Commit 3ccc06ab authored by Tails developers's avatar Tails developers
Browse files

Use unique dot-config directories for the chroot browsers.

It makes a bit of sense on its own, and it guarantees that no weird
cruft in ~/.tor-browser will interfere for whatever reason.
parent 000ecfa0
......@@ -62,9 +62,10 @@ setup_browser_chroot () {
set_chroot_browser_locale () {
local chroot="${1}"
local browser_user="${2}"
local locale="${3}"
local browser_profile="${chroot}/home/${browser_user}/.tor-browser/profile.default"
local browser_name="${2}"
local browser_user="${3}"
local locale="${4}"
local browser_profile="${chroot}/home/${browser_user}/.${browser_name}/profile.default"
configure_xulrunner_app_locale "${browser_profile}" "${locale}"
}
......@@ -97,14 +98,15 @@ set_chroot_browser_name () {
# Start the browser in the chroot
run_chroot_browser () {
local chroot="${1}"
local chroot_user="${2}"
local local_user="${3}"
local browser_name="${2}"
local chroot_user="${3}"
local local_user="${4}"
sudo -u ${local_user} xhost +SI:localuser:${chroot_user} 2>/dev/null
chroot ${chroot} sudo -u ${chroot_user} /bin/sh -c \
'. /usr/local/lib/tails-shell-library/tor-browser.sh && \
exec_firefox -DISPLAY=:0.0 \
-profile /home/'"${chroot_user}"'/.tor-browser/profile.default'
-profile '"/home/${chroot_user}/.${browser_name}/profile.default"
sudo -u ${local_user} xhost -SI:localuser:${chroot_user} 2>/dev/null
}
......@@ -136,8 +138,9 @@ configure_chroot_dns_servers () {
set_chroot_browser_permissions () {
local chroot="${1}"
local browser_user="${2}"
local browser_conf="${chroot}/home/${browser_user}/.tor-browser"
local browser_name="${2}"
local browser_user="${3}"
local browser_conf="${chroot}/home/${browser_user}/.${browser_name}"
chown -R ${browser_user}:${browser_user} "${browser_conf}"
}
......@@ -153,7 +156,7 @@ configure_chroot_browser () {
echo "127.0.0.1 localhost amnesia" > ${chroot}/etc/hosts
# Create a fresh browser profile for the clearnet user
local browser_conf="${chroot}/home/${browser_user}/.tor-browser"
local browser_conf="${chroot}/home/${browser_user}/.${browser_name}"
local browser_profile="${browser_conf}/profile.default"
local browser_ext="${browser_profile}"/extensions
mkdir -p "${browser_profile}" "${browser_ext}"
......
......@@ -55,10 +55,11 @@ show_start_notification () {
copy_extra_tbb_prefs () {
local chroot="${1}"
local browser_user="${2}"
local browser_name="${2}"
local browser_user="${3}"
local tbb_prefs="/etc/tor-browser/profile/preferences"
local browser_prefs_dir="${chroot}/home/${browser_user}/.tor-browser"/profile.default/preferences
local browser_prefs_dir="${chroot}/home/${browser_user}/.${browser_name}"/profile.default/preferences
mkdir -p "${browser_prefs_dir}"
# Selectively copy the TBB prefs we want
sed '/\(security\|update\|download\|spell\|noscript\|torbrowser\|torbutton\)/!d' "${tbb_prefs}"/0000tails.js > \
......@@ -117,13 +118,13 @@ configure_chroot_dns_servers "${CHROOT}" "127.0.0.1"
configure_chroot_browser "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" \
"${START_PAGE}" "${TBB_EXT}"/langpack-*.xpi \
"${NOSCRIPT_EXT_XPI}" "${TORBUTTON_EXT_DIR}"
copy_extra_tbb_prefs "${CHROOT}" "${BROWSER_USER}"
set_chroot_browser_locale "${CHROOT}" "${BROWSER_USER}" "${BEST_LOCALE}"
copy_extra_tbb_prefs "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}"
set_chroot_browser_locale "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" "${BEST_LOCALE}"
set_chroot_torbutton_browser_name "${CHROOT}" "${HUMAN_READABLE_NAME}" "${BEST_LOCALE}"
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_USER}"
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}"
echo "* Starting I2P Browser"
run_chroot_browser ${CHROOT} ${BROWSER_USER} ${SUDO_USER}
run_chroot_browser ${CHROOT} ${BROWSER_NAME} ${BROWSER_USER} ${SUDO_USER}
echo "* Exiting the I2P Browser"
show_shutdown_notification
......
......@@ -124,12 +124,12 @@ echo "* Configuring chroot"
configure_chroot_dns_servers "${CHROOT}" "${IP4_NAMESERVERS}"
configure_chroot_browser "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" \
"${START_PAGE}" "${TBB_EXT}"/langpack-*.xpi
set_chroot_browser_locale "${CHROOT}" "${BROWSER_USER}" "${BEST_LOCALE}"
set_chroot_browser_locale "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" "${BEST_LOCALE}"
set_chroot_browser_name ${CHROOT} "`gettext \"Unsafe Browser\"`" "${BEST_LOCALE}"
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_USER}"
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}"
echo "* Starting Unsafe Browser"
run_chroot_browser ${CHROOT} ${BROWSER_USER} ${SUDO_USER}
run_chroot_browser ${CHROOT} ${BROWSER_NAME} ${BROWSER_USER} ${SUDO_USER}
echo "* Exiting the Unsafe Browser"
show_shutdown_notification
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment