summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsegfault <segfault@riseup.net>2019-08-11 20:58:45 +0200
committersegfault <segfault@riseup.net>2019-08-11 20:58:45 +0200
commitdec5522be10e597a74cade12dfb49355bd053a9d (patch)
tree4bb0c2c688fc00a6225b7a92070cce1f3506e14b
parente7223e5b2baf8cdc3b2597a608a8b0e90ce00175 (diff)
parent0a1ea458111f16833e10cb02c4cd445990c32019 (diff)
Merge branch 'devel' into bugfix/16952-keepassxc-not-in-POTFILES.inbugfix/16952-keepassxc-not-in-POTFILES.in
-rwxr-xr-xauto/scripts/update-acng-config2
-rw-r--r--config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch179
-rw-r--r--debian/changelog17
-rw-r--r--features/support/helpers/firewall_helper.rb18
-rw-r--r--features/support/helpers/misc_helpers.rb11
5 files changed, 59 insertions, 168 deletions
diff --git a/auto/scripts/update-acng-config b/auto/scripts/update-acng-config
index d8ca908..27aa0c5 100755
--- a/auto/scripts/update-acng-config
+++ b/auto/scripts/update-acng-config
@@ -60,7 +60,7 @@ for origin in $(list_origins) ; do
# code complexity (=> higher maintenance cost).
#
# XXX: Bullseye: bump the end of the range of major versions
- for major in $(seq 3 4 5) ; do
+ for major in $(seq 3 5); do
for minor in $(seq 0 32); do
for suffix in "" alpha beta rc ; do
for suffix_n in "" $(seq 1 8); do
diff --git a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
index 28f6d10..37de2cd 100644
--- a/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
+++ b/config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch
@@ -1,8 +1,8 @@
diff --git a/etc/apparmor.d/torbrowser.Browser.firefox b/etc/apparmor.d/torbrowser.Browser.firefox
-index 9f269e1..82def53 100644
+index f782f35..a80365d 100644
--- a/etc/apparmor.d/torbrowser.Browser.firefox
+++ b/etc/apparmor.d/torbrowser.Browser.firefox
-@@ -1,10 +1,11 @@
+@@ -1,11 +1,12 @@
#include <tunables/global>
#include <tunables/torbrowser>
@@ -10,31 +10,30 @@ index 9f269e1..82def53 100644
+@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
profile torbrowser_firefox @{torbrowser_firefox_executable} {
+ #include <abstractions/audio>
#include <abstractions/gnome>
+ #include <abstractions/ibus>
# Uncomment the following lines if you want to give the Tor Browser read-write
# access to most of your personal files.
-@@ -25,13 +26,16 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -14,6 +15,7 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+
+ # Audio support
+ /{,usr/}bin/pulseaudio Pixr,
++ /etc/asound.conf r,
+
+ #dbus,
+ network netlink raw,
+@@ -29,6 +31,8 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
deny /etc/passwd r,
deny /etc/group r,
deny /etc/mailcap r,
+ deny @{HOME}/.local/share/gvfs-metadata/home r,
+ deny /run/resolvconf/resolv.conf r,
-- deny /etc/machine-id r,
-- deny /var/lib/dbus/machine-id r,
-+ /etc/machine-id r,
-+ /var/lib/dbus/machine-id r,
-
- /dev/ r,
- /dev/shm/ r,
-
-+ owner @{PROC}/@{pid}/environ r,
- owner @{PROC}/@{pid}/fd/ r,
- owner @{PROC}/@{pid}/mountinfo r,
- owner @{PROC}/@{pid}/stat r,
-@@ -39,32 +43,36 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+ /etc/machine-id r,
+ /var/lib/dbus/machine-id r,
+@@ -44,36 +48,35 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
owner @{PROC}/@{pid}/task/*/stat r,
@{PROC}/sys/kernel/random/uuid r,
@@ -50,13 +49,17 @@ index 9f269e1..82def53 100644
- owner @{torbrowser_home_dir}/*.so mr,
- owner @{torbrowser_home_dir}/.cache/fontconfig/ rwk,
- owner @{torbrowser_home_dir}/.cache/fontconfig/** rwkl,
-- owner @{torbrowser_home_dir}/components/*.so mr,
-- owner @{torbrowser_home_dir}/browser/components/*.so mr,
+- owner @{torbrowser_home_dir}/browser/** r,
+- owner @{torbrowser_home_dir}/{,browser/}components/*.so mr,
+- owner @{torbrowser_home_dir}/Downloads/ rwk,
+- owner @{torbrowser_home_dir}/Downloads/** rwk,
- owner @{torbrowser_home_dir}/firefox rix,
-- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/updater ix,
-- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/0/MozUpdater/bgupdate/updater ix,
+- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/* rw,
+- owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/{,MozUpdater/bgupdate/}updater ix,
+- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/.parentwritetest rw,
- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/ r,
+- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/{,**} rwk,
+- owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/tor px,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so mr,
@@ -74,8 +77,7 @@ index 9f269e1..82def53 100644
+ owner @{HOME}/.mozilla/firefox/bookmarks/** rwk,
+ owner /live/persistence/TailsData_unlocked/bookmarks/ rwk,
+ owner /live/persistence/TailsData_unlocked/bookmarks/** rwk,
-+ owner @{HOME}/.tor-browser/profile.default/ r,
-+ owner @{HOME}/.tor-browser/profile.default/** rwk,
++ owner @{HOME}/.tor-browser/profile.default/{,**} rwk,
+
+ /etc/xul-ext/ r,
+ /etc/xul-ext/** r,
@@ -83,19 +85,19 @@ index 9f269e1..82def53 100644
+ /usr/local/share/tor-browser-extensions/** rk,
+ /usr/share/{xul-,web}ext/ r,
+ /usr/share/{xul-,web}ext/** r,
-+ /usr/share/mozilla/extensions/ r,
-+ /usr/share/mozilla/extensions/** r,
++ /usr/share/{chromium,mozilla}/extensions/ r,
++ /usr/share/{chromium,mozilla}/extensions/** r,
+
+ /usr/share/doc/tails/website/ r,
+ /usr/share/doc/tails/website/** r,
- # Web Content processes
-- owner @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
-+ @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
+ # parent Firefox process when restarting after upgrade, Web Content processes
+- owner @{torbrowser_firefox_executable} ixmr -> torbrowser_firefox,
++ @{torbrowser_firefox_executable} ixmr -> torbrowser_firefox,
/etc/mailcap r,
/etc/mime.types r,
-@@ -88,12 +96,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -97,12 +100,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
/sys/devices/system/node/node[0-9]*/meminfo r,
deny /sys/devices/virtual/block/*/uevent r,
@@ -108,7 +110,7 @@ index 9f269e1..82def53 100644
# Required for multiprocess Firefox (aka Electrolysis, i.e. e10s)
owner /{dev,run}/shm/org.chromium.* rw,
-@@ -107,6 +109,29 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -116,6 +113,29 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
deny @{HOME}/.cache/fontconfig/** rw,
deny @{HOME}/.config/gtk-2.0/ rw,
deny @{HOME}/.config/gtk-2.0/** rw,
@@ -138,7 +140,7 @@ index 9f269e1..82def53 100644
deny @{PROC}/@{pid}/net/route r,
deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
-@@ -122,5 +147,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -132,5 +152,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
/etc/xfce4/defaults.list r,
/usr/share/xfce4/applications/ r,
@@ -150,121 +152,6 @@ index 9f269e1..82def53 100644
+ deny owner /tmp/** rwklx,
+ deny /tmp/ rwklx,
}
-diff --git a/etc/apparmor.d/torbrowser.Browser.plugin-container b/etc/apparmor.d/torbrowser.Browser.plugin-container
-index fdf5fda..4015928 100644
---- a/etc/apparmor.d/torbrowser.Browser.plugin-container
-+++ b/etc/apparmor.d/torbrowser.Browser.plugin-container
-@@ -1,7 +1,7 @@
- #include <tunables/global>
- #include <tunables/torbrowser>
-
--@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox.real
-+@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
-
- profile torbrowser_plugin_container {
- #include <abstractions/gnome>
-@@ -12,9 +12,9 @@ profile torbrowser_plugin_container {
- # - the "deny" word in the machine-id lines
- # - the rules that deny reading /etc/pulse/client.conf
- # and executing /usr/bin/pulseaudio
-- # #include <abstractions/audio>
-- # /etc/asound.conf r,
-- # owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/mozilla-temp-* rw,
-+ #include <abstractions/audio>
-+ /etc/asound.conf r,
-+ owner @{HOME}/.tor-browser/profile.default/tmp/mozilla-temp-* rw,
-
- signal (receive) set=("term") peer=torbrowser_firefox,
-
