Merge remote-tracking branches...

Merge remote-tracking branches 'origin/bugfix/7943-simplify-tor-launcher-profile-path-workaround', 'origin/bugfix/11097-tor-browser-fontconfig' and 'origin/bugfix/9896-abstract-chroot-browser-configs' into stable

config/base_branch

-stable
+devel

config/chroot_local-hooks/10-tbb

@@ -4,12 +4,13 @@ set -eu
 
 echo "Install the Tor Browser"
 
-# Import the TBB_INSTALL, TBB_PROFILE and TBB_EXT variables, which
-# contains the paths we will split TBB's actual browser (binaries
-# etc), user data and extension into. While this differs from how the
-# TBB organizes the files, the end result will be the same, and it's
-# practical since when creating a new browser profile we can simply
-# copy the profile directory without duplicating all extensions.
+# Import the TBB_INSTALL, TBB_PROFILE, TBB_EXT and
+# TOR_LAUNCHER_INSTALL variables, which contains the paths we will
+# split TBB's actual browser (binaries etc), user data and extension
+# into. While this differs from how the TBB organizes the files, the
+# end result will be the same, and it's practical since when creating
+# a new browser profile we can simply copy the profile directory
+# without duplicating all extensions.
 . /usr/local/lib/tails-shell-library/tor-browser.sh
 
 download_and_verify_files() {
@@ -70,11 +71,11 @@ install_tor_browser() {
     # profile but we want to keep it as a standalone application
     # when Tails is started in "bridge mode".
     torlauncher_xpi_path="${prep}/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpi"
-    7z x -o'/usr/share/tor-launcher-standalone' "${torlauncher_xpi_path}"
+    7z x -o"${TOR_LAUNCHER_INSTALL}" "${torlauncher_xpi_path}"
     torlauncher_version="$(sed -n \
         's,^        <em:version>\([0-9\.]\+\)</em:version>,\1,p' \
-        '/usr/share/tor-launcher-standalone/install.rdf')"
-    cat > '/usr/share/tor-launcher-standalone/application.ini' << EOF
+        "${TOR_LAUNCHER_INSTALL}/install.rdf")"
+    cat > "${TOR_LAUNCHER_INSTALL}/application.ini" << EOF
 [App]
 Vendor=TorProject
 Name=TorLauncher
@@ -89,7 +90,7 @@ MaxVersion=*.*.*
 [Shell]
 Icon=icon.png
 EOF
-    chmod -R a+rX '/usr/share/tor-launcher-standalone'
+    chmod -R a+rX "${TOR_LAUNCHER_INSTALL}"
     rm "${torlauncher_xpi_path}"
 
     # The Tor Browser will fail, complaining about an incomplete profile,

config/chroot_local-hooks/11-localize_browser

@@ -86,7 +86,7 @@ while IFS=: read MOZILLA_LOCALE LOCATION LOCALIZED_LANG STARTPAGE_LANG STARTPAGE
     # mix them up.
     CAPITALIZED_LANG_CODE="$(echo "${LANG_CODE}" | tr 'a-z' 'A-Z')"
     LOCALIZED_WIKIPEDIA_ICON_PATH="/tmp/wikipedia-icon-${LANG_CODE}.png"
-    WIKIPEDIA_SEARCH_ICON_BASE64_PATH="#{LOCALIZED_WIKIPEDIA_ICON_PATH}.base64"
+    WIKIPEDIA_SEARCH_ICON_BASE64_PATH="${LOCALIZED_WIKIPEDIA_ICON_PATH}.base64"
     WIKIPEDIA_ICON_TEMPLATE="${BROWSER_LOCALIZATION_DIR}/Wikipedia-icon.png"
     convert "${WIKIPEDIA_ICON_TEMPLATE}" \
             -gravity SouthEast -pointsize 130 -font Liberation-Sans-Bold \

config/chroot_local-hooks/20-xul-ext_symlinks

@@ -4,5 +4,8 @@ set -e
 
 echo "Creating prefs override for Tor Launcher"
 
