summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-includes/usr/local/bin
diff options
context:
space:
mode:
authorTails developers <amnesia@boum.org>2014-12-03 13:01:52 +0100
committerTails developers <amnesia@boum.org>2014-12-03 13:01:52 +0100
commit1138ffbed4936969f0068ad29aeefb7b1bcb7697 (patch)
tree0c5e2a39fb2863125984321a8f4e0c717e3d1644 /config/chroot_local-includes/usr/local/bin
parent56c42191c0620c45c7659cce16b564467bb80759 (diff)
parent7999371f600097af34fe489d80a8eb253fe5778c (diff)
Merge https://git-tails.immerda.ch/tails into doc/projectdoc/projectdoc/7536-project
Diffstat (limited to 'config/chroot_local-includes/usr/local/bin')
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/end-profile2
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/generate-tor-browser-profile13
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/getTorBrowserUserAgent38
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/iceweasel29
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-activate-win8-theme17
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-delete-persistent-volume2
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-documentation2
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-persistence-setup2
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-security-check2
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-start-i2p133
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper6
-rwxr-xr-xconfig/chroot_local-includes/usr/local/bin/tor-browser78
12 files changed, 119 insertions, 205 deletions
diff --git a/config/chroot_local-includes/usr/local/bin/end-profile b/config/chroot_local-includes/usr/local/bin/end-profile
index cba649a..de28c5e 100755
--- a/config/chroot_local-includes/usr/local/bin/end-profile
+++ b/config/chroot_local-includes/usr/local/bin/end-profile
@@ -4,7 +4,7 @@ set -e
test -e /boot-profile.pid || exit 0
-# Wait some time hoping Tor has bootstrapped and Iceweasel is started
+# Wait some time hoping Tor has bootstrapped and Tor Browser is started
sleep 180
sudo -n /usr/local/sbin/kill-boot-profile
diff --git a/config/chroot_local-includes/usr/local/bin/generate-tor-browser-profile b/config/chroot_local-includes/usr/local/bin/generate-tor-browser-profile
new file mode 100755
index 0000000..bdb0e0c
--- /dev/null
+++ b/config/chroot_local-includes/usr/local/bin/generate-tor-browser-profile
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -eu
+
+USER_PROFILE="${HOME}/.tor-browser"
+
+if [ -e "${USER_PROFILE}" ]; then
+ echo "A tor-browser profile already exists at: ${USER_PROFILE}" >&2
+ exit 1
+fi
+
+mkdir -p "${USER_PROFILE}"
+cp -a /etc/tor-browser/profile "${USER_PROFILE}"/profile.default
diff --git a/config/chroot_local-includes/usr/local/bin/getTorBrowserUserAgent b/config/chroot_local-includes/usr/local/bin/getTorBrowserUserAgent
index b0218d7..1e4f2da 100755
--- a/config/chroot_local-includes/usr/local/bin/getTorBrowserUserAgent
+++ b/config/chroot_local-includes/usr/local/bin/getTorBrowserUserAgent
@@ -1,29 +1,17 @@
-#!/usr/bin/perl
+#!/bin/sh
-use warnings;
-use strict;
-use 5.10.0;
-use Fatal qw( open close );
+set -eu
-sub getTorBrowserUserAgent {
- my $file = shift;
+# Import the TBB_INSTALL variable
+. /usr/local/lib/tails-shell-library/tor-browser.sh
- my $ua;
- open (my $in, "<", $file);
- while (my $line = <$in>) {
- chomp $line;
- if (($ua) = ($line =~ m/^pref[(]"general[.]useragent[.]override", "(.*)"[)];$/)) {
- last;
- }
- }
- close $in;
- return $ua;
-}
+ua="$(unzip -q -p "${TBB_INSTALL}"/browser/omni.ja \
+ defaults/preferences/000-tor-browser.js | \
+ sed -n 's@^pref("general\.useragent\.override", "\(.*\)");$@\1@p')"
-my $ua = getTorBrowserUserAgent('/etc/iceweasel/pref/000-tor-browser.js');
-if (defined $ua && $ua) {
- say $ua;
-}
-else {
- die "Unparseable file."
