Commit 082d912e authored by intrigeri's avatar intrigeri
Browse files

Merge remote-tracking branch 'origin/devel' into bugfix/15116-newer-nouveau-xorg-driver

parents 3bffbc81 b18c97e3
......@@ -4,5 +4,5 @@ Encoding=UTF-8
_Name=Tails documentation
Type=Application
Terminal=false
Exec=/usr/local/bin/tails-documentation getting_started
Exec=/usr/local/bin/tails-documentation doc
Icon=/usr/share/icons/gnome/48x48/categories/system-help.png
......@@ -12,6 +12,7 @@
import os
import subprocess
import random
import re
import locale
import gettext
......@@ -173,7 +174,7 @@ def mail_appended_info():
process = subprocess.Popen (["sudo", "/usr/local/sbin/tails-debugging-info"],
stdout=subprocess.PIPE)
for line in process.stdout:
debugging_info += line.decode('utf-8')
debugging_info += re.sub(r'^--\s*', '', line.decode('utf-8'))
process.wait()
except OSError:
debugging_info += "sudo command not found\n"
......
......@@ -87,7 +87,7 @@ class DocumentationWindow(tailsgreeter.gui.GreeterHelpWindow):
try:
page = sys.argv[1]
except IndexError:
page = 'getting_started'
page = 'doc'
try:
anchor = sys.argv[2]
......
......@@ -59,7 +59,7 @@ class PasswordDialog(object):
if not pw1 == pw2:
return
self.pw = pw1.encode('ascii')
self.pw = pw1.encode('utf8')
bus = SystemBus()
object_path = bus.get("org.freedesktop.Accounts").FindUserById(os.getuid())
......
......@@ -6,5 +6,5 @@ _Comment=Learn how to use Tails
Categories=Documentation;Tails;
Type=Application
Terminal=false
Exec=/usr/local/bin/tails-documentation getting_started
Exec=/usr/local/bin/tails-documentation doc
Icon=/usr/share/icons/gnome/48x48/categories/system-help.png
--- a/etc/apparmor.d/usr.bin.thunderbird.orig 2018-01-09 20:30:54.000000000 +0000
+++ b/etc/apparmor.d/usr.bin.thunderbird 2018-02-23 14:48:02.180000000 +0000
--- a/etc/apparmor.d/usr.bin.thunderbird.orig 2018-01-09 20:30:54.000000000 +0000
+++ b/etc/apparmor.d/usr.bin.thunderbird 2018-02-23 14:48:02.180000000 +0000
@@ -16,7 +16,6 @@
# TODO: finetune this for required accesses
#include <abstractions/dbus>
......@@ -37,18 +37,17 @@
- /usr/bin/pulseaudio Pixr,
-
owner @{HOME}/.{cache,config}/dconf/user rw,
owner @{HOME}/.cache/thumbnails/** r,
owner /run/user/[0-9]*/dconf/user rw,
owner @{HOME}/.config/gtk-3.0/bookmarks r,
@@ -107,6 +96,8 @@
/etc/gre.d/* r,
@@ -113,6 +102,7 @@
# noisy
+ deny /etc/dconf/profile/user r,
/etc/dconf/profile/user r,
+ deny /etc/machine-id r,
deny @{MOZ_LIBDIR}/** w,
deny /usr/lib/thunderbird-addons/** w,
deny /usr/lib/xulrunner-addons/** w,
@@ -138,7 +129,6 @@
@@ -239,7 +229,6 @@
/etc/lsb-release r,
/etc/ssl/openssl.cnf r,
/usr/lib/thunderbird/crashreporter ix,
......@@ -56,43 +55,9 @@
/sys/devices/system/cpu/ r,
/sys/devices/system/cpu/** r,
@@ -190,15 +180,6 @@
deny /usr/share/mozilla/extensions/**/ w,
deny /usr/share/mozilla/ w,
- # Miscellaneous (to be abstracted)
- # Ideally these would use a child profile. They are all ELF executables
- # so running with 'Ux', while not ideal, is ok because we will at least
- # benefit from glibc's secure execute.
- /usr/bin/mkfifo Uxr, # investigate
- /{usr/,}bin/ps Uxr,
- /{usr/,}bin/uname Uxr,
- /usr/bin/locale Uxr,
-
/usr/bin/gpg Cx -> gpg,
/usr/bin/gpg2 Cx -> gpg,
/usr/bin/gpgconf Cx -> gpg,
@@ -224,7 +205,9 @@
deny owner @{HOME}/.cache/thunderbird/**/_CACHE_* w,
# noise from inherited files
+ deny @{HOME}/.thunderbird/*.default/ImapMail/*/INBOX w,
deny /usr/{lib,share}/thunderbird/omni.ja r,
+ deny /usr/share/thunderbird/extensions/** r,
# For smartcards?
/dev/bus/usb/ r,
@@ -255,6 +255,7 @@
owner @{HOME}/.gnupg/.#*[0-9]x rwl,
owner @{HOME}/.gnupg/.#lk0x[0-9a-f]* rwl,
owner @{HOME}/.gnupg/.gpg-v[0-9]*-migrated rw,
+ owner @{HOME}/.gnupg/openpgp-revocs.d/{,[A-F0-9]*.rev} rw,
owner @{HOME}/** r,
owner @{PROC}/@{pids}/mountinfo r,
@@ -272,13 +255,16 @@
/usr/bin/dirmngr ix,
owner @{PROC}/@{pids}/task/@{tid}/comm rw,
@@ -373,13 +362,16 @@
# for revocation certificate generation
owner @{HOME}/.{icedove,thunderbird}/*/0x[A-F0-9]*_rev.asc rw,
+ # for revocation certificate generation
+ owner @{HOME}/.{icedove,thunderbird}/*.default/0x[A-F0-9]*_rev.asc rw,
......
tails (3.9) UNRELEASED; urgency=medium
* Dummy entry for next release.
* Dummy entry for next release.
-- Tails developers <tails@boum.org> Thu, 10 May 2018 13:37:23 +0200
......
......@@ -6,7 +6,7 @@ Feature: Tails documentation
Scenario: The Tails documentation launcher on the desktop works when offline
Given I have started Tails from DVD without network and logged in
When I double-click on the Tails documentation launcher on the desktop
Then the documentation viewer opens the "Getting started" page
Then the documentation viewer opens the "Documentation" page
#15514
@fragile
......@@ -14,7 +14,7 @@ Feature: Tails documentation
Given I have started Tails from DVD and logged in and the network is connected
When I double-click on the Tails documentation launcher on the desktop
Then the Tor Browser starts
And the Tor Browser opens the Getting started page
And the Tor Browser opens the "Documentation" page
#15321
@fragile
......
......@@ -220,10 +220,10 @@ end
# python2 (#12185) we have terrible unicode support; for instance
# `.child('Tails - Getting started…')` will fail since Dogtail expects
# ascii and cannot decode "…".
Then /^the Tor Browser opens the Getting started page$/ do
Then /^the Tor Browser opens the "Documentation" page$/ do
try_for(60) do
@torbrowser
.children(roleName: "document frame")
.any? { |f| f.name == 'Tails - Getting started…' }
.any? { |f| f.name == 'Tails - Documentation' }
end
end
......@@ -94,7 +94,7 @@ Then /^the VirtualBox guest modules are available$/ do
"The vboxguest module is not available.")
end
Then /^the documentation viewer opens the "(Support|Getting started)" page$/ do |page|
Then /^the documentation viewer opens the "(Support|Documentation)" page$/ do |page|
if @language == 'German'
expected_title = 'Tails-Dokumentation'
if page == 'Support'
......@@ -107,7 +107,7 @@ Then /^the documentation viewer opens the "(Support|Getting started)" page$/ do
if page == 'Support'
expected_heading = 'Search the documentation'
else
expected_heading = 'Found a bug?'
expected_heading = 'First steps with Tails'
end
end
app = Dogtail::Application.new('tails-documentation')
......
......@@ -326,7 +326,7 @@ msgid ""
"cryptographic tool that provides encryption, authentication and deniability."
msgstr ""
"Protege suas conversações em comunicadores instantâneos usando <span class="
"\"definition\">[[!wikipedia Off-the-Record_Messaging desc=\"OTR\"]]</span> "
"\"definition\">[[!wikipedia_pt Off-the-Record_Messaging desc=\"OTR\"]]</span> "
"(Off-the-Record Messaging, apenas em inglês), uma ferramenta criptográfica "
"para cifrar, autenticar e permitir negação plausível."
......
......@@ -130,6 +130,7 @@ This survey will be updated in a while with [[!tails_ticket 15277]].
- [disk format](https://www.chromium.org/chromium-os/chromiumos-design-docs/disk-format)
- [file system and autoupdate system](https://www.chromium.org/chromium-os/chromiumos-design-docs/filesystem-autoupdate)
- [Android's A/B System Updates](https://source.android.com/devices/tech/ota/ab_updates.html)
* [Endless ostree builder](https://github.com/cosimoc/deb-ostree-builder)
### Not suitable
......
......@@ -22,3 +22,6 @@ See the [open bugs that affect Tails in the GNOME bug tracker](https://bugzilla.
Feel free to add any relevant issue to this list.
* [[!gnome_gitlab gnome-shell-extensions/issues/22 desc="gnome-shell-extensions: window-list theme should match shell default theme"]]
* [[!gnome_gitlab gtk/issues/641 desc="GtkSpinner doesn't spin in VMs"]]
* [[!gnome_gitlab totem/issues/116 desc="Saving playlist state sometimes hangs totem"]]
* [[!gnome_gitlab yelp/issues/98 desc="Yelp: Clicking a HTML link pointing to an anchor on the page currently viewed opens Nautilus"]]
......@@ -45,11 +45,11 @@ questions (and instead uses default values as answers).
### When a package is installed with a persistent storage unlocked
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - add.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - add.png"/>
### When a package is installed with no persistent storage
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - add without persistent storage.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - add without persistent storage.png"/>
### When a package is installed with a persistent storage locked
......@@ -74,11 +74,11 @@ When running from a DVD, virtual machine, or intermediary Tails.
To be displayed only once per session, not to bother people too much.
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - impossible persistent storage.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - impossible persistent storage.png"/>
### When a package is uninstalled
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - remove.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - remove.png"/>
Notifications when starting Tails with additional software
----------------------------------------------------------
......@@ -89,7 +89,7 @@ persistent storage every time the user starts Tails.
### When the installation starts
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - installing.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - installing.png"/>
If the summary is too long (here 62 characters), use instead only:
......@@ -102,7 +102,7 @@ installing.
### When the installation succeeds
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - installed.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - installed.png"/>
XXX: the configure button here is tricky to implement. Can we live without it?
......@@ -117,11 +117,11 @@ Notifications of failures
### When the installation fails
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - installation failed.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - installation failed.png"/>
### When the upgrade fails
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/notification - upgrade failed.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/notification - upgrade failed.png"/>
### When the configuration fails (addition to/removal from the package list)
......@@ -166,15 +166,15 @@ Software** feature in the persistent storage settings.
### If there is no persistent storage
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software - without persistent storage.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software - without persistent storage.png"/>
### Before any package is added
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software - empty.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software - empty.png"/>
### When some packages are already added
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software.png"/>
XXX: please define what happens when clicking on the links "Synaptic Package Manager" or "APT on the command line".
......@@ -187,17 +187,17 @@ By clicking on the delete cross.
Removing packages from the list doesn't require any validity check.
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software - remove.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software - remove.png"/>
### If the persistent storage is locked
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software - locked persistent storage.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software - locked persistent storage.png"/>
### It is impossible to have a persistent storage
For example, when running from a DVD or virtual machine.
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/additional software - impossible persistent storage.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/additional software - impossible persistent storage.png"/>
Persistent storage configuration
--------------------------------
......@@ -211,9 +211,9 @@ Persistent storage configuration
- MAY replace the custom widgets of the persistent storage configuration
by the following GTK3 pattern:
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/persistent storage - configuration changed.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/persistent storage - configuration changed.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-wireframes/master/additional software/png/persistent storage - confirm restart.png"/>
<img src="https://raw.githubusercontent.com/sajolida/tails-ux/master/additional software/png/persistent storage - confirm restart.png"/>
### Backend
......
......@@ -23,9 +23,13 @@ Discussions
[[Prepare a discussion|contribute/meetings#preparing-a-discussion]]
and add your topic here:
### Strategic planning
We'll discuss "Containers/separated identities without rebooting [R, +1-1]".
### Gather comments on our draft personas
Chapter 1: [[Kim, the surveilled at home|personas#kim]]
Chapter 2: [[Cris, the sensitive information gatherer|personas#cris]]
From the work that we did at the last summit, we drafted skeletons of
personas: a very basic description of what kind of users they are.
......
......@@ -22,7 +22,7 @@ beginning of May.
- April 2018: emmapeel
- May 2018: spriver
- June 2018: sajolida
- July 2018:
- July 2018: pablonatalino & emmapeel
- August 2018: intrigeri
- September 2018:
- October 2018: u
......
......@@ -35,6 +35,13 @@ XXX: If you feel like it and technical writers don't do it
git log --patch --since='1 October' --until='1 November' origin/master -- "*.*m*"
- We merged the former /install/os into [[/install|install]] to
streamline a bit more our installation instructions.
- We changed the style of the purple headers that we had on our homepage
to look less like buttons. We're now consistently using green for
clickable elements and purple for non-clickable elements.
User experience
===============
......
[[!meta title="Screen locker"]]
See also [[!tails_ticket 5684]].
The screen of a Tails session can be locked through the system menu, or by invoking the tails-screen-locker script directly.
Tails is currently lacking a screen locker and this has been a frequent
feature request. For example, as Tails is been adopted more and more by
journalists, they want to be able to leave their computer unattended in
The ticket that tracked this work was [[!tails_ticket 5684]].
This is useful for example for
journalists that want to be able to leave their computer unattended in
their office to go to the toilets for a minute and have their screen
locked.
......
......@@ -70,6 +70,21 @@ Please add to this list!
* Media streaming
* Icecast
* SSH
* Surveys (LimeSurvey)
* Being able to run surveys without relying on Google Forms seems to
be a frequent need among the Internet freedom community. The topic
was raised twice on OTF-Talk:
- "Secure way to run a survey?" on 2017-10-17
- "Secure survey tool" on 2018-04-02
In both cases the use case was to conduct anonymous surveys of a
target audience.
I've also been asked by another digital security trainer about the
same thing. The use cases could also cover organizing sensitive
events and having a better control of personally identifiable
information, like who registered for a given security training.
# Design
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment