unsafe-browser 5 KB
Newer Older
1
#!/bin/sh
2

3 4
set -e

5 6
# Import tor_is_working()
. /usr/local/lib/tails-shell-library/tor.sh
7

8
# Import the TBB_EXT variable, and guess_best_tor_browser_locale().
9 10
. /usr/local/lib/tails-shell-library/tor-browser.sh

Tails developers's avatar
Tails developers committed
11
# Import localized_tails_doc_page().
12 13
. /usr/local/lib/tails-shell-library/localization.sh

Tails developers's avatar
Tails developers committed
14 15 16 17
# Import try_cleanup_browser_chroot(), setup_browser_chroot(),
# configure_chroot_dns_servers(), configure_chroot_browser(),
# configure_chroot_browser(), set_chroot_browser_locale()
# set_chroot_browser_name(), set_chroot_browser_permissions()
18
# and run_browser_in_chroot().
19 20
. /usr/local/lib/tails-shell-library/chroot-browser.sh

21
error () {
22 23
    local cli_text="${CMD}: `gettext \"error:\"` ${@}"
    local dialog_text="<b><big>`gettext \"Error\"`</big></b>
24

25
${@}"
26
    echo "${cli_text}" >&2
27
    sudo -u "${SUDO_USER}" zenity --error --title "" --text "${dialog_text}"
28 29 30
    exit 1
}

31 32
verify_start () {
    # Make sure the user really wants to start the browser
33
    local dialog_msg="<b><big>`gettext \"Do you really want to launch the Unsafe Browser?\"`</big></b>
34

Tails developers's avatar
Tails developers committed
35
`gettext \"Network activity within the Unsafe Browser is <b>not anonymous</b>. Only use the Unsafe Browser if necessary, for example if you have to login or register to activate your Internet connection.\"`"
36 37 38 39
    local launch="`gettext \"_Launch\"`"
    local exit="`gettext \"_Exit\"`"
    # Since zenity can't set the default button to cancel, we switch the
    # labels and interpret the return value as its negation.
40
    if sudo -u "${SUDO_USER}" zenity --question --title "" --ok-label "${exit}" \
41
       --cancel-label "${launch}" --text "${dialog_msg}"; then
42 43 44
        exit 0
    fi
}
45

46 47 48
show_start_notification () {
    local title="`gettext \"Starting the Unsafe Browser...\"`"
    local body="`gettext \"This may take a while, so please be patient.\"`"
49
    tails-notify-user "${title}" "${body}" 10000
50 51 52 53 54
}

show_shutdown_notification () {
    local title="`gettext \"Shutting down the Unsafe Browser...\"`"
    local body="`gettext \"This may take a while, and you may not restart the Unsafe Browser until it is properly shut down.\"`"
55
    tails-notify-user "${title}" "${body}" 10000
56 57
}

58 59 60 61 62
maybe_restart_tor () {
    # Restart Tor if it's not working (a captive portal may have prevented
    # Tor from bootstrapping, and a restart is the fastest way to get
    # wheels turning)
    if ! tor_is_working; then
63
        echo "* Restarting Tor"
64
        restart-tor
65
        if ! service tor status; then
66 67
            error "`gettext \"Failed to restart Tor.\"`"
        fi
68 69
    fi
}
70

71 72
# Main script:

73 74
CMD=$(basename "${0}")
LOCK="/var/lock/${CMD}"
75 76 77 78 79

. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN

80 81 82 83 84
CONF_DIR="/var/lib/unsafe-browser"
COW="${CONF_DIR}/cow"
CHROOT="${CONF_DIR}/chroot"
BROWSER_NAME="unsafe-browser"
BROWSER_USER="clearnet"
Tails developers's avatar
Tails developers committed
85
HUMAN_READABLE_NAME="`gettext \"Unsafe Browser\"`"
86
NM_ENV_FILE="/var/lib/NetworkManager/env"
87
WARNING_PAGE='/usr/share/doc/tails/website/misc/unsafe_browser_warning'
88
HOME_PAGE="$(localized_tails_doc_page "${WARNING_PAGE}")"
89

90
# Prevent multiple instances of the script.
91
exec 9>"${LOCK}"
92 93 94 95
if ! flock -x -n 9; then
    error "`gettext \"Another Unsafe Browser is currently running, or being cleaned up. Please retry in a while.\"`"
fi

96
# Get the DNS servers that was obtained from NetworkManager, if any...
97
if [ -r "${NM_ENV_FILE}" ]; then
98 99 100 101
    # We also check that the file we are gonna *source* doesn't
    # contain any unexpected data, like (potentially malicious) shell
    # script. Note that while the regex used for deciding IP addresses
    # is far from perfect, it serves our purpose here.
102
    IP4_REGEX='[0-9]{1,3}(\.[0-9]{1,3}){3}'
103
    NAMESERVERS_REGEX="^IP4_NAMESERVERS=\"${IP4_REGEX}\"$"
104
    if grep --extended-regexp -qv "${NAMESERVERS_REGEX}" "${NM_ENV_FILE}"; then
105 106
        error "`gettext \"NetworkManager passed us garbage data when trying to deduce the clearnet DNS server.\"`"
    fi
Tails developers's avatar
Tails developers committed
107
    # Import the IP4_NAMESERVERS variable.
108
    eval "$(grep --extended-regexp "${NAMESERVERS_REGEX}" "${NM_ENV_FILE}")"
109 110 111 112 113
fi
# ... otherwise fail.
# FIXME: Or would it make sense to fallback to Google's DNS or OpenDNS?
# Some stupid captive portals may allow DNS to any host, but chances are
# that only the portal's DNS would forward to the login page.
114
if [ -z "${IP4_NAMESERVERS}" ]; then
Tails developers's avatar
Tails developers committed
115
    error "`gettext \"No DNS server was obtained through DHCP or manually configured in NetworkManager.\"`"
116 117
fi

118
verify_start
119
show_start_notification
120

121
echo "* Setting up chroot"
122
setup_chroot_for_browser "${CHROOT}" "${COW}" "${BROWSER_USER}" || \
123
    error "`gettext \"Failed to setup chroot.\"`"
124

125
echo "* Configuring chroot"
126 127 128 129
configure_chroot_browser "${CHROOT}" "${BROWSER_USER}" "${BROWSER_NAME}" \
    "${HUMAN_READABLE_NAME}" "${HOME_PAGE}" "${IP4_NAMESERVERS}" \
    "${TBB_EXT}"/langpack-*.xpi || \
        error "`gettext \"Failed to configure browser.\"`"
130

131
echo "* Starting Unsafe Browser"
132
run_browser_in_chroot "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" \
133 134
    "${SUDO_USER}" || \
    error "`gettext \"Failed to run browser.\"`"
135 136

echo "* Exiting the Unsafe Browser"
137
show_shutdown_notification
138
maybe_restart_tor
139 140

exit 0