-}
+if [ -z "${ua}" ]; then
+ echo "Got empty user agent string" >&2
+ exit 1
+fi
+
+echo "${ua}"
diff --git a/config/chroot_local-includes/usr/local/bin/iceweasel b/config/chroot_local-includes/usr/local/bin/iceweasel
deleted file mode 100755
index eeeb348..0000000
--- a/config/chroot_local-includes/usr/local/bin/iceweasel
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-
-# Do not "set -u", else importing gettext.sh dies
-# with "ZSH_VERSION: parameter not set".
-set -e
-
-. gettext.sh
-TEXTDOMAIN="tails"
-export TEXTDOMAIN
-
-ask_for_confirmation() {
- local dialog_title="`gettext \"Tor is not ready\"`"
- local dialog_text="`gettext \"Tor is not ready. Start Tor Browser anyway?\"`"
- local dialog_start="`gettext \"Start Tor Browser\"`"
- local dialog_cancel="`gettext \"Cancel\"`"
- # zenity can't set the default button to cancel, so we switch the
- # labels and interpret the return value as its negation.
- ! zenity --question \
- --title "$dialog_title" --text="$dialog_text" \
- --cancel-label "$dialog_start" --ok-label "$dialog_cancel"
-}
-
-tor_has_bootstrapped() {
- sudo -n -u debian-tor /usr/local/sbin/tor-has-bootstrapped
-}
-
-if tor_has_bootstrapped || ask_for_confirmation; then
- exec /usr/bin/iceweasel "$@" &
-fi
diff --git a/config/chroot_local-includes/usr/local/bin/tails-activate-win8-theme b/config/chroot_local-includes/usr/local/bin/tails-activate-win8-theme
index 1e85f64..416ed2a 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-activate-win8-theme
+++ b/config/chroot_local-includes/usr/local/bin/tails-activate-win8-theme
@@ -26,18 +26,19 @@ if [ -d "$HOME/.claws-mail" ]; then
fi
fi
-# Iceweasel
+# Tor Browser
# Copy the file containing toolbars configurations
-if [ -d "$HOME/.mozilla/firefox/default" ]; then
+BROWSER_PROFILE="${HOME}/.tor-browser/profile.default"
+if [ -d "${BROWSER_PROFILE}" ]; then
cp /usr/share/tails/firefox-localstore-win8.rdf \
- ${HOME}/.mozilla/firefox/default/localstore.rdf
+ "${BROWSER_PROFILE}"/localstore.rdf
# Setup a blue lightweight theme
- cat >> ${HOME}/.mozilla/firefox/default/user.js <<EOF
-user_pref("lightweightThemes.isThemeSelected", true);
-user_pref("lightweightThemes.usedThemes", "[{\"id\":\"1\",\"name\":\"Unsafe Browser\",\"headerURL\":\"file:///usr/share/pixmaps/blue_dot.png\",\"footerURL\":\"file:///usr/share/pixmaps/blue_dot.png\",\"textcolor\":\"#FFFFFF\",\"accentcolor\":\"#3399FF\",\"updateDate\":0,\"installDate\":0}]");
+ cat >> "${BROWSER_PROFILE}"/preferences/0000camouflage.js <<EOF
+pref("lightweightThemes.isThemeSelected", true);
+pref("lightweightThemes.usedThemes", "[{\"id\":\"1\",\"name\":\"Internet Explorer\",\"headerURL\":\"file:///usr/share/pixmaps/blue_dot.png\",\"footerURL\":\"file:///usr/share/pixmaps/blue_dot.png\",\"textcolor\":\"#FFFFFF\",\"accentcolor\":\"#3399FF\",\"updateDate\":0,\"installDate\":0}]");
EOF
# Tune chrome
- cat >> ${HOME}/.mozilla/firefox/default/chrome/userChrome.css <<EOF
+ cat >> "${BROWSER_PROFILE}"/chrome/userChrome.css <<EOF
/* Camouflage */
.tab-close-button { list-style-image: url("moz-icon://stock/gtk-close-grey?size=menu") !important; }
@@ -83,7 +84,7 @@ gsettings set org.gnome.desktop.background picture-options stretched
gsettings set org.gnome.desktop.wm.preferences num-workspaces 1
