A reference to a non-existent package repository in Tails 3.15 will cause the following operations to fail:
- Installing SecureDrop using an Admin Workstation running Tails 3.15
- Updating the SecureDrop code on an Admin or Journalist workstation running Tails 3.15
securedrop-admin setup step will fail with the following error:
W: The repository 'tor+http://sdscoq7snqtznauu.onion/torproject.org tor-experimental-0.4.0.x-stretch Release' does not have a Release file.
E: Failed to fetch tor+http://sdscoq7snqtznauu.onion/torproject.org/dists/tor-experimental-0.4.0.x-stretch/main/binary-amd64/Packages 404 Not Found
E: Some index files failed to download. They have been ignored, or old ones used instead.
ERROR: Failed to install apt dependencies. Check network connection and try again.
The cause of this error is that the package configuration refers to an experimental version of Tor which no longer exists, and which is not required. A similar issue occurred with the release of Tails 3.9.
You can work around this problem manually prior to a fix in a future Tails release. Before running
securedrop-admin setup, please perform the following steps:
- Start the Journalist or Admin Workstation with Persistent Storage unlocked and an administration password set.
- Open a terminal and run this command:
sudo nano /etc/apt/sources.list.d/torproject.list
- Delete the second line, which should look like this:
deb tor+http://sdscoq7snqtznauu.onion/torproject.org/ tor-experimental-0.4.0.x-stretch main
- Save changes and quit the text editor
sudo apt-get updateand ensure it completes without an error message.
Please note that this change will not be persistent across reboots, so it will be necessary to run it before running
./securedrop-admin setup for the first time after booting into Tails 3.15.
Questions and comments
If this workaround does not work for you, or if you have other questions or comments regarding this issue, please don't hesitate to reach out:
- Via our Support Portal, if you are a member (membership is available to SecureDrop administrators on request);
- Via email@example.com (GPG encrypted) for sensitive security issues (please use judiciously);
- Via our community forums.
We also encourage you to file non-sensitive issues you encounter in our GitHub repository (issue report form).