All: Some Tails users (such as journalists in certain countries) will want to
use a persistent volume, yet there's no simple GUI to back up the persistent
volume. That's a problem; all media fails eventually. Many users are not
comfortable using a command line (the current solution).
Below are 2 short files that add a simple GUI to back up the persistent volume.
It's a trivial shell script to do the backup, along with a .desktop file to
kick off the shell script. They should require no future maintenance (unless
you radically change how persistent volumes work). They're short & should be
easy to review.
A few notes:
* The .desktop file runs GNOME terminal, which then runs the shell script that
does all the work. I thought it'd be helpful for users to see what's getting
backed up while it's happening. Running the program via GNOME terminal was a
simple way to do that. You can just run the backup program directly if this
monitoring is not desired. Change /home/amnesia/Persistent/tails-backup to the
script's "real" absolute location.
* The shell script is defensively written (e.g., $VARIABLEs are quoted). It can
be directly started from the command line. It uses zenity to show GUI
interactions, and it's internationalized using gettext. It calls sync 3 times
and THEN tells the user it's done, to make sure the backup is actually written
out.
* I've tested this backup script mostly by running it directly. I've tested the
backup shell script more than the .desktop file, as it's challenging to test
.desktop files without a Tails development environment, but both work for me.
* The user has to use the separate "Files" application to decrypt & later eject
the backup volume. I think that's fine, as that's the normal GUI application
for doing this. In addition, the script helps the user do that.
* As is currently true, the user must unlock persistent storage & set an admin
password.
I'm not sure copyright is even claimable with such trivial code. However, to be
clear, I disclaim all copyright on the file contents below using the Creative
Commons CC0 license. Use it any way you wish, if you'd like, and I hope you'll
like it.
I don't have a Tails development environment (it looks like it'd take effort to
set up), which is why I'm posting this as an email instead of as a commit.
I'll be happy to answer questions. Let me know if this is or isn't acceptable.
--- David A. Wheeler
==== tails-backup.desktop ====
[Desktop Entry]
Type=Application
Name=Backup persistent volume
Comment=Backup the Tails persistent volume to another TailsData volume
Exec=gnome-/usr/bin/gnome-terminal --title 'Log for Backing up Tails persistent
volume' --hide-menubar -- /home/amnesia/Persistent/tails-backup
Terminal=false
Categories=Utilities
StartupNotify=false
#
# Test with:
# xdg-desktop-menu install tails-backup.desktop
==== tails-backup ====
#!/bin/sh
# tails-backup: Back up Tails' persistent disk into the mounted backup region.
# Persistent storage & backup storage must already be unlocked, and
# there must be an admin password set
set -eu
export TEXTDOMAIN='tails'
SOURCE='/live/persistence/TailsData_unlocked/'
DEST='/media/amnesia/TailsData/'
LOG="$HOME/backup-log.txt"
# Newline
NL="$(printf '\nX')"
NL="${NL%X}"
if [ ! -d "$SOURCE" ]; then
msg="$(gettext -s 'Encrypted persistent storage must be unlocked first.
Please reboot, then unlock encrypted persistent storage and under additional
settings set an administrative password.')"
zenity --error --ellipsize --text "$msg"
exit 1
fi
if [ ! -d "$DEST" ]; then
msg="$(gettext -s 'Backup storage area must be unlocked first. Please
run Applications ▸ Accessories ▸ Files, select the backup encrypted volume
(TailsData), and unlock it with your passphrase.')"
zenity --error --ellipsize --text "$msg"
exit 1
fi
title="$(gettext -s 'Alert')"
msg="$(gettext -s 'Would you like to back up your persistent encrypted storage
to the backup storage area? This will replace all data in the backup storage
area.'"$NL"'If you agree, you will then need to enter your administrator
password to actually run the backup.')"
if ! zenity --question --ellipsize --title "$title" --text "$msg"; then
exit 1
fi
# Run real backup command. This requires privileges.
if pkexec /usr/bin/rsync -PaSHAXv --del "$SOURCE" "$DEST" ; then
# Ensure RAM buffers are written out
sync; sync; sync
sleep 1
msg="$(gettext -s 'Backup succeeded. Please eject (unmount) the backup
storage area media.'"$NL"'You can do this by running Applications ▸ Accessories
▸ Files, selecting the backup encrypted volume (TailsData), and ejecting it.')"
zenity --info --ellipsize --text "$msg"
rm -fr "${LOG}"
else
msg="$(gettext -s "Backup failed. See details in log file ${LOG}")"
zenity --error --ellipsize --text "$msg"
exit 1
fi
_______________________________________________
Tails-dev mailing list
Tails-dev@boum.org
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