# Panel
-gsettings set org.gnome.gnome-panel.layout object-id-list "['menu-button', 'iceweasel-launcher', 'claws-launcher', 'pidgin-launcher', 'keepassx-launcher', 'gnome-terminal-launcher', 'window-list', 'notification-area', 'shutdown-helper', 'clock']"
+gsettings set org.gnome.gnome-panel.layout object-id-list "['menu-button', 'tor-browser-launcher', 'claws-launcher', 'pidgin-launcher', 'keepassx-launcher', 'gnome-terminal-launcher', 'window-list', 'notification-area', 'shutdown-helper', 'clock']"
gsettings set org.gnome.gnome-panel.layout toplevel-id-list "['bottom-panel']"
gsettings set org.gnome.desktop.lockdown disable-log-out true
diff --git a/config/chroot_local-includes/usr/local/bin/tails-delete-persistent-volume b/config/chroot_local-includes/usr/local/bin/tails-delete-persistent-volume
index 965bbb6..75b8944 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-delete-persistent-volume
+++ b/config/chroot_local-includes/usr/local/bin/tails-delete-persistent-volume
@@ -5,5 +5,5 @@ set -e
RUN_AS_USER=tails-persistence-setup
xhost +SI:localuser:"$RUN_AS_USER"
-gksudo -u "$RUN_AS_USER" "/usr/bin/tails-persistence-setup --step delete"
+sudo -u "$RUN_AS_USER" /usr/bin/tails-persistence-setup --step delete $@
xhost -SI:localuser:"$RUN_AS_USER"
diff --git a/config/chroot_local-includes/usr/local/bin/tails-documentation b/config/chroot_local-includes/usr/local/bin/tails-documentation
index 7ef191d..36932d0 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-documentation
+++ b/config/chroot_local-includes/usr/local/bin/tails-documentation
@@ -17,4 +17,4 @@ else
FILE="${PAGE}.html"
fi
-exec /usr/bin/iceweasel "file://${WIKI_ROOT}/${FILE}"
+exec /usr/local/bin/tor-browser "file://${WIKI_ROOT}/${FILE}"
diff --git a/config/chroot_local-includes/usr/local/bin/tails-persistence-setup b/config/chroot_local-includes/usr/local/bin/tails-persistence-setup
index 036edba..01f029a 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-persistence-setup
+++ b/config/chroot_local-includes/usr/local/bin/tails-persistence-setup
@@ -5,5 +5,5 @@ set -e
RUN_AS_USER=tails-persistence-setup
xhost +SI:localuser:"$RUN_AS_USER"
-gksudo -u "$RUN_AS_USER" /usr/bin/tails-persistence-setup
+sudo -u "$RUN_AS_USER" /usr/bin/tails-persistence-setup $@
xhost -SI:localuser:"$RUN_AS_USER"
diff --git a/config/chroot_local-includes/usr/local/bin/tails-security-check b/config/chroot_local-includes/usr/local/bin/tails-security-check
index 44ec314..6611623 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-security-check
+++ b/config/chroot_local-includes/usr/local/bin/tails-security-check
@@ -184,7 +184,7 @@ sub is_not_fixed {
my $entry = shift;
assert_isa($entry, 'XML::Atom::Entry');
- ! grep { 'security/fixed' } categories($entry);
+ ! grep { $_ eq 'security/fixed' } categories($entry);
}
=head2 unfixed_entries
diff --git a/config/chroot_local-includes/usr/local/bin/tails-start-i2p b/config/chroot_local-includes/usr/local/bin/tails-start-i2p
deleted file mode 100755
index 1e062de..0000000
--- a/config/chroot_local-includes/usr/local/bin/tails-start-i2p
+++ /dev/null
@@ -1,133 +0,0 @@
-#!/usr/bin/perl
-
-use strict;
-use warnings;
-
-#man{{{
-
-=head1 NAME
-
-tails-start-i2p
-
-=head1 VERSION
-
-Version X.XX
-
-=head1 AUTHOR
-
-Tails dev team <amnesia@boum.org>
-See https://tails.boum.org/.
-
-=cut
-
-#}}}
-
-use Desktop::Notify;
-use Locale::gettext;
-use POSIX;
-
-### initialization
-setlocale(LC_MESSAGES, "");
-textdomain("tails");
-
-### helper subs
-
-# TODO: get router port (default 7657) from /etc/i2p/clients.config
-sub get_router_port {
- return 7657;
-}
-
-# TODO: more perlish way to do below?
-# TODO: use netstat -p, check that a child of i2psvc runs the router console
-sub router_status {
- return !system("netstat -nl -A inet,inet6 | grep -qe \"\\(127\\.0\\.0\\.1\\|::1\\):" . get_router_port() . "\"");
-}
-
-sub open_router_console {
- system("/usr/bin/iceweasel http://127.0.0.1:" . get_router_port());
-}
-
-sub start_i2psvc {
- system("/usr/bin/gksu /etc/init.d/i2p start");
-}
-
-sub stop_i2psvc {
- system("/usr/bin/gksu /etc/init.d/i2p start");
-}
-
-### main
-
-my $notify = Desktop::Notify->new();
-
-my $summary = gettext("Starting I2P...");
-my $body = gettext("The I2P router console will be opened on start.");
-
-my $notification = $notify->create(summary => $summary,
- body => $body,
- timeout => 0);
-
-$notification->show();
-
-my $tordate_done_file = '/var/run/tordate/done';
-my $tordate_wait = 0;
-
-# There was a "fix" in i2p 0.8.8 for handling clock jumps and skews which seems
-# to be broken -- a jump during i2p bootstrap leads to i2p starting in a non-
-# working state, as does starting i2p when the clock is off too much. Hence, for
-# simplicity, we make i2p dependent on tordate. The real fix will be when
-# i2p gets its act together and handles these problems correctly.
-until (-e $tordate_done_file) {
- if ($tordate_wait > 60) {
- $notification->close();
- $summary = gettext("I2P failed to start");
- $body = gettext("Make sure that you have a working Internet " .
- "connection, then try to start I2P again.");
- $notification = $notify->create(summary => $summary,
- body => $body,
- timeout => 60000);
- $notification->show();
- exit 1;
- }
- sleep(1);
- $tordate_wait++;
-}
-
-my $htpdate_done_file = '/var/run/htpdate/done';
-my $htpdate_wait = 0;
-
-# We also need to wait for htpdate for same the reason as
-# above. However, tordate will set the clock so that it is correct
-# enough for I2P to work (it can operate with +/- 2 hours clock skew)
-# so we optimistically try to start I2P even if htpdate doesn't
-# finish.
-until (-e $htpdate_done_file || $htpdate_wait > 120) {
- sleep(1);
- $htpdate_wait++;
-}
-
-start_i2psvc();
-
-my $t = 0;
-my $timeout = 180;
-while ($t < $timeout && !router_status()) {
- $t++;
- sleep 1;
-}
-
-$notification->close();
-
-if (router_status()) {
- open_router_console();
- exit 0;
-} else {
- stop_i2psvc();
- $summary = gettext("I2P failed to start");
- $body = gettext("Something went wrong when I2P was starting. Look in " .
- "the logs in the following directory for " .
- "more information:") . "\n\t/var/log/i2p/";
- $notification = $notify->create(summary => $summary,
- body => $body,
- timeout => 60000);
- $notification->show();
- exit 1;
-}
diff --git a/config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper b/config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper
index c6176a2..1018bd0 100755
--- a/config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper
+++ b/config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper
@@ -74,9 +74,5 @@ check_free_memory "$MIN_MEMFREE" "$MIN_TOTAL_MEMFREE"
cd /
xhost +SI:localuser:"$RUN_AS_USER"
-if [ $# -gt 0 ] ; then
- gksudo -u "$RUN_AS_USER" "/usr/bin/tails-upgrade-frontend $@"
-else
- gksudo -u "$RUN_AS_USER" /usr/bin/tails-upgrade-frontend
-fi
+sudo -u "$RUN_AS_USER" /usr/bin/tails-upgrade-frontend $@
xhost -SI:localuser:"$RUN_AS_USER"
diff --git a/config/chroot_local-includes/usr/local/bin/tor-browser b/config/chroot_local-includes/usr/local/bin/tor-browser
new file mode 100755
index 0000000..09b2b2a
--- /dev/null
+++ b/config/chroot_local-includes/usr/local/bin/tor-browser
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+
+# Do not "set -u", else importing gettext.sh dies
+# with "ZSH_VERSION: parameter not set".
+set -e
+
+. gettext.sh
+TEXTDOMAIN="tails"
+export TEXTDOMAIN
+
+PROFILE="${HOME}/.tor-browser/profile.default"
+
+# Import exec_firefox() and configure_best_tor_browser_locale()
+. /usr/local/lib/tails-shell-library/tor-browser.sh
+
+ask_for_confirmation() {
+ local dialog_title="`gettext \"Tor is not ready\"`"
+ local dialog_text="`gettext \"Tor is not ready. Start Tor Browser anyway?\"`"
+ local dialog_start="`gettext \"Start Tor Browser\"`"
+ local dialog_cancel="`gettext \"Cancel\"`"
+ # zenity can't set the default button to cancel, so we switch the
+ # labels and interpret the return value as its negation.
+ ! zenity --question \
+ --title "$dialog_title" --text="$dialog_text" \
+ --cancel-label "$dialog_start" --ok-label "$dialog_cancel"
+}
+
+tor_has_bootstrapped() {
+ sudo -n -u debian-tor /usr/local/sbin/tor-has-bootstrapped
+}
+
+# Workaround bug #8036 by copying any localized search plugins into
+# the profile.
+enable_localized_searchplugins() {
+ local locale plugin
+ locale=$(cat "${PROFILE}"/preferences/0000locale.js | \
+ sed 's@^pref("general\.useragent\.locale", "\([^"]*\)");$@\1@')
+ if [ "${locale}" = en-US ] || [ -e "${PROFILE}"/searchplugins ]; then
+ return
+ fi
+ # Fallback to a similar locale if there is no exact match
+ plugin="$(ls -1 "${TBB_INSTALL}"/distribution/searchplugins/locale/ | grep -m1 "^${locale}\(-[A-Z]\+\)\?$" || true)"
+ if [ -n "${plugin}" ]; then
+ mkdir -p "${PROFILE}"/searchplugins
+ # The plugins do not load if they are symlinks
+ cp --dereference "${TBB_INSTALL}"/distribution/searchplugins/locale/"${plugin}"/* "${PROFILE}"/searchplugins
+ fi
+}
+
+start_browser() {
+ if [ ! -d "${PROFILE}" ]; then
+ /usr/local/bin/generate-tor-browser-profile
+ fi
+
+ configure_best_tor_browser_locale "${PROFILE}"
+
+ # Workaround bug #8036
+ enable_localized_searchplugins
+
+ if [ -z "$XAUTHORITY" ]; then
+ XAUTHORITY=~/.Xauthority
+ export XAUTHORITY
+ fi
+
+ unset SESSION_MANAGER
+
+ exec_firefox -allow-remote --class "Tor Browser" -profile "${PROFILE}" "${@}"
+}
+
+
+if tor_has_bootstrapped || ask_for_confirmation; then
+ # Torbutton 1.5.1+ uses those environment variables
+ export TOR_SOCKS_HOST='127.0.0.1'
+ export TOR_SOCKS_PORT='9150'
+
+ start_browser "${@}"
+fi