Project

General

Profile

Bug #17212

KeePassXC dialog lists a default DB which does not exist

Added by huertanix about 1 month ago. Updated 7 days ago.

Status:
Needs Validation
Priority:
Normal
Assignee:
Category:
Persistence
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
bugfix/17212-keepassxc-recent-db
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Password Manager

Description

When creating a new password database, a /home/amnesia/Persistent/keepassx.kdbx database is listed under Recent databases, however, that file does not exist and when a user tries to open it, they see an error about the file not existing which convinces them they broke something.

The listed database should be created upon creating a Persistent volume, so that the user can get started using KeepassXC right away (as they would be used to in other password managers) without having to do the manual work of creating a password database. Power users already know how to create a new password database if they don't want to use the default one created in Tails.


Related issues

Related to Tails - Feature #14544: Spend software developer time on smallish UX improvements In Progress 08/31/2018
Related to Tails - Bug #17286: Make KeePassXC save database in a persistent dir by default Needs Validation
Blocks Tails - Feature #16209: Core work: Foundations Team Confirmed

Associated revisions

Revision 921022be (diff)
Added by intrigeri 25 days ago

KeePassXC: don't list a non-existing file in the list of recent databases (refs: #17212)

With KeePassX, this trick made it so the the first time a user used KeePassX and
created their new database, the GUI proposed them, as the default destination,
a path under /home/amnesia/Persistent/ so the new database would persist.
But that does not work with KeePassXC, which our documentation already takes
into account. So we don't get any benefits anymore out of these
3 configuration lines.

OTOH, as reported by huertanix on #17212, this configuration hurts UX.

Revision c6a83f96
Added by segfault 9 days ago

Merge branch 'bugfix/17212-keepassxc-recent-db' into stable (Closes: #17212)

Revision b973a01d (diff)
Added by segfault 9 days ago

Revert "KeePassXC: don't list a non-existing file in the list of recent databases (refs: #17212)"

This reverts commit 921022be214048a3caf8eabc1b643bae5387c2b0.

Our keepassxc wrapper still tell the user that they should rename their database
to keepassx.kdbx to allow KeePassXC to open it automatically in the future.

We should fix that before removing the recent database from the config.

Revision ab79ffd6 (diff)
Added by segfault 9 days ago

KeePassXC: Open ~/Persistent/keepassx.kdbx by default again (refs: #17212)

In commit 921022be214048a3caf8eabc1b643bae5387c2b0, we really only
wanted to remove the LastDatabases line, because that's the only option
that affects the list of last opened databases displayed to the user.

The LastOpenedDatabases option affects which databases KeePassXC tries
to open automatically.

The LastDir is used as the default directory in some file dialgos, for
example when choosing a keyfile.

Revision 4c60897e (diff)
Added by segfault 9 days ago

Fix database renaming prompt not working with KeePassXC (refs: #17212)

KeePassXC creates "*.old.kdbx" backup files for each database file it
saves, and our code to show a dialog asking to rename the database only
opened the dialog if exactly one "*.kdbx" file is in the Persistent dir.

This commit ignores the "*.old.kdbx" files when counting the kdbx files
in the Persistent dir.

History

#1 Updated by intrigeri about 1 month ago

Hi,

When creating a new password database, a /home/amnesia/Persistent/keepassx.kdbx database is listed under Recent databases, however, that file does not exist and when a user tries to open it, they see an error about the file not existing which convinces them they broke something.

Good catch!

FTR, the goal behind the way things are currently set up was: the first time a user uses KeePassXC and creates their new database, the GUI proposes them, as the default destination, something under /home/amnesia/Persistent/ so it persists (as long as the "Personal Data" persistence setting was not disabled while creating the Persistence: it's enabled by default). We managed to make this work with KeePassX, by making /home/amnesia/Persistent/keepassx.kdbx the last opened database.

But indeed, it does not work with KeePassXC: on first run, when I click Create new database, I'm proposed to save it to /home/amnesia/Passwords.kdbx, which won't persist. So indeed, in the current state of things, having /home/amnesia/Persistent/keepassx.kdbx in the Recent databases causes trouble but provides no benefit. That's a regression vs. Tails 3.x. I've checked a bit and I can see no easy way to fix that.

