Bug #9594: Tails Installer should work as non-root outside of Tails

Bug #9594

Tails Installer should work as non-root outside of Tails

Added by Anonymous 2015-06-16 04:05:59 . Updated 2015-10-02 09:32:51 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Installation

Target version:

Tails_1.7

Start date:

2015-06-16

Due date:

% Done:

100%

Feature Branch:

liveusb-creator:feature/jessie+9594-non-root

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Installer

Deliverable for:

Description

As of today, the installer requires root to be executed and access disks in Debian Jessie.

'/sbin/sgdisk', '--attributes=1:set:0', '--attributes=1:set:2', '--attributes=1:set:60', '--attributes=1:set:62', '--attributes=1:set:63', '/dev/sdb']
Problem opening /dev/sdb for reading! Error is 13.
You must run this program as root or use sudo!

See ~~Bug #9574~~ for initial test and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788662 “Logged-in user no longer granted permission to removable disks”

Subtasks

Related issues

Related to Tails - ~~Bug #9748~~: apt.feature fails in the 1.5 devel branch with "No space left on device"

Resolved

2015-07-16

History

#1 Updated by intrigeri 2015-06-18 03:25:54

blocks #8538 added

#2 Updated by intrigeri 2015-06-18 03:26:18

Category set to Installation
Assignee deleted (~~None~~)
Target version set to Tails_1.4.1

#3 Updated by intrigeri 2015-06-18 03:33:44

Not sure if this can be “fixed” in Debian Jessie, we’ll see. Perhaps we’ll have to workaround that somehow, or to run Tails Installer as root.

#4 Updated by Anonymous 2015-06-28 10:02:18

Target version changed from Tails_1.4.1 to Tails_1.5

#5 Updated by intrigeri 2015-07-05 06:05:29

The current plan is to use a privileged helper, run via pkexec as root, that performs the operations we can’t do as a regular desktop user. In the current state of liveusb-creator:feature/jessie, running syslinux should be the only such operation.

Once we have this, we might be able to drop config/chroot_local-includes/etc/udev/rules.d/99-make-removable-devices-user-writable.rules.

#6 Updated by intrigeri 2015-07-06 06:54:23

intrigeri wrote:
> The current plan is to use a privileged helper, run via pkexec as root, that performs the operations we can’t do as a regular desktop user. In the current state of liveusb-creator:feature/jessie, running syslinux should be the only such operation.

Actually, it’s more complicated: the privileged operation we need to perform is… running some code specified by the user (the version of syslinux that’s in the ISO). There doesn’t seem to be any solution to this fundamental problem, so:

either we have Debian/Ubuntu users run Tails Installer as root (in which case, an attacker who manages to give them a malicious ISO can run arbitrary code as root on their Debian/Ubuntu system);
or we keep the privileged helper idea and use the currently running system’s syslinux (instead of the ISO’s one) + MBR + the corresponding *.c32 modules;
or we hardcode into the privileged helper a whitelist of checksums of syslinux binaries we’re OK to run, but then we have to update Tails Installer in all supported distros whenever we update syslinux in Tails.

> Once we have this, we might be able to drop config/chroot_local-includes/etc/udev/rules.d/99-make-removable-devices-user-writable.rules.

For Tails, given the above, we’ll have to choose between this (and using the privileged helper + the currently running Tails’ syslinux), or keeping our current code (that runs the ISO’s syslinux) and these udev rules.

#7 Updated by intrigeri 2015-07-19 02:50:02

intrigeri wrote:
> * or we keep the privileged helper idea and use the currently running system’s syslinux (instead of the ISO’s one) + MBR + the corresponding *.c32 modules;

That’s the option I’ve been working on. Which means that ~~Feature #9381~~ would be useless and can be reverted, which is itself good news for ~~Bug #9748~~.

#8 Updated by intrigeri 2015-07-19 04:50:15

Status changed from Confirmed to In Progress
Assignee set to intrigeri
% Done changed from 0 to 10

I should bring my current draft into a shape that’s worth pushing to Git, and then u. can take over from there.

#9 Updated by intrigeri 2015-07-29 00:45:29

This can happen post-1.5-freeze since that’s not something we’ll ship in 1.5 anyway.

#10 Updated by intrigeri 2015-07-29 00:45:41

Type of work changed from Debian to Code

#11 Updated by intrigeri 2015-07-29 02:41:41

related to ~~Bug #9748~~: apt.feature fails in the 1.5 devel branch with "No space left on device" added

#12 Updated by intrigeri 2015-08-03 11:04:25

Assignee deleted (~~intrigeri~~)
% Done changed from 10 to 30
Feature Branch set to liveusb-creator:feature/jessie+9594-non-root

intrigeri wrote:
> I should bring my current draft into a shape that’s worth pushing to Git,

Done! On my branch, I successfully have the installation process complete on current sid, without the udev kludges that Debian hasn’t anymore. I’m asked for my password twice (once for running syslinux, once for installin the MBR). Not tried to boot the resulting device, though. Not tested in Tails/Jessie either.

> and then u. can take over from there.

There you go. Please review + test this stuff on Tails/Jessie, Debian Jessie and Debian sid. And then, if you’re happy with it, we can merge it, and that’ll be one less blocker before we can upload to Debian :)

#13 Updated by Anonymous 2015-08-04 07:51:16

Target version changed from Tails_1.5 to Tails_1.6

#14 Updated by Anonymous 2015-08-19 09:54:28

% Done changed from 30 to 40

Tested in Debian Jessie for now and it works perfectly. It asks me twice to enter my sudo credentials, to use syslinux and to write onto the device.

#15 Updated by intrigeri 2015-08-22 05:30:45

> Tested in Debian Jessie for now and it works perfectly. It asks me twice to enter my sudo credentials, to use syslinux and to write onto the device.

Great, thanks. Next step is that you test the same on Debian sid, and then we can merge my branch, right?

#16 Updated by Anonymous 2015-09-22 14:36:01

Assignee set to intrigeri
% Done changed from 40 to 60
QA Check set to Pass

i’ve finally tested this in sid. it works great, provided that policykit-1 is installed, as noted in your commit. this can be merged \o/

#17 Updated by intrigeri 2015-09-22 16:06:58

> i’ve finally tested this in sid. it works great, provided that policykit-1 is installed, as noted in your commit. this can be merged \o/

Excellent! I think I’ll get to it early in October.

#18 Updated by bertagaz 2015-09-23 01:31:20

Target version changed from Tails_1.6 to Tails_1.7

#19 Updated by intrigeri 2015-10-02 09:32:51

Status changed from In Progress to Resolved
Assignee deleted (~~intrigeri~~)
% Done changed from 60 to 100

Merged into feature/jessie, thanks :)