+# Import the TOR_LAUNCHER_INSTALL variable.
+. /usr/local/lib/tails-shell-library/tor-browser.sh
+
 ln -s /etc/xul-ext/tor-launcher.js \
-      /usr/share/tor-launcher-standalone/defaults/preferences/000system.js
+      "${TOR_LAUNCHER_INSTALL}/defaults/preferences/000system.js"

config/chroot_local-includes/etc/environment

 SOCKS_SERVER=127.0.0.1:9050
 SOCKS5_SERVER=127.0.0.1:9050
 
-# Allow Torbutton access to the control port filter (for new identity).
-# Setting a password is required, otherwise Torbutton attempts to
-# read the authentication cookie file instead, which fails.
-TOR_CONTROL_HOST='127.0.0.1'
-TOR_CONTROL_PORT='9052'
-TOR_CONTROL_PASSWD='passwd'
-# Hide Torbutton's "Tor Network Settings..." context menu entry since
-# it doesn't work in Tails, and we deal with those configurations
-# strictly through Tor Launcher.
-TOR_NO_DISPLAY_NETWORK_SETTINGS='yes'
-
 # Port that the monkeysphere validation agent listens on
 MSVA_PORT='6136'

config/chroot_local-includes/etc/sudoers.d/zzz_tor-launcher

-Defaults!/usr/bin/tor-launcher always_set_home,env_keep+="TOR_CONFIGURE_ONLY TOR_CONTROL_PORT TOR_CONTROL_COOKIE_AUTH_FILE TOR_FORCE_NET_CONFIG TOR_HIDE_BROWSER_LOGO"

config/chroot_local-includes/usr/bin/tor-launcher

-#!/bin/sh
-
-set -e
-
-# Import exec_firefox() and configure_best_tor_launcher_locale()
-. /usr/local/lib/tails-shell-library/tor-browser.sh
-
-# The Tor Browser hardcodes the default profile dir to ../.. from the
-# folder storing the application.ini file supplied via -app. Sadly,
-# -profile doesn't work together with -app. Therefore we copy the
-# whole Tor Launcher application (just ~350 KB) into the user's home
-# so we can get the profile directory in a sane place.
-if [ ! -e "${HOME}"/.tor-launcher ]; then
-    mkdir -p "${HOME}"/.tor-launcher
-    cp -r /usr/share/tor-launcher-standalone "${HOME}"/.tor-launcher/tor-launcher-standalone
-    mkdir -p "${HOME}"/.tor-launcher/TorBrowser/Data/Browser/
-    cat << EOF > "${HOME}"/.tor-launcher/TorBrowser/Data/Browser/profiles.ini
-[General]
-StartWithLastProfile=1
-
-[Profile0]
-Name=default
-IsRelative=1
-Path=profile.default
-EOF
-    mkdir -p "${HOME}"/.tor-launcher/TorBrowser/Data/Browser/profile.default/preferences
-    configure_best_tor_launcher_locale "${HOME}"/.tor-launcher/TorBrowser/Data/Browser/profile.default
-fi
-
-exec_unconfined_firefox -app "${HOME}"/.tor-launcher/tor-launcher-standalone/application.ini

config/chroot_local-includes/usr/local/bin/tor-browser

@@ -20,6 +20,18 @@ PROFILE="${HOME}/.tor-browser/profile.default"
 # Import exec_firefox() and configure_best_tor_browser_locale()
 . /usr/local/lib/tails-shell-library/tor-browser.sh
 
+# Allow Torbutton access to the control port filter (for new identity).
+# Setting a password is required, otherwise Torbutton attempts to
+# read the authentication cookie file instead, which fails.
+export TOR_CONTROL_HOST='127.0.0.1'
+export TOR_CONTROL_PORT='9052'
+export TOR_CONTROL_PASSWD='passwd'
+# Hide Torbutton's "Tor Network Settings..." context menu entry since
+# it doesn't work in Tails, and we deal with those configurations
+# strictly through Tor Launcher.
+export TOR_NO_DISPLAY_NETWORK_SETTINGS='yes'
+
+
 ask_for_confirmation() {
     # Skip dialog if user is already running Tor Browser:
     if pgrep -u amnesia -f "${TBB_INSTALL}/firefox" ; then
@@ -55,11 +67,6 @@ start_browser() {
     # not enough to simply set intl.locale.matchOS to true.
     configure_best_tor_browser_locale "${PROFILE}"
 
-    unset SESSION_MANAGER
-
-    export FONTCONFIG_PATH="${TBB_INSTALL}/TorBrowser/Data/fontconfig"
-    export FONTCONFIG_FILE="fonts.conf"
-
     exec_firefox -allow-remote --class "Tor Browser" -profile "${PROFILE}" "${@}"
 }
 

config/chroot_local-includes/usr/local/bin/tor-launcher

+#!/bin/sh
+
+set -e
+
+# Import the TOR_LAUNCHER_INSTALL variable, and exec_unconfined_firefox()
+# and configure_best_tor_launcher_locale()
+. /usr/local/lib/tails-shell-library/tor-browser.sh
+
+unset TOR_CONTROL_PASSWD
+unset TOR_FORCE_NET_CONFIG
+export TOR_CONFIGURE_ONLY=1
+export TOR_CONTROL_PORT=9051
+export TOR_CONTROL_COOKIE_AUTH_FILE=/var/run/tor/control.authcookie
+export TOR_HIDE_BROWSER_LOGO=1
+if echo "$@" | grep -qw -- --force-net-config; then
+    export TOR_FORCE_NET_CONFIG=1
+fi
+
+PROFILE="${HOME}/.tor-launcher/profile.default"
+if [ ! -d "${PROFILE}" ]; then
+  mkdir -p "${PROFILE}"
+  configure_best_tor_launcher_locale "${PROFILE}"
+fi
+
+exec_unconfined_firefox \
+    -app "${TOR_LAUNCHER_INSTALL}/application.ini" \
+    -profile "${PROFILE}"

config/chroot_local-includes/usr/local/lib/tails-shell-library/chroot-browser.sh

@@ -132,8 +132,10 @@ configure_chroot_browser_profile () {
 
     # Set preferences
     local browser_prefs="${browser_profile}/preferences/prefs.js"
+    local chroot_browser_config="/usr/share/tails/chroot-browsers"
     mkdir -p "$(dirname "${browser_prefs}")"
-    cp "/usr/share/tails/${browser_name}/prefs.js" "${browser_prefs}"
+    cat "${chroot_browser_config}/common/prefs.js" \
+        "${chroot_browser_config}/${browser_name}/prefs.js" > "${browser_prefs}"
 
     # Set browser home page to something that explains what's going on
     if [ -n "${home_page}" ]; then
@@ -145,12 +147,14 @@ configure_chroot_browser_profile () {
     rm "${chroot}/${TBB_PROFILE}/bookmarks.html"
 
     # Set an appropriate theme
-    cat "/usr/share/tails/${browser_name}/theme.js" >> "${browser_prefs}"
+    cat "${chroot_browser_config}/${browser_name}/theme.js" >> "${browser_prefs}"
 
     # Customize the GUI.
     local browser_chrome="${browser_profile}/chrome/userChrome.css"
     mkdir -p "$(dirname "${browser_chrome}")"
-    cat "/usr/share/tails/${browser_name}/userChrome.css" >> "${browser_chrome}"
+    cat "${chroot_browser_config}/common/userChrome.css" \
+        "${chroot_browser_config}/${browser_name}/userChrome.css" >> \
+            "${browser_chrome}"
 
     set_chroot_browser_permissions "${chroot}" "${browser_name}" "${browser_user}"
 }

config/chroot_local-includes/usr/local/lib/tails-shell-library/tor-browser.sh

@@ -3,18 +3,33 @@
 TBB_INSTALL=/usr/local/lib/tor-browser
 TBB_PROFILE=/etc/tor-browser/profile
 TBB_EXT=/usr/local/share/tor-browser-extensions
-TOR_LAUNCHER_LOCALES_DIR=/usr/share/tor-launcher-standalone/chrome/locale
+TOR_LAUNCHER_INSTALL=/usr/local/lib/tor-launcher-standalone
+TOR_LAUNCHER_LOCALES_DIR="${TOR_LAUNCHER_INSTALL}/chrome/locale"
+
+exec_firefox_helper() {
+    local binary="${1}"; shift
+
+    export LD_LIBRARY_PATH="${TBB_INSTALL}"
+    export FONTCONFIG_PATH="${TBB_INSTALL}/TorBrowser/Data/fontconfig"
+    export FONTCONFIG_FILE="fonts.conf"
+
+    # The Tor Browser often assumes that the current directory is
+    # where the browser lives, e.g. for the fixed set of fonts set by
+    # fontconfig above.
+    cd "${TBB_INSTALL}"
+
+    # From start-tor-browser:
+    unset SESSION_MANAGER
+
+    exec "${TBB_INSTALL}"/"${binary}" "${@}"
+}
 