-@@ -26,8 +26,8 @@ profile torbrowser_plugin_container {
- deny /etc/group r,
- deny /etc/mailcap r,
-
-- deny /etc/machine-id r,
-- deny /var/lib/dbus/machine-id r,
-+ /etc/machine-id r,
-+ /var/lib/dbus/machine-id r,
-
- /etc/mime.types r,
- /usr/share/applications/gnome-mimeapps.list r,
-@@ -42,34 +42,31 @@ profile torbrowser_plugin_container {
- owner @{PROC}/@{pid}/task/*/stat r,
- @{PROC}/sys/kernel/random/uuid r,
-
-- owner @{torbrowser_home_dir}/*.dat r,
-- owner @{torbrowser_home_dir}/*.manifest r,
-- owner @{torbrowser_home_dir}/*.so mr,
-- owner @{torbrowser_home_dir}/.cache/fontconfig/ rw,
-- owner @{torbrowser_home_dir}/.cache/fontconfig/** rw,
-- owner @{torbrowser_home_dir}/browser/** r,
-- owner @{torbrowser_home_dir}/components/*.so mr,
-- owner @{torbrowser_home_dir}/browser/components/*.so mr,
-- owner @{torbrowser_home_dir}/defaults/pref/ r,
-- owner @{torbrowser_home_dir}/defaults/pref/*.js r,
-- owner @{torbrowser_home_dir}/dependentlibs.list r,
-- owner @{torbrowser_home_dir}/fonts/ r,
-- owner @{torbrowser_home_dir}/fonts/** r,
-- owner @{torbrowser_home_dir}/omni.ja r,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/extensions/*.xpi r,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
-- owner @{torbrowser_home_dir}/TorBrowser/UpdateInfo/updates/[0-9]*/update.{status,version} r,
-- owner @{torbrowser_home_dir}/TorBrowser/UpdateInfo/updates/[0-9]/updater rw,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/startupCache/* r,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/* rw,
-- owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
-- owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
-- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so mr,
-- owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so.* mr,
-- owner @{torbrowser_home_dir}/Downloads/ rwk,
-- owner @{torbrowser_home_dir}/Downloads/** rwk,
--
-- owner @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
-+ @{torbrowser_home_dir}/ r,
-+ @{torbrowser_home_dir}/** mr,
-+
-+ owner @{HOME}/.tor-browser/profile.default/startupCache/* r,
-+ owner @{HOME}/.tor-browser/profile.default/tmp/* rw,
-+
-+ owner "@{HOME}/Tor Browser/" rw,
-+ owner "@{HOME}/Tor Browser/**" rwk,
-+ owner "@{HOME}/Persistent/Tor Browser/" rw,
-+ owner "@{HOME}/Persistent/Tor Browser/**" rwk,
-+
-+ owner @{HOME}/.tor-browser/profile.default/extensions/*.xpi r,
-+ /etc/xul-ext/ r,
-+ /etc/xul-ext/** r,
-+ /usr/local/share/tor-browser-extensions/ r,
-+ /usr/local/share/tor-browser-extensions/** rk,
-+ /usr/share/{xul-,web}ext/ r,
-+ /usr/share/{xul-,web}ext/** r,
-+ /usr/share/mozilla/extensions/ r,
-+ /usr/share/mozilla/extensions/** r,
-+
-+ /usr/share/doc/tails/website/ r,
-+ /usr/share/doc/tails/website/** r,
-+
-+ @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
-
- /sys/devices/system/cpu/ r,
- /sys/devices/system/cpu/present r,
-@@ -95,10 +92,16 @@ profile torbrowser_plugin_container {
- deny @{PROC}/@{pid}/net/route r,
- deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
- deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
-+ deny @{HOME}/.cache/fontconfig/ w,
-
- # Silence denial logs about PulseAudio
- deny /etc/pulse/client.conf r,
- deny /usr/bin/pulseaudio x,
-
-- #include <local/torbrowser.Browser.plugin-container>
-+ # Deny access to global tmp directories, that's granted by the user-tmp
-+ # abstraction, which is sourced by the gnome abstraction, that we include.
-+ deny owner /var/tmp/** rwklx,
-+ deny /var/tmp/ rwklx,
-+ deny owner /tmp/** rwklx,
-+ deny /tmp/ rwklx,
- }
diff --git a/etc/apparmor.d/tunables/torbrowser b/etc/apparmor.d/tunables/torbrowser
index 9b31139..f77e082 100644
--- a/etc/apparmor.d/tunables/torbrowser
diff --git a/debian/changelog b/debian/changelog
index 5e950ea..4ad6080 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,14 +4,7 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
- Upgrade to a snapshot of Debian 10 (Buster) from 2018-08-06.
