails@git.tails.boum.org:myprivatekeyispublic/testing" in GNOME Terminal # features/step_definitions/git.rb:1 02:22:41.173706751: calling as root: test -d '/home/amnesia/testing/.git' 02:22:41.364338328: call returned: [0, "", ""] 02:22:41.364504224: calling as root: test -e '/home/amnesia/testing/.git/config' 02:22:41.567664734: call returned: [0, "", ""] 02:22:41.567900700: calling as amnesia: cd '/home/amnesia/testing/' && git status 02:22:41.715134688: call returned: [0, "On branch master\nYour branch is up-to-date with 'origin/master'.\nnothing to commit, working tree clean\n", ""] Then the Git repository "testing" has been cloned successfully # features/step_definitions/git.rb:27 @product @check_tor_leaks Feature: Keyserver interaction with GnuPG As a Tails user when I interact with keyservers using various GnuPG tools the configured keyserver must be used and all Internet traffic should flow only through Tor. Background: # features/torified_gnupg.feature:8 02:22:44.960102767: calling as root: echo 'hello?' 02:22:45.198230255: call returned: [0, "hello?\n", ""] 02:22:45.922186423: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:22:45.922369918: calling as root: nmcli device show eth0 02:22:46.257887261: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:22:46.276859851: calling as root: systemctl --quiet is-active tor@default.service 02:22:46.470274169: call returned: [0, "", ""] 02:22:46.470421381: calling as root: systemctl stop tor@default.service 02:22:46.698559459: call returned: [0, "", ""] 02:22:46.698705739: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:22:46.874822158: call returned: [0, "", ""] 02:22:46.874995928: calling as root: date -s '@1498732613' 02:22:47.111745987: call returned: [0, "Thu Jun 29 10:36:53 UTC 2017\n", ""] 02:22:47.112015472: calling as root: systemctl start tor@default.service 02:22:48.277270577: call returned: [0, "", ""] 02:22:48.277524900: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:48.490289516: call returned: [3, "", ""] 02:22:49.490640533: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:49.699795217: call returned: [3, "", ""] 02:22:50.700086142: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:50.871437323: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 02:22:50.873236211: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:22:51.004352097: call returned: [2, "", "gpg: error reading key: No public key\n"] And the "10CC5BC7" OpenPGP key is not in the live user's public keyring # features/step_definitions/torified_gnupg.rb:42 02:22:51.432428466: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:22:51.476160813: read complete 02:22:51.476421756: calling as root: sed -i 's/jirk5u4osbsr34t5.onion/o6jfufptm5b5xhwm.onion:5858/' '/home/amnesia/.gnupg/dirmngr.conf' 02:22:51.673244603: call returned: [0, "", ""] And GnuPG is configured to use Chutney's onion keyserver # features/step_definitions/torified_gnupg.rb:212 02:22:51.675896375: calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers 02:22:51.803292970: call returned: [0, "['hkp://jirk5u4osbsr34t5.onion']\n", ""] 02:22:51.803790250: calling as amnesia: gsettings set org.gnome.crypto.pgp keyservers "['hkp://o6jfufptm5b5xhwm.onion:5858']" 02:22:51.906128640: call returned: [0, "", ""] And Seahorse is configured to use Chutney's onion keyserver # features/step_definitions/torified_gnupg.rb:212 Scenario: Fetching OpenPGP keys using GnuPG should work and be done over Tor. # features/torified_gnupg.feature:14 02:22:51.910816823: calling as amnesia: timeout 120 gpg --batch --recv-key '10CC5BC7' 02:22:52.589002785: call returned: [0, "", "gpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1\n"] When I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI # features/step_definitions/torified_gnupg.rb:60 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:81 02:22:52.592580202: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:22:52.732473641: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] Then the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:91 02:22:52.735160663: calling as amnesia: gpg-connect-agent --dirmngr "keyserver --hosttable" /bye 02:22:52.939085554: call returned: [0, "S # hosttable (idx, ipv6, ipv4, dead, name, time):\nS # 0 O o6jfufptm5b5xhwm.onion\nOK\n", ""] 02:22:52.939311982: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:22:52.976321162: read complete And GnuPG's dirmngr uses the configured keyserver # features/step_definitions/torified_gnupg.rb:250 Scenario: Fetching OpenPGP keys using Seahorse should work and be done over Tor. # features/torified_gnupg.feature:20 02:22:56.302290048: calling as root: echo 'hello?' 02:22:56.484791872: call returned: [0, "hello?\n", ""] 02:22:57.225239303: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:22:57.225479569: calling as root: nmcli device show eth0 02:22:57.625302471: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:22:57.641194954: calling as root: systemctl --quiet is-active tor@default.service 02:22:57.845298597: call returned: [0, "", ""] 02:22:57.845451089: calling as root: systemctl stop tor@default.service 02:22:58.093947010: call returned: [0, "", ""] 02:22:58.094158210: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:22:58.328154426: call returned: [0, "", ""] 02:22:58.328316582: calling as root: date -s '@1498732625' 02:22:58.541981625: call returned: [0, "Thu Jun 29 10:37:05 UTC 2017\n", ""] 02:22:58.542189048: calling as root: systemctl start tor@default.service 02:22:59.672924100: call returned: [0, "", ""] 02:22:59.673221296: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:22:59.896565401: call returned: [3, "", ""] 02:23:00.896862328: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:01.115309550: call returned: [3, "", ""] 02:23:02.115597251: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:02.324186106: call returned: [0, "", ""] 02:23:02.325250278: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:02.441438763: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:23:02.493109907: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:23:02.530746957: read complete 02:23:02.531104997: calling as root: sed -i 's/jirk5u4osbsr34t5.onion/o6jfufptm5b5xhwm.onion:5858/' '/home/amnesia/.gnupg/dirmngr.conf' 02:23:02.700344211: call returned: [0, "", ""] 02:23:02.701641532: calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers 02:23:02.807614472: call returned: [0, "['hkp://jirk5u4osbsr34t5.onion']\n", ""] 02:23:02.808071619: calling as amnesia: gsettings set org.gnome.crypto.pgp keyservers "['hkp://o6jfufptm5b5xhwm.onion:5858']" 02:23:02.918222045: call returned: [0, "", ""] 02:23:02.987814959: calling as amnesia: xdotool key Super 02:23:03.215900710: call returned: [0, "", ""] 02:23:05.008515296: [log] TYPE "Passwords and Keys" 02:23:08.215486291: [log] ( Ctrl ) TYPE "#ENTER." 02:23:09.018667847: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:23:09.019841117: calling as root: pidof -x -o '%PPID' seahorse 02:23:09.207457663: call returned: [0, "10993\n", ""] 02:23:10.655470250: [log] CLICK on L(303,141)@S(0)[0,0 1024x768] 02:23:12.008874209: [log] CLICK on L(358,173)@S(0)[0,0 1024x768] 02:23:13.139605624: [log] TYPE "10CC5BC7#ENTER." 02:23:18.398840040: [log] CLICK on L(284,46)@S(0)[0,0 1024x768] 02:23:19.196806346: [log] CLICK on L(18,158)@S(0)[0,0 1024x768] 02:23:20.108226347: [log] CLICK on L(53,113)@S(0)[0,0 1024x768] 02:23:20.108552734: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:20.239963774: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:23:21.240654194: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:21.375963418: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] When I fetch the "10CC5BC7" OpenPGP key using Seahorse # features/step_definitions/torified_gnupg.rb:164 02:23:27.973491498: calling as root: pidof -x -o '%PPID' seahorse 02:23:28.224253375: call returned: [0, "10993\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:86 02:23:28.225560521: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:28.349944646: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] Then the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:91 Scenario: Fetching OpenPGP keys using Seahorse via the OpenPGP Applet should work and be done over Tor. # features/torified_gnupg.feature:25 02:23:31.712522669: calling as root: echo 'hello?' 02:23:31.968908336: call returned: [0, "hello?