summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/remember_installed_packages.mdwn
blob: fbc86af98a2face10bb8319aa5f29938f75c2742 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<div class="note">
This is an old blueprint, implemented in Tails as Additional Software Packages. See [[additional_software_packages]] and [[additional_software_packages_offline_mode]] for next steps.
</div>

When user have enabled persistence, it could be nice to remember which
extra packages they have installed.

We propose to use the term "your additional software" to mention to the
user those packages in the GUI, notifications, etc.

This feature will be implemented in several steps.

Past research
=============

Possible interfaces
-------------------

### 1

Either in the greeter or upon login, an
interface could appear offering the user to select which packages should be
reinstalled (all unselected by default).

Having this choice in the greeter could allow users to install their preferred
software without having an administrative password set.

> This interface would quickly become messy, as soon as a desired
> additional package pulls dozens (if not hundreds) of dependencies.

### 2

Alternative idea: in tails-persistence-setup, allow selecting
packages (among the ones additionally installed during the current
session, and/or offer a "All installed additional packages"
option) to be automatically re-installed next time. Then, at boot
time, when persistence is enabled, our live-persistence script (or
something else started from tails-greeter) would (unconditionally?)
read this packages list from the persistent volume and install them.

Things to think about
---------------------

- security implications of this whole idea needs to be researched before
  diving in the code.

> since the cached APT packages are
> hand picked by the user, security will depend on these packages and
> security of the persistent volume where the *.deb are going to be
> stored. Am I missing something here?

- how to answer pontential apt/dpkg/debconf questions? record answers? force yes?

- re-install these packages from cache only, or prefer fetching more up-to-date
  versions from online mirrors if available? If we want to fetch updates, when
  should the install start? Think about offline usage and about network
  fingerprint.

- should the packages been installed before starting the session (required for
  packages related to session modification e.g. `msva-perl`) or after (e.g.
  requiring network, like firmware downloader)

Possible implementation tricks
------------------------------

### Installing at startup, then upgrading

One solution to the upgrad/offline use problem might be to install the packages
at from cache at startup, then to try to fetch upgrades and install them if
network appears.

### Creating a list of user-installed packages

A configuration snippet can be add in `/etc/apt/apt.conf.d` with a
`Dpkg::Post-Invoke` option. This allows to trigger a script each time
APT is run.

This script should query APT database and record all packages that are
not in `autoinstall` state.

On boot time, that list should be filtered with packages that are already
shipped with Tails.

> Here's an example script which filters shipped packages on runtime instead:
> 
    comm -23 <(list-manually-installed-packages) <default-packages.txt >session-packages.txt
    comm -23 <(cat session-packages.txt|sort) <(cat saved-packages.txt|sort) >> saved-packages.txt
> 
> It mantains a list of packages manually installed by the user in saved-packages.txt. This file should be placed in its own directory so it can be made persistent.
>
> list-manually-installed-packages is another script which does what its name says. In squeeze it can be done with:
>
    comm -3 <(dpkg -l | grep '^ii' | cut -d\  -f 3|sort) <(apt-mark showauto|sort)
>
> When we move to wheezy it may simply become 'apt-mark showmanual', if it proves to be equivalent.
>
> default-packages.txt is the list of packages shipped with Tails, generated at ISO creation time with list-manually-installed-packages
>
> session-packages.txt is a temporary file, can be placed in /tmp