I believe we can easily remove /home/amnesia/Persistent/keepassx.kdbx from the list of Recents databases. I think we should do that. Our documentation already assumes this does not work anyway, and explains the user where they should save the new database.

huertanix, @sajolida: should we do this?

The listed database should be created upon creating a Persistent volume, so that the user can get started using KeepassXC right away (as they would be used to in other password managers) without having to do the manual work of creating a password database.

This would require:

  • asking the user at least a password for their password database, when creating the persistent volume; and possibly more, if we want to support the other options KeePassXC offers in this area
  • writing a non-trivial program and maintaining it forever: KeePassXC currently provides no way to programmatically create a database

Given it'll make things users once per user, I suspect the cost/benefit of implementing this task will put it very low in our list of priorities: IMO there are many cheaper ways to improve Tails' UX much more. I'm open to discussing this further.

#2 Updated by sajolida 27 days ago

  • Related to Feature #14544: Spend software developer time on smallish UX improvements added

#3 Updated by sajolida 27 days ago

  • Status changed from New to Confirmed
  • Affected tool set to Password Manager

huertanix, @sajolida: should we do this?

Fine with me.

#4 Updated by intrigeri 25 days ago

#5 Updated by intrigeri 25 days ago

  • Assignee set to intrigeri
  • Target version set to Tails_4.1

Thank you. I've added this to the FT's plate, bypassing the process for #14544 (https://tails.boum.org/contribute/working_together/roles/foundations_team/#tasks-management-ux-improvements), because this is a regression compared to Tails 3.x and it seems very cheap to fix.

#6 Updated by intrigeri 25 days ago

  • Subject changed from KeepassXC dialog lists a default DB which does not exist to KeePassXC dialog lists a default DB which does not exist

#7 Updated by intrigeri 25 days ago

  • Status changed from Confirmed to In Progress

#8 Updated by intrigeri 25 days ago

  • Feature Branch set to bugfix/17212-keepassxc-recent-db

#9 Updated by intrigeri 25 days ago

  • Status changed from In Progress to Needs Validation
  • Assignee deleted (intrigeri)

#10 Updated by segfault 9 days ago

  • Status changed from Needs Validation to Resolved
  • % Done changed from 0 to 100

#11 Updated by segfault 9 days ago

  • Status changed from Resolved to In Progress
  • % Done changed from 100 to 0

I just noticed that we have code in our keepassxc wrapper which tells the user that they should rename their database to keepassx.kdbx to allow KeePassXC to open it automatically in the future.

That's not correct anymore when we remove the recently-opened-database entry.

Moreover, removing that entry will be a regression for all the users who followed that advice, because the database will not be opened anymore automatically. I'm not sure the UX regression for the users who don't have their database at that path is worse than the UX regression for the users who do.

I reverted the commit on stable, so that we can first find a conclusion here.

#12 Updated by segfault 9 days ago

segfault wrote:

I just noticed that we have code in our keepassxc wrapper which tells the user that they should rename their database to keepassx.kdbx to allow KeePassXC to open it automatically in the future.

With KeePassXC, this renaming prompt usually won't be displayed anymore, because KeePassXC creates a backup file of each database file, named *.old.kdbx., and we only show the renaming dialog if there is exactly one *.kdbx file in the Persistent dir.

But there will still be a lot users who previously named their database keepassx.kdbx and would be affected if we removed the last opened entry.

#13 Updated by segfault 9 days ago

Ha, I found the perfect solution. Turns out that:

  • LastDatabases is only used to display the list of last opened databases in the main window - so the list we want to get rid of.
  • LastOpenedDatabases is only used to automatically open the last opened database when KeePassXC is started - so the behavior we want to keep.

So we should only remove the LastDatabases line.

#14 Updated by segfault 9 days ago

  • Status changed from In Progress to Needs Validation
  • Assignee set to intrigeri

segfault wrote:

So we should only remove the LastDatabases line.

I did that.

With KeePassXC, this renaming prompt usually won't be displayed anymore, because KeePassXC creates a backup file of each database file, named *.old.kdbx., and we only show the renaming dialog if there is exactly one *.kdbx file in the Persistent dir.

I fixed that too.

#15 Updated by CyrilBrulebois 7 days ago

  • Target version changed from Tails_4.1 to Tails_4.2

#16 Updated by segfault 4 days ago

  • Related to Bug #17286: Make KeePassXC save database in a persistent dir by default added

Also available in: Atom PDF