Commit a6043ab7 authored by Tails developers's avatar Tails developers

Use quoting on variable and assignment values more consistently.

parent ac5b4201
......@@ -16,11 +16,11 @@ try_cleanup_browser_chroot () {
local cow="${2}"
local user="${3}"
try_for 10 "pkill -u ${user} 1>/dev/null 2>&1" 0.1 || \
pkill -9 -u ${user} 1>/dev/null 2>&1
for mnt in ${chroot}/dev ${chroot}/proc ${chroot} ${cow}; do
pkill -9 -u "${user}" 1>/dev/null 2>&1
for mnt in "${chroot}"/dev "${chroot}"/proc "${chroot}" "${cow}"; do
try_for 10 "umount ${mnt} 2>/dev/null" 0.1
done
rmdir ${cow} ${chroot} 2>/dev/null
rmdir "${cow}" "${chroot}" 2>/dev/null
}
# Setup a chroot on a clean aufs "fork" of the root filesystem.
......@@ -34,8 +34,8 @@ setup_browser_chroot () {
trap cleanup EXIT
local rootfs_dir
local rootfs_dirs_path=/lib/live/mount/rootfs
local tails_module_path=/lib/live/mount/medium/live/Tails.module
local rootfs_dirs_path="/lib/live/mount/rootfs"
local tails_module_path="/lib/live/mount/medium/live/Tails.module"
local aufs_dirs=
# We have to pay attention to the order we stack the filesystems;
......@@ -49,15 +49,15 @@ setup_browser_chroot () {
# But our copy-on-write dir must be at the very top.
aufs_dirs="${cow}=rw:${aufs_dirs}"
mkdir -p ${cow} ${chroot} && \
mount -t tmpfs tmpfs ${cow} && \
mount -t aufs -o "noatime,noxino,dirs=${aufs_dirs}" aufs ${chroot} && \
mount -t proc proc ${chroot}/proc && \
mount --bind /dev ${chroot}/dev || \
mkdir -p "${cow}" "${chroot}" && \
mount -t tmpfs tmpfs "${cow}" && \
mount -t aufs -o "noatime,noxino,dirs=${aufs_dirs}" aufs "${chroot}" && \
mount -t proc proc "${chroot}"/proc && \
mount --bind /dev "${chroot}"/dev || \
return 1
# Workaround for #6110
chmod -t ${cow}
chmod -t "${cow}"
}
set_chroot_browser_locale () {
......@@ -73,18 +73,18 @@ set_chroot_browser_name () {
local chroot="${1}"
local name="${2}"
local locale="${3}"
local ext_dir=${chroot}/"${TBB_EXT}"
local ext_dir="${chroot}/${TBB_EXT}"
local pack top rest
if [ "${locale}" != en-US ]; then
if [ "${locale}" != "en-US" ]; then
pack="${ext_dir}/langpack-${locale}@firefox.mozilla.org.xpi"
top=browser/chrome
rest=${locale}/locale
top="browser/chrome"
rest="${locale}/locale"
else
pack="${chroot}/${TBB_INSTALL}/browser/omni.ja"
top=chrome
rest=en-US/locale
top="chrome"
rest="en-US/locale"
fi
local tmp=$(mktemp -d)
local tmp="$(mktemp -d)"
local branding="${top}/${rest}/branding/brand.dtd"
# Non-zero exit code due to non-standard ZIP archive.
# The following steps will fail soon if the extraction failed anyway.
......@@ -131,7 +131,7 @@ configure_chroot_dns_servers () {
rm -f ${chroot}/etc/resolv.conf
for ns in ${ip4_nameservers}; do
echo "nameserver ${ns}" >> ${chroot}/etc/resolv.conf
echo "nameserver ${ns}" >> "${chroot}/etc/resolv.conf"
done
chmod a+r ${chroot}/etc/resolv.conf
}
......@@ -141,7 +141,7 @@ set_chroot_browser_permissions () {
local browser_name="${2}"
local browser_user="${3}"
local browser_conf="${chroot}/home/${browser_user}/.${browser_name}"
chown -R ${browser_user}:${browser_user} "${browser_conf}"
chown -R "${browser_user}:${browser_user}" "${browser_conf}"
}
configure_chroot_browser () {
......@@ -153,12 +153,12 @@ configure_chroot_browser () {
# to extensions to enable.
# Prevent sudo from complaining about failing to resolve the 'amnesia' host
echo "127.0.0.1 localhost amnesia" > ${chroot}/etc/hosts
echo "127.0.0.1 localhost amnesia" > "${chroot}/etc/hosts"
# Create a fresh browser profile for the clearnet user
local browser_conf="${chroot}/home/${browser_user}/.${browser_name}"
local browser_profile="${browser_conf}/profile.default"
local browser_ext="${browser_profile}"/extensions
local browser_ext="${browser_profile}/extensions"
mkdir -p "${browser_profile}" "${browser_ext}"
# Select extensions to enable
......@@ -169,23 +169,23 @@ configure_chroot_browser () {
done
# Set preferences
local browser_prefs="${browser_profile}"/preferences/prefs.js
local browser_prefs="${browser_profile}/preferences/prefs.js"
mkdir -p "$(dirname "${browser_prefs}")"
cp /usr/share/tails/"${browser_name}"/prefs.js "${browser_prefs}"
cp /usr/share/tails/"${browser_name}/prefs.js" "${browser_prefs}"
# Set start page to something that explains what's going on
echo 'user_pref("browser.startup.homepage", "'${startpage}'");' >> \
echo 'user_pref("browser.startup.homepage", "'"${startpage}"'");' >> \
"${browser_prefs}"
# Customize the GUI
local browser_chrome="${browser_profile}/chrome/userChrome.css"
mkdir -p "$(dirname "${browser_chrome}")"
cp /usr/share/tails/"${browser_name}"/userChrome.css ${browser_chrome}
cp /usr/share/tails/"${browser_name}"/userChrome.css "${browser_chrome}"
# Remove all bookmarks
rm -f ${chroot}/"${TBB_PROFILE}"/bookmarks.html
rm -f ${browser_profile}/bookmarks.html
rm -f ${browser_profile}/places.sqlite
rm -f "${chroot}/${TBB_PROFILE}/bookmarks.html"
rm -f "${browser_profile}/bookmarks.html"
rm -f "${browser_profile}/places.sqlite"
# Set an appropriate theme, except if we're using Windows
# camouflage.
......@@ -194,9 +194,9 @@ configure_chroot_browser () {
else
# The tails-activate-win8-theme script requires that the
# browser profile is writable by the user running the script.
set_chroot_browser_permissions ${chroot} ${browser_user}
set_chroot_browser_permissions "${chroot}" "${browser_user}"
# The camouflage activation script requires a dbus server for
# properly configuring GNOME, so we start one in the chroot
chroot ${chroot} sudo -H -u ${browser_user} sh -c 'eval `dbus-launch --auto-syntax`; tails-activate-win8-theme' || :
chroot "${chroot}" sudo -H -u "${browser_user}" sh -c 'eval `dbus-launch --auto-syntax`; tails-activate-win8-theme' || :
fi
}
......@@ -19,7 +19,7 @@ set -e
. /usr/local/lib/tails-shell-library/i2p.sh
cleanup () {
try_cleanup_browser_chroot ${CHROOT} ${COW} ${BROWSER_USER}
try_cleanup_browser_chroot "${CHROOT}" "${COW}" "${BROWSER_USER}"
}
error () {
......@@ -28,7 +28,7 @@ error () {
${@}"
echo "${cli_text}" >&2
sudo -u ${SUDO_USER} zenity --error --title "" --text "${dialog_text}"
sudo -u "${SUDO_USER}" zenity --error --title "" --text "${dialog_text}"
exit 1
}
......@@ -41,7 +41,7 @@ verify_start () {
local exit="`gettext \"_Exit\"`"
