-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for Qubes 4.1 #600
Comments
During the 8/6-8/20 sprint, @emkll has offered to take a test build for a spin, and @rmol has previously suggested doing the same. We've allocated some time to the sprint to capture initial findings, so we can get a better sense of the scope of changes that will be needed for the SecureDrop Workstation codebase. |
Although we've discussed it several times, it's worth reiterating that running an early build of Qubes 4.1 will prohibit development and testing of the Workstation on that hardware, since the repository channels and several APIs have changed significantly. That's OK, though, and precisely the info we hope to gather by running it. Rather than installing fresh from the ISO, it might be worthwhile to test-drive the burgeoning plans for an in-place upgrade: QubesOS/qubes-issues#5685 , so we can share test results with upstream. As always, backups strongly advised. 😄 |
Timeboxed Here were the steps needed in order to unblock the install:
After fixing those two things, I am pleased the report that the install completed successfully, and it appears we can use the F25 repo in the : yum will use the URL we specify, and our baseurl is set to Things that work
Thinks that don't work
Other comments
|
I tried a fresh Qubes 4.1 install and hit a number of issues unrelated to our client:
|
Thanks for these report-backs! :) That concludes our sprint commitments re: 4.1; moving this card to the backlog again for now until we pick up additional 4.1 work. |
@emkll reported a Whonix issue with preflight updates in #610 (review) (also included in summary above): |
Discussed in backlog review today. Given largely positive early reports, the plan of record is to wait until the first RC1 of 4.1 before taking another pass at identifying remaining issues. Keeping on board but moving to bottom of backlog for now. Before then, we'll also want to re-test 4.0.4 final, once that's out (#640). |
On the sprint for tracking purposes; I encourage folks to watch the Qubes 4.1 presentation from the Qubes mini-summit, as we get closer to release, it may also make sense to request a direct chat with Marek & team per Kushal's suggestion. :) |
Still no RC for us to test with; the Qubes mini-summit included a session with highlights from 4.1. |
RC1 is now out. 🎉 We have some time to get our ducks in a row before we can expect a final release: "[W]e expect that it may be anywhere from a few weeks to a few months before we announce the second release candidate." |
RC2 was released almost exactly a month ago and over the past week I got to see what happens if one tries to install SecureDrop Workstation on a relatively fresh system. Just sharing some preliminary findings for now, but I will definitely poke at this more in the future.
I haven't resolved all the template install/check related issues in the salt states yet, but even without that it's already noticable that another hiccup relates to RPC policies (as mentioned in the original issue). SDW expects some files to be in |
@eaon Regarding the RPC policies, my understanding is that we don't have to modify the existing policies yet, as R4.1 policies system remains backwards-compatible with R4.0 - source. That being said, I couldn't confirm that on my R4.1 and am waiting for fresh ideas to pursue the troubleshooting further. (I asked the question on the Qubes OS forum.) |
Tried a clean install of 4.1-rc3, and verified what's already in the reports above. @eaon since you mentioned you're working on some conditional logic for the We'll have to come up with a smarter command to verify the pubkey is valid; probably adding some tempdir keyring import action to the associated check. During RPM download, the flow is slightly different from what we've documented: Crucially, the |
AFAICT, the easiest way to handle disposable |
As you can see above, we are linking remaining work to this tracking issue with a focus on getting to the first phase of being able to test SDW By tomorrow, all SDW packages should be on The biggest blocker, as I see it, for not being able to test |
Today, I re-provisioned current I was able to install the SecureDrop Client in What's the difference? Unclear as of yet. As I understand it, I tried again running via [*] I had to manually |
The proxy errors were indeed the result of another AppArmor policy issue. Note timing on the logs below (visible both via tailing
The call here is to We've already allow-listed other On the newer kernel we now ship with the Bullseye template, the device node is available, Xen tries to use it, and it errors out. This also causes disposable VM operations to error out if you do get into the client, as those also rely on Once the requisite permission is added, both logging in and opening files works as expected. 🎉 I'll open an AppArmor PR to resolve. |
I've not stepped through the formal acceptance tests yet, but a quick feature tour looks good:
More testing to come :) |
First phase of acceptance testing all good. 🎉 Environment: Qubes 4.1 fresh install with disposable VM setup for sys-usb/sys-firewall, running against SD 2.4.0 prod server on hardware SecureDrop Workstation test scenariosVerify tor connection to Journalist API
Verify default DispVM settings
RPC Policies
Logging
GUI updater
|
Still all good! 🎉 Skipped ahead to ensure I test export fully today, no issues there. Tomorrow I'll prioritize file type support as another high risk area. Environment: Qubes 4.1 fresh install with disposable VM setup for sys-usb/sys-firewall, running against SD 2.4.0 prod server on hardware Login
Sources
(Skipping ahead to export) Export
|
Started acceptance testing with non-merged printing patches also looking quite good, but I'm about to wipe my test machine to start from zero because of a couple of reports of problems with the install process on fresh machines. Here's how far I got: Verify tor connection to Journalist API
Verify default DispVM settings
RPC Policies
Logging
GUI updater
Client scenariosScenario: Online modeLogin
Sources
|
I've uploaded all our test files to my instance and tested opening them in disposable VM. That covers: JPG, MP3, ODP, ODS, OGG, PNG, PPT, SVG, TIFF, WAV, WEBP, XLSX, DOC, DOCX, ODT, RTF, PDF, M4A, PPTX, and ZIP (including the ZIP's contents). No issues -- all opened in the expected viewer/player applications in disposable VMs. (#588 is still an issue for files opened with LibreOffice, unfortunately.) |
Just a quick note that |
A couple of additional checks not covered in our test plan:
|
Environment:
Abbreviated test:
|
Completed another production install on 4.1.0 (including OS reinstall) as part of verifying docs changes in freedomofpress/securedrop-workstation-docs#112 and did some quick smoke testing (login, disp VMs, export, kernel version, etc.), all good. :) |
We finished the release and related scheduling last week, and the docs were published today, so this issue can be closed. Nice work everyone! |
Qubes 4.1 is not out and no release date has been announced yet. However, given the scope of expected changes, we should begin testing early to ensure a smooth update for SecureDrop Workstation users. Test builds can be downloaded from OpenQA, e.g., https://openqa.qubes-os.org/assets/iso/Qubes-4.1-20200726-x86_64.iso
Major changes that have been announced include:
The text was updated successfully, but these errors were encountered: