unsafe-browser 5.06 KB
Newer Older
1
#!/bin/sh
2

3
set -e
4
set -u
5

6 7
# Import tor_is_working()
. /usr/local/lib/tails-shell-library/tor.sh
8

9
# Import the TBB_EXT variable, and guess_best_tor_browser_locale().
10 11
. /usr/local/lib/tails-shell-library/tor-browser.sh

Tails developers's avatar
Tails developers committed
12
# Import localized_tails_doc_page().
13 14
. /usr/local/lib/tails-shell-library/localization.sh

Tails developers's avatar
Tails developers committed
15 16 17 18
# Import try_cleanup_browser_chroot(), setup_browser_chroot(),
# configure_chroot_dns_servers(), configure_chroot_browser(),
# configure_chroot_browser(), set_chroot_browser_locale()
# set_chroot_browser_name(), set_chroot_browser_permissions()
19
# and run_browser_in_chroot().
20 21
. /usr/local/lib/tails-shell-library/chroot-browser.sh

22
error () {
23 24
    local cli_text="${CMD}: `gettext \"error:\"` ${@}"
    local dialog_text="<b><big>`gettext \"Error\"`</big></b>
25

26
${@}"
27
    echo "${cli_text}" >&2
28
    sudo -u "${SUDO_USER}" zenity --error --title "" --text "${dialog_text}"
29 30 31
    exit 1
}

32 33
verify_start () {
    # Make sure the user really wants to start the browser
34
    local dialog_msg="<b><big>`gettext \"Do you really want to launch the Unsafe Browser?\"`</big></b>
35

36
`gettext \"Network activity within the Unsafe Browser is <b>not anonymous</b>.\\nOnly use the Unsafe Browser if necessary, for example\\nif you have to login or register to activate your Internet connection.\"`"
37 38 39 40
    local launch="`gettext \"_Launch\"`"
    local exit="`gettext \"_Exit\"`"
    # Since zenity can't set the default button to cancel, we switch the
    # labels and interpret the return value as its negation.
41
    if sudo -u "${SUDO_USER}" zenity --question --title "" --ok-label "${exit}" \
42
       --cancel-label "${launch}" --text "${dialog_msg}"; then
43 44 45
        exit 0
    fi
}
46

47 48 49
show_start_notification () {
    local title="`gettext \"Starting the Unsafe Browser...\"`"
    local body="`gettext \"This may take a while, so please be patient.\"`"
50
    tails-notify-user "${title}" "${body}" 10000
51 52 53 54 55
}

show_shutdown_notification () {
    local title="`gettext \"Shutting down the Unsafe Browser...\"`"
    local body="`gettext \"This may take a while, and you may not restart the Unsafe Browser until it is properly shut down.\"`"
56
    tails-notify-user "${title}" "${body}" 10000
57 58
}

59 60 61 62 63
maybe_restart_tor () {
    # Restart Tor if it's not working (a captive portal may have prevented
    # Tor from bootstrapping, and a restart is the fastest way to get
    # wheels turning)
    if ! tor_is_working; then
64
        echo "* Restarting Tor"
65
        restart-tor
66
        if ! systemctl --quiet is-active tor@default.service; then
67 68
            error "`gettext \"Failed to restart Tor.\"`"
        fi
69 70
    fi
}
71

72 73
# Main script:

74
CMD="$(basename "${0}")"
75
LOCK="/var/lock/${CMD}"
76 77 78 79 80

. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN

81 82 83 84 85
CONF_DIR="/var/lib/unsafe-browser"
COW="${CONF_DIR}/cow"
CHROOT="${CONF_DIR}/chroot"
BROWSER_NAME="unsafe-browser"
BROWSER_USER="clearnet"
Tails developers's avatar
Tails developers committed
86
HUMAN_READABLE_NAME="`gettext \"Unsafe Browser\"`"
87
NM_ENV_FILE="/var/lib/NetworkManager/env"
88
WARNING_PAGE='/usr/share/doc/tails/website/misc/unsafe_browser_warning'
89
HOME_PAGE="$(localized_tails_doc_page "${WARNING_PAGE}")"
90

91
# Prevent multiple instances of the script.
92
exec 9>"${LOCK}"
93 94 95 96
if ! flock -x -n 9; then
    error "`gettext \"Another Unsafe Browser is currently running, or being cleaned up. Please retry in a while.\"`"
fi

97
# Get the DNS servers that was obtained from NetworkManager, if any...
98
if [ -r "${NM_ENV_FILE}" ]; then
99 100 101 102
    # We also check that the file we are gonna *source* doesn't
    # contain any unexpected data, like (potentially malicious) shell
    # script. Note that while the regex used for deciding IP addresses
    # is far from perfect, it serves our purpose here.
103
    IP4_REGEX='[0-9]{1,3}(\.[0-9]{1,3}){3}'
104
    NAMESERVERS_REGEX="^IP4_NAMESERVERS=\"(${IP4_REGEX}( ${IP4_REGEX})*)?\"$"
105
    if grep --extended-regexp -qv "${NAMESERVERS_REGEX}" "${NM_ENV_FILE}"; then
106 107
        error "`gettext \"NetworkManager passed us garbage data when trying to deduce the clearnet DNS server.\"`"
    fi
Tails developers's avatar
Tails developers committed
108
    # Import the IP4_NAMESERVERS variable.
109
    eval "$(grep --extended-regexp "${NAMESERVERS_REGEX}" "${NM_ENV_FILE}")"
110 111 112 113 114
fi
# ... otherwise fail.
# FIXME: Or would it make sense to fallback to Google's DNS or OpenDNS?
# Some stupid captive portals may allow DNS to any host, but chances are
# that only the portal's DNS would forward to the login page.
115
if [ -z "${IP4_NAMESERVERS:-}" ]; then
Tails developers's avatar
Tails developers committed
116
    error "`gettext \"No DNS server was obtained through DHCP or manually configured in NetworkManager.\"`"
117 118
fi

119
verify_start
120
show_start_notification
121

122
echo "* Setting up chroot"
123
setup_chroot_for_browser "${CHROOT}" "${COW}" "${BROWSER_USER}" || \
124
    error "`gettext \"Failed to setup chroot.\"`"
125

126
echo "* Configuring chroot"
127 128 129 130
configure_chroot_browser "${CHROOT}" "${BROWSER_USER}" "${BROWSER_NAME}" \
    "${HUMAN_READABLE_NAME}" "${HOME_PAGE}" "${IP4_NAMESERVERS}" \
    "${TBB_EXT}"/langpack-*.xpi || \
        error "`gettext \"Failed to configure browser.\"`"
131

132
echo "* Starting Unsafe Browser"
133
run_browser_in_chroot "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" \
134 135
    "${SUDO_USER}" || \
    error "`gettext \"Failed to run browser.\"`"
136 137

echo "* Exiting the Unsafe Browser"
138
show_shutdown_notification
139
maybe_restart_tor
140 141

exit 0