Hello there, today I stumbled upon https://tails.boum.org/todo/remember_installed_packages/ and decided I'd like to try my hand at the problem.
So, according to the current todo page, there are proposed 2 approaches to the persistent packages problem: 1. an applet asking about installation of cached apt packages upon login, probably by looking at stored *.deb files. 2. writing down the autoinstall package list in a configuration file alike to live-persistence.conf, or even in it itself, and install them upon booting without user interaction. I have to say that the 2nd idea appeals to me much more, since the goal of server edition is to make the system bootable with as little interaction as possible. To be honest, I can't think of many use cases that would require disabling different packages you installed on your persistent volume every boot. As I see it, that's the only flexibility lost by 2nd solution compared to the 1st one. Also, there is this point: "The security implications of this whole idea needs to be researched before diving in the code.". I am afraid I am unable to research this to deeply... since the cached APT packages are hand picked by the user, security will depend on these packages and security of the persistent volume where the *.deb are going to be stored. Am I missing something here? As for the sources of packages (persistence cache / web mirrors) the only sensible way is IMHO to use the cached versions, since we can't assume internet connection. To make sure the packages are updated, a mechanism to check for updates once internet connection is available could be put in place. (something similar to the one launching the Tor Browser Bundle only after WLAN connection is successful) I was warned that I should ask for opinion before delving into code, so: what do you think? Cheers, Lukasz Dobrogowski
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