 exec_firefox() {
-    LD_LIBRARY_PATH="${TBB_INSTALL}"
-    export LD_LIBRARY_PATH
-    exec "${TBB_INSTALL}"/firefox "${@}"
+    exec_firefox_helper firefox "${@}"
 }
 
 exec_unconfined_firefox() {
-    LD_LIBRARY_PATH="${TBB_INSTALL}"
-    export LD_LIBRARY_PATH
-    exec "${TBB_INSTALL}"/firefox-unconfined "${@}"
+    exec_firefox_helper firefox-unconfined "${@}"
 }
 
 guess_best_tor_browser_locale() {

config/chroot_local-includes/usr/local/sbin/tails-tor-launcher

@@ -5,28 +5,20 @@ set -e
 # Import export_gnome_env().
 . /usr/local/lib/tails-shell-library/gnome.sh
 
-unset TOR_CONTROL_PASSWD
-unset TOR_FORCE_NET_CONFIG
-TOR_CONFIGURE_ONLY=1
-TOR_CONTROL_PORT=9051
-TOR_CONTROL_COOKIE_AUTH_FILE=/var/run/tor/control.authcookie
-TOR_HIDE_BROWSER_LOGO=1
-export TOR_CONFIGURE_ONLY
-export TOR_CONTROL_PORT
-export TOR_CONTROL_COOKIE_AUTH_FILE
-export TOR_HIDE_BROWSER_LOGO
-
-if echo "$@" | grep -qw -- --force-net-config; then
-    TOR_FORCE_NET_CONFIG=1
-    export TOR_FORCE_NET_CONFIG
-fi
-
 # Get LIVE_USERNAME
 . /etc/live/config.d/username.conf
 
 # Get LANG
 . /etc/default/locale
 
+# The Tor Browser hardcodes the default profile dir to inside
+# ../TorBrowser/Data/Browser/ from the folder storing the
+# application.ini file supplied via -app. We can use -profile to load
+# it from a different place, but then the Caches directory
+# must still exist and be accessible in the above folder.
+mkdir -p /usr/local/lib/TorBrowser/Data/Browser/Caches
+chmod -R a+rX /usr/local/lib/TorBrowser
+
 until pgrep -u "${LIVE_USERNAME}" '^ibus-daemon' >/dev/null ; do
    sleep 5
 done
@@ -34,11 +26,8 @@ done
 export LANG
 export_gnome_env
 sudo -u ${LIVE_USERNAME} xhost +SI:localuser:tor-launcher
-gksudo -u tor-launcher /usr/bin/tor-launcher
+gksudo -u tor-launcher /usr/local/bin/tor-launcher -- "$@"
 RET=${?}
 sudo -u ${LIVE_USERNAME} xhost -SI:localuser:tor-launcher
 
-# Save ~10 RAM (due to the tmpfs) by removing this unused file
-rm -f /usr/Data/Browser/*.default/places.sqlite
-
 exit ${RET}

config/chroot_local-includes/usr/share/tails/unsafe-browser/prefs.js → config/chroot_local-includes/usr/share/tails/chroot-browsers/common/prefs.js

-// Disable proxying in the chroot
-pref("network.proxy.type", 0);
-pref("network.proxy.socks_remote_dns", false);
-
 // Disable update checking
 pref("app.update.enabled", false);
 pref("extensions.update.enabled", false);
 
-/* Prevent File -> Print or CTRL+P from causing the browser to hang
-   for several minutes while trying to communicate with CUPS, since
-   access to port 631 isn't allowed through. */
-pref("print.postscript.cups.enabled", false);
-// Hide "Get Addons" in Add-ons manager
-pref("extensions.getAddons.showPane", false);
-
-/* Google seems like the least suspicious choice of default search
-   engine for the Unsafe Browser's in-the-clear traffic. */
-user_pref("browser.search.defaultenginename", "Google");
-user_pref("browser.search.selectedEngine", "Google");
-
 // Disable fetching of the new tab page's Tiles links/ads. Ads are
 // generally unwanted, and also the fetching is a "phone home" type of
 // feature that generates traffic at least the first time the browser
-// is started.
+// is started. It won't work in e.g. the I2P Browser, too.
 pref("browser.newtabpage.directory.source", "");
 pref("browser.newtabpage.directory.ping", "");
 // ... and disable the explanation shown the first time
 pref("browser.newtabpage.introShown", true);
 
-// Don't use geographically specific search prefs, like
-// browser.search.*.US for US locales. Our generated amnesia branding
-// add-on localizes search-engines in an incompatible but equivalent
-// way.
-pref("browser.search.geoSpecificDefaults", false);
+/* Prevent File -> Print or CTRL+P from causing the browser to hang
+   for several minutes while trying to communicate with CUPS, since
+   access to port 631 isn't allowed through. */
+pref("print.postscript.cups.enabled", false);
 
-// Without setting this, the Download Management page will not update
-// the progress being made.
-pref("browser.download.panel.shown", true);
+// Hide "Get Addons" in Add-ons manager
+pref("extensions.getAddons.showPane", false);

config/chroot_local-includes/usr/share/tails/unsafe-browser/userChrome.css → config/chroot_local-includes/usr/share/tails/chroot-browsers/common/userChrome.css

-/* Required, do not remove */
 @namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
 
-/* Hide Firefox Sync options. Sync hasn't been audited by the
-   Tor Browser developers yet (Tor bug #10368), and it doesn't seem to
-   work any way (Tor bug #13279). Weak passwords would be a pretty
-   serious issue too. */
+/* Hide Firefox Sync options. It will not work with the I2P Browser
+   and will only promote unsupported use cases for the Unsafe Browser. */
 #BrowserPreferences radio[pane="paneSync"],
 #sync-button,
 #sync-menu-button,
@@ -18,20 +15,23 @@
    Tools -> Add-ons link to the Add-ons manager. We do not want to
    encourage installing such things as it's not part of the supported
    use-cases and may have privacy issues. Also they will not persist a
-   restart, which is just confusing. */
+   restart, which is just confusing. In the I2P Browser, many of these
+   features will not work any way. */
 #menu_openApps,
 #menu_openAddons,          /* traditional menu */
 #add-ons-button,           /* new style Firefox menu */
 #wrapper-add-ons-button,   /* Customize toolbar */
 
 /* Hide the "Share this page" button in the Tool bar, which encourages
-   the use of social (= tracking) networks. Note that this one likely
-   will be removed upstream in the final Tor Browser 5.0 release. */
+   the use of social (= tracking) networks. These will not work in the
+   I2P browser any way.  */
 #social-share-button,
 
-/* Hide TorBrowser Health Report and its configuration option */
+/* Hide the Health Report and its configuration option. It's just a
+   blank page, for some reason. */
 #appmenu_healthReport,
 #dataChoicesTab,
 #healthReport
 
+/* Do the actual hiding. */
 {display: none !important}

config/chroot_local-includes/usr/share/tails/i2p-browser/prefs.js → config/chroot_local-includes/usr/share/tails/chroot-browsers/i2p-browser/prefs.js

@@ -7,21 +7,9 @@ pref("network.proxy.http_port", 4444);
 pref("network.proxy.no_proxies_on", "127.0.0.1");
 pref("network.proxy.ssl", "127.0.0.1");
 pref("network.proxy.ssl_port", 4444);
+
 // Disable searching from the URL bar
 pref("keyword.enabled", false);
-// Hide "Get Addons" in Add-ons manager
-pref("extensions.getAddons.showPane", false);
-/* Prevent File -> Print or CTRL+P from causing the browser to hang
-   for several minutes while trying to communicate with CUPS, since
-   access to port 631 isn't allowed through. */
-pref("print.postscript.cups.enabled", false);
-
-// Disable fetching of the new tab page's Tiles links/ads. It will not
-// work in the I2P Browser.
-pref("browser.newtabpage.directory.source", "");
-pref("browser.newtabpage.directory.ping", "");
-// ... and disable the explanation shown the first time
-pref("browser.newtabpage.introShown", true);
 
 // Without setting this, the Download Management page will not update
 // the progress being made.

