Commit 035cf102 authored by Tails developers's avatar Tails developers
Browse files

Merge remote branch 'origin/devel' into powerpc

Conflicts:
	auto/config
	config/amnesia
	config/chroot_local-hooks/51-module-assistant
	config/chroot_local-includes/etc/default/kexec
	config/chroot_local-includes/etc/memlockd.cfg
parents facb5249 99709755
......@@ -17,15 +17,14 @@
/config/chroot
/config/common
/config/source
/config/binary_local-includes/doc/amnesia/wiki
/config/chroot_local-includes/etc/amnesia/environment
/config/chroot_local-includes/etc/amnesia/version
/config/chroot_local-includes/home/amnesia/.gnome2/nautilus-scripts
/config/chroot_local-includes/usr/share/amnesia/readahead-list
/config/chroot_local-includes/usr/share/amnesia/build/variables
/config/chroot_local-includes/usr/share/doc/Changelog
/config/chroot_local-includes/usr/share/doc/amnesia/Changelog
/config/chroot_local-includes/usr/share/doc/amnesia/amnesia.asc
/config/chroot_local-includes/usr/share/doc/tails/website
/.lock
/.stage
/source
......@@ -18,6 +18,10 @@ rm -rf cache/stages_rootfs
# get LB_ARCHITECTURE and LB_DISTRIBUTION
. config/bootstrap
# get GIT_BRANCH
GIT_BRANCH="$(git branch --color=never | grep '^* ' | awk '{print $2}')"
CLEAN_GIT_BRANCH="$(echo $GIT_BRANCH | sed 's,/,_,g')"
# build the doc wiki
./build-wiki
......@@ -38,11 +42,16 @@ chmod -R go+rx config/chroot_local-includes/lib/live/config
chmod -R go+rX config/chroot_local-includes/usr
chmod -R go+rx config/chroot_local-includes/usr/local/bin
chmod -R go+rx config/chroot_local-includes/usr/local/sbin
chmod -R go+rX config/chroot_local-includes/usr/share/doc/tails
chmod -R go+rX config/chroot_apt
chmod -R go+rX config/chroot_sources
# build the image
: ${MKSQUASHFS_OPTIONS:='-comp xz'}
MKSQUASHFS_OPTIONS="${MKSQUASHFS_OPTIONS} -wildcards -ef chroot/usr/share/amnesia/build/mksquashfs-excludes"
export MKSQUASHFS_OPTIONS
case "$LB_BINARY_IMAGES" in
iso)
BUILD_FILENAME_EXT=iso
......@@ -65,7 +74,7 @@ case "$LB_BINARY_IMAGES" in
exit 1
;;
esac
BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${LB_DISTRIBUTION}-${AMNESIA_VERSION}-${AMNESIA_TODAY}"
BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_TODAY}"
BUILD_DEST_FILENAME="${BUILD_BASENAME}.${BUILD_FILENAME_EXT}"
BUILD_MANIFEST="${BUILD_DEST_FILENAME}.list"
BUILD_PACKAGES="${BUILD_DEST_FILENAME}.packages"
......@@ -77,7 +86,6 @@ if time eatmydata lb build noauto ${@} 2>&1 | tee "${BUILD_LOG}" ; then
echo "Image was successfully created"
echo "Renaming generated files..."
mv -i "${BUILD_FILENAME}.${BUILD_FILENAME_EXT}" "${BUILD_DEST_FILENAME}"
mv -i binary.list "${BUILD_MANIFEST}"
mv -i binary.packages "${BUILD_PACKAGES}"
else
echo "lb build failed." >&2
......
......@@ -34,5 +34,5 @@ rm -f config/chroot_local-includes/home/amnesia/.gnome2/nautilus-scripts/*
rm -f config/chroot_local-includes/usr/share/amnesia/build/variables
# static wiki
rm -rf config/binary_local-includes/doc wiki/src/.ikiwiki
rm -rf config/chroot_local-includes/usr/share/doc/tails/website wiki/src/.ikiwiki
find wiki/src -name *.pot -exec rm {} \;
......@@ -18,9 +18,12 @@ $RUN_LB_CONFIG \
--backports true \
--binary-images iso \
--binary-indices false \
--checksums none \
--isohybrid-options "$AMNESIA_ISOHYBRID_OPTS" \
--bootappend-live "${AMNESIA_APPEND}" \
--bootstrap "cdebootstrap" \
--archive-areas "main contrib non-free" \
--includes none \
--iso-application="The Amnesic Incognito Live System" \
--iso-publisher="https://tails.boum.org/" \
--iso-volume="TAILS ${AMNESIA_FULL_VERSION}" \
......@@ -37,7 +40,7 @@ hw_arch="`dpkg --print-architecture`"
if [ "$hw_arch" = i386 -o "$hw_arch" = amd64 ]; then
$RUN_LB_CONFIG \
--architecture i386 \
--linux-flavours 686 \
--linux-flavours 486 \
${@}
# build powerpc images on powerpc64 as well, include only powerpc kernel
elif [ "$hw_arch" = powerpc -o "$hw_arch" = powerpc64 ]; then
......
......@@ -11,7 +11,9 @@
# sourced by various other scripts.
# Base for the string that will be passed to "lb config --bootappend-live"
AMNESIA_APPEND="noswap live-media=removable nopersistent noprompt quiet"
# FIXME: see [[bugs/sdmem_on_eject_broken_for_CD]] for explanation why we
# need to set block.events_dfl_poll_msecs
AMNESIA_APPEND="noswap live-media=removable nopersistent noprompt quiet timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash"
AMNESIA_APPEND="${AMNESIA_APPEND} video=ofonly"
# Options passed to isohybrid
......
......@@ -29,11 +29,6 @@ case "${LB_BINARY_IMAGES}" in
;;
esac
# Remove help menu entry from menu.cfg
# Remove help menu entry from menu.cfg (and every line after)
CFG_FILE="${SYSLINUX_PATH}/menu.cfg"
ORIG_CFG_FILE="${CFG_FILE}.orig"
mv "${CFG_FILE}" "${ORIG_CFG_FILE}"
HELP_START="`grep --color=never --line-number --max-count=1 '^label help$' "${ORIG_CFG_FILE}" | awk -F':' '{print $1}'`"
KEEP_LINES="$(($HELP_START - 1))"
head -n "$KEEP_LINES" "${ORIG_CFG_FILE}" > "${CFG_FILE}"
rm -f "${ORIG_CFG_FILE}"
perl -pni -E 'exit if m{^label[[:blank:]]+help$}' "${CFG_FILE}"
......@@ -63,42 +63,42 @@ for LANG_CODE in ${AMNESIA_SUPPORTED_LANGUAGES}; do
case "${LANG_CODE}" in
ar)
LANG_NAME='^Arabic'
LANG_APPEND='locales=ar_EG.UTF-8 timezone=Africa/Cairo'
LANG_APPEND='locales=ar_EG.UTF-8 keyboard-layouts=us,ara'
;;
de)
LANG_NAME='^German'
LANG_APPEND='locales=de_DE.UTF-8 keyboard-layouts=de timezone=Europe/Berlin'
LANG_APPEND='locales=de_DE.UTF-8 keyboard-layouts=de'
;;
en)
LANG_NAME='^English'
LANG_APPEND='timezone=America/Detroit'
LANG_APPEND=''
;;
es)
LANG_NAME='^Spanish'
LANG_APPEND='locales=es keyboard-layouts=es timezone=Europe/Madrid'
LANG_APPEND='locales=es keyboard-layouts=es'
;;
fr)
LANG_NAME='^French'
LANG_APPEND='locales=fr_FR.UTF-8 keyboard-layouts=fr timezone=Europe/Paris'
LANG_APPEND='locales=fr_FR.UTF-8 keyboard-layouts=fr'
;;
it)
LANG_NAME='^Italian'
LANG_APPEND='locales=it keyboard-layouts=it timezone=Europe/Rome'
LANG_APPEND='locales=it keyboard-layouts=it'
;;
pt)
LANG_NAME='^Portuguese'
LANG_APPEND='locales=pt keyboard-layouts=pt timezone=Europe/Lisbon'
LANG_APPEND='locales=pt keyboard-layouts=pt'
;;
ru)
LANG_NAME='^Russian'
LANG_APPEND='locales=ru timezone=Europe/Moscow'
LANG_APPEND='locales=ru keyboard-layouts=us,ru'
;;
zh)
LANG_NAME='^Chinese'
LANG_APPEND='locales=zh_CN.UTF-8 timezone=Asia/Shanghai'
LANG_APPEND='locales=zh_CN.UTF-8'
;;
*)
Echo_error "Language ${LANG_CODE} is not supported yet, ask amnesia developpers!"
