Upgrade from 1.0.0 to 1.1.0¶
SecureDrop 1.1.0 is the first release to ship with support for using Tails 4 (scheduled to be released on October 22, 2019) on your Admin Workstation, your Journalist Workstation, and your Secure Viewing Station.
Because the Tails 3 series will stop receiving security updates with the release of Tails 4, it is important that you update your workstations to Tails 4 soon after its release on October 22, 2019.
Update the SecureDrop code on your Admin and Journalist Workstations first, then upgrade all workstations (including the Secure Viewing Station) to Tails 4 by following the procedure described in this document.
Updating workstations to SecureDrop 1.1.0¶
Using the graphical updater¶
On the next boot of your SecureDrop Journalist and Admin Workstations, the SecureDrop Workstation Updater will alert you to workstation updates. You must have configured an administrator password on the Tails welcome screen in order to use the graphical updater.
Perform the update to 1.1.0 by clicking “Update Now”:
Performing a manual update¶
If the automated update fails, you can perform a manual update by running the following commands:
cd ~/Persistent/securedrop git fetch --tags gpg --keyserver hkps://keys.openpgp.org --recv-key \ "2224 5C81 E3BA EB41 38B3 6061 310F 5612 00F4 AD77" git tag -v 1.1.0
The output should include the following two lines:
gpg: using RSA key 22245C81E3BAEB4138B36061310F561200F4AD77 gpg: Good signature from "SecureDrop Release Signing Key"
Please verify that each character of the fingerprint above matches what on the screen of your workstation. If it does, you can check out the new release:
git checkout 1.1.0
Finally, run the following commands:
./securedrop-admin setup ./securedrop-admin tailsconfig
Upgrading workstations to Tails 4¶
Before upgrading your Admin Workstation and your Journalist Workstation to Tails 4, you must first ensure that the version of the SecureDrop code on the workstation (which is used for administrative tasks and for configuring the Tails desktop) is at 1.1.0.
If unsure, you can always run the
git status command in the
~/Persistent/securedrop directory to determine the current version. If
the output is not “HEAD detached at 1.1.0”, you are not ready to proceed
with the upgrade to Tails 4, and you must first update the workstation using
the procedure described in the previous section.
As a precaution, we recommend backing up your workstations before the upgrade to Tails 4. See our Workstation Backup Guide for more information. We also recommend that you keep a USB drive running Tails 3.16 on hand in case you need to revert.
Once you have created the backups, create a Tails 4 Primary USB which you will use to upgrade your workstation. Follow the instructions on the Tails website to create a fresh Tails drive on a computer running Windows, Mac, or Linux.
Boot the Tails 4 Primary USB on the air-gapped computer you use as the Secure Viewing Station, and follow the instructions for manually upgrading from another Tails to upgrade each workstation USB in turn. This procedure preserves the persistent storage volume of each USB drive you upgrade to Tails 4.
Boot each workstation into Tails 4 to verify that the upgrade was successful. On the Admin and Journalist Workstations, set an administrator password on the Tails welcome screen, and update the SecureDrop environment using the following commands:
cd ~/Persistent/securedrop ./securedrop-admin setup ./securedrop-admin tailsconfig
./securedrop-admin setup step, Tails will prompt you if you want
to install a set of packages every time you start Tails. These packages are only
required for the setup process, so you can safely click Install Only Once.
Until you run these commands, the SecureDrop shortcuts on the Tails desktop will not work, and the graphical updater will no longer report available updates for the SecureDrop code on your workstation.
No additional configuration is required for the Secure Viewing Station.
If you experience difficulties with this upgrade, please do not hesitate to contact us using any of the methods below. If the upgrade failed and you need to restore from a backup, see our guide for restoring workstations. Make sure you restore to a Tails drive using Tails 3.16 before attempting another upgrade to Tails 4.
This release migrates the
securedrop-admin command to Python 3, which is
necessary because the Python 2 series reaches end-of-life on January 1, 2020.
securedrop-admin setup step normally should take care of all the
If you see error messages when running
securedrop-admin setup, we recommend the following:
- Ensure that you are running version 1.1.0 of SecureDrop on your workstation,
by running the command
git statusin your
~/Persistent/securedropdirectory. If the output is not “HEAD detached at 1.1.0”, perform a manual upgrade to SecureDrop 1.1.0 on your workstation.
- Check your network connection on your workstation. The
securedrop-admin setupcommand requires a working Tor connection.
- Make sure that you have set an admin password on the Tails welcome screen.
If this does not solve the problem, clear out any existing Python environments on your workstation by following these steps:
- Change into the directory
- Run the following commands from within this directory (make sure to type them exactly as shown, as this is a destructive operation):
rm -r .venv rm -r .venv3
- Change back into the
./securedrop-admin setup. If the command completes without errors, run the
If you continue to experience difficulties, please contact us using any of the methods below.
Should you require further support with your SecureDrop installation, we are happy to help!
- Community support is available at https://forum.securedrop.org
- If you are already a member of our support portal, please don’t hesitate to open a ticket there. If you would like to request access, please contact us at firstname.lastname@example.org (GPG encrypted). Note that your ticket will be visible to all support portal users at your organization; if this is a concern, reach out by email to the above address or to a staff member directly.
- The Freedom of the Press Foundation offers training and priority support services. See https://securedrop.org/priority-support/ for more information.