This is a tracking issue for the upcoming release of SecureDrop 0.6 - tasks may get added or modified.
Feature freeze: February 27, 2018
String freeze: March 6, 2018
Release date: March 13, 2018
_SecureDrop maintainers and testers:_ As you QA 0.6, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them with the 0.6 milestone for tracking.
Test debian packages are posted on https://apt-test.freedom.press signed with the test key. An Ansible playbook testing the upgrade path is here.
release/0.6 off master - @redshiftzero0.6-rc1 was created but we did not build test debs as we needed to bump the kernels (#3077) 0.6-rc2 tag - @redshiftzero0.6~rc2 on test apt server - @conorsch0.6-rc3 tag - @redshiftzero0.6~rc3 on test apt server - @conorsch0.6-rc4 tag - @redshiftzero0.6~rc4 on test apt server - @conorsch0.6-rc5 tag - @redshiftzero0.6~rc5 on test apt server - @conorschIt would be great to have detailed Q/A scripts that volunteers with a lot of good will but experience with SecureDrop could run manually. Do we have that already ?
For getting setup with prod VMs for testing, this is the best documentation we have, and this post by @kushaldas is useful (version numbers will need bumping). In terms of QA scripts the most detailed generic (for any release) testing script we have is the following - it covers basic server testing and application acceptance testing:
Open up Tor browser and try it out on both interfaces
You should be able to SSH into app and mon over Tor
ssh appssh mon
OSSEC should start up
Expected behavior:
Check that both servers are running grsec kernels
uname -a-grsec is in the kernel nameVerify AppArmor is loaded
sudo aa-statusapparmor module is loaded appears in the outputCheck iptables rules are set up
sudo iptables-saveACCEPT chainsPrecondition: You have used Tor Browser to navigate to the journalist interface and are logged in.
Precondition: You have used Tor Browser to navigate to the journalist interface, logged in, and clicked on a given source.
-reply.gpg. You can use this for copy/pasting into your QA report
In terms of 0.6-specific testing, here's a proposed checklist, focused on securedrop-admin given the significant changes there:
./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)0.6~rc2 in prod VMs./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)There are commits to merge back to develop from yesterday's action.
$ git --no-pager log --oneline --cherry-mark --right-only origin/develop...origin/release/0.6 + 658088bb SecureDrop 0.6~rc2 + e29bdd74 Merge pull request #3077 from freedomofpress/bump-grsec-metapackage-to-4.4-kernels + ab2a05e0 Updates config tests for new kernel image version + eb88a67b Updates docs for new kernel image version + a9c9643b Bumps securedrop-grsec metapackage to 4.4.115 + 898690ed SecureDrop 0.6~rc1
Proposed at https://github.com/freedomofpress/securedrop/issues/3061
I see we are creating 0.6 packages and tags. Could we please switch to using 0.6.0 instead? So we have a uniform naming scheme.
So I thought this was important ... but I just performed an upgrade and confirmed that the old 3.14.79-grsec kernel was still in the boot menu. This is important so if any instances have issues they can roll back temporarily.
0.6~rc2 in prod VMs./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960) 0.6~rc2 in prod VMsEverything looks good in clean install, will be testing upgrade path in VMs next.
./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)ls /boot does not contain any non-grsec kernls0.6~rc2 in prod VMs./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails (But, I also had to file #3088) ./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960) (DId not test)Only cherry-picks in the release/0.6 as shown by the = sign which indicates the commits that are both in develop and release/0.6 and have the same patch-id.
$ git --no-pager log --no-merges --oneline --cherry-mark --right-only origin/develop...origin/release/0.6 = 4ec882bb Monitor only hostname in /var/lib/tor/services = 1b67299b journalist: kindly ask to check the mail
0.5.2 to 0.6~rc2 on physical install./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)Getting some unecessary OSSEC emails (which appear unrelated to this release):
OSSEC HIDS Notification.
2018 Mar 02 04:11:18
Received From: (app) 10.20.2.2->/var/log/syslog
Rule: 100003 fired (level 7) -> "A cron-apt warning was detected"
Portion of the log(s):
Mar 2 04:11:16 app cron-apt: W: Duplicate sources.list entry https://tor-apt.freedom.press/ trusty/main amd64 Packages (/var/lib/apt/lists/tor-apt.freedom.press_dists_trusty_main_binary-amd64_Packages)
--END OF NOTIFICATION
OSSEC HIDS Notification.
2018 Mar 02 04:11:18
Received From: (app) 10.20.2.2->/var/log/syslog
Rule: 100003 fired (level 7) -> "A cron-apt warning was detected"
Portion of the log(s):
Mar 2 04:11:16 app cron-apt: W: Duplicate sources.list entry https://tor-apt.freedom.press/ trusty/main i386 Packages (/var/lib/apt/lists/tor-apt.freedom.press_dists_trusty_main_binary-i386_Packages)
--END OF NOTIFICATION
0.6-rc3 in prod VMs./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)0.6-rc4 in prod VMs./securedrop-admin --help reports useful feedback./securedrop-admin setup works in Tails./securedrop-admin sdconfig works in Tails./securedrop-admin sdconfig allows empty sasl_domain./securedrop-admin install proceeds without issue after Ansible version bump./securedrop-admin tailsconfig proceeds without issue./securedrop-admin check_for_updates reports to the user that an update is available./securedrop-admin update reports signature verifies and updates workstation to the latest valid tag 0.5.2/var/lib/tor/services is monitored by syscheck (#2960)I have tested the kernel metapackage changes as part of 0.6-rc5
[x] Kernel 3.14.79-grsec is installed
[x] Kernel 4.4.115-grsec is installed
[x] Kernel 4.4.115-grsec boots by default
[x] Kernel 3.14.79-grsec is installed
[x] Kernel 4.4.115-grsec is installed
[x] Kernel 4.4.115-grsec boots by default
:exclamation: linux 4.4.0-116-generic is installed, but does not boot by default (4.4.115>4.4.0)
SecureDrop 0.6 went out as planned on March 13, closing. :)
Most helpful comment
I have tested the kernel metapackage changes as part of 0.6-rc5
Classic upgrade scenario (pre-Feb 16) 0.5.2 -> 0.6:
[x] Kernel 3.14.79-grsec is installed
[x] Kernel 4.4.115-grsec is installed
[x] Kernel 4.4.115-grsec boots by default
Alternate upgrade scenario (SD instance installed after Feb 16) 0.5.2 -> 0.6:
[x] Kernel 3.14.79-grsec is installed
[x] Kernel 4.4.115-grsec is installed
[x] Kernel 4.4.115-grsec boots by default
:exclamation: linux 4.4.0-116-generic is installed, but does not boot by default (4.4.115>4.4.0)