\n", ""] 02:23:32.700533759: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:23:32.701286558: calling as root: nmcli device show eth0 02:23:33.071483215: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:23:33.097762255: calling as root: systemctl --quiet is-active tor@default.service 02:23:33.269043043: call returned: [0, "", ""] 02:23:33.269324562: calling as root: systemctl stop tor@default.service 02:23:33.508240653: call returned: [0, "", ""] 02:23:33.508467215: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:23:33.683412194: call returned: [0, "", ""] 02:23:33.683589503: calling as root: date -s '@1498732660' 02:23:33.895150649: call returned: [0, "Thu Jun 29 10:37:40 UTC 2017\n", ""] 02:23:33.895301784: calling as root: systemctl start tor@default.service 02:23:34.914717367: call returned: [0, "", ""] 02:23:34.915033815: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:35.149494882: call returned: [3, "", ""] 02:23:36.149769583: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:36.331083808: call returned: [3, "", ""] 02:23:37.331357291: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:37.538547088: call returned: [3, "", ""] 02:23:38.538859510: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:23:38.753657057: call returned: [0, "", ""] 02:23:38.754607126: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:38.861157507: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:23:38.909068694: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:23:38.942854565: read complete 02:23:38.943114087: calling as root: sed -i 's/jirk5u4osbsr34t5.onion/o6jfufptm5b5xhwm.onion:5858/' '/home/amnesia/.gnupg/dirmngr.conf' 02:23:39.135136572: call returned: [0, "", ""] 02:23:39.136701493: calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers 02:23:39.260857897: call returned: [0, "['hkp://jirk5u4osbsr34t5.onion']\n", ""] 02:23:39.261427675: calling as amnesia: gsettings set org.gnome.crypto.pgp keyservers "['hkp://o6jfufptm5b5xhwm.onion:5858']" 02:23:39.395138360: call returned: [0, "", ""] 02:23:42.202873706: [log] CLICK on L(875,12)@S(0)[0,0 1024x768] 02:23:42.203186195: [log] CLICK on L(629,100)@S(0)[0,0 1024x768] 02:23:45.719750240: calling as root: pidof -x -o '%PPID' seahorse 02:23:45.738146506: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:23:45.912929671: call returned: [0, "10997\n", ""] 02:23:49.788584447: [log] CLICK on L(303,141)@S(0)[0,0 1024x768] [log] CLICK on L(358,173)@S(0)[0,0 1024x768] 02:23:50.250835195: [log] TYPE "10CC5BC7#ENTER." 02:23:55.407614148: [log] CLICK on L(284,46)@S(0)[0,0 1024x768] 02:23:56.186187291: [log] CLICK on L(18,158)@S(0)[0,0 1024x768] 02:23:56.977310788: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:56.999989638: [log] CLICK on L(53,113)@S(0)[0,0 1024x768] 02:23:57.089645506: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:23:58.090286121: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:23:58.239556886: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] When I fetch the "10CC5BC7" OpenPGP key using Seahorse via the OpenPGP Applet # features/step_definitions/torified_gnupg.rb:164 02:24:04.372780631: calling as root: pidof -x -o '%PPID' seahorse 02:24:04.534426077: call returned: [0, "10997\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:86 02:24:04.535683873: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:24:04.676809514: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] Then the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:91 Scenario: Syncing OpenPGP keys using Seahorse should work and be done over Tor. # features/torified_gnupg.feature:30 02:24:08.060848428: calling as root: echo 'hello?' 02:24:08.228701782: call returned: [0, "hello?\n", ""] 02:24:08.964284080: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:24:08.967114646: calling as root: nmcli device show eth0 02:24:09.327327588: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:24:09.347334047: calling as root: systemctl --quiet is-active tor@default.service 02:24:09.530474772: call returned: [0, "", ""] 02:24:09.530644495: calling as root: systemctl stop tor@default.service 02:24:09.742294963: call returned: [0, "", ""] 02:24:09.742454055: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:24:09.934974734: call returned: [0, "", ""] 02:24:09.935224822: calling as root: date -s '@1498732696' 02:24:10.114064307: call returned: [0, "Thu Jun 29 10:38:16 UTC 2017\n", ""] 02:24:10.114294660: calling as root: systemctl start tor@default.service 02:24:11.412990022: call returned: [0, "", ""] 02:24:11.413262392: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:11.587694244: call returned: [3, "", ""] 02:24:12.588020803: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:12.801192377: call returned: [3, "", ""] 02:24:13.801570830: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:14.008014503: call returned: [0, "", ""] 02:24:14.009042389: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:24:14.128538654: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:24:14.172418374: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:24:14.205566821: read complete 02:24:14.205711800: calling as root: sed -i 's/jirk5u4osbsr34t5.onion/o6jfufptm5b5xhwm.onion:5858/' '/home/amnesia/.gnupg/dirmngr.conf' 02:24:14.384432427: call returned: [0, "", ""] 02:24:14.385743875: calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers 02:24:14.540857362: call returned: [0, "['hkp://jirk5u4osbsr34t5.onion']\n", ""] 02:24:14.541319619: calling as amnesia: gsettings set org.gnome.crypto.pgp keyservers "['hkp://o6jfufptm5b5xhwm.onion:5858']" 02:24:14.650244668: call returned: [0, "", ""] 02:24:14.652286655: calling as amnesia: timeout 120 gpg --batch --keyserver-options import-clean --recv-key '10CC5BC7' 02:24:15.362391422: call returned: [0, "", "gpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1\n"] Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures # features/step_definitions/torified_gnupg.rb:60 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:81 02:24:15.364909951: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:24:15.530616063: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] And the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:91 02:24:15.533047752: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:24:15.663820653: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] But the key "10CC5BC7" has only 2 signatures # features/step_definitions/torified_gnupg.rb:30 02:24:15.745563539: calling as amnesia: xdotool key Super 02:24:15.991750853: call returned: [0, "", ""] 02:24:17.755769831: [log] TYPE "Passwords and Keys" 02:24:20.907499288: [log] ( Ctrl ) TYPE "#ENTER." When I start Seahorse # features/step_definitions/torified_gnupg.rb:99 Then Seahorse has opened # features/step_definitions/torified_gnupg.rb:104 02:24:20.975965721: calling as root: pidof -x -o '%PPID' seahorse 02:24:21.267207864: call returned: [0, "11042\n", ""] 02:24:22.052030850: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:24:22.052353714: calling as root: pidof -x -o '%PPID' seahorse 02:24:22.318596853: call returned: [0, "11042\n", ""] 02:24:23.770472197: [log] CLICK on L(250,143)@S(0)[0,0 1024x768] 02:24:25.120488058: [log] CLICK on L(299,257)@S(0)[0,0 1024x768] 02:24:26.242461941: [log] ( Alt ) TYPE "p" 02:24:26.283639787: [log] TYPE "#DOWN." And I enable key synchronization in Seahorse # features/step_definitions/torified_gnupg.rb:108 02:24:26.409518783: [log] ( Alt ) TYPE "c" 02:24:27.134081334: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:24:27.134482793: calling as root: pidof -x -o '%PPID' seahorse 02:24:27.370050172: call returned: [0, "11042\n", ""] 02:24:28.663563293: [log] CLICK on L(303,141)@S(0)[0,0 1024x768] 02:24:30.070588810: [log] CLICK on L(372,201)@S(0)[0,0 1024x768] 02:24:30.888511529: [log] ( Alt ) TYPE "s" 02:24:30.888757572: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:24:31.126902352: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] 02:24:34.265740726: calling as root: pidof -x -o '%PPID' seahorse 02:24:34.527885720: call returned: [0, "11042\n", ""] 02:24:35.528256650: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:24:35.764219017: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0x42E86A2A11F48D36 2017-03-27 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 0x9E5B04F430F80A2C 2014-12-07 [User ID not found]\nsig 0xC92949B8A63BB098 2017-01-12 [User ID not found]\nsig 0x787963BC287ED166 2017-01-04 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] 02:24:38.901738373: calling as root: pidof -x -o '%PPID' seahorse 02:24:39.095696207: call returned: [0, "11042\n", ""] And I synchronize keys in Seahorse # features/step_definitions/torified_gnupg.rb:118 02:24:42.145762595: calling as root: pidof -x -o '%PPID' seahorse 02:24:42.389649190: call returned: [0, "11042\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:86 02:24:42.391585947: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:24:42.611062626: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0x42E86A2A11F48D36 2017-03-27 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 0x9E5B04F430F80A2C 2014-12-07 [User ID not found]\nsig 0xC92949B8A63BB098 2017-01-12 [User ID not found]\nsig 0x787963BC287ED166 2017-01-04 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] Then the key "10CC5BC7" has more than 2 signatures # features/step_definitions/torified_gnupg.rb:30 Scenario: Syncing OpenPGP keys using Seahorse started from the OpenPGP Applet should work and be done over Tor. # features/torified_gnupg.feature:42 02:24:46.802531131: calling as root: echo 'hello?' 