Commit 4d769db0 authored by intrigeri's avatar intrigeri

Merge branch 'stable' into devel

parents 283d01da 488dec2a
--- /tmp/torbrowser-launcher-0.2.1/apparmor/torbrowser.Browser.firefox 2015-11-19 13:21:34.000000000 +0100
+++ apparmor/torbrowser.Browser.firefox 2015-11-19 13:19:30.680460539 +0100
--- /tmp/torbrowser-launcher-0.2.2/apparmor/torbrowser.Browser.firefox 2016-02-08 13:11:05.000000000 +0100
+++ apparmor/torbrowser.Browser.firefox 2016-02-08 13:25:15.170069917 +0100
@@ -1,13 +1,15 @@
# Last modified
#include <tunables/global>
......@@ -18,7 +18,7 @@
# Uncomment the following lines if you want to give the Tor Browser read-write
# access to most of your personal files.
@@ -17,41 +19,52 @@
@@ -17,45 +19,52 @@
#dbus,
network tcp,
......@@ -50,13 +50,17 @@
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/* r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/.** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/update.test/ rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/.** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser.bak/updated/ rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/*.so mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/components/*.so mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/browser/components/*.so mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox rix,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/updates/[0-9]*/updater ix,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/updates/0/MozUpdater/bgupdate/updater ix,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profiles.ini r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/** rwk,
......@@ -96,7 +100,7 @@
/etc/mailcap r,
/etc/mime.types r,
@@ -74,6 +87,30 @@
@@ -78,6 +87,30 @@
/sys/devices/pci[0-9]*/**/uevent r,
owner /{dev,run}/shm/shmfd-* rw,
......@@ -127,7 +131,7 @@
# KDE 4
owner @{HOME}/.kde/share/config/* r,
@@ -81,5 +118,10 @@
@@ -85,5 +118,10 @@
/etc/xfce4/defaults.list r,
/usr/share/xfce4/applications/ r,
......
......@@ -111,6 +111,7 @@ Running GUI applications in containers
* [GNOME sandboxed
applications](https://wiki.gnome.org/Projects/SandboxedApps), aka.
`xdg-app`; their concept of "portals" is very interesting.
- [GNOME Developer Experience hackfest: xdg-app + Debian](http://smcv.pseudorandom.co.uk/2016/xdg-app/)
* <http://pleonasm.info/blog/2012/10/privilege-separation-with-xpra/>
* [docker-desktop](https://github.com/rogaha/docker-desktop)
* Stéphane Graber's [LXC 1.0 blog post
......
[[!toc levels=1]]
# Linux dependencies
The current Tails Installer version (<https://git-tails.immerda.ch/liveusb-creator/>)
has considerable changes when compared with the upstream Fedora liveusb-creator
(<https://git.fedorahosted.org/cgit/liveusb-creator.git>).
The current package dependencies for the Tails Installer in Linux are:
* dosfstools
* gdisk
* genisoimage
* gir1.2-glib-2.0
* gir1.2-gtk-3.0
* gir1.2-udisks-2.0
* mtools
* p7zip-full
* policykit-1
* python-configobj
* python-gi
* python-urlgrabber
* syslinux
If we list the set of requirements for each important source file then we have:
### \_\_init\_\_.py
import gettext
if sys.platform == 'win32':
import gettext_windows
gettext_windows.setup_env()
### creator.py
if 'linux' in sys.platform:
import gi
gi.require_version('UDisks', '2.0')
from gi.repository import UDisks, GLib
Commands:
* syslinux
* sgdisk
* dd
* dosfslabel
* e2label
* extlinux
* pkexec
* mkdiskimage
* sync
### gui.py
from gi.repository import Gdk, GLib, Gtk
urlgrabber
In general GTK3
### launcher.py
from gi.repository import Gtk
### utils.py
if 'linux' in sys.platform:
from gi.repository import GLib
# Alternatives for Windows:
If we make a diff of the Windows class section in the "creator.py" source file,
comparing the current Tails version and the upstream version like this:
git difftool remotes/origin/master:tails_installer/creator.py remotes/b/master:liveusb/creator.py
we can see that the changes are not so big, at least in the raw Windows tools used.
