Bug #17212: KeePassXC dialog lists a default DB which does not exist

Bug #17212

KeePassXC dialog lists a default DB which does not exist

Added by huertanix 2019-11-05 19:49:07 . Updated 2019-12-22 11:56:20 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Persistence

Target version:

Tails_4.2

Start date:

Due date:

% Done:

Feature Branch:

bugfix/17212-keepassxc-recent-db

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Password Manager

Deliverable for:

Description

When creating a new password database, a /home/amnesia/Persistent/keepassx.kdbx database is listed under Recent databases, however, that file does not exist and when a user tries to open it, they see an error about the file not existing which convinces them they broke something.

The listed database should be created upon creating a Persistent volume, so that the user can get started using KeepassXC right away (as they would be used to in other password managers) without having to do the manual work of creating a password database. Power users already know how to create a new password database if they don’t want to use the default one created in Tails.

Subtasks

Related issues

Related to Tails - Feature #14544: Spend software developer time on smallish UX improvements	In Progress	2018-08-31
Related to Tails - Bug #17286: Make KeePassXC save database in a persistent dir by default	In Progress
Blocks Tails - Feature #16209: Core work: Foundations Team	Confirmed

History

#1 Updated by intrigeri 2019-11-10 16:01:11

Hi,

> When creating a new password database, a /home/amnesia/Persistent/keepassx.kdbx database is listed under Recent databases, however, that file does not exist and when a user tries to open it, they see an error about the file not existing which convinces them they broke something.

Good catch!

FTR, the goal behind the way things are currently set up was: the first time a user uses KeePassXC and creates their new database, the GUI proposes them, as the default destination, something under /home/amnesia/Persistent/ so it persists (as long as the “Personal Data” persistence setting was not disabled while creating the Persistence: it’s enabled by default). We managed to make this work with KeePassX, by making /home/amnesia/Persistent/keepassx.kdbx the last opened database.

But indeed, it does not work with KeePassXC: on first run, when I click Create new database, I’m proposed to save it to /home/amnesia/Passwords.kdbx, which won’t persist. So indeed, in the current state of things, having /home/amnesia/Persistent/keepassx.kdbx in the Recent databases causes trouble but provides no benefit. That’s a regression vs. Tails 3.x. I’ve checked a bit and I can see no easy way to fix that.

I believe we can easily remove /home/amnesia/Persistent/keepassx.kdbx from the list of Recents databases. I think we should do that. Our documentation already assumes this does not work anyway, and explains the user where they should save the new database.

huertanix, @sajolida: should we do this?

> The listed database should be created upon creating a Persistent volume, so that the user can get started using KeepassXC right away (as they would be used to in other password managers) without having to do the manual work of creating a password database.

This would require:

asking the user at least a password for their password database, when creating the persistent volume; and possibly more, if we want to support the other options KeePassXC offers in this area
writing a non-trivial program and maintaining it forever: KeePassXC currently provides no way to programmatically create a database

Given it’ll make things users once per user, I suspect the cost/benefit of implementing this task will put it very low in our list of priorities: IMO there are many cheaper ways to improve Tails’ UX much more. I’m open to discussing this further.

#2 Updated by sajolida 2019-11-14 18:03:23

related to Feature #14544: Spend software developer time on smallish UX improvements added

#3 Updated by sajolida 2019-11-14 18:03:24

Status changed from New to Confirmed
Affected tool set to Password Manager

> huertanix, @sajolida: should we do this?

Fine with me.

#4 Updated by intrigeri 2019-11-16 08:10:32

blocks Feature #16209: Core work: Foundations Team added

#5 Updated by intrigeri 2019-11-16 08:11:40

Assignee set to intrigeri
Target version set to Tails_4.1

Thank you. I’ve added this to the FT’s plate, bypassing the process for Feature #14544 (https://tails.boum.org/contribute/working_together/roles/foundations_team/#tasks-management-ux-improvements), because this is a regression compared to Tails 3.x and it seems very cheap to fix.

