Commit 28cf4852 authored by intrigeri's avatar intrigeri
Browse files

Merge remote-tracking branch 'origin/feature/12263-remove-i2p' into feature/stretch (refs: #12263).

parents 07e9cf89 676ae125
......@@ -46,7 +46,6 @@
/config/chroot_local-includes/usr/share/applications/tails-reboot.desktop
/config/chroot_local-includes/usr/share/applications/unsafe-browser.desktop
/config/chroot_local-includes/usr/share/applications/tails-shutdown.desktop
/config/chroot_local-includes/usr/share/applications/i2p-browser.desktop
/config/chroot_local-includes/usr/share/applications/tor-browser.desktop
/config/chroot_local-includes/usr/share/applications/tails-about.desktop
/config/chroot_local-includes/usr/share/desktop-directories/Tails.directory
......
......@@ -460,8 +460,6 @@ usr/bin/expr 32082
usr/bin/bc 32081
lib/live/config/2060-create-upgrader-run-directory 32079
usr/bin/install 32078
lib/live/config/2080-install-i2p 32077
usr/local/lib/tails-shell-library/i2p.sh 32076
usr/local/lib/tails-shell-library/common.sh 32075
usr/local/lib/tails-shell-library/localization.sh 32074
lib/live/config/7000-debug 32073
......@@ -2839,7 +2837,6 @@ usr/share/applications/mimeinfo.cache 29205
usr/share/gnome/applications/vim.desktop 29204
usr/share/gnome/applications/nm-connection-editor.desktop 29203
usr/share/gnome/applications/gnome-power-statistics.desktop 29202
usr/share/gnome/applications/openjdk-7-policytool.desktop 29201
usr/share/gnome/applications/orca.desktop 29200
usr/share/applications/gnome-bluetooth-panel.desktop 29199
usr/lib/libreoffice/share/xdg/xsltfilter.desktop 29198
......@@ -3122,7 +3119,6 @@ etc/xdg/menus/applications-merged/Tails.menu 28920
usr/share/applications/gnome-power-statistics.desktop 28919
usr/share/applications/nm-connection-editor.desktop 28918
usr/lib/i386-linux-gnu/tracker-1.0/libtracker-data.so.0.0.0 28917
usr/share/applications/openjdk-7-policytool.desktop 28916
usr/share/applications/orca.desktop 28915
usr/share/applications/vim.desktop 28914
usr/share/desktop-directories/ActionGames.directory 28913
......@@ -4097,7 +4093,6 @@ usr/lib/i386-linux-gnu/libopencv_contrib.so.2.4.9 27944
usr/share/ca-certificates/mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt 27943
usr/lib/i386-linux-gnu/libopencv_core.so.2.4.9 27942
usr/lib/i386-linux-gnu/libopencv_highgui.so.2.4.9 27941
etc/NetworkManager/dispatcher.d/30-i2p.sh 27940
etc/NetworkManager/dispatcher.d/60-tor-ready.sh 27939
usr/local/sbin/tor-has-bootstrapped 27938
usr/bin/gettext 27937
......
#!/bin/sh
set -e
# Create the i2pbrowser user.
#
# We run i2p-browser under this user
echo "Creating the i2pbrowser user"
adduser --system --quiet --group i2pbrowser
#!/bin/sh
set -e
echo "Configuring I2P"
I2P="/usr/share/i2p"
I2PROUTER="/usr/bin/i2prouter"
WRAPPER="/etc/i2p/wrapper.config"
# This must be set in order for the i2p init script to work
sed -i 's/^RUN_DAEMON=.*$/RUN_DAEMON="true"/' /etc/default/i2p
# Remove the "i2prouter" script, its man page, and its apparmor profile
# since these are not used by Tails:
rm /etc/apparmor.d/usr.bin.i2prouter /usr/share/man/man1/i2prouter.1.gz
# Install custom i2prouter stub scripts
for script in ${I2PROUTER} ${I2PROUTER}-nowrapper; do
echo "Removing $script"
dpkg-divert --rename --add "${script}"
cat > "$script" << EOF
#!/bin/sh
echo "This script is not used by Tails."
echo "See https://tails.boum.org/doc/anonymous_internet/i2p/ for more information."
exit 0
EOF
chmod 755 "$script"
done
# Remove the outproxy from the tunnel on port 4444
# This will remove the following lines:
# tunnel.0.proxyList=false.i2p
# tunnel.0.option.i2ptunnel.httpclient.SSLOutproxies=false.i2p
# The SSLOutproxies option was first set in I2P 0.9.15
sed -i '/^.*tunnel\.0\.\(proxyList\|option\.i2ptunnel\.httpclient\.SSLOutproxies\)/d' "$I2P/i2ptunnel.config"
# Disable the https outproxy (port 4445)
sed -i 's|^.*\(tunnel\.6\.startOnLoad\).*|\1=false|' "$I2P/i2ptunnel.config"
# Don't serve the router console on IPv6
sed -i 's|^clientApp\.0\.args=7657\s\+::1,127\.0\.0\.1|clientApp.0.args=7657 127.0.0.1|' "$I2P/clients.config"
# Disable IPv6 in the wrapper
sed -i 's|^.*\(wrapper\.java\.additional\.5=-Djava\.net\.preferIPv4Stack=\).*|\1true|' "$WRAPPER"
sed -i 's|^.*\(wrapper\.java\.additional\.6=-Djava\.net\.preferIPv6Addresses=\).*|\1false|' "$WRAPPER"
# Tails specific router configs:
# * i2cp: allows java clients to communicate with I2P outside of the JVM. Disabled.
# * IPv6: Disabled
# * HiddenMode: Enabled
# * In-I2P Network Updates: Disabled
# * Inbound connections: Disabled (setting is "i2cp.ntcp.autoip")
# * Disable I2P plugins
# * Disable NTP
cat > "$I2P/router.config" << EOF
# NOTE: This I2P config file must use UTF-8 encoding
i2cp.disableInterface=true
i2np.ntcp.ipv6=false
i2np.ntcp.autoip=false
i2np.udp.ipv6=false
router.isHidden=true
router.updateDisabled=true
router.enablePlugins=false
time.disabled=true
EOF
cat > "$I2P/susimail.config" << EOF
susimail.pop3.leave.on.server=true
EOF
# enforce apparmor
echo Setting the I2P apparmor profile to enforce mode
sed -i -re 's|flags=\(complain\)||' /etc/apparmor.d/system_i2p
......@@ -22,7 +22,6 @@ systemctl enable tor-controlport-filter.service
systemctl --global enable tails-add-GNOME-bookmarks.service
systemctl --global enable tails-configure-keyboard.service
systemctl --global enable tails-create-tor-browser-directories.service
systemctl --global enable tails-i2p-removal-notify-user.service
systemctl --global enable tails-security-check.service
systemctl --global enable tails-upgrade-frontend.service
systemctl --global enable tails-virt-notify-user.service
......@@ -46,9 +45,6 @@ systemctl disable tor.service
systemctl disable NetworkManager.service
systemctl disable NetworkManager-wait-online.service
# We don't run these services by default
systemctl disable i2p.service
# Don't hide tails-kexec's shutdown messages with an empty splash screen
for suffix in halt kexec poweroff reboot shutdown ; do
systemctl mask "plymouth-${suffix}.service"
......
#!/bin/sh
set -u
set -e
# Everything moved by this hook script will be reversed in the event that
# the string "i2p" is entered at a boot prompt
DEST="/usr/share/tails/i2p-disabled"
[ -d "/usr/share/i2p" ] || return 0
mkdir "$DEST"
mv -f /usr/share/i2p "$DEST"
mv -f /usr/sbin/wrapper "$DEST"
mv -f /usr/share/applications/i2p-browser.desktop "$DEST"
#!/bin/sh
# I2P isn't started automatically at system boot.
# Instead, it is started with this hook script.
# Import i2p_is_enabled().
. /usr/local/lib/tails-shell-library/i2p.sh
# Don't even try to run this script if I2P is not enabled.
i2p_is_enabled || exit 0
# don't run if interface is 'lo'
if [ -z "$1" ] || [ "$1" = "lo" ]; then
exit 0
fi
if [ "$2" = "up" ]; then
/usr/local/sbin/tails-i2p start &
fi
......@@ -3,11 +3,6 @@
# Configuration file for ferm(1).
#
# I2P rules that grant access to the "i2psvc" user (those with $use_i2p) will
# only be enabled if the string "i2p" is entered at the boot prompt.
# Deny or reject rules affecting "i2psvc" will always be set.
def $use_i2p = `test -d /usr/share/i2p && echo 1 || echo 0`;
# When ferm starts initially during early boot, the "amnesia" user does not
# exist yet, so we have to use its UID (#7018).
def $amnesia_uid = 1000;
......@@ -74,42 +69,12 @@ domain ip {
mod owner uid-owner $amnesia_uid ACCEPT;
}
# Whitelist access to Tor's DNSPort so I2P can resolve hostnames when bootstrapping
daddr 127.0.0.1 proto udp dport 5353 {
@if $use_i2p mod owner uid-owner i2psvc ACCEPT;
}
# White-list access to the accessibility daemon
daddr 127.0.0.1 proto tcp syn dport 4101 {
mod owner uid-owner $amnesia_uid ACCEPT;
mod owner uid-owner Debian-gdm ACCEPT;
}
# White-list access to I2P services for the amnesia user (IRC, SAM, POP3, SMTP, and Monotone)
# For more information, see https://tails/boum.org/contribute/design/I2P and https://geti2p.net/ports
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (6668 7656 7659 7660 8998) {
@if $use_i2p mod owner uid-owner $amnesia_uid ACCEPT;
}
# Whitelist access to I2P services for the i2psvc user,
# otherwise mail and eepsite hosting won't work. The mail ports (7659 and 7660) are
# accessed by the webmail app
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (7658 7659 7660) {
@if $use_i2p mod owner uid-owner i2psvc ACCEPT;
}
# Whitelist access to the i2pbrowser user
daddr 127.0.0.1 proto tcp syn mod multiport destination-ports (4444 7657 7658) {
@if $use_i2p mod owner uid-owner i2pbrowser ACCEPT;
}
# White-list access to the java wrapper's (used by I2P) control ports
# (see: http://wrapper.tanukisoftware.com/doc/english/prop-port.html)
# If, for example, port 31000 is in use, it'll try the next one in sequence.
daddr 127.0.0.1 proto tcp sport (31000 31001 31002) dport (32000 32001 32002) {
@if $use_i2p mod owner uid-owner i2psvc ACCEPT;
}
# White-list access to CUPS
daddr 127.0.0.1 proto tcp syn dport 631 {
mod owner uid-owner $amnesia_uid ACCEPT;
......@@ -136,14 +101,13 @@ domain ip {
}
# Local network connections should not go through Tor but DNS shall be
# rejected. I2P is explicitly blocked from communicating with the LAN.
# (Note that we exclude the VirtualAddrNetwork used for .onion:s here.)
# rejected. (Note that we exclude the VirtualAddrNetwork used for
# .onion:s here.)
daddr (10.0.0.0/8 172.16.0.0/12 192.168.0.0/16) @subchain "lan" {
proto tcp dport domain REJECT;
proto udp dport domain REJECT;
proto tcp dport netbios-ns REJECT;
proto udp dport netbios-ns REJECT;
mod owner uid-owner i2psvc REJECT;
ACCEPT;
}
......@@ -152,11 +116,6 @@ domain ip {
proto tcp syn mod state state (NEW) ACCEPT;
}
# i2p is allowed to do anything it wants to on the internet.
outerface ! lo mod owner uid-owner i2psvc {
@if $use_i2p proto (tcp udp) ACCEPT;
}
# Everything else is logged and dropped.
LOG log-prefix "Dropped outbound packet: " log-level debug log-uid;
REJECT reject-with icmp-port-unreachable;
......
<?xml version='1.0' encoding='UTF-8' ?>
<purple version='1.0'>
<blist>
<group name='Discussions'>
<setting name='collapsed' type='bool'>0</setting>
<chat proto='prpl-irc' account='XXX_NICK_XXX@127.0.0.1'>
<component name='channel'>#i2p</component>
</chat>
</group>
</blist>
<privacy>
<account proto='prpl-irc' name='XXX_NICK_XXX@irc.oftc.net' mode='1'/>
<account proto='prpl-irc' name='XXX_NICK_XXX@127.0.0.1' mode='1'/>
</privacy>
</purple>
#!/bin/sh
# This script reverses everything done by config/chroot_local-hooks/97_remove_i2p
# when the string "i2p" is added to the boot prompt.
# Import i2p_is_enabled().
. /usr/local/lib/tails-shell-library/i2p.sh
SRC="/usr/share/tails/i2p-disabled"
Install_I2P(){
mv "$SRC/wrapper" /usr/sbin/wrapper
mv "$SRC/i2p-browser.desktop" /usr/share/applications
mv "$SRC/i2p" /usr/share
rmdir "$SRC"
}
Add_Sudo_Config(){
echo "amnesia ALL = NOPASSWD: /usr/local/sbin/i2p-browser" > /etc/sudoers.d/zzz_i2pbrowser
chown root:root /etc/sudoers.d/zzz_i2pbrowser
chmod 0440 /etc/sudoers.d/zzz_i2pbrowser
}
if i2p_is_enabled && [ -d "$SRC" ]; then
Install_I2P
Add_Sudo_Config
fi
[Service]
# XXX:Stretch: on Jessie, AppArmorProfile=system_i2p is a no-op, since
# AppArmor support was enabled in Debian's systemd 218-4 (#10925).
ExecStart=
ExecStart=/usr/sbin/aa-exec --profile=system_i2p -- /usr/sbin/wrapper "$I2P_ARGS"
[Unit]
Description=Warn the user that I2P will be removed
ConditionKernelCommandLine=i2p
[Service]
Type=oneshot
ExecStart=/usr/local/lib/tails-i2p-removal-notify-user
RemainAfterExit=yes
[Install]
WantedBy=desktop.target
#!/usr/bin/perl
use strict;
use warnings;
#man{{{
=head1 NAME
tails-i2p-removal-notify-user
=head1 VERSION
Version X.XX
=head1 AUTHOR
Tails dev team <amnesia@boum.org>
See https://tails.boum.org/.
=cut
#}}}
use Desktop::Notify;
use English '-no_match_vars';
use Locale::gettext;
use Net::DBus::Reactor;
use POSIX;
### initialization
setlocale(LC_MESSAGES, "");
textdomain("tails");
### callbacks
sub action_cb {
my $reactor = shift;
unless (fork) {
exec(
'/usr/local/bin/tails-documentation',
'doc/anonymous_internet/i2p',
'removal',
);
}
$reactor->shutdown;
}
### main
my $reactor = Net::DBus::Reactor->main;
my $notify = Desktop::Notify->new();
$notify->action_callback(sub { action_cb($reactor, @_) });
$notify->close_callback(sub { $reactor->shutdown; });
my $summary = gettext("Warning: I2P will be removed in Tails 2.12");
$notify->create(summary => $summary,
actions => { "moreinfo_$PID" => gettext('Learn more'), },
hints => { 'transient' => 1, },
timeout => 0)->show();
$reactor->run;
#!/bin/sh
# Import set_simple_config_key().
. /usr/local/lib/tails-shell-library/common.sh
# Import language_code_from_locale().
. /usr/local/lib/tails-shell-library/localization.sh
I2P_DEFAULT_CONFIG="/usr/share/i2p"
I2P_CONFIG="/var/lib/i2p/i2p-config"
I2P_TUNNEL_CONFIG="${I2P_CONFIG}/i2ptunnel.config"
I2P_WRAPPER_LOG="/var/log/i2p/wrapper.log"
i2p_is_enabled() {
grep -qw "i2p" /proc/cmdline
}
i2p_eep_proxy_address() {
# We retrieve the host and port number from the I2P profile. This
# shouldn't be anywhere other than 127.0.0.1:4444 but in case
# someone modifies the hook scripts or the default changes in I2P,
# this check should still work.
local listen_host listen_port
listen_host=$(awk -F= '/^tunnel\.0\.interface/{print $2}' \
"${I2P_TUNNEL_CONFIG}")
listen_port=$(awk -F= '/^tunnel\.0\.listenPort/{print $2}' \
"${I2P_TUNNEL_CONFIG}")
echo ${listen_host}:${listen_port}
}
i2p_reseed_started() {
grep -q 'Reseed start$' "${I2P_WRAPPER_LOG}"
}
i2p_reseed_failed() {
grep -q 'Reseed failed, check network connection$' "${I2P_WRAPPER_LOG}"
}
i2p_reseed_completed() {
grep -q "Reseed complete" "${I2P_WRAPPER_LOG}"
}
i2p_reseed_status() {
if i2p_reseed_completed; then
echo success
elif i2p_reseed_failed; then
echo failure
elif i2p_reseed_started; then
echo running
fi
}
i2p_built_a_tunnel() {
ss -nlp | grep -qwF "$(i2p_eep_proxy_address)"
}
i2p_router_console_address() {
echo 127.0.0.1:7657
}
i2p_router_console_is_ready() {
ss -nlp | grep -qwF "$(i2p_router_console_address)"
}
set_best_i2p_router_console_lang() {
# We will use the detected language even if I2P doesn't support it; it
# will default to English in that case.
local lang="$(language_code_from_locale "${LANG}")"
# We first try to set it in an existing "live" config, even though
# the effect will only appear after a restart.
local config
for config in "${I2P_CONFIG}/router.config" \
"${I2P_DEFAULT_CONFIG}/router.config"; do
if [ -e "${config}" ]; then
set_simple_config_key "${config}" "routerconsole.lang" "${lang}"
return 0
fi
done
return 1
}
#!/bin/sh
set -e
set -u
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
# Import the TBB_EXT variable, and guess_best_tor_browser_locale().
. /usr/local/lib/tails-shell-library/tor-browser.sh
# Import try_cleanup_browser_chroot(), setup_browser_chroot(),
# configure_chroot_dns_servers(), configure_chroot_browser(),
# configure_chroot_browser(), set_chroot_browser_locale()
# set_chroot_torbutton_browser_name(), set_chroot_browser_permissions()
# and run_browser_in_chroot().
. /usr/local/lib/tails-shell-library/chroot-browser.sh
# Import i2p_router_console_is_ready() and i2p_is_enabled().
. /usr/local/lib/tails-shell-library/i2p.sh
error () {
local cli_text="${CMD}: `gettext \"error:\"` ${@}"
local dialog_text="<b><big>`gettext \"Error\"`</big></b>
${@}"
echo "${cli_text}" >&2
sudo -u "${SUDO_USER}" zenity --error --title "" --text "${dialog_text}"
exit 1
}
verify_start () {
# Make sure the user really wants to start the browser in case the router console isn't available
local dialog_msg="<b><big>`gettext \"Do you still want to launch I2P Browser?\"`</big></b>
`gettext \"The I2P router console is not ready.\"`"
local launch="`gettext \"_Launch\"`"
local exit="`gettext \"_Exit\"`"
if ! sudo -u "${SUDO_USER}" \
zenity --question --title "" --text "${dialog_msg}" --default-cancel \
--cancel-label "${exit}" --ok-label "${launch}" ; then
exit 0
fi
}
show_start_notification () {
local title="`gettext \"Starting the I2P Browser...\"`"
local body="`gettext \"This may take a while, so please be patient.\"`"
tails-notify-user "${title}" "${body}" 10000
}
copy_extra_tbb_prefs () {
local chroot="${1}"
local browser_name="${2}"
local browser_user="${3}"
local tbb_prefs="/etc/tor-browser/profile/preferences"
local browser_prefs_dir="${chroot}/home/${browser_user}/.${browser_name}/profile.default/preferences"
mkdir -p "${browser_prefs_dir}"
# Selectively copy the TBB prefs we want
sed '/\(security\|update\|download\|spell\|noscript\|torbrowser\)/!d' "${tbb_prefs}/0000tails.js" > \
"${browser_prefs_dir}/0000tails.js"
sed '/\(capability\|noscript\)/!d' "${tbb_prefs}/extension-overrides.js" > \
"${browser_prefs_dir}/extension-overrides.js"
chown -R "${browser_user}:${browser_user}" "${browser_prefs_dir}"
}
show_shutdown_notification () {
local title="`gettext \"Shutting down the I2P Browser...\"`"
local body="`gettext \"This may take a while, and you may not restart the I2P Browser until it is properly shut down.\"`"
tails-notify-user "${title}" "${body}" 10000
}
# Main script:
# This isn't very useful without I2P...
i2p_is_enabled || exit 0
CMD="$(basename "${0}")"
LOCK="/var/lock/${CMD}"
CONF_DIR="/var/lib/i2p-browser"
COW="${CONF_DIR}/cow"
CHROOT="${CONF_DIR}/chroot"
BROWSER_NAME="i2p-browser"
BROWSER_USER="i2pbrowser"
HOME_PAGE="http://127.0.0.1:7657"
NOSCRIPT_EXT_XPI="${TBB_EXT}/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi"
TORBUTTON_EXT_DIR="${TBB_EXT}/torbutton@torproject.org"
HUMAN_READABLE_NAME="`gettext \"I2P Browser\"`"
IP4_NAMESERVERS="0.0.0.0"
# Prevent multiple instances of the script.
exec 9>"${LOCK}"
if ! flock -x -n 9; then
error "`gettext \"Another I2P Browser is currently running, or being cleaned up. Please retry in a while.\"`"
fi