Echo_error "Language ${LANG_CODE} is not supported yet, ask Tails developpers!"
exit 17
;;
esac
......
@echo Load "doc\amnesia\wiki\index.html"...
@start doc\amnesia\wiki\index.en.html
@exit
This diff is collapsed.
Package: aircrack-ng
Package: eatmydata
Pin: origin backports.debian.org
Pin-Priority: 999
Package: florence
Pin: origin backports.debian.org
Pin-Priority: 999
Package: haveged
Pin: origin backports.debian.org
Pin-Priority: 999
Package: libgnupg-interface-perl
Pin: origin backports.debian.org
Pin-Priority: 999
Package: libio-socket-ssl-perl
Pin: origin backports.debian.org
Pin-Priority: 999
Package: libregexp-common-perl
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: eatmydata
Package: macchanger
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: monkeysphere
Pin: origin backports.debian.org
Pin-Priority: 999
Package: firmware-linux-free
Pin: release o=Debian,a=proposed-updates
Package: msva-perl
Pin: origin backports.debian.org
Pin-Priority: 999
Package: haveged
Package: plymouth
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: squashfs-tools
Pin: origin backports.debian.org
Pin-Priority: 999
Package: virtualbox-guest-dkms
Pin: origin backports.debian.org
Pin-Priority: 999
Package: virtualbox-guest-source
Pin: origin backports.debian.org
Pin-Priority: 999
Package: virtualbox-guest-utils
Pin: origin backports.debian.org
Pin-Priority: 999
Package: virtualbox-guest-x11
Pin: origin backports.debian.org
Pin-Priority: 999
Package: firmware-atheros
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-brcm80211
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-ipw2x00
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-iwlwifi
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-linux
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-linux-free
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-linux-nonfree
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-ralink
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: firmware-realtek
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: zd1211-firmware
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: initramfs-tools
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-base
Pin: release o=Debian,a=proposed-updates
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-headers-2.6.32-5-common
Pin: release o=Debian,a=proposed-updates
Package: linux-headers-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-headers-2.6-common
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-headers-2.6.32-5-686
Pin: release o=Debian,a=proposed-updates
Package: linux-headers-2.6-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-image-2.6.32-5-686
Pin: release o=Debian,a=proposed-updates
Package: linux-headers-3.0.0-2-common
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-libc-dev
Pin: release o=Debian,a=proposed-updates
Package: linux-headers-3.0.0-2-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: macchanger
Package: linux-image-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-image-2.6-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-image-3.0.0-2-486
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: linux-kbuild-3.0.0
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: laptop-mode-tools
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: xul-ext-cookie-monster
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: xul-ext-https-everywhere
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: xul-ext-torbutton
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: service-wrapper
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: libservice-wrapper-java
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: libservice-wrapper-jni
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: usb-modeswitch
Pin: origin backports.debian.org
Pin-Priority: 999
Package: usb-modeswitch-data
Pin: origin backports.debian.org
Pin-Priority: 999
Explanation: weirdness in chroot_apt install-binary
Package: *
Pin: release o=chroot_local-packages
......
#!/bin/sh
# Disable swapon to avoid initscripts to setup swap space.
# Rationale: security-in-depth model.
set -e
SWAPON=/sbin/swapon
rm --force $SWAPON
# Move any /sbin/swapon installed by any package out of the way,
# now (--rename) as well for any future one (hint: apt-get upgrade...).
dpkg-divert --rename --add /sbin/swapon
# Install a custom noop swapon executable instead.
cat > $SWAPON << 'EOF'
#!/bin/sh
/bin/true
......
......@@ -6,4 +6,4 @@ OPTS_FILE='/etc/initramfs-tools/initramfs.conf'
[ -f "${OPTS_FILE}" ] || exit 11
sed -i'' 's,^COMPRESS=.*,COMPRESS=lzma,' "${OPTS_FILE}"
sed -i'' 's,^COMPRESS=.*,COMPRESS=xz,' "${OPTS_FILE}"
#!/bin/sh
# This must be set in order for the i2p init script to work
sed -ie 's/^RUN_DAEMON=.*$/RUN_DAEMON="true"/' /etc/default/i2p
#!/bin/sh
# i2p should not start per default. At some point we might want this script to
# start during init if so selected in the boot options, but ATM users have to
# start the script manually.
update-rc.d -f i2p remove
......@@ -15,9 +15,16 @@ KERNEL_ARCH="$(basename ${KERNEL} | sed -e 's|.*-||')"
# the -dkms package must be installed *after* dkms to be properly registered
apt-get install --yes build-essential dkms dpatch linux-headers-2.6-${KERNEL_ARCH}
# temporary workaround: pretend gcc-4.5 is available, so that
# the modules can build.
# /usr/src/linux-headers-3.0.0-1-common/scripts/gcc-version.sh
# is the one who says they should be run using 4.5.
apt-get install --yes gcc-4.4
ln -s /usr/bin/gcc-4.4 /usr/bin/gcc-4.5
# dkms uses uname to find out what kernel to build modules for.
# So, after installing dkms, but before installing
# virtualbox-ose-guest-dkms, we divert uname to a fake one that
# virtualbox-guest-dkms, we divert uname to a fake one that
# emulates 'uname -r' by reporting the kernel version found in /boot rather
# than the build system's one.
......@@ -29,14 +36,17 @@ EOF
chmod 755 /bin/uname
# Have the modules automagically built by dkms.
apt-get install --yes virtualbox-ose-guest-dkms
apt-get install --yes virtualbox-guest-dkms
# Revert to the real uname.
mv /bin/uname.$$ /bin/uname
# clean the build directory
rm -rf /var/lib/dkms/virtualbox-ose-guest/
rm -rf /var/lib/dkms/virtualbox-guest/
# virtualbox-ose-guest-dkms's postrm script deletes any previously
# virtualbox-guest-dkms's postrm script deletes any previously
# built binary module; let's delete it before purging the package.
rm -f /var/lib/dpkg/info/virtualbox-ose-guest-dkms.prerm
rm -f /var/lib/dpkg/info/virtualbox-guest-dkms.prerm
# remove temporary workaround
rm -f /usr/bin/gcc-4.5
......@@ -15,8 +15,9 @@ ma_install_tools ()
ma_install_modules ()
{
for MODULE in $@ ; do
for KERNEL in /boot/vmlinux-* ; do
VERSION="$(basename ${KERNEL} | sed -e 's|vmlinux-||')"
for KERNEL in /boot/vmlinu[xz]-* ; do
VERSION="$(basename ${KERNEL} | sed -e 's|vmlinu[xz]-||')"
echo "module-assistant: installing module ${MODULE} for kernel ${VERSION}"
$MA --quiet auto-install ${MODULE} -l ${VERSION}
done
$MA clean ${MODULE}
......@@ -31,7 +32,7 @@ ma_cleanup ()
if [ -n "${MODULES}" ] ; then
ma_install_tools
ma_install_modules
ma_install_modules ${MODULES}
ma_cleanup
fi
......@@ -8,6 +8,8 @@ update-rc.d tails-kexec stop 85 0 6 .
update-rc.d tails-wifi start 17 S .
update-rc.d memlockd start 22 2 3 4 5 .
update-rc.d tails-sdmem-on-media-removal start 23 2 3 4 5 . stop 01 0 6
update-rc.d tails-reconfigure-kexec defaults
update-rc.d tails-reconfigure-memlockd defaults
# we run Tor ourselves after HTP via NetworkManager hooks
update-rc.d tor disable
......@@ -22,3 +24,17 @@ update-rc.d -f kexec remove
# we use kexec on halt too => enable kexec-load initscript on runlevel 0 as well
update-rc.d -f kexec-load remove
update-rc.d kexec-load stop 18 0 6 .
# i2p should not start per default. At some point we want some script to start
# i2p during init if so selected in tails-greeter, but ATM users have to start
# the i2p script manually.
update-rc.d -f i2p remove
# we only want hdparm so that laptop-mode-tools can use it
update-rc.d hdparm disable
# don't use plymouth at shutdown/reboot
# (plymouth.postinst creates links using update-rc.d,
# so we cannot disable the links it creates by using LSB headers)
rm -f /etc/rc[06].d/*plymouth
#!/bin/sh
echo "Creating kernel and ramdisk symlinks"
# Get version information for the (newest) installed kernel.
KERNEL="`/bin/ls -1 /boot/vmlinuz-* | tail -n 1`"
INITRD="`/bin/ls -1 /boot/initrd.img-* | tail -n 1`"
if [ ! -e /vmlinuz ]; then
ln -s "$KERNEL" /vmlinuz
fi
if [ ! -e /initrd.img ]; then
ln -s "$INITRD" /initrd.img
fi
......@@ -5,12 +5,15 @@ echo "Removing unwanted files"
# Get AMNESIA_SUPPORTED_LANGUAGES
. /usr/share/amnesia/build/variables
rm -f /usr/share/icons/gnome/icon-theme.cache
rm -rf \
/usr/share/inkscape/examples \
/usr/share/inkscape/tutorials
find /usr/share/doc -type f -name changelog.gz -exec rm "{}" \;
find /usr/share/doc -type f -name changelog.Debian.gz -exec rm "{}" \;
find /usr/share/doc -type f -name NEWS.Debian.gz -exec rm "{}" \;
locales=$(echo "$AMNESIA_SUPPORTED_LANGUAGES" | sed 's/ /|/g')
find /usr/share/scribus-ng/translations \
......@@ -18,12 +21,10 @@ find /usr/share/scribus-ng/translations \
-regextype 'posix-egrep' -not -regex ".*scribus\.(${locales}).*" \
-exec rm "{}" \;
# Remove links to unsuitable GNOME preferences tools.
rm -f \
/usr/share/applications/gnome-about-me.desktop \
/usr/share/applications/gnome-network-properties.desktop
rm -rf /tmp/*
find /usr -name "*.pyc" -print0 | xargs -0r rm -f
# Remove links to unsuitable GDM tools.
rm -f \
/usr/share/gdm/applications/gdmflexiserver*.desktop \
/usr/share/gdm/applications/gdmsetup.desktop
# truncate logs
for file in $(find /var/log/ -type f); do
: > "${file}"
done
......@@ -21,7 +21,7 @@ apt-get --yes purge \
make \
module-assistant \
po-debconf \
virtualbox-ose-guest-dkms
virtualbox-guest-dkms
### Deinstall a few unwanted packages that were pulled by tasksel
### since they have Priority: standard.
......@@ -32,7 +32,7 @@ apt-get --yes purge \
### Deinstall some other unwanted packages.
apt-get --yes purge \
tasksel tasksel-data
aptitude live-build tasksel tasksel-data
### Deinstall dependencies of the just removed packages.
apt-get --yes --purge autoremove
......@@ -40,7 +40,7 @@ apt-get --yes --purge autoremove
### Deinstall gnome-core and some of its new dependencies.
# We do this last as we don't want apt-get autoremove to deinstall all
# gnome-core and gnome-utils dependencies.
# gnome-core dependencies.
# - gnome-core itself
apt-get --yes purge gnome-core
......@@ -52,5 +52,5 @@ apt-get --yes purge \
# - others
apt-get --yes purge \
baobab gnome-dictionary gnome-screensaver gnome-screenshot gnome-keyring \
gnome-screensaver gnome-keyring \
gnome-user-guide