Project

General

Profile

Feature #14605

Improve documentation on "Manually copying your persistent data to a new USB stick"

Added by garrettr 12 months ago. Updated 7 days ago.

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Persistence
Target version:
Start date:
09/05/2017
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
End-user documentation
Blueprint:
Starter:
Affected tool:

Description

The closest thing to documentation on backing up a Tails persistent volume (that I have been able to find) is Manually copying your persistent data to a new USB stick. Following these instructions results in the creation of a bootable backup of a Tails drive with a persistent volume.

While effective, there are a couple of "gotcha's" in this document that can lead to confusing outcomes:

  • In Create a new USB stick, Step 3 says to "Enable again on this new USB stick the persistence features of your choice." Some users may not remember or understand which persistence features they have enabled, and may be confused as to what to do at this step. If they forget to enable a persistence feature on the backup, the corresponding data will not be backed up after following the subsequent instructions.
  • Manually copying the files with Nautilus and confusing and error-prone:
    • If a user has all of the persistence features enabled, they may try to select all or drag-and-drop everything from /media/amensia/TailsData/ into /live/persistence/TailsData_unlocked. Nautilus does not preserve file ownership and permissions when copying, so if they accidentally copy one of the files owned by the tails-persistence-setup user (e.g. persistence.conf or live-additional-software.conf), it will end up owned by the incorrect user on the backup drive, which prevents the Persistent folders from being symlinked correctly due to the permissions checks documented in the Security section of the Tails persistence design document.
      • I believe this is the root cause of bug reports where users report that the "persistent volume has disappeared, but I'm still prompted for password when booting Tails," e.g. in this r/tails thread.
    • Nautilus prints numerous obscure warning messages to the Root Terminal, which undermines user confidence.
    • Asking users to click through various warning dialogs from Nautilus about merging/replacing/skipping files also undermines user confidence ("did I actually back up all of my important data?").
  • There is no documented "restore" process that explains how users can recover their persistent data from the bootable backup created from this documentation.

I've been trying to develop a process for reliably backing up and restoring Tails persistent volumes, and I have a proposed modification to this document that I think might fix all of these issues:

  • Retain the Create a new USB stick section, but modify Step 3 to say it doesn't matter which persistence features you enable on the backup (read on to understand why).
  • Retain the Mount the old persistent volume section without changes.
  • In the Copy your old files to the new persistent volume section, replace steps 2-11 with a single command, run in the Root Terminal: rsync -avh /media/amnesia/TailsData/ /live/persistence/TailsData_unlocked/.

There are several benefits to this change:

  • rsync -a will retain the ownership and permissions of the copied files. That allows us to copy persistence.conf without creating ownership issues that will bork the symlinking of persistent directories on the backup drive.
    • Since we are copying persistence.conf, there is no need for the user to manually configure the persistent settings on the destination to match the source, since the enabled persistent settings are completely described in persistence.conf.
  • rsync -v prints the files that are copied, which allows a cautious user to audit the backup and ensure that their important data was indeed copied to the backup volume.
  • In my testing, rsync does not print any confusing error or warning messages, unlike Nautilus.
  • It requires a user to use the CLI, which it seems the original document may have been trying to avoid, but was also unable to prevent: CLI interaction is required to launch Nautilus in Step 2, and then again to fix permissions in Step 11. This changes replaces two CLI interactions with one, which seems preferable in my view.
  • Dramatically simplifies the Copy your old files section, reducing it from 11 separate steps to just 2.
  • The restoration step, which is currently not documented at all, is trivial: just rsync with source and dest swapped.
  • Users can efficiently update their backups by repeating the steps in the Rescue your files from the old Tails USB stick section, adding the --delete flag to the invocation of rsync.

I am happy to contribute these changes, but first want to make sure they are viable. Would the Tails maintainers, especially those who have a deeper understanding of the Persistence feature than I, welcome this change? Are there any potential gotchas with my proposal that I've failed to recognize? As always, I appreciate your time and consideration.


Related issues

Related to Tails - Feature #14624: Document how to migrate persistence to a new USB stick or update the system partitions of an existing device Confirmed 09/12/2017
Related to Tails - Feature #12214: Document a way to manually backup persistent data In Progress 02/06/2017
Related to Tails - Bug #10391: Useless step in https://tails.boum.org/doc/first_steps/persistence/copy/ Rejected 10/19/2015
Related to Tails - Bug #14851: Instructions to backup Tails are wrong in terms of permission Confirmed 10/14/2017
Related to Tails - Bug #15685: Test manually creating a disk image as a backup technique Resolved 06/25/2018
Related to Tails - Feature #13457: Test backup script by a2 Confirmed 07/12/2017
Blocks Tails - Feature #15411: Core work 2018Q2 → 2018Q3: Technical writing Confirmed 03/14/2018

History

#1 Updated by u 12 months ago

  • Subject changed from "Manually copying your persistent data to a new USB stick" documentation simplification to Improve documentation on "Manually copying your persistent data to a new USB stick"

Adding sajolida & cbrownstein as watchers so they can read through your proposal and comment on it.

#2 Updated by sajolida 11 months ago

  • Related to Feature #14624: Document how to migrate persistence to a new USB stick or update the system partitions of an existing device added

#3 Updated by sajolida 11 months ago

  • Related to Feature #12214: Document a way to manually backup persistent data added

#4 Updated by sajolida 11 months ago

  • Related to Bug #10391: Useless step in https://tails.boum.org/doc/first_steps/persistence/copy/ added

#5 Updated by sajolida 11 months ago

#6 Updated by sajolida 11 months ago

  • Status changed from New to Confirmed

Hi Garrett! Thank you so much for write such a detailed proposal. We've had on our roadmap for a while to create a much better experience for backing up persistence, relying on a GUI tool instead of manual instructions. We actually submitted that for a grant this year but it got rejected, so it feels good to see that people like you care about backing up their Tails USB stick :)

Now, I have to admit that we are completely overwhelmed with work and desperately lacking resources, even for helping out with smaller changes like this. I really want to have a closer look at your proposal but I really don't know when I'll find the time to do that.

So please be patient, but this is so important it won't silently fall into the cracks!

#7 Updated by sajolida 11 months ago

  • Blocks deleted (Feature #13423: Core work 2017Q3: Technical writing)

#8 Updated by sajolida 11 months ago

  • Blocks Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing added

#9 Updated by sajolida 10 months ago

  • Related to Bug #14851: Instructions to backup Tails are wrong in terms of permission added

#10 Updated by sajolida 5 months ago

  • Blocks deleted (Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing)

#11 Updated by sajolida 5 months ago

  • Blocks Feature #15411: Core work 2018Q2 → 2018Q3: Technical writing added

#12 Updated by sajolida 5 months ago

I'm out of budget for this quarter.

#13 Updated by sajolida 4 months ago

  • Assignee set to cbrownstein

Cody: I'm assiging this one to you as part of the big problem space "Persistent storage vs Backups".
Please check which parts of it are the best to tackle first.

#14 Updated by sajolida about 2 months ago

  • Related to Bug #15685: Test manually creating a disk image as a backup technique added

#15 Updated by sajolida 16 days ago

  • Assignee changed from cbrownstein to sajolida
  • Target version set to Tails_3.9

Cody: if you don't mind I'll take over this problem space for some time since I've been working on #15685 lately.

#16 Updated by sajolida 7 days ago

  • Target version changed from Tails_3.9 to Tails_3.10

#17 Updated by u 3 days ago

Also available in: Atom PDF