Re: [Tails-dev] incremental upgrades: phase one almost done,…

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Old-Topics: Re: [Tails-dev] incremental upgrades: phase one almost done, releaseplan
Subject: Re: [Tails-dev] incremental upgrades: phase one almost done, releaseplan
Hi,

intrigeri wrote (27 Sep 2012 07:24:38 GMT) :
> I think I'll want to prepare and publish an IUK for 0.14, and have
> some early testers try it.


Update-description files and an IUK from 0.14~rc2 to 0.14 are now in
place, and can be tested. Please do test them.

Sadly, the IUK is huge (150MB) due to Debian point-release + updated
iceweasel + updated openoffice.org. I think this is about the worst
case that can happen in practice.

On a fast and reliable enough Internet connection, the update process
worked for me the first time. On flaky Wi-Fi, it failed a few times
and I was not patient enough to go on testing until success.
Added "Should be more robust on flaky Internet connections" to the
todo list.

To test the whole thing:

1. Boot a 0.14~rc2 installed on UBS with the Tails USB installer.
2. Set an administration password (needed for step #3 only).
3. Apply that patch to fix our newly-hardened firewall configuration:

   diff --git a/config/chroot_local-includes/etc/ferm/ferm.conf b/config/chroot_local-includes/etc/ferm/ferm.conf
   index 234aa04..cd36159 100644
   --- a/config/chroot_local-includes/etc/ferm/ferm.conf
   +++ b/config/chroot_local-includes/etc/ferm/ferm.conf
   @@ -35,6 +35,7 @@ domain ip {
                    }
                    daddr 127.0.0.1 proto tcp syn dport 9062 {
                        mod owner uid-owner htp ACCEPT;
   +                    mod owner uid-owner tails-iuk-get-target-file ACCEPT;
                    }


                    # White-list access to Tor's ControlPort


4. Restart the firewall: `sudo ferm /etc/ferm/ferm.conf'
5. Start `tails-update-frontend-wrapper'.
6. Report *here* any bug that's not already listed on
https://tails.boum.org/todo/incremental_upgrades/#index9h1

> I'm not sure the developers doc and tools will be part of that first
> test.


Some of the dev doc was written, but I'm not sure anyone but me would
be happy to use it in its current state.

>>> >      Write user documentation [4] and hand it to translators.
>>> >      sajolida, do you want/plan to write the user documentation?

>>>
>>> Yes! I would be happy to work on that. I haven't done much work on the
>>> documentation since the persistence volume but that's sound like the
>>> perfect opportunity to catch up.
>>>
>> What's the progress of the documentation?


> AFAIK, it's waiting for the first batch of IUK too.


Now that the update process works in the wilds, the documentation can
be written. It might even be ready in time so we can turn the
incremental updates switch on by default in 0.15 final -- sajolida?

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc