Commit 331f3b91 authored by anonym's avatar anonym

Merge remote-tracking branch 'origin/testing'

parents 8e2fd04c ecd927d2
......@@ -8,6 +8,7 @@
/*.iso
/*.list
/*.packages
/*.rake_tasks~
/*.vdi
/binary
/cache
......
......@@ -194,26 +194,29 @@ task :parse_build_options do
end
task :ensure_clean_repository do
unless `git status --porcelain`.empty?
git_status = `git status --porcelain`
unless git_status.empty?
if ENV['TAILS_BUILD_IGNORE_CHANGES']
$stderr.puts <<-END_OF_MESSAGE.gsub(/^ /, '')
You have uncommited changes in the Git repository. They will
be ignored for the upcoming build.
You have uncommitted changes in the Git repository. They will
be ignored for the upcoming build:
#{git_status}
END_OF_MESSAGE
else
$stderr.puts <<-END_OF_MESSAGE.gsub(/^ /, '')
You have uncommited changes in the Git repository. Due to limitations
of the build system, you need to commit them before building Tails.
You have uncommitted changes in the Git repository. Due to limitations
of the build system, you need to commit them before building Tails:
#{git_status}
If you don't care about those changes and want to build Tails nonetheless,
please add `ignorechanges` to the TAILS_BUILD_OPTIONS environment
variable.
END_OF_MESSAGE
abort 'Uncommited changes. Aborting.'
abort 'Uncommitted changes. Aborting.'
end
end
end
......
This diff is collapsed.
#!/bin/sh
set -e
# Create the onioncircuits user.
#
# We run onioncircuits under this user,
# which belongs to the debian-tor group.
echo "Creating the onioncircuits user"
adduser --system --quiet --group onioncircuits
adduser onioncircuits debian-tor
#!/bin/sh
set -e
# Create the vidalia user.
#
# We run vidalia under this user,
# which belongs to the debian-tor group.
echo "Creating the vidalia user"
adduser --system --quiet --group --no-create-home vidalia
adduser vidalia debian-tor
chown -R vidalia:vidalia /home/vidalia
#!/bin/sh
set -eu
set -e
set -u
echo "Install the Tor Browser"
......
#!/bin/sh
set -eu
set -e
set -u
echo "Install a fake gnome-backgrounds package"
......
......@@ -44,6 +44,7 @@ systemctl enable tails-sdmem-on-media-removal.service
systemctl enable tails-set-wireless-devices-state.service
systemctl enable tails-tor-has-bootstrapped.target
systemctl enable tails-wait-until-tor-has-bootstrapped.service
systemctl enable tails-tor-has-bootstrapped-flag-file.service
systemctl enable tor-controlport-filter.service
# Enable our own systemd user unit files
......
......@@ -2,7 +2,7 @@
set -e
echo "Registering menus"
echo "Registering and tweaking menus"
for app in tails-installer-launcher tails-persistence-delete tails-persistence-setup tails-about tails-documentation; do
xdg-desktop-menu install --novendor \
......@@ -10,4 +10,6 @@ for app in tails-installer-launcher tails-persistence-delete tails-persistence-s
"/usr/share/applications/${app}.desktop"
done
rm /usr/share/applications/laptop-mode-tools.desktop
xdg-desktop-menu forceupdate
#!/bin/sh
set -e
set -u
echo "Installing libdvd-pkg"
apt-get --yes install libdvd-pkg
dpkg-reconfigure libdvd-pkg
# Create and install a fake libdvd-pkg package. This is necessary for
# libdvdcss2 (the actual dvd decoding package) which depends on
# libdvd-pkg. libdvd-pkg however depends on build-essential, which is
# explicitly removed. So instead we build/install a fake libdvd-pkg
# without the build-essential dependency to satisfy libdvdcss2.
tmp="$(mktemp -d)"
apt-get install --yes equivs
LIBDVD_PKG_VERSION="$(dpkg-query -s libdvd-pkg | grep Version | cut -d ' ' -f2)+fake1"
cat > "${tmp}/libdvd-pkg-${LIBDVD_PKG_VERSION}.control" << EOF
Section: multimedia
Priority: optional
Homepage: https://tails.boum.org/
Standards-Version: 3.6.2
Package: libdvd-pkg
Version: ${LIBDVD_PKG_VERSION}
Maintainer: Tails developers <amnesia@boum.org>
Architecture: all
Description: (Fake) libdvd-pkg package
Provide placeholder to keep libdvdcss2 happy.