02:24:47.017907669: call returned: [0, "hello?\n", ""] 02:24:47.742708637: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:24:47.742894487: calling as root: nmcli device show eth0 02:24:48.142685835: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:24:48.161593233: calling as root: systemctl --quiet is-active tor@default.service 02:24:48.379073297: call returned: [0, "", ""] 02:24:48.379296507: calling as root: systemctl stop tor@default.service 02:24:48.581764837: call returned: [0, "", ""] 02:24:48.581955199: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:24:48.808914151: call returned: [0, "", ""] 02:24:48.809085492: calling as root: date -s '@1498732735' 02:24:49.002885803: call returned: [0, "Thu Jun 29 10:38:55 UTC 2017\n", ""] 02:24:49.003107610: calling as root: systemctl start tor@default.service 02:24:50.080583444: call returned: [0, "", ""] 02:24:50.080861321: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:50.258196505: call returned: [3, "", ""] 02:24:51.258549707: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:51.437411256: call returned: [3, "", ""] 02:24:52.437698804: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:24:52.632713671: call returned: [0, "", ""] 02:24:52.633815920: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:24:52.751680778: call returned: [2, "", "gpg: error reading key: No public key\n"] 02:24:52.817291660: opening file /home/amnesia/.gnupg/dirmngr.conf in 'read' mode 02:24:52.871891394: read complete 02:24:52.872118177: calling as root: sed -i 's/jirk5u4osbsr34t5.onion/o6jfufptm5b5xhwm.onion:5858/' '/home/amnesia/.gnupg/dirmngr.conf' 02:24:53.043552077: call returned: [0, "", ""] 02:24:53.044789015: calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers 02:24:53.231205540: call returned: [0, "['hkp://jirk5u4osbsr34t5.onion']\n", ""] 02:24:53.231607953: calling as amnesia: gsettings set org.gnome.crypto.pgp keyservers "['hkp://o6jfufptm5b5xhwm.onion:5858']" 02:24:53.362810735: call returned: [0, "", ""] 02:24:53.363838931: calling as amnesia: timeout 120 gpg --batch --keyserver-options import-clean --recv-key '10CC5BC7' 02:24:54.034037294: call returned: [0, "", "gpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1\n"] Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures # features/step_definitions/torified_gnupg.rb:60 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:81 02:24:54.036643959: calling as amnesia: gpg --batch --list-keys '10CC5BC7' 02:24:54.193368310: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\n\n", ""] And the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:91 02:24:54.196021198: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:24:54.320165206: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] But the key "10CC5BC7" has only 2 signatures # features/step_definitions/torified_gnupg.rb:30 02:24:57.058886140: [log] CLICK on L(875,12)@S(0)[0,0 1024x768] 02:24:57.059123894: [log] CLICK on L(629,100)@S(0)[0,0 1024x768] When I start Seahorse via the OpenPGP Applet # features/step_definitions/torified_gnupg.rb:99 Then Seahorse has opened # features/step_definitions/torified_gnupg.rb:104 02:24:59.615101492: calling as root: pidof -x -o '%PPID' seahorse 02:24:59.794529225: call returned: [0, "11012\n", ""] 02:25:00.590945114: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:25:00.591377554: calling as root: pidof -x -o '%PPID' seahorse 02:25:00.834256370: call returned: [0, "11012\n", ""] 02:25:02.116604787: [log] CLICK on L(250,143)@S(0)[0,0 1024x768] 02:25:03.540215254: [log] CLICK on L(299,257)@S(0)[0,0 1024x768] 02:25:04.203637372: [log] ( Alt ) TYPE "p" 02:25:04.244748731: [log] TYPE "#DOWN." And I enable key synchronization in Seahorse # features/step_definitions/torified_gnupg.rb:108 02:25:04.372083941: [log] ( Alt ) TYPE "c" 02:25:05.102956105: calling as root: pidof -x -o '%PPID' seahorse 02:25:05.103108456: [log] CLICK on L(510,110)@S(0)[0,0 1024x768] 02:25:05.350122412: call returned: [0, "11012\n", ""] 02:25:06.636410174: [log] CLICK on L(303,141)@S(0)[0,0 1024x768] 02:25:08.042059734: [log] CLICK on L(372,201)@S(0)[0,0 1024x768] 02:25:09.128825893: [log] ( Alt ) TYPE "s" 02:25:09.129062327: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:25:09.340263447: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] 02:25:12.643568807: calling as root: pidof -x -o '%PPID' seahorse 02:25:12.792114158: call returned: [0, "11012\n", ""] 02:25:13.792444267: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:25:13.984656265: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0x42E86A2A11F48D36 2017-03-27 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 0x9E5B04F430F80A2C 2014-12-07 [User ID not found]\nsig 0xC92949B8A63BB098 2017-01-12 [User ID not found]\nsig 0x787963BC287ED166 2017-01-04 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] 02:25:17.080448051: calling as root: pidof -x -o '%PPID' seahorse 02:25:17.246390224: call returned: [0, "11012\n", ""] And I synchronize keys in Seahorse # features/step_definitions/torified_gnupg.rb:118 02:25:20.341100702: calling as root: pidof -x -o '%PPID' seahorse 02:25:20.560333873: call returned: [0, "11012\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:86 02:25:20.561513436: calling as amnesia: gpg --batch --list-sigs 10CC5BC7 02:25:20.784286128: call returned: [0, "pub rsa4096/0x1D84CCF010CC5BC7 2012-08-21 [SC] [expires: 2017-08-14]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2016-08-14 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0x42E86A2A11F48D36 2017-03-27 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 0x9E5B04F430F80A2C 2014-12-07 [User ID not found]\nsig 0xC92949B8A63BB098 2017-01-12 [User ID not found]\nsig 0x787963BC287ED166 2017-01-04 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub rsa4096/0x839D3BF32EA80502 2012-08-21 [E] [expires: 2017-08-14]\nsig 0x1D84CCF010CC5BC7 2016-08-14 anonym \n\n", ""] Then the key "10CC5BC7" has more than 2 signatures # features/step_definitions/torified_gnupg.rb:30 @product @check_tor_leaks Feature: Various checks for torified software Background: # features/torified_misc.feature:4 02:25:24.984814993: calling as root: echo 'hello?' 02:25:25.201704775: call returned: [0, "hello?\n", ""] 02:25:25.945027383: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:25:25.945194131: calling as root: nmcli device show eth0 02:25:26.327085256: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:25:26.344145535: calling as root: systemctl --quiet is-active tor@default.service 02:25:26.540413796: call returned: [0, "", ""] 02:25:26.540573894: calling as root: systemctl stop tor@default.service 02:25:26.775432701: call returned: [0, "", ""] 02:25:26.775581912: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:25:27.005500646: call returned: [0, "", ""] 02:25:27.005679077: calling as root: date -s '@1498732773' 02:25:27.207497309: call returned: [0, "Thu Jun 29 10:39:33 UTC 2017\n", ""] 02:25:27.207703815: calling as root: systemctl start tor@default.service 02:25:28.422174937: call returned: [0, "", ""] 02:25:28.422399193: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:28.663883531: call returned: [3, "", ""] 02:25:29.664191871: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:29.899289713: call returned: [3, "", ""] 02:25:30.899626767: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:31.073385756: call returned: [0, "", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:172 Scenario: wget(1) should work for HTTP and go through Tor. # features/torified_misc.feature:7 02:25:31.076610728: calling as amnesia: wget -O - 'http://example.com/' 02:25:31.526954129: call returned: [0, "\n\n\n Example Domain\n\n \n \n \n \n\n\n\n
\n

Example Domain

\n

This domain is established to be used for illustrative examples in documents. You may use this\n domain in examples without prior coordination or asking for permission.