These tools are basically, the Python win32 interfaces:
import win32file, win32api, pywintypes
and set of third parties tools listed here:
<https://git-tails.immerda.ch/liveusb-creator/tree/tools>
There are other tools that would be possible to explore like:
<https://labs.riseup.net/code/issues/10984>
As a conclusion, the biggest difference in the current Tails version is the usage
of the Python interface for GTK3 (PyGI). The tools/libraries for Windows used in
the current upstream liveusb-creator version seem in principle like the same
used for Tails right now, except for the GUI parts.
In the next section a proposed solution for porting applications using this library
for Windows is described.
# PyGI windows executable
I managed to create a native windows executable for a test Python/GI program under Windows 8.1
......
......@@ -46,15 +46,83 @@ Everything in this report can be made public.
This is not a security problem in Tails since we drop non-Tor
traffic by default, but for this very reason in breaks the
functionality of the autoconfig wizard in the context of Tails.
We started to write a proof-of-concept patch to fix this bug.
We started to write a proof-of-concept patch to fix this bug which
will be submitted upstream in February.
In order to improve Icedove's security in Tails and avoid unforeseen exploits,
we started evaluating an AppArmor profile for Icedove ([[!tails_ticket 10750]]).
We've asked the author to submit it upstream where it's now waiting to be merged.
In the meantime, we will ship this profile in Tails on our own.
## A.1.6. Release Icedove in Tails
Icedove was made the default email client in Tails 1.8 (December 15)
and Claws Mail was removed from Tails in version 2.0 (January 26).
# B. Improve our quality assurance process
## B.1. Automatically build ISO images for all the branches of our source code that are under active development
In January, **757 ISO images** were automatically built by our Jenkins
instance.
We worked on designing and implementing a workaround for an issue in our
autobuild setup: it sometimes happens that a build fails and leaves its
temporary directories. The subsequent builds happening on the same
system then always fail as they lack room in the /tmp/ directory.
([[!tails_ticket 10772]])
## B.2. Continuously run our entire test suite on all those ISO images once they are built
In January, **757 ISO images** were tested by our Jenkins instance.
## B.3. Extend the coverage of our test suite
* B.3.11. Fix newly identified issues to make our test suite more robust and faster
- We've marked some more scenarios as fragile, as we noticed there
were still some false positives ([[!tails_ticket 10863]]):
Encrypting and signing a message using an OpenPGP key
([[!tails_ticket 10991]])
OpenPGP applet key selection window badly handled
([[!tails_ticket 10992]])
Viewing and printing a PDF file ([[!tails_ticket 10994]])
# C. Scale our infrastructure
## C.2. Be able to detect within hours failures and malfunction on our services
We're still working on the prototype and it now has a setup for all the
checks we ranked in the blueprint as critical. ([[!tails_ticket 8650]])
This helped us to check how the chosen software is corresponding to the
requirements we defined. An implementation has been proposed.
([[!tails_ticket 8645]])
## C.4. Maintain our already existing services
We kept on answering the requests from the community as well as taking
care of security updates as covered by "C.4.4. Administer our services
up to milestone IV" and "C.4.5. Administer our services up to milestone
V" until the end of January.
A design to administer our new monitoring machine with puppet has been
proposed. ([[!tails_ticket 10760]])
# D. Migration to Debian Jessie
## D.4.1. Document the changes implied by the move to Jessie on our website
Most of our documentation has been updated to Jessie. For example we
rewrote entirely the [[introduction to
GNOME|doc/first_steps/introduction_to_gnome_and_the_tails_desktop]].
While reworking these pages we also simplified and improved some of
the oldest parts of our documentation.
The update of our documentation to GNOME Disks 3.12 was drafted but
not merged yet. The good news is that this process involves new
contributors who wrote documentation for Tails for the first time.
# E. Release management
Welcome to the tails-greeter GSoC'2011 project's blog!
### Update:
Build takes ages, spits several errors like:
"ERROR: ld.so: object '/usr/lib/libeatmydata/libeatmydata.so' from LD_PRELOAD cannot be preloaded: ignored"
but successfully produce .iso
#### Current status:
back on track.
#### Near-future plans:
whine until I have access to build-server more powerful than my ancient laptop :-)
[[!meta date="Mon May 9 02:02:02 2011"]]
This is the 1st in a series of bi-weekly reports which will follow alongside the implementation of tails-greeter project.