#6 Updated by intrigeri 2019-11-16 08:13:38

Subject changed from KeepassXC dialog lists a default DB which does not exist to KeePassXC dialog lists a default DB which does not exist

#7 Updated by intrigeri 2019-11-16 08:16:51

Status changed from Confirmed to In Progress

Applied in changeset commit:tails|921022be214048a3caf8eabc1b643bae5387c2b0.

#8 Updated by intrigeri 2019-11-16 08:17:16

Feature Branch set to bugfix/17212-keepassxc-recent-db

#9 Updated by intrigeri 2019-11-16 12:48:35

Status changed from In Progress to Needs Validation
Assignee deleted (~~intrigeri~~)

#10 Updated by segfault 2019-12-02 08:27:06

Status changed from Needs Validation to Resolved
% Done changed from 0 to 100

Applied in changeset commit:tails|c6a83f96d48f630ce9042cbb265f85781cb9df49.

#11 Updated by segfault 2019-12-02 08:44:33

Status changed from Resolved to In Progress
% Done changed from 100 to 0

I just noticed that we have code in our keepassxc wrapper which tells the user that they should rename their database to keepassx.kdbx to allow KeePassXC to open it automatically in the future.

That’s not correct anymore when we remove the recently-opened-database entry.

Moreover, removing that entry will be a regression for all the users who followed that advice, because the database will not be opened anymore automatically. I’m not sure the UX regression for the users who don’t have their database at that path is worse than the UX regression for the users who do.

I reverted the commit on stable, so that we can first find a conclusion here.

#12 Updated by segfault 2019-12-02 09:09:01

segfault wrote:
> I just noticed that we have code in our keepassxc wrapper which tells the user that they should rename their database to keepassx.kdbx to allow KeePassXC to open it automatically in the future.

With KeePassXC, this renaming prompt usually won’t be displayed anymore, because KeePassXC creates a backup file of each database file, named *.old.kdbx., and we only show the renaming dialog if there is exactly one *.kdbx file in the Persistent dir.

But there will still be a lot users who previously named their database keepassx.kdbx and would be affected if we removed the last opened entry.

#13 Updated by segfault 2019-12-02 09:18:18

Ha, I found the perfect solution. Turns out that:

LastDatabases is only used to display the list of last opened databases in the main window - so the list we want to get rid of.
LastOpenedDatabases is only used to automatically open the last opened database when KeePassXC is started - so the behavior we want to keep.

So we should only remove the LastDatabases line.

#14 Updated by segfault 2019-12-02 23:19:38

Status changed from In Progress to Needs Validation
Assignee set to intrigeri

segfault wrote:
> So we should only remove the LastDatabases line.

I did that.

> With KeePassXC, this renaming prompt usually won’t be displayed anymore, because KeePassXC creates a backup file of each database file, named .old.kdbx., and we only show the renaming dialog if there is exactly one.kdbx file in the Persistent dir.

I fixed that too.

#15 Updated by CyrilBrulebois 2019-12-04 11:31:32

Target version changed from Tails_4.1 to Tails_4.2

#16 Updated by segfault 2019-12-07 12:31:04

related to Bug #17286: Make KeePassXC save database in a persistent dir by default added

#17 Updated by intrigeri 2019-12-14 10:07:12

Code review passes. I’ve merged current stable into this branch and resolved the merge conflict, so that Jenkins can do its job. Next steps: do some manual testing & wait for Jenkins results.

#18 Updated by intrigeri 2019-12-22 11:54:43

Status changed from Needs Validation to In Progress

Applied in changeset commit:tails|95ae21351dc3f1e23932d5eb02df508c89b5f443.

#19 Updated by intrigeri 2019-12-22 11:54:45

Status changed from In Progress to Resolved
% Done changed from 0 to 100

Applied in changeset commit:tails|91aaebabe61e2b0ff9e73fa3ec73d6cd507ab176.

#20 Updated by intrigeri 2019-12-22 11:56:20

Assignee deleted (~~intrigeri~~)
% Done changed from 100 to 0

Merged, with the trivial commit:95ae21351dc3f1e23932d5eb02df508c89b5f443 nitpicking improvement on top.