Linux symlinked data dir broken after updating to 2.45.1

[metal450]

Describe the bug

On Linux, I have my Ledger Live data dir symlinked to a different location. It worked properly until updating from 2.43.1 to 2.45.1. As of 2.45.1, as soon as I attempt to login to Ledger Live, it nukes the symlink, replacing it with a file, which causes Ledger Live to fail to launch. Detailed repro steps below.

To Reproduce

Steps to reproduce the behavior:

1. On Linux, ln -s "/some/other/location/" "~/.config/Ledger Live"
2. Download Ledger Live 2.43.1 AppImage (or any earlier version).
3. Open LedgerLive & setup/use as usual. It works as expected, with the data residing in /some/other/location.
4. Now download & launch Ledger Live 2.45.1 AppImage.
5. When you enter your password, it says "The password entered is incorrect" (it isn't), and immediately nukes the symlink: ~/config/Ledger Live is replaced with a textfile containing some json

(at this point you can, of course, delete the new ~/config/Ledger Live textfile, recreate the symlink, and resume using previous versions of Ledger Live. But 2.45.1 will not function.)

Expected behavior

Launching Ledger Live 2.45.1 AppImage should work properly with its data symlinked to another location, as did all prior versions

Screenshots

n/a

Desktop (please complete the following information):

• OS: KDE Neon 5.24

[Ricent82]

Also experiencing this on Ubuntu 20.04.

Ledger devs, is there an alternative way to point Ledger to a different data dir until this regression is fixed?

[metal450]

Still broken as of 2.46.

And 2.46.2.

Not really sure why Ledger can't even be bothered to respond, let alone do something to address this regression...

[metal450]

Still broken in 2.47.0

[adrienlacombe]

@gre @valpinkman are you aware of this? thank you vm

[gre]

Hi and sorry for the delay in answering on this Github issue. We now only use Github issues for developers topics (typically on topics that concerns our SDK, libraries,..). For questions, feature requests or Ledger Live issues, please go through our Customer Support to raise this voice and have it more prioritised: https://support.ledger.com/

Thanks

[metal450]

Doesn't seem like this should be marked as "completed" considering the fix...has not been completed.

Also, if there's no publicly-visible venue to report issues, how can others possibly chime in? Support tickets are only one-on-one and are completely opaque - users have no visibility into how many other users are suffering from an issue, they provide no way to discuss issues amongst each other, etc.

Please reopen until this bug is actually properly fixed.

[metal450]

2.48.0 is still broken.

I repeat: where is the new place for providing public visibility on issues? Simply closing & hiding issues from users, thus preventing any sort of transparency into how prevalent an issue is & preventing any possibility of public discussion, is clearly not a feasible approach to open-source software development.

[metal450]

This is extremely discouraging behavior from a company that purportedly provides software for products sovereignty/transparency. The whole mantra of crypto is "don't trust, verify." You now seem to be shutting down any method for public accountability of software behavior by hiding issues behind an opaque, invisible ticket system. I see no rationale for this when github provides a perfectly capable, industry-standard, transparent & open way to discuss & collaborate on issues. Worse, when I bring this up, you simply ignore.

Is this the direction Ledger is going? Is this the end of Ledger as the most open & secure crypto wallet provider?

[metal450]

@gre

[adrienlacombe]

@metal450 "don't trust, verify" only applies to the Nano because it has a secure display. Ledger Live runs on unsecure platforms i.e. laptops and mobiles and therefore this principle doesn't apply. What You See Is What You Sign is only valid for the Nano, not Ledger Live. Our hardware wallet is indeed the most secure but Ledger Live is just a companion app, it will never be more than that, don't expect too much.

[metal450]

@adrienlacombe-ledger Regarding your explanation of the meaning of "don't trust, verify," yes, I understand that Ledger's security refers to keeping private keys isolated. Per my previous statements, I was very obviously referring to the transparency/openness of development, not security of assets. "Don't trust, verify" is applied to many different concepts in crypto, as I'm certain you're aware.

In this case, moving from Github's public/transparent issue system (which can be followed, discussed, & upvoted by anyone) to a system where nobody can see what issues are opened, their status, how prevalent they are, etc...is similar to having an open/decentralized/trustless voting regime, & moving it to a closed/centralized/opaque one. Previously all users could see all activity on a ticket. Now we cannot. We just have to trust whatever Ledger's support e-mail tells us, one-on-one.

Anyway, it seems you forgot to respond to:

1) "if there's no publicly-visible venue to report issues, how can others possibly chime in? Support tickets are only one-on-one and are completely opaque - users have no visibility into how many other users are suffering from an issue, they provide no way to discuss issues amongst each other, etc."

2) "where is the new place for providing public visibility on issues? Simply closing & hiding issues from users, thus preventing any sort of transparency into how prevalent an issue is & preventing any possibility of public discussion, is clearly not a feasible approach to open-source software development."

[metal450]

@gre @adrienlacombe-ledger

[metal450]

Hello?

2.49 this is STILL broken.

[metal450]

Still broken in 2.49.2

[metal450]

@gre @adrienlacombe-ledger hello?

[gre]

Hello and sorry for the delay, I've been digging into the problem and it appears that this relates to Electron, it is very unclear why it would have worked before but:

• i've been able to reproduce the problem with production build 2.49.2 on Ubuntu 22.04. That builds is based on Electron 15.
• Electron 15 being outdated, I'm currently working on upgrading to Electron 21: https://github.com/LedgerHQ/ledger-live/pull/1463 . I can no longer reproduce the problem with a custom build made with Electron 21: I can alias a folder and the symlink is preserved. So there is a high chance this is going to be fixed by this upgrade, but I would need to make sure we re-evaluate this when we do our quality assurance. I will internally attach this ticket to it so we don't forget to verify it.

I am not exactly sure when this work will land in a release but hopefully in a few weeks 🤞

[metal450]

That would be great, thanks.

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label, comment, or consider closing it.

[metal450]

Not stale. Just still not solved.

[gre]

Here is a build that should fix it, in case you want to help confirming this too : https://download.live.ledger.com/ledger-live-desktop-2.52.0-electron22.0-linux-x86_64.AppImage

this is a custom build that I build from https://github.com/LedgerHQ/ledger-live/pull/2049 ( not an upcoming release ) and we are still in non-regression tests & validation phase of this PR.

[metal450]

Confirmed!!

This build restores proper functionality, per the last fully-working version, 2.39.2. Both the symlink breakage is fixed, and also the inaccurate balance breakage is fixed.

Can't wait for this to be officially released. It's been a long 8-month regression.

[gre]

I just landed on develop. It is planned for next LLD release (2.52). sorry for the long wait.