#### Current progress:
- created design document as subpage for TailsGreeter on wiki
- tried building tails iso
#### Problems:
- build fails with various problems on different machines
- build requires root privileges (upstream problem with live-build, see http://live.debian.net/devel/live-build/todo/ entries for "core")
#### Near-future plans:
- investigate and fix abovementioned problems
- read on .deb packaging
- read on vala (development environment setup and code samples)
#### Additional notes:
This entry will serve as a small test for unicode support of ikiwiki as well - see the numbering in heading :)
[[!meta date="Fri Jul 29 02:02:02 2011"]]
## Current progress:
- verify that locale is correctly applied to gnome-session and fix if it isn't - DONE.
- fix layout widget loading - DONE.
- obtain list of kb layouts and variants available (via python-xklavier) - postponed.
- populate layout widget with kb variants - postponed.
- apply correct layout after it's been chosen (both to present and following greeter widgets and to actual session) - postponed.
- verify that layout switching works after login - postponed.
- Add option to skip all the greeter screens and immediately login with default settings - DONE.
- Convey necessary env. variables to gnome session.(echo "VARIABLE=value" >> /etc/amnesia/environment or via /etc/gdm3/PostLogin/)
- capitalize 1st letter of (latin) language names (e. g. English vs english) - DONE.
- version tag and update - DONE.
## Problems:
- ISP failure which caused lack of regular updates and report delay
- it's impossible to set env. vars via /etc/gdm3/PostLogin/ - it's writable by root only and greeter is running as 'gdm-user' account
- python-xklavier bindings are incomplete: the most needed function "search_by_pattern" is unavailable.
## Near-future plans:
- find a way to overcome python-xklavier limitations
- Next week plans.
## Additional notes:
- Right now layout widget is dummmy: only "next" button is working.
- The language choice is applied to session semi-correctly: if there are several country locales correspond to one language (for examle French is Belgium, France etc) than one of them is picked seemingly random. Once there is workaround for xklavier issue than it'll be user choice made based on layout widget.
[[!meta date="Fri Aug 5 02:02:02 2011"]]
## Current progress:
- obtain list of kb layouts and variants available (via python-xklavier) - DONE.
- populate layout widget with kb variants - DONE.
- merge feature/better_root_access_control branch - DONE.
- apply correct layout after it's been chosen (both to present and following greeter widgets and to actual session) - postponed.
- verify that layout switching works after login - postponed
- version tag and update - DONE.
## Problems:
- tails-greeter is run under gdm's account but altering gdm PostLogon files (to set env variables) or locale compilation via localedef require root privileges.
- xklavier set and check layout without errors but it doesn't affect greeter nor following session.
- better_root_access_control feature requires env. variable to be set which is not possible yet.
## Near-future plans:
- wait for answer from gdm and xklavier devs to figure out workarounds for current problems
- replace 2 widgets with 1 panel with same functionality
- test the result with tails
## Additional notes:
- right now there are 2 "screens" which user moves through by pressing "next" button. That's rather ugly and is planned to be replaced with one of the following:
1) single "screen" with requests for both at the same time
2) 2 "screens" with language and layout requests on first one and admin password request on second one
- Which do you think is better and why?
- Please feel free to discuss it on irc this Saturday during regular meeting time or whenever you'll see max-gsoc
## Current progress:
0. write password for config/chroot_local-includes/usr/local/sbin/set-user-password
to file - DONE.
0. alter set-user-password to use password from file - DONE.
0. merge language and layout widget to single panel - DONE.
0. write locale name for localedef to file - DONE.
0. add locale generator which uses data from file - DONE.
0. fix layout selection for greeter session - DONE.
0. add double password entry to prevent typos - DONE.
0. use SelectLayout in GDM - DONE.
0. add layout selection to panel - DONE.
0. use separate layouts for greeter and for user session - DONE.
0. display panel and password widget on the same screen - DONE.
0. add layout indicator to greeter - DONE.
0. properly generate list of available layouts - in progress
0. version tag and update - DONE.
## Problems:
Generation of layout list based on language or locale is incomplete - it works only
for some well-tested cases (e. g. Русский). More testing required for other languages
and general code refactoring needed as well.
## Near-future plans:
0. Finish layout generation code.
0. Update documentation.
0. Other plans from timeline.
## Additional notes:
Please test how it works for YOUR favorite language.
The GSoC is almost over - next week is the time for final wrap-ups.
## Current progress
0. refactor layout generation code - DONE.
0. disable admin rights for empty password - DONE.
0. add layout variant selection - DONE.
0. use selected variant for greeter and session layout - DONE.
0. add variant to layout indicator - DONE.
0. make session layout selection enforce greeter layout selection - DONE.
0. make session layout variant selection enforce greeter layout variant selection - DONE.
0. make sure panel width fits the screen - DONE.
0. pre-select locale based on language - DONE.
0. correct UI phrasing - DONE.
0. show country name instead of code (e. g. Russia vs. ru_RU) - DONE.
0. update translation instructions - DONE.
0. add ability to use any layout regardless of language\locale choice - postponed
0. fix entry field width - postponed
0. fix polkit & sudo configuration - testing required
0. test with TAILS VM - in progress
0. document latest design changes - in progress
0. version tag and update - DONE.
## Problems
0. Glade seems pretty counter-intuitive: it's unclear how to make gtk window (parent) auto-resize when it's content (gtk entry inside gtk table) have expanded.
0. Proposed addition to add selection of any layout will require list which is even bigger than language list (which is currently considered unusable due to its size) - it's unclear how to do it right in UI. Addition is justified by following use-case example: Italian speaking person running TAILS on computer with Norwegian kb layout and would like to have Italian locale but Norwegian layout to match hardware at hands.
0. Hardcoded username and password prevent using tails-greeter 2nd time. Switch to gdm's autologin functionality is required.
## Next week plans
0. Document all the known issues. Create pages according to bug-reporting guideline.
0. Try to fix some of them.
0. Consume questionable substances - celebrate GSoC completion.
[[!meta date="Mon May 23 02:02:02 2011"]]
## Current progress
- git repositories ready (or, frankly, I feel ready to use them :)
- tried debian packaging and it seems to work ("seems" because it's readily available packages, not my own code yet)
- found example dbus implementation of greeter interface in python:
<http://doctormo.org/2011/04/12/how-to-make-a-gnome-login-screen-in-python/>
- walked through vala code samples for dbus & GUI
## Problems
- university workload increased, will post corresponding changes to schedule soon
- GDM's interfaces are not so well documented
## Near-future plans
- official coding start
- pick build system (scons? cmake? autotools?), in a mean time will use plain old makefile
- iron-out workflow (code, test, commit, build, report sequence)
[[!meta date="Fri Jun 3 02:02:02 2011"]]
## Current progress
- project language switch vala -> python
- main reason: working example made in python dy doctormo
- big repo update: with 'upstream' branch for doctormo's code and 'master' branch for actual development
## Problems
- scm conversion with 'taylor' failed so dumb import of entire bzr tree is performed
- university workload spike started earlier than anticipated
## Near-future plans
- mange university workload
- make .deb for doctormo's code
- integrate .deb building with git
## Note:
Next week will be mostly dedicated to exam, presentation and other university activities - hence tiny plans for it.
[[!meta date="Mon Jun 13 02:02:02 2011"]]
## Current progress
- mostly work on university projects so minor fixes and updates only
- weekly meeting follow-up - multiple wiki updates
- review existing python code & glade interfaces
- gdm-community-greeter forked into tails-greeter
- filed RFP for gtkme [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629199]] - dependency for tails-greeter
- pbuilder fix: git-buildpackage successfully builds from 'master' granch
- run community-greeter in VM: partially done - see below
## Problems
- installation into debian-squeeze is fine but got runtime error due to old python-gobject package, no backports found so .deb changed to prevent installation with unsopported version
- check with debian-sid - installation is fine after dependency correction for gir1.0-gtk-2.0 -> gir1.2-gtk-2.0 but autostart failed for unknown reason
## Near-future plans
- complete VM testing
- play with d-feet dbus debugger
- alter python code with dummy 'admin password requestor'
- check if current localization handling is suitable for tails-greeter
- make plans for next week
[[!meta date="Mon Jun 20 02:02:02 2011"]]
## Current progress
- convert tails-greeter to old-style pygtk to remove pygi dependecy: [in progress]
- re-test converted version with squeeze: [done, test failed]
- check if current localization handling is suitable for tails-greeter: [postponed]
- make plans for next week: [done]
## Problems
- proper procedure for version increase
- errors with dbus after conversion: access-denied on dbus call
- dpkg-divert required for proper testing
- need easy way to run python syntax quick check on entire file
## Near-future plans