Feature #7499

Extend the upgrader to allow full (self) upgrade

Added by alant 2014-07-06 16:03:51 . Updated 2019-08-31 14:13:20 .

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2014-07-06
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Starter:
0
Affected tool:
Upgrader
Deliverable for:

Description

I would be very nice to be able to have a few-clicks away full upgrade process (incuding downloading the upgrade, veryfing it and installing it). This could either upgrade to an other device, or preferrabily the source device.

An usecase for that is: someone got a Tails device created by a trusted party using “Clone and upgrade”, they trust it but never went through the manual verification and installation process and don’t know how to use them, so they end up using an outdated version.

Team: kurono (research, ? (implementation)


Subtasks


Related issues

Related to Tails - Feature #11131: Endless automatic upgrades Rejected 2015-01-05
Related to Tails - Feature #11627: Consider updating the default system partition's size Resolved 2016-08-10
Related to Tails - Feature #8861: Be able to launch Tails Installer from the command line Rejected 2015-02-04
Related to Tails - Feature #15281: Stack one single SquashFS diff when upgrading Resolved 2016-04-13
Has duplicate Tails - Feature #5981: hot upgrade Duplicate
Blocked by Tails - Feature #15277: Update our survey of non-NIH system upgrade solutions Confirmed 2018-02-03

History

#1 Updated by intrigeri 2014-07-10 07:40:20

#2 Updated by intrigeri 2014-07-10 07:40:43

  • Status changed from New to Confirmed

#3 Updated by BitingBird 2014-07-19 16:01:41

  • Category set to Installation

#4 Updated by BitingBird 2015-01-04 19:02:55

  • Category changed from Installation to 178

Not sure about the category, but seems more “Incremental Upgrade” than “Installer”.

#5 Updated by tchou 2015-02-03 10:33:28

  • related to Feature #8534: Merge incremental upgrades to allow endless upgrading added

#6 Updated by sajolida 2015-02-04 11:26:41

#7 Updated by sajolida 2015-02-04 11:26:48

#8 Updated by BitingBird 2015-04-10 20:27:39

  • Affected tool set to Upgrader

#9 Updated by sajolida 2015-08-14 11:45:28

  • Description updated
  • Assignee set to kurono
  • Target version set to 2016

#10 Updated by anonym 2016-02-16 14:43:28

#11 Updated by anonym 2016-02-16 14:44:03

  • related to deleted (Feature #8534: Merge incremental upgrades to allow endless upgrading)

#12 Updated by intrigeri 2016-02-18 17:10:38

  • Blueprint set to https://tails.boum.org/blueprint/Endless_upgrades/

#13 Updated by intrigeri 2016-08-10 01:58:57

  • related to Feature #11627: Consider updating the default system partition's size added

#14 Updated by Dr_Whax 2016-08-20 12:08:47

  • Target version changed from 2016 to 2018

#15 Updated by intrigeri 2018-02-06 15:26:04

  • Status changed from Confirmed to Rejected
  • Assignee deleted (kurono)
  • Target version deleted (2018)

Deprecated (for now) by Feature #15281. We’ll reconsider depending on Feature #15277.

#16 Updated by intrigeri 2018-02-06 15:49:24

  • Status changed from Rejected to Confirmed
  • Assignee set to intrigeri
  • Target version set to Tails_3.10.1

Actually we still want to at least consider this option if it can be done without too much work on our busy core people. Next steps are:

  1. intrigeri specifies what exactly we would need from Tails Installer to enable Tails Upgrader to use it to apply a full upgrade; I’ll try to do this by the end of 2018
  2. intrigeri asks other contributors (e.g. kurono) if they would be up to implementing the required Tails Installer changes
  3. depending on the above and the timing vs. Feature #15277, we consider implementing this in Tails Installer and Tails Upgrader

#17 Updated by adamantium 2018-02-19 22:48:49

An idea: Add upgrade functionality to the booting menu.

Instead of upgrading a Tails with a second tails (manual upgrade), why not allow Tails to download an .iso, save it perhaps in the persistent storage or in a third location (other usb, external hd, etc). Functionality could be added to the “4 seconds to automatic boot” screen allowing the option “Upgrade this Tails from .iso”

The need would be there that the .iso be verified as signed by a known tails signing key. We need to ensure no security holes are introduced by this procedure I’m brainstorming. But if the current Tails bootloader knows the current Tails key/credentials, it could verify if a .iso image came from the Tails developers or somewhere else.

After an upgrade, trigger a reboot, and the user has not had to remove their Tails USB.

I realize there would be a problem if the tails signing key changes, but this is not likely to be a frequent occurence right?

#18 Updated by intrigeri 2018-08-20 10:06:11

  • related to Feature #8861: Be able to launch Tails Installer from the command line added

#19 Updated by intrigeri 2018-08-20 10:07:59

  • Target version deleted (Tails_3.10.1)

intrigeri wrote:
> # intrigeri specifies what exactly we would need from Tails Installer to enable Tails Upgrader to use it to apply a full upgrade; I’ll try to do this by the end of 2018

This timing was assuming Feature #15281 would be done by now but it’s stalled, so for now I’ll put this on the back burner.

#20 Updated by intrigeri 2018-08-20 10:08:12

  • related to Feature #15281: Stack one single SquashFS diff when upgrading added

#21 Updated by intrigeri 2018-09-05 14:50:02

  • blocked by Feature #15277: Update our survey of non-NIH system upgrade solutions added

#22 Updated by intrigeri 2019-08-31 14:13:20

  • Assignee deleted (intrigeri)

I don’t want to have this on my plate until the blockers are gone.