Interest Article

Advisory: Installation/Workstation Update Failure on Tails 3.15

July 17, 2019
Update, July 22, 2019: Thanks to collaboration between the Tails and Tor teams, this issue has been resolved.

A reference to a non-existent package repository in Tails 3.15 will cause the following operations to fail:

  • Installing SecureDrop using an Admin Workstation running Tails 3.15
  • Updating the SecureDrop code on an Admin or Journalist workstation running Tails 3.15

The securedrop-admin setup step will fail with the following error:

W: The repository 'tor+http://sdscoq7snqtznauu.onion/ tor-experimental-0.4.0.x-stretch Release' does not have a Release file.
E: Failed to fetch tor+http://sdscoq7snqtznauu.onion/ 404 Not Found
E: Some index files failed to download. They have been ignored, or old ones used instead.
ERROR: Failed to install apt dependencies. Check network connection and try again.

The cause of this error is that the package configuration refers to an experimental version of Tor which no longer exists, and which is not required. A similar issue occurred with the release of Tails 3.9.

You can work around this problem manually prior to a fix in a future Tails release. Before running securedrop-admin setup, please perform the following steps:

  1. Start the Journalist or Admin Workstation with Persistent Storage unlocked and an administration password set.
  2. Open a terminal and run this command:
    sudo nano /etc/apt/sources.list.d/torproject.list
  3. Delete the second line, which should look like this:
    deb tor+http://sdscoq7snqtznauu.onion/ tor-experimental-0.4.0.x-stretch main
  4. Save changes and quit the text editor
  5. Run sudo apt-get update and ensure it completes without an error message.

Please note that this change will not be persistent across reboots, so it will be necessary to run it before running ./securedrop-admin setup for the first time after booting into Tails 3.15.

Questions and comments

If this workaround does not work for you, or if you have other questions or comments regarding this issue, please don't hesitate to reach out:

  • Via our Support Portal, if you are a member (membership is available to SecureDrop administrators on request);
  • Via (GPG encrypted) for sensitive security issues (please use judiciously);
  • Via our community forums.

We also encourage you to file non-sensitive issues you encounter in our GitHub repository (issue report form).

Return to News