config/chroot_local-includes/usr/share/tails/i2p-browser/userChrome.css → config/chroot_local-includes/usr/share/tails/chroot-browsers/i2p-browser/userChrome.css

-/* Required, do not remove */
 @namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
 
 /* Hide access to the bookmarks to try to prevent "data loss" due to users
@@ -24,17 +23,6 @@
 #wrapper-history-button,
 #wrapper-bookmarks-button,
 
-/* Hide the Tools -> Apps link to the Firefox Marketplace, and
-   Tools -> Add-ons link to the Add-ons manager. We do not want to
-   encourage installing such things as it's not part of the supported
-   use-cases and may have privacy issues. Also they will not persist a
-   restart, which is just confusing. In the I2P Browser, many of these
-   features will not work any way. */
-#menu_openApps,
-#menu_openAddons,          /* traditional menu */
-#add-ons-button,           /* new style Firefox menu */
-#wrapper-add-ons-button,   /* Customize toolbar */
-
 /* Hide the sidebar menu (underneath View) since the default sidebars consist
  * of history and bookmarks.  Also disable the bookmark toolbar.
  */
@@ -66,27 +54,6 @@ menuitem[command="Browser:SendLink"],
 [command="cmd_print"],
 */
 
-/* Hide the sync functionality which won't work with I2P */
-#BrowserPreferences radio[pane="paneSync"],
-#sync-button,
-#sync-menu-button,
-#sync-setup,
-#sync-setup-appmenu,
-#sync-status-button,
-#sync-syncnowitem-appmenu,
-#wrapper-sync-button,
-
-/* Hide the "Share this page" button in the Tool bar, which encourages
-   the use of social (= tracking) networks. These will not work in the
-   I2P browser any way. Note that this one likely will be removed
-   upstream in the final Tor Browser 5.0 release. */
-#social-share-button,
-
-/* Hide the "Keyboard shortcuts" and "Tour" options from
-from the Help menu */
-#menu_keyboardShortcuts,
-#menu_openTour,
-
 /* Without I2P search engines defined, the search bar is useless.
  *  Since there are no I2P search engines added to Tails (yet),
  *  let's hide it and the Update Pane in Firefox's Preferences.
@@ -94,9 +61,9 @@ from the Help menu */
 #search-container,
 #updateTab,
 
-/* Hide options in the Help menu that lead to disallowed resources on the
- * Internet.
- */
+/* Hide options that lead to resources inaccessible over I2P */
+#menu_keyboardShortcuts,
+#menu_openTour,
 #appmenu_feedbackPage,
 #appmenu_gettingStarted,
 #appmenu_openHelp,
@@ -107,12 +74,7 @@ from the Help menu */
 
 /* Hide the TorButton button from the toolbar */
 #torbutton-button,
-#wrapper-torbutton-button,
-
-/* Hide TorBrowser Health Report and its configuration option */
-#appmenu_healthReport,
-#dataChoicesTab,
-#healthReport
+#wrapper-torbutton-button
 
-/* Now the actual hiding */
+/* Do the actual hiding. */
 {display: none !important}

config/chroot_local-includes/usr/share/tails/chroot-browsers/unsafe-browser/prefs.js

+// Disable proxying in the chroot
+pref("network.proxy.type", 0);
+pref("network.proxy.socks_remote_dns", false);
+
+/* Google seems like the least suspicious choice of default search
+   engine for the Unsafe Browser's in-the-clear traffic. */
+user_pref("browser.search.defaultenginename", "Google");
+user_pref("browser.search.selectedEngine", "Google");
+
+// Don't use geographically specific search prefs, like
+// browser.search.*.US for US locales. Our generated amnesia branding
+// add-on localizes search-engines in an incompatible but equivalent
+// way.
+pref("browser.search.geoSpecificDefaults", false);
+
+// Without setting this, the Download Management page will not update
+// the progress being made.
+pref("browser.download.panel.shown", true);

config/chroot_local-includes/usr/share/tails/chroot-browsers/unsafe-browser/userChrome.css

+@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");

debian/changelog

+tails (2.2) UNRELEASED; urgency=medium
+
+  * Dummy entry.
+
+ -- anonym <anonym@riseup.net>  Tue, 26 Jan 2016 02:32:45 +0100
+
 tails (2.0.1) UNRELEASED; urgency=medium
 
   * Dummy entry.