Commit 1658d303 authored by Tails developers's avatar Tails developers
Browse files

Merge branch 'feature/7732-i2p-network-manager-hook' into devel

Conflicts:
	config/chroot_local-includes/usr/share/tails/firefox-localstore-win8.rdf
parents 280d3949 d847d020
......@@ -210,10 +210,6 @@ Package: ttdnsd
Pin: release o=TorProject,a=unstable
Pin-Priority: 999
Package: xul-ext-foxyproxy-standard
Pin: release o=Debian,a=experimental
Pin-Priority: 999
Package: xul-ext-https-everywhere
Pin: release o=Debian,a=unstable
Pin-Priority: 999
......
#!/bin/sh
set -e
# Create the i2pbrowser user.
#
# We run i2p-browser under this user
echo "Creating the i2pbrowser user"
adduser --system --quiet --group i2pbrowser
......@@ -134,10 +134,9 @@ EOF
dpkg -i "${TMP}"/iceweasel_"${FAKE_ICEWEASEL_VERSION}"_all.deb
)
apt-get install --yes xul-ext-adblock-plus xul-ext-foxyproxy-standard xul-ext-torbutton
apt-get install --yes xul-ext-adblock-plus xul-ext-torbutton
ln -s /usr/share/xul-ext/adblock-plus/ "${TBB_EXT}"/'{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}'
ln -s /usr/share/xul-ext/foxyproxy-standard/ "${TBB_EXT}"/foxyproxy@eric.h.jung
ln -s /usr/share/xul-ext/torbutton/ "${TBB_EXT}"/torbutton@torproject.org
rsync -a --exclude bookmarks.html --exclude extensions \
......
......@@ -13,4 +13,4 @@ DEST="/usr/share/tails/i2p-disabled"
mkdir "$DEST"
mv -f /usr/share/i2p "$DEST"
mv -f /usr/sbin/wrapper "$DEST"
mv -f /usr/share/applications/i2p.desktop "$DEST"
mv -f /usr/share/applications/i2p-browser.desktop "$DEST"
#!/bin/sh
# I2P isn't started automatically at system boot.
# Instead, it is started with this hook script.
# Don't even try to run this script if I2P is not enabled.
grep -qw "i2p" /proc/cmdline || exit 0
# don't run if interface is 'lo'
[ $1 = "lo" ] && exit 0
if [ $2 = "up" ]; then
/usr/local/sbin/tails-i2p start &
fi
......@@ -86,18 +86,24 @@ domain ip {
mod owner uid-owner amnesia ACCEPT;
}
# White-list access to I2P services for both the amnesia user (client) and i2psvc (server)
# White-list access to I2P services for the amnesia user (IRC, SAM, POP3, SMTP, and Monotone)
# For more information, see https://tails/boum.org/contribute/design/I2P and https://geti2p.net/ports
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (4444 4445 6668 7656 7657 7658 7659 7660 8998) {
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (6668 7656 7659 7660 8998) {
@if $use_i2p mod owner uid-owner amnesia ACCEPT;
}
# Whitelist access to I2P services for the i2psvc user,
# otherwise mail and eepsite hosting won't work.
# otherwise mail and eepsite hosting won't work. The mail ports (7659 and 7660) are
# accessed by the webmail app
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (7658 7659 7660) {
@if $use_i2p mod owner uid-owner i2psvc ACCEPT;
}
# Whitelist access to the i2pbrowser user
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (4444 7657 7658) {
@if $use_i2p mod owner uid-owner i2pbrowser ACCEPT;
}
# White-list access to the java wrapper's (used by I2P) control ports
# (see: http://wrapper.tanukisoftware.com/doc/english/prop-port.html)
# If, for example, port 31000 is in use, it'll try the next one in sequence.
......
......@@ -21,9 +21,4 @@
<DT><A HREF="https://www.torproject.org/">Tor Project</A>
<DT><A HREF="https://tor.stackexchange.com/">Tor Stack Exchange</A>
</DL><p>
<DT><h3>I2P</h3>
<DL><p>
<DT><A HREF="http://127.0.0.1:7657/index.jsp">I2P router console</A>
<DT><A HREF="http://i2p-projekt.i2p/">I2P homepage</A>
</DL><p>
</DL><p>
......@@ -3,6 +3,3 @@
/* Hide HTTPS Everywhere button in the toolbar */
#https-everywhere-button { display: none; }
/* Hide Foxyproxy button in the toolbar */
#foxyproxy-toolbar-icon { display: none; }
<?xml version="1.0" encoding="utf-8"?>
<foxyproxy mode="patterns" selectedTabIndex="0" toolbaricon="false"
toolsMenu="false"
contextMenu="false" advancedMenus="false" previousMode="disabled"
resetIconColors="true" useStatusBarPrefix="true"
excludePatternsFromCycling="false"
excludeDisabledFromCycling="false" ignoreProxyScheme="true">
<random includeDirect="false" includeDisabled="false" />
<statusbar icon="false" text="false" left="options" middle="cycle"
right="contextmenu" width="0" />
<toolbar left="options" middle="cycle" right="contextmenu" />
<logg enabled="false" maxSize="500" noURLs="false"
header="&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt; &lt;!DOCTYPE html PUBLIC &quot;-//W3C//DTD XHTML 1.0 Strict//EN&quot; &quot;http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd&quot;&gt; &lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;&lt;head&gt;&lt;title&gt;&lt;/title&gt;&lt;link rel=&quot;icon&quot; href=&quot;http://foxyproxy.mozdev.org/favicon.ico&quot;/&gt;&lt;link rel=&quot;shortcut icon&quot; href=&quot;http://foxyproxy.mozdev.org/favicon.ico&quot;/&gt;&lt;link rel=&quot;stylesheet&quot; href=&quot;http://foxyproxy.mozdev.org/styles/log.css&quot; type=&quot;text/css&quot;/&gt;&lt;/head&gt;&lt;body&gt;&lt;table class=&quot;log-table&quot;&gt;&lt;thead&gt;&lt;tr&gt;&lt;td class=&quot;heading&quot;&gt;${timestamp-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${url-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${proxy-name-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${proxy-notes-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-name-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-case-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-type-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-color-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pac-result-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${error-msg-heading}&lt;/td&gt;&lt;/tr&gt;&lt;/thead&gt;&lt;tfoot&gt;&lt;tr&gt;&lt;td/&gt;&lt;/tr&gt;&lt;/tfoot&gt;&lt;tbody&gt;"
row="&lt;tr&gt;&lt;td class=&quot;timestamp&quot;&gt;${timestamp}&lt;/td&gt;&lt;td class=&quot;url&quot;&gt;&lt;a href=&quot;${url}&quot;&gt;${url}&lt;/a&gt;&lt;/td&gt;&lt;td class=&quot;proxy-name&quot;&gt;${proxy-name}&lt;/td&gt;&lt;td class=&quot;proxy-notes&quot;&gt;${proxy-notes}&lt;/td&gt;&lt;td class=&quot;pattern-name&quot;&gt;${pattern-name}&lt;/td&gt;&lt;td class=&quot;pattern&quot;&gt;${pattern}&lt;/td&gt;&lt;td class=&quot;pattern-case&quot;&gt;${pattern-case}&lt;/td&gt;&lt;td class=&quot;pattern-type&quot;&gt;${pattern-type}&lt;/td&gt;&lt;td class=&quot;pattern-color&quot;&gt;${pattern-color}&lt;/td&gt;&lt;td class=&quot;pac-result&quot;&gt;${pac-result}&lt;/td&gt;&lt;td class=&quot;error-msg&quot;&gt;${error-msg}&lt;/td&gt;&lt;/tr&gt;"
footer="&lt;/tbody&gt;&lt;/table&gt;&lt;/body&gt;&lt;/html&gt;" />
<warnings parentheses="true" confirmDeleteProxy="true" />
<autoadd enabled="false" temp="false" reload="true" notify="true"
notifyWhenCanceled="true" prompt="true">
<match enabled="true" name="Dynamic AutoAdd Pattern"
pattern="*://${3}${6}/*" isRegEx="false" isBlackList="false"
isMultiLine="false" caseSensitive="false" />
<match enabled="true" name=""
pattern="*You are not authorized to view this page*"
isRegEx="false" isBlackList="false" isMultiLine="true"
caseSensitive="false" />
</autoadd>
<quickadd enabled="false" temp="false" reload="true" notify="true"
notifyWhenCanceled="true" prompt="true">
<match enabled="true" name="Dynamic QuickAdd Pattern"
pattern="*://${3}${6}/*" isRegEx="false" isBlackList="false"
isMultiLine="false" caseSensitive="false" />
</quickadd>
<defaultPrefs originalDisablePrefetch="false" />
<proxies>
<proxy name="MonkeySphere Validation Agent" id="2404203472" notes=""
enabled="true" mode="direct" selectedTabIndex="2"
lastresort="false" animatedIcons="true" includeInCycle="true"
color="#00FF99" proxyDNS="true">
<matches>
<match enabled="true" name="Monkeysphere Validation Agent"
pattern="http://127.0.0.1:6136/*"
isRegEx="false" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="" port="" socksversion="5" isSocks="false" />
</proxy>
<proxy name="I2P router console and eepsite" id="2404203472" notes=""
enabled="true" mode="direct" selectedTabIndex="2"
lastresort="false" animatedIcons="true" includeInCycle="true"
color="#00FFFF" proxyDNS="true">
<matches>
<match enabled="true" name="I2P router console IP"
pattern="http://127.0.0.1:7657/*"
isRegEx="false" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
<match enabled="true" name="I2P eepsite IP"
pattern="http://127.0.0.1:7658/*"
isRegEx="false" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="" port="" socksversion="5" isSocks="false" />
</proxy>
<proxy name="i2p" id="3035002503" notes="" enabled="true"
mode="manual" selectedTabIndex="0" lastresort="false"
animatedIcons="true" includeInCycle="true" color="#0000FF"
proxyDNS="true">
<matches>
<match enabled="true" name="eepsites"
pattern="^https?://[-a-zA-Z0-9.]+\.i2p(:[0-9]{1,5})?(/.*)?$"
isRegEx="true" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="127.0.0.1" port="4444" socksversion="5"
isSocks="false" />
</proxy>
<proxy name="LAN" id="2433300243" notes="" enabled="true"
mode="direct" selectedTabIndex="0" lastresort="false"
animatedIcons="true" includeInCycle="true" color="#995400"
proxyDNS="true">
<matches>
<match enabled="true" name="LAN"
pattern="(ftp|http|https)://(?:[^:@/]+(?::[^@/]+)?@)?(?:192\.168\.\d+\.\d+|10\.\d+\.\d+\.\d+|172\.(?:1[6789]|2[0-9]|3[01])\.\d+\.\d+)(?::\d+)?/.*"
isRegEx="true" isBlackList="false" isMultiLine="false"
caseSensitive="false"/>
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true"/>
<manualconf host="" port="" socksversion="5" isSocks="false" />
</proxy>
<proxy name="Tor http(s)" id="4274466714" notes="" enabled="true"
mode="manual" selectedTabIndex="0" lastresort="false"
animatedIcons="true" includeInCycle="true" color="#339900"
proxyDNS="true">
<matches>
<match enabled="true" name="http://" pattern="http://*"
isRegEx="false" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
<match enabled="true" name="https://" pattern="https://*"
isRegEx="false" isBlackList="false" isMultiLine="false"
caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="127.0.0.1" port="9150" socksversion="5"
isSocks="true" />
</proxy>
<proxy name="Tor ftp" id="4183000176" notes="" enabled="false"
mode="manual" selectedTabIndex="1" lastresort="false"
animatedIcons="true" includeInCycle="true" color="#00FF00"
proxyDNS="true">
<matches>
<match enabled="true" name="ftp" pattern="ftp://*" isRegEx="false"
isBlackList="false" isMultiLine="false" caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="127.0.0.1" port="2121" socksversion="5"
isSocks="true" />
</proxy>
<proxy name="Default" id="3892444566"
notes="These are the settings that are used when no patterns match a URL."
