diff --git a/dom0/sd-export.sls b/dom0/sd-export.sls index a947aa383..bbddaabf4 100644 --- a/dom0/sd-export.sls +++ b/dom0/sd-export.sls @@ -12,7 +12,7 @@ sd-export-template: qvm.vm: - name: sd-export-template - clone: - - source: sd-workstation-template + - source: securedrop-workstation - label: yellow - tags: - add: @@ -57,4 +57,5 @@ create-named-sd-export-dispvm-and-permanently-attach: - name: > qvm-remove --force sd-export-usb || true; qvm-create --class DispVM --template sd-export-usb-dvm --label red sd-export-usb; + qvm-tags sd-export-usb add sd-workstation qvm-usb attach --persistent sd-export-usb {{ d.usb.device }} || true; diff --git a/sd-export/send-to-usb b/sd-export/send-to-usb index e7ce76891..0d57fe744 100755 --- a/sd-export/send-to-usb +++ b/sd-export/send-to-usb @@ -3,7 +3,6 @@ import datetime import json import os -import shutil import subprocess import sys import tarfile @@ -83,16 +82,15 @@ if os.path.exists(FILE): target_folder_path = os.path.join(MOUNTPOINT, target_folder) subprocess.check_call(["mkdir", target_folder_path]) export_data = os.path.join(tmpdir, folder_name, "export_data/") - shutil.move(export_data, target_folder_path) + subprocess.check_call(["cp", "-r", export_data, target_folder_path]) # sync the filesystem, unmount drive and lock the luks volume # we use call here to ensure they are blocking and avoid races subprocess.check_call(["sync"]) subprocess.check_call(["sudo", "umount", MOUNTPOINT]) subprocess.check_call(["sudo", "cryptsetup", "luksClose", ENCRYPTED_DEVICE]) - # race condition when using shutils subprocess.check_call(["rm", "-rf", tmpdir]) - except (subprocess.CalledProcessError, os.OSError) as e: + except (subprocess.CalledProcessError, OSError) as e: print("An error occurred while mounting disk or copying files to disk:") print(e.output) sys.exit(0)