EOF
(
cd "${tmp}"
equivs-build "libdvd-pkg-${LIBDVD_PKG_VERSION}.control"
dpkg -i "libdvd-pkg_${LIBDVD_PKG_VERSION}_all.deb"
)
rm -R "${tmp}"
# Remove dangling symlink -- note that we absolutely do not want the
# functionality (automatic checks and upgrades for new css sources)
# that the removed script provides.
rm -f /etc/apt/apt.conf.d/88libdvdcss-pkg
......@@ -9,7 +9,7 @@ echo "Removing unwanted packages"
# We use apt-get as aptitude doesn't know about globs.
# There are packages we could be tempted to remove but we can't:
# - gcc-*-base (libstdc++6 depends on it)
# - libgcc1 (vidalia depends on it)
# - libgcc1 (apt depends on it)
# - cpp, cpp-* (big parts of GNOME depend on it)
apt-get --yes purge \
'^linux-kbuild-*' \
......@@ -22,6 +22,7 @@ apt-get --yes purge \
module-assistant \
po-debconf \
rsyslog \
libdvdcss-dev \
equivs virtualbox-guest-dkms
### Deinstall a few unwanted packages that were pulled by tasksel
......
#! /bin/sh
# Run only when the interface is not "lo":
if [ "${1}" = "lo" ]; then
exit 0
fi
if [ "${2}" = "up" ]; then
# Restart Vidalia because it does not automatically reconnect to the new
# Tor instance. Use kill+start as:
# - X-GNOME-AutoRestart does not exist in Lenny's Gnome
# - we do not start Vidalia automatically anymore and *this* is the time
# when it is supposed to start.
restart-vidalia
elif [ "${2}" = "down" ]; then
killall vidalia
fi
......@@ -37,9 +37,6 @@ picture-uri='file:///usr/share/tails/desktop_wallpaper.png'
[org/gnome/desktop/interface]
menus-have-icons=true
[org/gnome/libgnomekbd/keyboard]
options=['grp\tgrp:shifts_toggle', 'grp\tgrp:alt_shift_toggle']
[org/gnome/desktop/lockdown]
disable-lock-screen = true
disable-log-out = true
......@@ -85,5 +82,5 @@ antialiasing = 'rgba'
hinting = 'slight'
[org/gnome/shell]
enabled-extensions = ['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'topIcons@adel.gadllah@gmail.com', 'shutdown-helper@tails.boum.org']
enabled-extensions = ['apps-menu@gnome-shell-extensions.gcampax.github.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'topIcons@adel.gadllah@gmail.com', 'shutdown-helper@tails.boum.org', 'torstatus@tails.boum.org']
favorite-apps=['tor-browser.desktop', 'icedove.desktop', 'pidgin.desktop', 'keepassx.desktop', 'gnome-terminal.desktop']
[color]
ui = auto
[transfer]
fsckObjects = true
......@@ -2,6 +2,7 @@
ShowSysTrayIcon=true
MinimizeTray=true
MinimizeToTray=false
AutoSaveChange=true
LastFile=/home/amnesia/Persistent/keepassx.kdb
[FileDlgHistory]
......
amnesia ALL = (onioncircuits) NOPASSWD: /usr/bin/lckdo /var/lock/onioncircuits /usr/bin/onioncircuits
# This is the configuration for libtsocks (transparent socks) for use
# with the Tails mail user agent: /usr/local/bin/icedove
#
# See tsocks.conf(5) and torify(1) manpages.
server = 127.0.0.1
server_port = 9061
# We specify local as 127.0.0.0 - 127.191.255.255 because the
# Tor MAPADDRESS virtual IP range is the rest of net 127.
local = 127.0.0.0/255.128.0.0
local = 127.128.0.0/255.192.0.0
# My local networks
local = 10.0.0.0/255.0.0.0
local = 172.16.0.0/255.240.0.0
local = 192.168.0.0/255.255.0.0
[General]
ShowMainWindowAtStart=false
SkipVersionCheck=true
[Unit]
Description=Manage the flag file that indicates whether Tor has bootstrapped
Documentation=https://tails.boum.org/contribute/design/
After=tails-wait-until-tor-has-bootstrapped.service
PartOf=tails-tor-has-bootstrapped.target
[Service]
Type=oneshot
RemainAfterExit=yes
User=debian-tor
ExecStart=/bin/touch /run/tor-has-bootstrapped/done
ExecStop=/bin/rm -f /run/tor-has-bootstrapped/done
CapabilityBoundingSet=
PrivateDevices=yes
PrivateNetwork=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
[Install]
WantedBy=tails-tor-has-bootstrapped.target
......@@ -7,12 +7,10 @@ Before=tails-tor-has-bootstrapped.target
[Service]
Type=oneshot
User=debian-tor
ExecStartPre=/bin/rm -f /run/tor-has-bootstrapped/done
ExecStart=/bin/sh -c '. /usr/local/lib/tails-shell-library/tor.sh ; \
while ! tor_is_working ; do \
/bin/sleep 1 ; \
done'
ExecStartPost=/bin/touch /run/tor-has-bootstrapped/done
TimeoutStartSec=0
CapabilityBoundingSet=
PrivateDevices=yes
......
#!/bin/sh
set -e
set -u
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
......
#!/bin/sh
set -e
set -u
. gettext.sh
TEXTDOMAIN="tails"
......
#!/bin/sh
set -e
set -u
# Import no_abort()
. /usr/local/lib/tails-shell-library/common.sh
# Get LANG
. /etc/default/locale
export LANG
(
xhost +SI:localuser:onioncircuits
no_abort sudo -u onioncircuits \
/usr/bin/lckdo /var/lock/onioncircuits \
/usr/bin/onioncircuits
xhost -SI:localuser:onioncircuits
exit ${_NO_ABORT_RET}
) &
#!/bin/sh
set -e
set -u
CMD=$(basename ${0})
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
# Import no_abort()
. /usr/local/lib/tails-shell-library/common.sh
TORDATE_DIR=/var/run/tordate
TORDATE_DONE_FILE="${TORDATE_DIR}/done"
INOTIFY_TIMEOUT=60
......@@ -64,5 +70,6 @@ check_free_memory "$MIN_REAL_MEMFREE"
cd /
xhost +SI:localuser:"$RUN_AS_USER"
sudo -u "$RUN_AS_USER" /usr/bin/tails-upgrade-frontend $@
no_abort sudo -u "$RUN_AS_USER" /usr/bin/tails-upgrade-frontend "${@}"
xhost -SI:localuser:"$RUN_AS_USER"
exit ${_NO_ABORT_RET}
......@@ -7,9 +7,8 @@
# directories where only root can write.
export PATH='/usr/local/bin:/usr/bin:/bin'
# Do not "set -u", else importing gettext.sh dies
# with "ZSH_VERSION: parameter not set".
set -e
set -u
. gettext.sh
TEXTDOMAIN="tails"
......@@ -49,10 +48,6 @@ ask_for_confirmation() {
--cancel-label "$dialog_start" --ok-label "$dialog_cancel"
}
tor_has_bootstrapped() {
sudo -n -u debian-tor /usr/local/sbin/tor-has-bootstrapped
}
start_browser() {
if [ ! -d "${PROFILE}" ]; then
/usr/local/lib/generate-tor-browser-profile
......
#!/bin/sh
set -eu
set -e
set -u
# We're a no-op unless running as the default desktop user
[ "$(/usr/bin/id -u)" = 1000 ] || exit 0
......
#!/bin/sh
set -eu
set -e
set -u
# We're a no-op unless running as the default desktop user
[ "$(/usr/bin/id -u)" = 1000 ] || exit 0
......
#!/bin/sh
set -eu
set -e
set -u
USER_PROFILE="${HOME}/.tor-browser"
......
#!/bin/sh
set -eu
set -e
set -u
# Import the TBB_INSTALL variable
. /usr/local/lib/tails-shell-library/tor-browser.sh
......@@ -9,7 +10,7 @@ ua="$(unzip -q -p "${TBB_INSTALL}"/browser/omni.ja \
defaults/preferences/000-tor-browser.js | \
sed -n 's@^pref("general\.useragent\.override", "\(.*\)");$@\1@p')"
if [ -z "${ua}" ]; then
if [ -z "${ua:-}" ]; then