* Removed features
- - Remove Traverso. It was removed from testing and won't be in
- Buster unless it's fixed pretty quickly. Given it's on our list
- of candidates for removal (#15291), I've had exactly zero
- indication that anyone uses it in Tails (quite the opposite:
- I've been told by users they use other software for these
- needs), and there's been no major upstream change for a long
- time, I don't think it's worth worrying.
- - Remove scribus completly (refs: 16290).
+ - Remove scribus completely (refs: 16290).
- Remove LibreOffice Math (#16911).
* Bugfixes
@@ -70,7 +63,7 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
reintroduced it.
- Remove KeePassX and replace it with KeePassXC. (refs: #15297). As
KeePassX was used around for a longer time, we don't need
- automatic upgrading cappability from old KeePass file format
+ automatic upgrading capability from old KeePass file format
(Tails 2 times). The user can still import those old files, if
they want to access it.
- Disable live-tools.service (Closes: #16324). This service is only
@@ -368,12 +361,12 @@ tails (4.0~beta1) UNRELEASED; urgency=medium
touch call makes sure that gnome-shell refreshes the icons, as
the property change itself isn't sufficient.
- Show images for icons on desktop. (refs: #16283) Somewhen
- @metadata::trusted yes@ whas the right thing to do, but nowadays
+ @metadata::trusted yes@ was the right thing to do, but nowadays
you have to use @metadata::trusted true@. What was taking me one
day to spot. The internet has still a lot reference to
@metadata::trusted yes@. I added also Requires and After to the
- service file, to make sure systemd starts gvfs-metadata deamon
- before ours. We need this DBus interface to be availabe to get
+ service file, to make sure systemd starts gvfs-metadata daemon
+ before ours. We need this DBus interface to be available to get
gio working.
- Use XDG logic to find the correct icon. That should result in
less blurry icons on the desktop, as it takes the correct sizes,
diff --git a/features/support/helpers/firewall_helper.rb b/features/support/helpers/firewall_helper.rb
index dc62edd..71364fe 100644
--- a/features/support/helpers/firewall_helper.rb
+++ b/features/support/helpers/firewall_helper.rb
@@ -6,6 +6,13 @@ def looks_like_dhcp_packet?(eth_packet, protocol, sport, dport, ip_packet)
ip_packet && ip_packet.ip_daddr == "255.255.255.255"
end
+def is_rarp_packet?(p)
+ # Details: https://www.netometer.com/qa/rarp.html#A13
+ p.force_encoding("UTF-8").start_with?(
+ "\xFF\xFF\xFF\xFF\xFF\xFFRT\x00\xAC\xDD\xEE\x805\x00\x01\b\x00\x06"
+ ) && (p[19] == "\x03" || p[19] == "\x04")
+end
+
# Returns the unique edges (based on protocol, source/destination
# address/port) in the graph of all network flows.
def pcap_connections_helper(pcap_file, opts = {})
@@ -18,9 +25,14 @@ def pcap_connections_helper(pcap_file, opts = {})
if PacketFu::EthPacket.can_parse?(p)
eth_packet = PacketFu::EthPacket.parse(p)
else
- raise FirewallAssertionFailedError.new(
- 'Found something that is not an ethernet packet'
- )
+ if is_rarp_packet?(p)
+ # packetfu cannot parse RARP, see #16825.
+ next
+ else
+ raise FirewallAssertionFailedError.new(
+ 'Found something that is not an ethernet packet'
+ )
+ end
end
sport = nil
dport = nil
diff --git a/features/support/helpers/misc_helpers.rb b/features/support/helpers/misc_helpers.rb
index e9e7309..be155f5 100644
--- a/features/support/helpers/misc_helpers.rb
+++ b/features/support/helpers/misc_helpers.rb
@@ -74,12 +74,11 @@ def try_for(timeout, options = {})
# than we do it in this function, this means that there is a
# try_for below us in the stack to which this exception must be
# unique to.
- # Let 1 be the base step, and 2 the inductive step, and we sort of
- # an inductive proof for the correctness of try_for when it's
- # nested. It shows that for an infinite stack of try_for:s, any of
- # the unique exceptions will be caught only by the try_for instance
- # it is unique to, and all try_for:s in between will ignore it so it
- # ends up there immediately.
+ # Let 1 be the base step, and 2 the inductive step, and we have a
+ # inductive argument for the correctness of nested try_for. It shows
+ # that for an arbitrary large stack of try_for:s, any of the unique
+ # exceptions will be caught only by the try_for instance it is
+ # unique to, and all try_for:s in between will ignore it.
rescue unique_timeout_exception => e
msg = options[:msg] || 'try_for() timeout expired'
exc_class = options[:exception] || Timeout::Error