Refactor most stuff into functions.

39302606 · Tails developers · d3317001 · 39302606
Commit 39302606 authored Mar 19, 2012 by Tails developers
--- a/config/chroot_local-includes/usr/local/sbin/unsafe-browser
+++ b/config/chroot_local-includes/usr/local/sbin/unsafe-browser
@@ -49,25 +49,69 @@ warning () {
    zenity --warning --title "" --text "${text}"
 }

-# First make sure the user really wants this
-DIALOG_TEXT="<b>Do you really want to launch the Unsafe Browser?</b>
+verify_start () {
+    # Make sure the user really wants to start the browser
+    local dialog_msg="<b>Do you really want to launch the Unsafe Browser?</b>

 Any activity within the Unsafe Browser will <i>not</i> be anonymous. This may be necessary if you have to login or register in order to activate your Internet connection."
-if ! zenity --question --title "" --text "${DIALOG_TEXT}"; then
-    exit 0
-fi
+    if ! zenity --question --title "" --text "${dialog_msg}"; then
+        exit 0
+    fi
+}

-# Set $TOR_WORKING to non-emtpy iff Tor is working right now. We need to
-# know whether we must restart Tor later (a captive portal may have
-# prevented Tor from bootstrapping, and a restart is the fastest way to
-# get wheels turning)
-# FIXME: how to determine this reliably? this approach doesn't work
-# if $TOR_DIR is persistent
-# FIXME: the approach is stolen from is_tor_working() in the 20-time
-# NM hook -- we should move things like this to a shell script library
-if [ -e "${TOR_DESCRIPTORS}" ]; then
-    TOR_WORKING="yes"
-fi
+setup_chroot () {
+    # Setup a chroot on an aufs "fork" of the filesystem.
+    # FIXME: When LXC matures to the point where it becomes a viable option
+    # for creating isolated jails, the chroot can be used as its rootfs.
+    mkdir -p ${ROFS} ${COW} ${CHROOT} && \
+    mount -t squashfs -o loop ${SQUASH} ${ROFS} && \
+    mount -t tmpfs tmpfs ${COW} && \
+    mount -t aufs -o noatime,noxino,dirs=${COW}=rw:${ROFS}=rr+wh aufs ${CHROOT} && \
+    mount -t proc proc ${CHROOT}/proc && \
+    mount --bind /dev ${CHROOT}/dev || error "Failed to setup chroot"
+}
+
+configure_chroot () {
+    # Set the chroot's DNS servers to those obtained through DHCP
+    rm -f ${CHROOT}/etc/resolv.conf
+    for NS in ${DHCP4_DOMAIN_NAME_SERVERS}; do
+        echo "nameserver ${NS}" >> ${CHROOT}/etc/resolv.conf
+    done
+    chmod a+r ${CHROOT}/etc/resolv.conf
+
+    # Disable problematic Iceweasel addons and proxying in the chroot
+    chroot ${CHROOT} apt-get remove --yes ${OFFENDING_ADDONS} &>/dev/null
+    sed -i '/^pref("network.proxy.type",/d' \
+        ${CHROOT}/etc/iceweasel/pref/iceweasel.js
+    echo 'pref("network.proxy.type", 0);' >> \
+        ${CHROOT}/etc/iceweasel/pref/iceweasel.js
+}
+
+start_browser_in_chroot () {
+    # Start Iceweasel in the chroot
+    sudo -u ${SUDO_USER} xhost +SI:localuser:${CLEARNET_USER} &>/dev/null
+    chroot ${CHROOT} sudo -u ${CLEARNET_USER} iceweasel -DISPLAY=:0.0
+    sudo -u ${SUDO_USER} xhost -SI:localuser:${CLEARNET_USER} &>/dev/null
+}
+
+tor_is_working() {
+    # FIXME: the approach is stolen from is_tor_working() in the 20-time
+    # NM hook -- we should move things like this to a shell script library
+    # FIXME: how to determine this reliably? this approach doesn't work
+    # if $TOR_DIR is persistent.
+    [ -e $TOR_DESCRIPTORS ]
+}
+
+maybe_restart_tor () {
+    # Restart Tor if it's not working (a captive portal may have prevented
+    # Tor from bootstrapping, and a restart is the fastest way to get
+    # wheels turning)
+    if ! tor_is_working; then
+        service tor restart &>/dev/null
+        until nc -z localhost 9051 &>/dev/null; do sleep 1; done
+        /etc/NetworkManager/dispatcher.d/60-vidalia.sh clearnet up &>/dev/null
+    fi
+}

 # Get the DNS servers that was obtained through DHCP from NetworkManager,
 # if any...
@@ -83,45 +127,12 @@ if [ -z "${DHCP4_DOMAIN_NAME_SERVERS}" ]; then
    error "No DNS server was obtained through DHCP."
 fi

+verify_start
 trap cleanup SIGINT
-
-# Setup a chroot on an aufs "fork" of the filesystem.
-# FIXME: When LXC matures to the point where it becomes a viable option
-# for creating isolated jails, the chroot can be used as its rootfs.
-mkdir -p ${ROFS} ${COW} ${CHROOT} && \
-mount -t squashfs -o loop ${SQUASH} ${ROFS} && \
-mount -t tmpfs tmpfs ${COW} && \
-mount -t aufs -o noatime,noxino,dirs=${COW}=rw:${ROFS}=rr+wh aufs ${CHROOT} && \
-mount -t proc proc ${CHROOT}/proc && \
-mount --bind /dev ${CHROOT}/dev || error "Failed to setup chroot"
-
-# Set the chroot's DNS servers to those obtained through DHCP
-rm -f ${CHROOT}/etc/resolv.conf
-for NS in ${DHCP4_DOMAIN_NAME_SERVERS}; do
-    echo "nameserver ${NS}" >> ${CHROOT}/etc/resolv.conf
-done
-chmod a+r ${CHROOT}/etc/resolv.conf
-
-# Disable problematic Iceweasel addons and proxying in the chroot
-chroot ${CHROOT} apt-get remove --yes ${OFFENDING_ADDONS} &>/dev/null
-sed -i '/^pref("network.proxy.type",/d' \
-    ${CHROOT}/etc/iceweasel/pref/iceweasel.js
-echo 'pref("network.proxy.type", 0);' >> \
-    ${CHROOT}/etc/iceweasel/pref/iceweasel.js
-
-# Start Iceweasel in the chroot
-sudo -u ${SUDO_USER} xhost +SI:localuser:${CLEARNET_USER} &>/dev/null
-chroot ${CHROOT} sudo -u ${CLEARNET_USER} iceweasel -DISPLAY=:0.0
-sudo -u ${SUDO_USER} xhost -SI:localuser:${CLEARNET_USER} &>/dev/null
-
+setup_chroot
+configure_chroot
+start_browser_in_chroot
 cleanup
-
-# Restart Tor if it wasn't working when the Unsafe Browser was started
-if [ -z "${TOR_WORKING}" ] ; then
-    service tor restart &>/dev/null
-    until nc -z localhost 9051 &>/dev/null; do sleep 1; done
-    /etc/NetworkManager/dispatcher.d/60-vidalia.sh clearnet up &>/dev/null
-fi
+maybe_restart_tor

 exit 0
-