\n

More information...

\n
\n\n\n", "--2017-06-29 10:39:37-- http://example.com/\nResolving example.com (example.com)... 93.184.216.34\nConnecting to example.com (example.com)|93.184.216.34|:80... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1270 (1.2K) [text/html]\nSaving to: ‘STDOUT’\n\n 0K . 100% 160M=0s\n\n2017-06-29 10:39:37 (160 MB/s) - written to stdout [1270/1270]\n\n"] When I wget "http://example.com/" to stdout # features/step_definitions/torified_misc.rb:14 Then the wget command is successful # features/step_definitions/torified_misc.rb:35 And the wget standard output contains "Example Domain" # features/step_definitions/torified_misc.rb:44 Scenario: wget(1) should work for HTTPS and go through Tor. # features/torified_misc.feature:12 02:25:34.896730855: calling as root: echo 'hello?' 02:25:35.075919717: call returned: [0, "hello?\n", ""] 02:25:35.806408179: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:25:35.806696497: calling as root: nmcli device show eth0 02:25:36.214776000: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:25:36.238339779: calling as root: systemctl --quiet is-active tor@default.service 02:25:36.421612903: call returned: [0, "", ""] 02:25:36.421812432: calling as root: systemctl stop tor@default.service 02:25:36.704442027: call returned: [0, "", ""] 02:25:36.704618846: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:25:36.872141710: call returned: [0, "", ""] 02:25:36.872315589: calling as root: date -s '@1498732783' 02:25:37.083141761: call returned: [0, "Thu Jun 29 10:39:43 UTC 2017\n", ""] 02:25:37.083295275: calling as root: systemctl start tor@default.service 02:25:38.190513043: call returned: [0, "", ""] 02:25:38.190744768: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:38.406038230: call returned: [3, "", ""] 02:25:39.406403628: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:39.627246589: call returned: [3, "", ""] 02:25:40.627504920: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:40.817424801: call returned: [0, "", ""] 02:25:40.820029618: calling as amnesia: wget -O - 'https://example.com/' 02:25:41.320561969: call returned: [0, "\n\n\n Example Domain\n\n \n \n \n \n\n\n\n
\n

Example Domain

\n

This domain is established to be used for illustrative examples in documents. You may use this\n domain in examples without prior coordination or asking for permission.

\n

More information...

\n
\n\n\n", "--2017-06-29 10:39:46-- https://example.com/\nResolving example.com (example.com)... 93.184.216.34\nConnecting to example.com (example.com)|93.184.216.34|:443... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1270 (1.2K) [text/html]\nSaving to: ‘STDOUT’\n\n 0K . 100% 27.9K=0.04s\n\n2017-06-29 10:39:47 (27.9 KB/s) - written to stdout [1270/1270]\n\n"] When I wget "https://example.com/" to stdout # features/step_definitions/torified_misc.rb:14 Then the wget command is successful # features/step_definitions/torified_misc.rb:35 And the wget standard output contains "Example Domain" # features/step_definitions/torified_misc.rb:44 Scenario: wget(1) with tricky options should work for HTTP and go through Tor. # features/torified_misc.feature:17 02:25:44.623619349: calling as root: echo 'hello?' 02:25:44.806064029: call returned: [0, "hello?\n", ""] 02:25:45.531991691: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:25:45.532235811: calling as root: nmcli device show eth0 02:25:45.967003092: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:25:45.984883501: calling as root: systemctl --quiet is-active tor@default.service 02:25:46.223888927: call returned: [0, "", ""] 02:25:46.224093393: calling as root: systemctl stop tor@default.service 02:25:46.489751130: call returned: [0, "", ""] 02:25:46.490017547: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:25:46.702486673: call returned: [0, "", ""] 02:25:46.702721436: calling as root: date -s '@1498732793' 02:25:46.972183665: call returned: [0, "Thu Jun 29 10:39:53 UTC 2017\n", ""] 02:25:46.972377736: calling as root: systemctl start tor@default.service 02:25:48.108233079: call returned: [0, "", ""] 02:25:48.108537906: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:48.330974090: call returned: [3, "", ""] 02:25:49.331342253: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:49.553488170: call returned: [3, "", ""] 02:25:50.553824237: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:50.775796109: call returned: [0, "", ""] 02:25:50.786752428: calling as amnesia: wget --spider --header="Host: dl.amnesia.boum.org" -O - 'http://5.104.106.180/tails/stable/' 02:25:51.367868187: call returned: [0, "", "Spider mode enabled. Check if remote file exists.\n--2017-06-29 10:39:57-- http://5.104.106.180/tails/stable/\nConnecting to 5.104.106.180:80... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: unspecified [text/html]\nRemote file exists and could contain further links,\nbut recursion is disabled -- not retrieving.\n\n"] When I wget "some Tails mirror" to stdout with the '--spider --header="Host: dl.amnesia.boum.org"' options # features/step_definitions/torified_misc.rb:14 Resolved dl.amnesia.boum.org to 5.104.106.180 Then the wget command is successful # features/step_definitions/torified_misc.rb:35 Scenario: whois(1) should work and go through Tor. # features/torified_misc.feature:21 02:25:54.886390068: calling as root: echo 'hello?' 02:25:55.099292727: call returned: [0, "hello?\n", ""] 02:25:55.825229178: calling as root: nmcli device show eth0 02:25:55.857944173: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:25:56.225818573: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 100 (connected)\nGENERAL.CONNECTION: Wired connection\nGENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1\nWIRED-PROPERTIES.CARRIER: on\nIP4.ADDRESS[1]: 10.2.1.232/24\nIP4.GATEWAY: 10.2.1.1\nIP4.DNS[1]: 10.2.1.1\nIP6.ADDRESS[1]: fe80::5254:ff:fe5f:a87a/64\nIP6.GATEWAY: --\n", ""] 02:25:56.256944584: calling as root: systemctl --quiet is-active tor@default.service 02:25:56.470727378: call returned: [0, "", ""] 02:25:56.470941403: calling as root: systemctl stop tor@default.service 02:25:56.718755505: call returned: [0, "", ""] 02:25:56.719017104: calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target 02:25:56.968844414: call returned: [0, "", ""] 02:25:56.969017280: calling as root: date -s '@1498732803' 02:25:57.203213534: call returned: [0, "Thu Jun 29 10:40:03 UTC 2017\n", ""] 02:25:57.203435884: calling as root: systemctl start tor@default.service 02:25:58.311336152: call returned: [0, "", ""] 02:25:58.311634031: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:58.525414574: call returned: [3, "", ""] 02:25:59.525769002: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:25:59.690240312: call returned: [3, "", ""] 02:26:00.690560619: calling as root: /usr/local/sbin/tor-has-bootstrapped 02:26:00.892754833: call returned: [0, "", ""] 02:26:00.894487710: calling as amnesia: whois 'torproject.org' 02:26:01.626492062: call returned: [0, "Domain Name: TORPROJECT.ORG\nRegistry Domain ID: D130971538-LROR\nRegistrar WHOIS Server:\nRegistrar URL: http://www.joker.com\nUpdated Date: 2017-06-29T07:34:35Z\nCreation Date: 2006-10-17T22:02:50Z\nRegistry Expiry Date: 2018-10-17T22:02:50Z\nRegistrar Registration Expiration Date:\nRegistrar: CSL Computer Service Langenbach GmbH d/b/a joker.com a German GmbH\nRegistrar IANA ID: 113\nRegistrar Abuse Contact Email:\nRegistrar Abuse Contact Phone:\nReseller:\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: C23324768-LROR\nRegistrant Name: - -\nRegistrant Organization: The Tor Project, Inc\nRegistrant Street: 217 1st Ave S #4903\nRegistrant City: Seattle\nRegistrant