enabled="true" mode="manual" selectedTabIndex="0" lastresort="true"
animatedIcons="false" includeInCycle="true" color="#000000"
proxyDNS="true">
<matches>
<match enabled="true" name="All" pattern="*" isRegEx="false"
isBlackList="false" isMultiLine="false" caseSensitive="false" />
</matches>
<autoconf url="" loadNotification="true" errorNotification="true"
autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="127.0.0.1" port="9150" socksversion="5"
isSocks="true" />
</proxy>
</proxies>
</foxyproxy>
......@@ -23,10 +23,6 @@ pref("extensions.adblockplus.showinaddonbar", false);
pref("extensions.adblockplus.showintoolbar", false);
pref("extensions.adblockplus.subscriptions_autoupdate", false);
// FoxyProxy preferences
pref("extensions.foxyproxy.last-version", "99999.99");
pref("extensions.foxyproxy.socks_remote_dns", true);
// Suppress prompt and always spoof useragent as English
pref("extensions.torbutton.spoof_english", true);
pref("extensions.torbutton.prompted_language", true);
......
......@@ -7,15 +7,15 @@ SRC="/usr/share/tails/i2p-disabled"
Install_I2P(){
mv "$SRC/wrapper" /usr/sbin/wrapper
mv "$SRC/i2p.desktop" /usr/share/applications
mv "$SRC/i2p-browser.desktop" /usr/share/applications
mv "$SRC/i2p" /usr/share
rmdir "$SRC"
}
Add_Sudo_Config(){
echo "amnesia ALL = NOPASSWD: /etc/init.d/i2p" > /etc/sudoers.d/zzz_i2p
chown root:root /etc/sudoers.d/zzz_i2p
chmod 0440 /etc/sudoers.d/zzz_i2p
echo "amnesia ALL = NOPASSWD: /usr/local/sbin/i2p-browser" > /etc/sudoers.d/zzz_i2pbrowser
chown root:root /etc/sudoers.d/zzz_i2pbrowser
chmod 0440 /etc/sudoers.d/zzz_i2pbrowser
}
if grep -qw "i2p" /proc/cmdline && [ -d "$SRC" ]; then
......
#!/usr/bin/perl
use strict;
use warnings;
#man{{{
=head1 NAME
tails-start-i2p
=head1 VERSION
Version X.XX
=head1 AUTHOR
Tails dev team <amnesia@boum.org>
See https://tails.boum.org/.
=cut
#}}}
use Desktop::Notify;
use Locale::gettext;
use POSIX;
### initialization
setlocale(LC_MESSAGES, "");
textdomain("tails");
### helper subs
# TODO: get router port (default 7657) from /etc/i2p/clients.config
sub get_router_port {
return 7657;
}
# TODO: more perlish way to do below?
# TODO: use netstat -p, check that a child of i2psvc runs the router console
sub router_status {
return !system("netstat -nl -A inet,inet6 | grep -qe \"\\(127\\.0\\.0\\.1\\|::1\\):" . get_router_port() . "\"");
}
sub open_router_console {
system("/usr/local/bin/tor-browser http://127.0.0.1:" . get_router_port());
}
sub start_i2psvc {
system("/usr/bin/gksu /etc/init.d/i2p start");
}
sub stop_i2psvc {
system("/usr/bin/gksu /etc/init.d/i2p start");
}
### main
my $notify = Desktop::Notify->new();
my $summary = gettext("Starting I2P...");
my $body = gettext("The I2P router console will be opened on start.");
my $notification = $notify->create(summary => $summary,
body => $body,
timeout => 0);
$notification->show();
my $tordate_done_file = '/var/run/tordate/done';
my $tordate_wait = 0;
# There was a "fix" in i2p 0.8.8 for handling clock jumps and skews which seems
# to be broken -- a jump during i2p bootstrap leads to i2p starting in a non-
# working state, as does starting i2p when the clock is off too much. Hence, for
# simplicity, we make i2p dependent on tordate. The real fix will be when
# i2p gets its act together and handles these problems correctly.
until (-e $tordate_done_file) {
if ($tordate_wait > 60) {
$notification->close();
$summary = gettext("I2P failed to start");
$body = gettext("Make sure that you have a working Internet " .
"connection, then try to start I2P again.");
$notification = $notify->create(summary => $summary,
body => $body,
timeout => 60000);
$notification->show();
exit 1;
}
sleep(1);
$tordate_wait++;
}
my $htpdate_done_file = '/var/run/htpdate/done';
my $htpdate_wait = 0;
# We also need to wait for htpdate for same the reason as
# above. However, tordate will set the clock so that it is correct
# enough for I2P to work (it can operate with +/- 2 hours clock skew)
# so we optimistically try to start I2P even if htpdate doesn't
# finish.
until (-e $htpdate_done_file || $htpdate_wait > 120) {
sleep(1);
$htpdate_wait++;
}
start_i2psvc();
my $t = 0;
my $timeout = 180;
while ($t < $timeout && !router_status()) {
$t++;
sleep 1;
}
$notification->close();
if (router_status()) {
open_router_console();
exit 0;
} else {
stop_i2psvc();
$summary = gettext("I2P failed to start");
$body = gettext("Something went wrong when I2P was starting. Look in " .
"the logs in the following directory for " .
"more information:") . "\n\t/var/log/i2p/";
$notification = $notify->create(summary => $summary,
body => $body,
timeout => 60000);
$notification->show();
exit 1;
}
#!/bin/sh
wait_until() {
local timeout check_expr delay timeout_at
timeout="${1}"
check_expr="${2}"
delay="${3:-1}"
timeout_at=$(expr $(date +%s) + ${timeout})
until eval "${check_expr}"; do
if [ "$(date +%s)" -ge "${timeout_at}" ]; then
return 1
fi
sleep ${delay}
done
return 0
}
#!/bin/sh
I2P_CONFIG="/var/lib/i2p/i2p-config"
I2P_TUNNEL_CONFIG="${I2P_CONFIG}/i2ptunnel.config"
i2p_eep_proxy_address() {
# We retrieve the host and port number from the I2P profile This
# shouldn't be anywhere other than 127.0.0.1:4444 but in case
# someone modifies the hook scripts or the default changes in I2P,
# this check should still work
local listen_host listen_port
listen_host=$(awk -F= '/^tunnel\.0\.interface/{print $2}' \
"${I2P_TUNNEL_CONFIG}")
listen_port=$(awk -F= '/^tunnel\.0\.listenPort/{print $2}' \
"${I2P_TUNNEL_CONFIG}")
echo ${listen_host}:${listen_port}
}
i2p_has_bootstrapped() {
netstat -4nlp | grep -qwF "$(i2p_eep_proxy_address)"
}
i2p_router_console_address() {
echo 127.0.0.1:7657
}
i2p_router_console_is_ready() {
netstat -4nlp | grep -qwF "$(i2p_router_console_address)"
}
#!/bin/sh
set -e
# This isn't very useful without I2P...
grep -qw "i2p" /proc/cmdline || exit 0
CMD=$(basename ${0})
LOCK=/var/lock/${CMD}
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
. /usr/local/lib/tails-shell-library/i2p.sh
ROFS=/lib/live/mount/rootfs/filesystem.squashfs
CONF_DIR=/var/lib/i2p-browser
COW=${CONF_DIR}/cow
CHROOT=${CONF_DIR}/chroot
BROWSER_USER=i2pbrowser
TBB_PREFS="/etc/tor-browser/profile/preferences"
START_PAGE="http://127.0.0.1:7657"
# Import the TBB_INSTALL, TBB_EXT and TBB_PROFILE variables
. /usr/local/lib/tails-shell-library/tor-browser.sh
NOSCRIPT="${TBB_INSTALL}/extensions/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi"
TORBUTTON="${TBB_INSTALL}/extensions/torbutton@torproject.org"
NAME="`gettext \"I2P Browser\"`"
if [ -e /var/lib/gdm3/tails.camouflage ]; then
CAMOUFLAGE=yes
fi
cleanup () {
# Break down the chroot and kill all of its processes
local counter=0
local ret=0
while [ "${counter}" -le 10 ] && \
pgrep -u ${BROWSER_USER} 1>/dev/null 2>&1; do
pkill -u ${BROWSER_USER} 1>/dev/null 2>&1
ret=${?}
sleep 1
counter=$((${counter}+1))
done
[ ${ret} -eq 0 ] || pkill -9 -u ${BROWSER_USER} 1>/dev/null 2>&1
for mnt in ${CHROOT}/dev ${CHROOT}/proc ${CHROOT} ${COW}; do
counter=0
while [ "${counter}" -le 10 ] && mountpoint -q ${mnt} 2>/dev/null; do
umount ${mnt} 2>/dev/null
sleep 1
counter=$((${counter}+1))
done
done
rmdir ${COW} ${CHROOT} 2>/dev/null
}
error () {
local cli_text="${CMD}: `gettext \"error:\"` ${@}"
local dialog_text="<b><big>`gettext \"Error\"`</big></b>
${@}"
echo "${cli_text}" >&2
sudo -u ${SUDO_USER} zenity --error --title "" --text "${dialog_text}"
exit 1
}
verify_start () {
# Make sure the user really wants to start the browser in case the router console isn't available
local dialog_msg="<b><big>`gettext \"Do you still want to launch I2P Browser?\"`</big></b>
`gettext \"The I2P router console is not ready.\"`"
local launch="`gettext \"_Launch\"`"
local exit="`gettext \"_Exit\"`"
# Since zenity can't set the default button to cancel, we switch the
# labels and interpret the return value as its negation.
if sudo -u ${SUDO_USER} zenity --question --title "" --ok-label "${exit}" \
--cancel-label "${launch}" --text "${dialog_msg}"; then
exit 0
fi
}
show_start_notification () {
local title="`gettext \"Starting the I2P Browser...\"`"
local body="`gettext \"This may take a while, so please be patient.\"`"
tails-notify-user "${title}" "${body}" 10000
}
setup_chroot () {
# Setup a chroot on an aufs "fork" of the filesystem.
# FIXME: When LXC matures to the point where it becomes a viable option
# for creating isolated jails, the chroot can be used as its rootfs.
echo "* Setting up chroot"
trap cleanup INT
trap cleanup EXIT
mkdir -p ${COW} ${CHROOT} && \
mount -t tmpfs tmpfs ${COW} && \
mount -t aufs -o noatime,noxino,dirs=${COW}=rw:${ROFS}=rr+wh aufs ${CHROOT} && \
mount -t proc proc ${CHROOT}/proc && \
mount --bind /dev ${CHROOT}/dev || \
error "`gettext \"Failed to setup chroot.\"`"
# Workaround for todo/buggy_aufs_vs_unsafe-browser
chmod -t ${COW}
}
set_chroot_browser_name () {
NAME="${1}"
LONG=$(echo ${LANG} | grep -o "^[a-zA-Z_]*")
SHORT=${LONG%%_*}
EXT_DIR="${CHROOT}/${TBB_EXT}"
BRANDING=branding/brand.dtd
if [ -e "${EXT_DIR}/langpack-${LONG}@firefox.mozilla.org.xpi" ]; then
PACK="${EXT_DIR}/langpack-${LONG}@firefox.mozilla.org.xpi"
TOP=browser/chrome
REST=${LONG}/locale
elif [ -e "${EXT_DIR}/langpack-${SHORT}@firefox.mozilla.org.xpi" ]; then