summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/chroot_local-hooks/11-localize_browser4
-rwxr-xr-xconfig/chroot_local-hooks/12-generate-ublock-origin-filter7
-rwxr-xr-xconfig/chroot_local-hooks/15-tor-browser-bookmarks7
-rwxr-xr-xconfig/chroot_local-hooks/19-install-tor-browser-AppArmor-profile5
-rwxr-xr-xconfig/chroot_local-hooks/20-dconf_update5
-rwxr-xr-xconfig/chroot_local-hooks/50-dkms7
-rwxr-xr-xconfig/chroot_local-hooks/52-udev-watchdog7
-rwxr-xr-xconfig/chroot_local-hooks/54-menu5
-rwxr-xr-xconfig/chroot_local-hooks/60-copy-syslinux-modules3
-rwxr-xr-xconfig/chroot_local-hooks/70-wget2
-rwxr-xr-xconfig/chroot_local-hooks/98-remove_unwanted_files3
-rwxr-xr-xconfig/chroot_local-hooks/98-remove_unwanted_packages6
-rwxr-xr-xconfig/chroot_local-hooks/99-initramfs-compress5
-rw-r--r--config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing11
-rw-r--r--config/chroot_local-includes/usr/local/lib/tails-shell-library/build.sh20
-rw-r--r--config/chroot_local-packageslists/tails-common.list1
-rw-r--r--features/config/defaults.yml2
-rw-r--r--features/step_definitions/common_steps.rb6
18 files changed, 81 insertions, 25 deletions
diff --git a/config/chroot_local-hooks/11-localize_browser b/config/chroot_local-hooks/11-localize_browser
index 2e33654..c46a046 100755
--- a/config/chroot_local-hooks/11-localize_browser
+++ b/config/chroot_local-hooks/11-localize_browser
@@ -11,12 +11,14 @@ echo "Localize each supported browser locale"
# Import language_code_from_locale()
. /usr/local/lib/tails-shell-library/localization.sh
-# Import strip_nondeterminism_wrapper()
+# Import strip_nondeterminism_wrapper() and build_hook_dependency()
. /usr/local/lib/tails-shell-library/build.sh
# Import TAILS_WIKI_SUPPORTED_LANGUAGES
. /etc/amnesia/environment
+build_hook_dependency p7zip imagemagick
+
TBB_LOCALIZED_SEARCHPLUGINS_DIR="${TBB_INSTALL}/distribution/searchplugins/locale/"
BROWSER_LOCALIZATION_DIR="/usr/share/tails/browser-localization"
DESCRIPTIONS_FILE="${BROWSER_LOCALIZATION_DIR}/descriptions"
diff --git a/config/chroot_local-hooks/12-generate-ublock-origin-filter b/config/chroot_local-hooks/12-generate-ublock-origin-filter
index bfb85a1..3d7796d 100755
--- a/config/chroot_local-hooks/12-generate-ublock-origin-filter
+++ b/config/chroot_local-hooks/12-generate-ublock-origin-filter
@@ -4,7 +4,10 @@ set -e
echo "Converting uBlock database dump into sqlite blob"
-apt-get install --yes sqlite3
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency sqlite3
DUMP="/usr/share/tails/ublock-origin/ublock0.dump"
DATABASE="/etc/tor-browser/profile/extension-data/ublock0.sqlite"
@@ -18,5 +21,3 @@ mkdir -p "$(dirname "${DATABASE}")"
sed ':a;N;$!ba;s_\r\n__g' "${DUMP}" | sqlite3 "${DATABASE}"
echo "Created uBlock sqlite blob successfully"
-
-apt-get purge --yes sqlite3
diff --git a/config/chroot_local-hooks/15-tor-browser-bookmarks b/config/chroot_local-hooks/15-tor-browser-bookmarks
index c75f765..a8623c6 100755
--- a/config/chroot_local-hooks/15-tor-browser-bookmarks
+++ b/config/chroot_local-hooks/15-tor-browser-bookmarks
@@ -4,6 +4,11 @@ set -e
echo "Set up Tor Browser bookmarks"
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency sqlite3
+
# Create a symlink to places.sqlite in browser profile from a
# dedicated "bookmarks" directory, so that it can be easily made
# persistent
@@ -11,8 +16,6 @@ ln -s /home/amnesia/.mozilla/firefox/bookmarks/places.sqlite \
/etc/skel/.tor-browser/profile.default/places.sqlite
# Create the bookmarks database
-apt install --yes sqlite3
sqlite3 /etc/skel/.mozilla/firefox/bookmarks/places.sqlite \
< /etc/skel/.mozilla/firefox/bookmarks/places.sqlite.in
-apt purge --yes sqlite3
rm /etc/skel/.mozilla/firefox/bookmarks/places.sqlite.in
diff --git a/config/chroot_local-hooks/19-install-tor-browser-AppArmor-profile b/config/chroot_local-hooks/19-install-tor-browser-AppArmor-profile
index b2bc494..5a5d8cb 100755
--- a/config/chroot_local-hooks/19-install-tor-browser-AppArmor-profile
+++ b/config/chroot_local-hooks/19-install-tor-browser-AppArmor-profile
@@ -4,6 +4,11 @@ set -e
echo "Installing AppArmor profile for Tor Browser"
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency patch
+
PATCH='/usr/share/tails/torbrowser-AppArmor-profile.patch'
PROFILE='/etc/apparmor.d/torbrowser'
diff --git a/config/chroot_local-hooks/20-dconf_update b/config/chroot_local-hooks/20-dconf_update
index 95b2b1f..3508d19 100755
--- a/config/chroot_local-hooks/20-dconf_update
+++ b/config/chroot_local-hooks/20-dconf_update
@@ -7,5 +7,10 @@ set -e
echo "Updating the system DConf databases"
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency dconf-cli
+
dconf update
chmod 0644 /etc/dconf/db/local
diff --git a/config/chroot_local-hooks/50-dkms b/config/chroot_local-hooks/50-dkms
index 2061aa8..e631531 100755
--- a/config/chroot_local-hooks/50-dkms
+++ b/config/chroot_local-hooks/50-dkms
@@ -7,11 +7,14 @@ echo "Building dkms modules"
. /usr/share/amnesia/build/variables
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
# the -dkms package must be installed *after* dkms to be properly registered
-apt-get install --yes build-essential dkms
+build_hook_dependency build-essential dkms
# Installing the headers triggers the building of the modules for that kernel
-apt-get install --yes \
+build_hook_dependency \
"linux-headers-${KERNEL_VERSION}-amd64" \
aufs-dkms \
virtualbox-guest-dkms
diff --git a/config/chroot_local-hooks/52-udev-watchdog b/config/chroot_local-hooks/52-udev-watchdog
index 504013a..9e9e81a 100755
--- a/config/chroot_local-hooks/52-udev-watchdog
+++ b/config/chroot_local-hooks/52-udev-watchdog
@@ -6,12 +6,13 @@ set -e
echo "Compiling and installing a custom udev-watchdog program"
-apt-get install --yes build-essential binutils libudev-dev
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency build-essential binutils libudev-dev
SRC="/usr/src/udev-watchdog.c"
DST="/usr/local/sbin/udev-watchdog"
gcc -o "$DST" "$SRC" -Wall -ludev -lrt
strip --strip-all "$DST"
-
-apt-get --yes purge libudev-dev
diff --git a/config/chroot_local-hooks/54-menu b/config/chroot_local-hooks/54-menu
index 316cf2b..ef6ff20 100755
--- a/config/chroot_local-hooks/54-menu
+++ b/config/chroot_local-hooks/54-menu
@@ -4,6 +4,11 @@ set -e
echo "Registering and tweaking menus"
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency xdg-utils
+
for app in tails-installer tails-persistence-delete tails-persistence-setup tails-about tails-documentation; do
xdg-desktop-menu install --novendor \
/usr/share/desktop-directories/Tails.directory \
diff --git a/config/chroot_local-hooks/60-copy-syslinux-modules b/config/chroot_local-hooks/60-copy-syslinux-modules
index e81af08..d292663 100755
--- a/config/chroot_local-hooks/60-copy-syslinux-modules
+++ b/config/chroot_local-hooks/60-copy-syslinux-modules
@@ -2,7 +2,8 @@
set -e
-# Make syslinux 6.x packaging play well with live-build 2.x
+echo 'Adapting syslinux 6.x packaging to play well with live-build 2.x'
+
cp -a /usr/lib/syslinux/modules/bios/ifcpu64.c32 \
/usr/lib/syslinux/modules/bios/vesamenu.c32 \
/usr/lib/ISOLINUX/isolinux.bin \
diff --git a/config/chroot_local-hooks/70-wget b/config/chroot_local-hooks/70-wget
index c10cc80..291824f 100755
--- a/config/chroot_local-hooks/70-wget
+++ b/config/chroot_local-hooks/70-wget
@@ -1,6 +1,8 @@
#!/bin/sh
set -e
+echo 'Configuring wget'
+
# We don't want the real binary to be in $PATH:
# Also note that wget uses the executable name in some help/error messages,
# so wget-real/etc. should be avoided.
diff --git a/config/chroot_local-hooks/98-remove_unwanted_files b/config/chroot_local-hooks/98-remove_unwanted_files
index b6cf6c9..d7ea10f 100755
--- a/config/chroot_local-hooks/98-remove_unwanted_files
+++ b/config/chroot_local-hooks/98-remove_unwanted_files
@@ -18,9 +18,6 @@ rm $POTFILES_DOT_IN
# (by the 10-tbb hook)
rm /usr/share/tails/tbb-*.txt
-# This shell library is only used during build
-rm /usr/local/lib/tails-shell-library/build.sh
-
# Remove the snakeoil SSL key pair generated by ssl-cert
find /etc/ssl/certs /etc/ssl/private |
while read f; do
diff --git a/config/chroot_local-hooks/98-remove_unwanted_packages b/config/chroot_local-hooks/98-remove_unwanted_packages
index d56a910..235ca2a 100755
--- a/config/chroot_local-hooks/98-remove_unwanted_packages
+++ b/config/chroot_local-hooks/98-remove_unwanted_packages
@@ -13,16 +13,14 @@ echo "Removing unwanted packages"
# - cpp, cpp-* (big parts of GNOME depend on it)
apt-get --yes purge \
'^linux-kbuild-*' \
- '^linux-headers-*' \
- build-essential debhelper dkms dpkg-dev \
+ debhelper dpkg-dev \
gcc gcc-6 \
intltool-debian \
libc6-dev linux-libc-dev \
make \
po-debconf \
rsyslog \
- libdvdcss-dev \
- equivs virtualbox-guest-dkms
+ libdvdcss-dev
### Deinstall a few unwanted packages that were pulled by tasksel
### since they have Priority: standard.
diff --git a/config/chroot_local-hooks/99-initramfs-compress b/config/chroot_local-hooks/99-initramfs-compress
index 32d5677..903c055 100755
--- a/config/chroot_local-hooks/99-initramfs-compress
+++ b/config/chroot_local-hooks/99-initramfs-compress
@@ -4,6 +4,11 @@ set -e
echo "Configuring compression of the initramfs"
+# Import build_hook_dependency()
+. /usr/local/lib/tails-shell-library/build.sh
+
+build_hook_dependency initramfs-tools xz-utils
+
# Compress the initramfs using a more size-wise efficient algorithm.
OPTS_FILE='/etc/initramfs-tools/initramfs.conf'
diff --git a/config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing b/config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing
index e27719a..cc9e4a1 100644
--- a/config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing
+++ b/config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing
@@ -29,7 +29,16 @@ rm /var/lib/systemd/catalog/database
# Delete non-deterministically generated files, that should not be shared among
# all Tails systems anyway. We don't ship SSHd, so we don't bother generating
# them at boot.
-rm -r /var/lib/monkeysphere/authentication/
+# We remove with -f due to a suspected race condition: it seems that
+# .../authentication/sphere/S.gpg-agent can be removed (by gpg-agent?)
+# *right after* `rm -r` has listed it, so that when `rm` tries to
+# remove it, it doesn't exist any more and it fails.
+if [ -d /var/lib/monkeysphere/authentication/ ]; then
+ rm -rf /var/lib/monkeysphere/authentication/
+else
+ echo 'Cannot remove /var/lib/monkeysphere/authentication/:' \
+ 'directory does not exist' >&2
+fi
# Empty non-deterministically generated file. If it exists and is empty, systemd
# will automatically set up a new unique ID. But if does not exist, systemd
diff --git a/config/chroot_local-includes/usr/local/lib/tails-shell-library/build.sh b/config/chroot_local-includes/usr/local/lib/tails-shell-library/build.sh
index d260f18..b3cd086 100644
--- a/config/chroot_local-includes/usr/local/lib/tails-shell-library/build.sh
+++ b/config/chroot_local-includes/usr/local/lib/tails-shell-library/build.sh
@@ -9,14 +9,28 @@ strip_nondeterminism_wrapper() {
apt-get --yes purge strip-nondeterminism '^libfile-stripnondeterminism-perl'
}
+# Ensure that the packages passed as arguments are installed. If they
+# are installed now, they will be marked as "automatically installed"
+# so the next `apt-get autoremove` action *unless* they are later
+# explicitly installed (or other packages depends on them).
+build_hook_dependency() {
+ # Filter out already installed packages from $@.
+ for p in "${@}"; do
+ shift
+ is_package_installed "${p}" && continue
+ set -- "${@}" "${p}"
+ done
+ [ -z "${@}" ] && return
+ apt-get install --yes "${@}"
+ apt-mark auto "${@}"
+}
+
install_fake_package() {
local name version section tmp control_file
name="${1}"
version="${2}"
section="${3:-misc}"
- if ! is_package_installed equivs; then
- apt-get install --yes equivs
- fi
+ build_hook_dependency equivs
tmp="$(mktemp -d)"
control_file="${tmp}/${name}_${version}.control"
cat > "${control_file}" << EOF
diff --git a/config/chroot_local-packageslists/tails-common.list b/config/chroot_local-packageslists/tails-common.list
index e156216..4ff742a 100644
--- a/config/chroot_local-packageslists/tails-common.list
+++ b/config/chroot_local-packageslists/tails-common.list
@@ -241,7 +241,6 @@ wireless-tools
xdg-user-dirs-gtk
xsel
xul-ext-torbirdy
-# needed for initramfs-tools' COMPRESS=xz
xz-utils
#if ARCHITECTURE amd64
diff --git a/features/config/defaults.yml b/features/config/defaults.yml
index 0c450ae..4d3dd3b 100644
--- a/features/config/defaults.yml
+++ b/features/config/defaults.yml
@@ -3,7 +3,7 @@ CAPTURE_ALL: false
INTERACTIVE_DEBUGGING: false
MAX_NEW_TOR_CIRCUIT_RETRIES: 10
SIKULI_RETRY_FINDFAILED: false
-SIKULI_FUZZY_IMAGE_MATCHING: false
+SIKULI_FUZZY_IMAGE_MATCHING: true
TMPDIR: "/tmp/TailsToaster"
Unsafe_SSH_private_key: |
diff --git a/features/step_definitions/common_steps.rb b/features/step_definitions/common_steps.rb
index fcf9699..0233da4 100644
--- a/features/step_definitions/common_steps.rb
+++ b/features/step_definitions/common_steps.rb
@@ -255,6 +255,12 @@ Given /^the computer (re)?boots Tails$/ do |reboot|
end
Given /^I log in to a new session(?: in )?(|German)$/ do |lang|
+
+# $vm.execute_successfully(
+# 'gsettings set org.gnome.settings-daemon.plugins.xsettings hinting "full"',
+# :user => LIVE_USER,
+# )
+
case lang
when 'German'
@language = "German"