State/Province: WA\nRegistrant Postal Code: 98194\nRegistrant Country: US\nRegistrant Phone: +1.2064203471\nRegistrant Phone Ext:\nRegistrant Fax:\nRegistrant Fax Ext:\nRegistrant Email: hostmaster@torproject.org\nRegistry Admin ID: C99348838-LROR\nAdmin Name: The Tor Project\nAdmin Organization: The Tor Project\nAdmin Street: 217 1st Ave S #4903\nAdmin City: Seattle\nAdmin State/Province: WA\nAdmin Postal Code: 98194\nAdmin Country: US\nAdmin Phone: +1.2064203471\nAdmin Phone Ext:\nAdmin Fax:\nAdmin Fax Ext:\nAdmin Email: hostmaster@torproject.org\nRegistry Tech ID: C99348838-LROR\nTech Name: The Tor Project\nTech Organization: The Tor Project\nTech Street: 217 1st Ave S #4903\nTech City: Seattle\nTech State/Province: WA\nTech Postal Code: 98194\nTech Country: US\nTech Phone: +1.2064203471\nTech Phone Ext:\nTech Fax:\nTech Fax Ext:\nTech Email: hostmaster@torproject.org\nName Server: NS1.TORPROJECT.ORG\nName Server: NS3.TORPROJECT.ORG\nName Server: NS2.TORPROJECT.ORG\nName Server: NS4.TORPROJECT.ORG\nName Server: NS5.TORPROJECT.ORG\nDNSSEC: signedDelegation\nURL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/\n>>> Last update of WHOIS database: 2017-06-29T10:39:08Z <<<\n\nFor more information on Whois status codes, please visit https://icann.org/epp\n\nAccess to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.\n", ""] When I query the whois directory service for "torproject.org" # features/step_definitions/torified_misc.rb:3 Then the whois command is successful # features/step_definitions/torified_misc.rb:35 Then the whois standard output contains "The Tor Project" # features/step_definitions/torified_misc.rb:44 @product Feature: Using Totem As a Tails user I want to watch local and remote videos in Totem And AppArmor should prevent Totem from doing dangerous things And all Internet traffic should flow only through Tor Background: # features/totem.feature:8 Given I create sample videos # features/step_definitions/totem.rb:1 Scenario: Watching a MP4 video stored on the non-persistent filesystem # features/totem.feature:11 02:26:05.303516730: calling as root: echo 'hello?' 02:26:05.637378382: call returned: [0, "hello?\n", ""] 02:26:06.368241899: calling as root: nmcli device show eth0 02:26:06.391706427: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:26:06.854516836: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:26:06.872425376: calling as root: date -s '@1498732813' 02:26:07.075350971: call returned: [0, "Thu Jun 29 10:40:13 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 02:26:07.139766455: libguestfs: trace: set_autosync true 02:26:07.139925707: libguestfs: trace: set_autosync = 0 02:26:07.144924797: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/LfOIhlqZvi" "format:qcow2" 02:26:07.145089137: libguestfs: trace: add_drive = 0 02:26:07.145174279: libguestfs: trace: launch 02:26:07.145376099: libguestfs: trace: get_tmpdir 02:26:07.145434264: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 02:26:07.145532051: libguestfs: trace: get_backend_setting "force_tcg" 02:26:07.145744654: libguestfs: trace: get_backend_setting = NULL (error) 02:26:07.145812436: libguestfs: trace: get_cachedir 02:26:07.145864048: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:26:07.220907987: libguestfs: trace: get_cachedir 02:26:07.221104726: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:26:07.221281597: libguestfs: trace: get_sockdir 02:26:07.221523472: libguestfs: trace: get_sockdir = "/tmp" 02:26:07.221724508: libguestfs: trace: get_backend_setting "gdb" 02:26:07.221804507: libguestfs: trace: get_backend_setting = NULL (error) 02:26:11.528702814: libguestfs: trace: launch = 0 02:26:11.529015393: libguestfs: trace: list_devices 02:26:11.529944858: libguestfs: trace: list_devices = ["/dev/sda"] 02:26:11.530397509: libguestfs: trace: part_disk "/dev/sda" "gpt" 02:26:11.592733237: libguestfs: trace: part_disk = 0 02:26:11.592960828: libguestfs: trace: part_set_name "/dev/sda" 1 "LfOIhlqZvi" 02:26:11.640892410: libguestfs: trace: part_set_name = 0 02:26:11.641084914: libguestfs: trace: list_partitions 02:26:11.642017466: libguestfs: trace: list_partitions = ["/dev/sda1"] 02:26:11.642171768: libguestfs: trace: mkfs "ext4" "/dev/sda1" 02:26:11.662892203: libguestfs: trace: mkfs = 0 02:26:11.663096502: libguestfs: trace: close 02:26:11.663880454: libguestfs: trace: internal_autosync 02:26:11.671979436: libguestfs: trace: internal_autosync = 0 02:26:11.774407363: libguestfs: trace: set_autosync true 02:26:11.774591034: libguestfs: trace: set_autosync = 0 02:26:11.780041309: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/LfOIhlqZvi" "format:qcow2" 02:26:11.780147564: libguestfs: trace: add_drive = 0 02:26:11.780395615: libguestfs: trace: launch 02:26:11.780450564: libguestfs: trace: get_tmpdir 02:26:11.780503560: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 02:26:11.780773372: libguestfs: trace: get_backend_setting "force_tcg" 02:26:11.780840715: libguestfs: trace: get_backend_setting = NULL (error) 02:26:11.780898733: libguestfs: trace: get_cachedir 02:26:11.781095343: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:26:11.835550870: libguestfs: trace: get_cachedir 02:26:11.835720122: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:26:11.836214130: libguestfs: trace: get_sockdir 02:26:11.836292966: libguestfs: trace: get_sockdir = "/tmp" 02:26:11.836461869: libguestfs: trace: get_backend_setting "gdb" 02:26:11.836661380: libguestfs: trace: get_backend_setting = NULL (error) 02:26:16.082017252: libguestfs: trace: launch = 0 02:26:16.082348345: libguestfs: trace: list_devices 02:26:16.083962574: libguestfs: trace: list_devices = ["/dev/sda"] 02:26:16.085008250: libguestfs: trace: list_partitions 02:26:16.085596314: libguestfs: trace: list_partitions = ["/dev/sda1"] 02:26:16.086410835: libguestfs: trace: mount "/dev/sda1" "/" 02:26:16.099704845: libguestfs: trace: mount = 0 02:26:16.099952179: libguestfs: trace: upload "/tmp/TailsToaster/video_dir/video.mp4" "/video.mp4" 02:26:16.102505143: libguestfs: trace: upload = 0 02:26:16.102648321: libguestfs: trace: close 02:26:16.102759541: libguestfs: trace: internal_autosync 02:26:16.113633837: libguestfs: trace: internal_autosync = 0 02:26:16.314524020: calling as root: test -b /dev/sda 02:26:16.529695274: call returned: [1, "", ""] 02:26:17.551128835: calling as root: test -b /dev/sda 02:26:17.733798537: call returned: [1, "", ""] 02:26:18.765181272: calling as root: test -b /dev/sda 02:26:18.982828461: call returned: [0, "", ""] 02:26:18.983151067: calling as root: mktemp -d 02:26:19.179749662: call returned: [0, "/tmp/tmp.qvwbTZMA86\n", ""] 02:26:19.199459284: calling as root: mount /dev/sda1 /tmp/tmp.qvwbTZMA86 02:26:19.835771136: call returned: [0, "", ""] 02:26:19.835966233: calling as root: chmod -R a+rX '/tmp/tmp.qvwbTZMA86' 02:26:20.018374447: call returned: [0, "", ""] And I plug and mount a USB drive containing sample videos # features/step_definitions/totem.rb:12 02:26:20.021440264: calling as amnesia: cp "/tmp/tmp.qvwbTZMA86/video.mp4" "/home/amnesia/video.mp4" 02:26:20.148695215: call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia" as user "amnesia" # features/step_definitions/totem.rb:18 02:26:20.151330048: calling as root: test -e '/home/amnesia/video.mp4' 02:26:20.454540138: call returned: [0, "", ""] And the file "/home/amnesia/video.mp4" exists # features/step_definitions/common_steps.rb:596 02:26:20.456689685: calling as root: sysctl -w kernel.printk_ratelimit=0 02:26:20.843244988: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:26:20.843429292: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:26:21.024530830: call returned: [0, "2017-06-29 10:40:26\n", ""] Given I start monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:26:21.027060452: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:26:21.244371981: call returned: [1, "", ""] 02:26:21.310266189: calling as amnesia: xdotool key Super 02:26:21.546522598: call returned: [0, "", ""] 02:26:23.270238133: [log] TYPE "GNOME Terminal" 02:26:28.507393659: [log] ( Ctrl ) TYPE "#ENTER." [log] TYPE "totem /home/amnesia/video.mp4#ENTER." When I open "/home/amnesia/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "SampleLocalMp4VideoFrame.png" after at most 40 seconds # features/step_definitions/common_steps.rb:437 02:26:45.566310503: calling as root: journalctl --full --no-pager --since='2017-06-29 10:40:26' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/video.mp4"' 02:26:45.929347912: call returned: [1, "", ""] And AppArmor has not denied "/usr/bin/totem" from opening "/home/amnesia/video.mp4" # features/step_definitions/common_steps.rb:848 02:26:45.931844230: calling as root: killall totem 02:26:46.376043721: call returned: [0, "", ""] 02:26:46.376404448: calling as root: pidof -x -o '%PPID' totem 02:26:46.611257688: call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:31 02:26:46.613940395: calling as amnesia: cp "/tmp/tmp.qvwbTZMA86/video.mp4" "/home/amnesia/.gnupg/video.mp4" 02:26:46.827543912: call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/totem.rb:18 02:26:46.829611489: calling as root: test -e '/home/amnesia/.gnupg/video.mp4' 02:26:47.020055545: call returned: [0, "", ""] And the file "/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:596 02:26:47.022083013: calling as root: sysctl -w kernel.printk_ratelimit=0 02:26:47.253008366: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:26:47.253207006: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:26:47.401721478: call returned: [0, "2017-06-29 10:40:53\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:26:47.404213379: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:26:47.685013139: call returned: [0, "10406\n", ""] 02:26:48.475629124: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 02:26:49.990211893: [log] TYPE "totem /home/amnesia/.gnupg/video.mp4#ENTER." When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 02:26:52.086422391: calling as root: journalctl --full --no-pager --since='2017-06-29 10:40:53' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/.gnupg/video.mp4"' 02:26:52.358444802: call returned: [0, "Jun 29 10:40:56 amnesia kernel: audit: type=1400 audit(1498732856.664:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=11163 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:40:56 amnesia kernel: audit: type=1400 audit(1498732856.716:31): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=11163 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:40:56 amnesia kernel: audit: type=1400 audit(1498732856.716:32): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=11163 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:40:56 amnesia kernel: audit: type=1400 audit(1498732856.716:33): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=11163 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:848 02:26:52.359881894: calling as root: killall totem 02:26:52.538057641: call returned: [0, "", ""] 02:26:52.538367440: calling as root: pidof -x -o '%PPID' totem 02:26:52.859713020: call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:31 02:26:52.862283049: calling as root: test -e '/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4' 02:26:53.079180483: call returned: [0, "", ""] And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:596 02:26:53.080484903: calling as root: sysctl -w kernel.printk_ratelimit=0 02:26:53.301672488: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:26:53.301888892: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:26:53.447667215: call returned: [0, "2017-06-29 10:40:59\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:26:53.450447582: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:26:53.685463884: call returned: [0, "10406\n", ""] 02:26:54.482322880: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 02:26:56.958306639: [log] TYPE "totem /lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4#ENTER." When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 02:26:58.787290273: calling as root: journalctl --full --no-pager --since='2017-06-29 10:40:59' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"' 02:26:59.094353378: call returned: [0, "Jun 29 10:41:03 amnesia kernel: audit: type=1400 audit(1498732863.624:35): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11510 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:03 amnesia kernel: audit: type=1400 audit(1498732863.644:36): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11510 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:03 amnesia kernel: audit: type=1400 audit(1498732863.644:37): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11510 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:03 amnesia kernel: audit: type=1400 audit(1498732863.644:38): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11510 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:848 02:26:59.095808968: calling as root: killall totem 02:26:59.313056984: call returned: [0, "", ""] 02:26:59.313378275: calling as root: pidof -x -o '%PPID' totem 02:26:59.669196366: call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:31 02:26:59.671207864: calling as root: test -e '/live/overlay/home/amnesia/.gnupg/video.mp4' 02:26:59.852198991: call returned: [0, "", ""] And the file "/live/overlay/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:596 02:26:59.853535803: calling as root: sysctl -w kernel.printk_ratelimit=0 02:27:00.027181242: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:27:00.027361128: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:27:00.260499332: call returned: [0, "2017-06-29 10:41:06\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:27:00.262995331: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:27:00.487194215: call returned: [0, "10406\n", ""] 02:27:01.276205763: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 02:27:03.328207726: [log] TYPE "totem /live/overlay/home/amnesia/.gnupg/video.mp4#ENTER." When I try to open "/live/overlay/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 02:27:05.236879372: calling as root: journalctl --full --no-pager --since='2017-06-29 10:41:06' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"' 02:27:05.501753496: call returned: [0, "Jun 29 10:41:10 amnesia kernel: audit: type=1400 audit(1498732870.028:40): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11835 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:10 amnesia kernel: audit: type=1400 audit(1498732870.040:41): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11835 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:10 amnesia kernel: audit: type=1400 audit(1498732870.040:42): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11835 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:10 amnesia kernel: audit: type=1400 audit(1498732870.040:43): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=11835 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:848 02:27:05.503205211: calling as root: killall totem 02:27:05.744755032: call returned: [0, "", ""] 02:27:05.744951104: calling as root: pidof -x -o '%PPID' totem 02:27:05.990221158: call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:31 02:27:05.992240127: calling as amnesia: cp "/home/amnesia/video.mp4" "/home/amnesia/.purple/otr.private_key" 02:27:06.158609960: call returned: [0, "", ""] And I copy "/home/amnesia/video.mp4" to "/home/amnesia/.purple/otr.private_key" as user "amnesia" # features/step_definitions/common_steps.rb:618 02:27:06.160031292: calling as root: sysctl -w kernel.printk_ratelimit=0 02:27:06.356892276: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:27:06.357108791: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:27:06.607307634: call returned: [0, "2017-06-29 10:41:12\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:27:06.610006701: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:27:06.827249277: call returned: [0, "10406\n", ""] 02:27:07.608487746: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 02:27:09.439971424: [log] TYPE "totem /home/amnesia/.purple/otr.private_key#ENTER." When I try to open "/home/amnesia/.purple/otr.private_key" with Totem # features/step_definitions/totem.rb:27 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 02:27:11.640695217: calling as root: journalctl --full --no-pager --since='2017-06-29 10:41:12' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/.purple/otr.private_key"' 02:27:11.895565585: call returned: [0, "Jun 29 10:41:16 amnesia kernel: audit: type=1400 audit(1498732876.356:45): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.purple/otr.private_key\" pid=12130 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:16 amnesia kernel: audit: type=1400 audit(1498732876.376:46): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.purple/otr.private_key\" pid=12130 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:16 amnesia kernel: audit: type=1400 audit(1498732876.376:47): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.purple/otr.private_key\" pid=12130 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:16 amnesia kernel: audit: type=1400 audit(1498732876.376:48): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.purple/otr.private_key\" pid=12130 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:41:16 amnesia kernel: audit: type=1400 audit(1498732876.388:50): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.purple/otr.private_key\" pid=12130 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.purple/otr.private_key" # features/step_definitions/common_steps.rb:848 Scenario: Watching MP4 videos stored on the persistent volume should work as expected given our AppArmor confinement # features/totem.feature:53 02:27:16.369707009: calling as root: echo 'hello?' 02:27:16.647152281: call returned: [0, "hello?\n", ""] 02:27:17.380610774: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:27:17.380929580: calling as root: nmcli device show eth0 02:27:17.751887011: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:65:19:EF\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:27:17.787029148: calling as root: date -s '@1498732884' 02:27:18.027996023: call returned: [0, "Thu Jun 29 10:41:24 UTC 2017\n", ""] Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in # features/step_definitions/snapshots.rb:172 02:27:18.088801070: libguestfs: trace: set_autosync true 02:27:18.088938944: libguestfs: trace: set_autosync = 0 02:27:18.101629978: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/PSkkdonqQN" "format:qcow2" 02:27:18.101763138: libguestfs: trace: add_drive = 0 02:27:18.102035624: libguestfs: trace: launch 02:27:18.102094085: libguestfs: trace: get_tmpdir 02:27:18.102148873: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 02:27:18.102231769: libguestfs: trace: get_backend_setting "force_tcg" 02:27:18.102425100: libguestfs: trace: get_backend_setting = NULL (error) 02:27:18.102512603: libguestfs: trace: get_cachedir 02:27:18.102565505: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:27:18.151704956: libguestfs: trace: get_cachedir 02:27:18.151869669: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:27:18.152028698: libguestfs: trace: get_sockdir 02:27:18.152100583: libguestfs: trace: get_sockdir = "/tmp" 02:27:18.152520051: libguestfs: trace: get_backend_setting "gdb" 02:27:18.152617065: libguestfs: trace: get_backend_setting = NULL (error) 02:27:21.472001676: libguestfs: trace: launch = 0 02:27:21.472269017: libguestfs: trace: list_devices 02:27:21.473795454: libguestfs: trace: list_devices = ["/dev/sda"] 02:27:21.473935731: libguestfs: trace: part_disk "/dev/sda" "gpt" 02:27:21.529576912: libguestfs: trace: part_disk = 0 02:27:21.529791081: libguestfs: trace: part_set_name "/dev/sda" 1 "PSkkdonqQN" 02:27:21.581390858: libguestfs: trace: part_set_name = 0 02:27:21.581586883: libguestfs: trace: list_partitions 02:27:21.581950903: libguestfs: trace: list_partitions = ["/dev/sda1"] 02:27:21.582097273: libguestfs: trace: mkfs "ext4" "/dev/sda1" 02:27:21.596923664: libguestfs: trace: mkfs = 0 02:27:21.597096558: libguestfs: trace: close 02:27:21.597215171: libguestfs: trace: internal_autosync 02:27:21.605083178: libguestfs: trace: internal_autosync = 0 02:27:21.713690983: libguestfs: trace: set_autosync true 02:27:21.714271881: libguestfs: trace: set_autosync = 0 02:27:21.719354279: libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/PSkkdonqQN" "format:qcow2" 02:27:21.719687920: libguestfs: trace: add_drive = 0 02:27:21.719767220: libguestfs: trace: launch 02:27:21.719828504: libguestfs: trace: get_tmpdir 02:27:21.719889497: libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" 02:27:21.720175364: libguestfs: trace: get_backend_setting "force_tcg" 02:27:21.720252960: libguestfs: trace: get_backend_setting = NULL (error) 02:27:21.720338222: libguestfs: trace: get_cachedir 02:27:21.720634145: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:27:21.770335411: libguestfs: trace: get_cachedir 02:27:21.770498239: libguestfs: trace: get_cachedir = "/tmp/TailsToaster" 02:27:21.770665174: libguestfs: trace: get_sockdir 02:27:21.770924190: libguestfs: trace: get_sockdir = "/tmp" 02:27:21.771133024: libguestfs: trace: get_backend_setting "gdb" 02:27:21.771215473: libguestfs: trace: get_backend_setting = NULL (error) 02:27:24.997210251: libguestfs: trace: launch = 0 02:27:24.997479351: libguestfs: trace: list_devices 02:27:24.998116446: libguestfs: trace: list_devices = ["/dev/sda"] 02:27:24.998284202: libguestfs: trace: list_partitions 02:27:24.999302685: libguestfs: trace: list_partitions = ["/dev/sda1"] 02:27:24.999440493: libguestfs: trace: mount "/dev/sda1" "/" 02:27:25.003722873: libguestfs: trace: mount = 0 02:27:25.004302096: libguestfs: trace: upload "/tmp/TailsToaster/video_dir/video.mp4" "/video.mp4" 02:27:25.005359077: libguestfs: trace: upload = 0 02:27:25.005479865: libguestfs: trace: close 02:27:25.005991274: libguestfs: trace: internal_autosync 02:27:25.012753859: libguestfs: trace: internal_autosync = 0 02:27:25.208777335: calling as root: test -b /dev/sdb 02:27:25.430410007: call returned: [1, "", ""] 02:27:26.450446304: calling as root: test -b /dev/sdb 02:27:26.713739359: call returned: [0, "", ""] 02:27:26.713986438: calling as root: mktemp -d 02:27:26.946568791: call returned: [0, "/tmp/tmp.R1p9kfgI2I\n", ""] 02:27:26.979071850: calling as root: mount /dev/sdb1 /tmp/tmp.R1p9kfgI2I 02:27:27.253521477: call returned: [0, "", ""] 02:27:27.253699563: calling as root: chmod -R a+rX '/tmp/tmp.R1p9kfgI2I' 02:27:27.590849354: call returned: [0, "", ""] And I plug and mount a USB drive containing sample videos # features/step_definitions/totem.rb:12 02:27:27.593321772: calling as amnesia: cp "/tmp/tmp.R1p9kfgI2I/video.mp4" "/home/amnesia/Persistent/video.mp4" 02:27:27.730383647: call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia/Persistent" as user "amnesia" # features/step_definitions/totem.rb:18 02:27:27.732788620: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:27:27.928556274: call returned: [1, "", ""] 02:27:28.000022299: calling as amnesia: xdotool key Super 02:27:28.240533055: call returned: [0, "", ""] 02:27:34.179200943: [log] TYPE "GNOME Terminal" [log] ( Ctrl ) TYPE "#ENTER." 02:27:35.895180827: [log] TYPE "totem /home/amnesia/Persistent/video.mp4#ENTER." When I open "/home/amnesia/Persistent/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "SampleLocalMp4VideoFrame.png" after at most 40 seconds # features/step_definitions/common_steps.rb:437 02:27:53.523592325: calling as root: killall totem 02:27:53.931881518: call returned: [0, "", ""] 02:27:53.932151895: calling as root: pidof -x -o '%PPID' totem 02:27:54.258722245: call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:31 02:27:54.260126682: calling as root: sysctl -w kernel.printk_ratelimit=0 02:27:54.645202526: call returned: [0, "kernel.printk_ratelimit = 0\n", ""] 02:27:54.645376880: calling as root: date +"%Y-%m-%d %H:%M:%S" 02:27:54.845439026: call returned: [0, "2017-06-29 10:42:00\n", ""] And I start monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:836 02:27:54.847493243: calling as amnesia: cp "/tmp/tmp.R1p9kfgI2I/video.mp4" "/home/amnesia/.gnupg/video.mp4" 02:27:55.004777578: call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/totem.rb:18 02:27:55.006144809: calling as root: pidof -x -o '%PPID' gnome-terminal-server 02:27:55.210425015: call returned: [0, "18358\n", ""] 02:27:55.999057022: [log] CLICK on L(226,171)@S(0)[0,0 1024x768] 02:27:57.521785228: [log] TYPE "totem /home/amnesia/.gnupg/video.mp4#ENTER." When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:27 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:437 02:27:59.887145036: calling as root: journalctl --full --no-pager --since='2017-06-29 10:42:00' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/.gnupg/video.mp4"' 02:28:00.191455078: call returned: [0, "Jun 29 10:42:04 amnesia kernel: audit: type=1400 audit(1498732924.396:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=19082 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:42:04 amnesia kernel: audit: type=1400 audit(1498732924.416:31): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=19082 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:42:04 amnesia kernel: audit: type=1400 audit(1498732924.416:32): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=19082 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 29 10:42:04 amnesia kernel: audit: type=1400 audit(1498732924.416:33): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=19082 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:848 @product Feature: Browsing the web using the Unsafe Browser As a Tails user when I browse the web using the Unsafe Browser I should have direct access to the web Scenario: Starting the Unsafe Browser without a network connection results in a complaint about no DNS server being configured # features/unsafe_browser.feature:73 02:28:03.084890677: calling as root: echo 'hello?' 02:28:03.318549979: call returned: [0, "hello?\n", ""] 02:28:04.045250483: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:28:04.045528601: calling as root: nmcli device show eth0 02:28:04.386836656: call returned: [0, "GENERAL.DEVICE: eth0\nGENERAL.TYPE: ethernet\nGENERAL.HWADDR: 50:54:00:5F:A8:7A\nGENERAL.MTU: 1500\nGENERAL.STATE: 20 (unavailable)\nGENERAL.CONNECTION: --\nGENERAL.CON-PATH: --\nWIRED-PROPERTIES.CARRIER: off\n", ""] 02:28:04.404585418: calling as root: date -s '@1498732931' 02:28:04.582418041: call returned: [0, "Thu Jun 29 10:42:11 UTC 2017\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:172 02:28:04.648282988: calling as amnesia: xdotool key Super 02:28:04.891217309: call returned: [0, "", ""] 02:28:06.497130920: [log] TYPE "Unsafe Browser" When I start the Unsafe Browser # features/step_definitions/browser.rb:5 02:28:06.565069968: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node436 = dogtail.tree.root.application('zenity') 02:28:06.565299968: [log] ( Ctrl ) TYPE "#ENTER." 02:28:10.559236918: execution complete 02:28:10.559439813: executing Python as amnesia: node437 = node436.child(roleName='label') 02:28:10.614478335: execution complete 02:28:10.614786652: executing Python as amnesia: print(node437.text) 02:28:10.667145970: execution complete Then the Unsafe Browser complains that no DNS server is configured # features/step_definitions/unsafe_browser.rb:175 @product Feature: Virtualization support Scenario: VirtualBox guest modules are available # features/virtualization.feature:4 Given a computer # features/step_definitions/common_steps.rb:46 02:28:13.846073033: [log] CLICK on L(1023,384)@S(0)[0,0 1024x768] 02:28:17.660009788: [log] TYPE " autotest_never_use_this_option blacklist=psmouse #ENTER." 02:29:18.873321127: calling as root: echo 'hello?' 02:29:19.124857826: call returned: [0, "hello?\n", ""] 02:29:19.125224750: calling as root: service tor status 02:29:19.422444296: call returned: [3, "● tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled; vendor preset: enabled)\n Active: inactive (dead)\n", ""] 02:29:19.422904133: opening file /etc/tor/torrc in 'append' mode 02:29:19.665929061: append complete 02:29:20.580252376: [log] CLICK on L(767,159)@S(0)[0,0 1024x768] 02:29:20.580556428: calling as root: loginctl 02:29:20.793258405: call returned: [0, " SESSION UID USER SEAT TTY \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n1 sessions listed.\n", ""] 02:29:21.793795180: calling as root: loginctl 02:29:22.051339731: call returned: [0, " SESSION UID USER SEAT TTY \n 5 1000 amnesia seat0 /dev/tty2 \n c1 114 Debian-gdm seat0 /dev/tty1 \n\n2 sessions listed.\n", ""] 02:29:36.054005036: calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 02:29:36.234340984: call returned: [0, "", ""] 02:29:36.234521128: calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true 02:29:36.354288854: call returned: [0, "", ""] 02:29:36.354626809: executing Python as amnesia: import dogtail.config import dogtail.tree import dogtail.predicate dogtail.config.logDebugToFile = False dogtail.config.logDebugToStdOut = False dogtail.config.blinkOnActions = True dogtail.config.searchShowingOnly = True node438 = dogtail.tree.root.application('gnome-shell') 02:29:37.405529328: execution complete 02:29:38.127747600: [log] CLICK on L(512,10)@S(0)[0,0 1024x768] 02:29:38.128070325: executing Python as amnesia: node439 = node438.child('No Notifications', roleName='label') 02:29:39.687302093: execution complete 02:29:39.687519995: executing Python as amnesia: node440 = node438.child('No Notifications', roleName='label') 02:29:40.864894743: execution complete 02:29:40.912821318: [log] TYPE "#ESC." When I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:116 02:29:40.917048521: calling as root: modinfo vboxguest 02:29:41.189728956: call returned: [0, "filename: /lib/modules/4.9.0-3-amd64/updates/vboxguest.ko\nversion: 5.1.22_Debian r115126\nlicense: GPL\ndescription: Oracle VM VirtualBox Guest Additions for Linux Module\nauthor: Oracle Corporation\nsrcversion: FC812D93387F2B75C3382DC\nalias: pci:v000080EEd0000CAFEsv00000000sd00000000bc*sc*i*\ndepends: \nvermagic: 4.9.0-3-amd64 SMP mod_unload modversions \n", ""] Then the VirtualBox guest modules are available # features/step_definitions/checks.rb:92 Artifacts directory: /tmp/TailsToaster/run-2017-06-29_08:14:06_+0000-git_466e43c-TpKYdg Debug log: /tmp/TailsToaster/run-2017-06-29_08:14:06_+0000-git_466e43c-TpKYdg/debug.log Failing Scenarios: cucumber features/usb_install.feature:51 # Scenario: Booting Tails from a USB drive in UEFI mode 161 scenarios (1 failed, 160 passed) 1156 steps (1 failed, 4 skipped, 1151 passed) 149m38.886s