# Since zenity can't set the default button to cancel, we switch the
# labels and interpret the return value as its negation.
if sudo -u ${SUDO_USER} zenity --question --title "" --ok-label "${exit}" \
if sudo -u "${SUDO_USER}" zenity --question --title "" --ok-label "${exit}" \
--cancel-label "${launch}" --text "${dialog_msg}"; then
exit 0
fi
......@@ -66,7 +66,7 @@ copy_extra_tbb_prefs () {
"${browser_prefs_dir}"/0000tails.js
sed '/\(capability\|noscript\|torbutton\)/!d' "${tbb_prefs}"/extension-overrides.js > \
"${browser_prefs_dir}"/extension-overrides.js
chown -R ${browser_user}:${browser_user} "${browser_prefs_dir}"
chown -R "${browser_user}:${browser_user}" "${browser_prefs_dir}"
}
show_shutdown_notification () {
......@@ -80,18 +80,18 @@ show_shutdown_notification () {
# This isn't very useful without I2P...
grep -qw "i2p" /proc/cmdline || exit 0
CMD=$(basename ${0})
LOCK=/var/lock/${CMD}
CMD=$(basename "${0}")
LOCK="/var/lock/${CMD}"
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
CONF_DIR=/var/lib/i2p-browser
COW=${CONF_DIR}/cow
CHROOT=${CONF_DIR}/chroot
BROWSER_NAME=i2p-browser
BROWSER_USER=i2pbrowser
CONF_DIR="/var/lib/i2p-browser"
COW="${CONF_DIR}/cow"
CHROOT="${CONF_DIR}/chroot"
BROWSER_NAME="i2p-browser"
BROWSER_USER="i2pbrowser"
START_PAGE="http://127.0.0.1:7657"
NOSCRIPT_EXT_XPI="${TBB_EXT}/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi"
TORBUTTON_EXT_DIR="${TBB_EXT}/torbutton@torproject.org"
......@@ -99,7 +99,7 @@ HUMAN_READABLE_NAME="`gettext \"I2P Browser\"`"
BEST_LOCALE="$(guess_best_tor_browser_locale)"
# Prevent multiple instances of the script.
exec 9>${LOCK}
exec 9>"${LOCK}"
if ! flock -x -n 9; then
error "`gettext \"Another I2P Browser is currently running, or being cleaned up. Please retry in a while.\"`"
fi
......@@ -110,7 +110,7 @@ fi
show_start_notification
echo "* Setting up chroot"
setup_browser_chroot ${CHROOT} ${COW} || \
setup_browser_chroot "${CHROOT}" "${COW}" || \
error "`gettext \"Failed to setup chroot.\"`"
echo "* Configuring chroot"
......@@ -124,7 +124,7 @@ set_chroot_torbutton_browser_name "${CHROOT}" "${HUMAN_READABLE_NAME}" "${BEST_L
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}"
echo "* Starting I2P Browser"
run_chroot_browser ${CHROOT} ${BROWSER_NAME} ${BROWSER_USER} ${SUDO_USER}
run_chroot_browser "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" "${SUDO_USER}"
echo "* Exiting the I2P Browser"
show_shutdown_notification
......
......@@ -16,7 +16,7 @@ set -e
. /usr/local/lib/tails-shell-library/chroot-browser.sh
cleanup () {
try_cleanup_browser_chroot ${CHROOT} ${COW} ${BROWSER_USER}
try_cleanup_browser_chroot "${CHROOT}" "${COW}" "${BROWSER_USER}"
}
error () {
......@@ -25,7 +25,7 @@ error () {
${@}"
echo "${cli_text}" >&2
sudo -u ${SUDO_USER} zenity --error --title "" --text "${dialog_text}"
sudo -u "${SUDO_USER}" zenity --error --title "" --text "${dialog_text}"
exit 1
}
......@@ -38,7 +38,7 @@ verify_start () {
local exit="`gettext \"_Exit\"`"
# Since zenity can't set the default button to cancel, we switch the
# labels and interpret the return value as its negation.
if sudo -u ${SUDO_USER} zenity --question --title "" --ok-label "${exit}" \
if sudo -u "${SUDO_USER}" zenity --question --title "" --ok-label "${exit}" \
--cancel-label "${launch}" --text "${dialog_msg}"; then
exit 0
fi
......@@ -71,19 +71,19 @@ maybe_restart_tor () {
# Main script:
CMD=$(basename ${0})
LOCK=/var/lock/${CMD}
CMD=$(basename "${0}")
LOCK="/var/lock/${CMD}"
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
CONF_DIR=/var/lib/unsafe-browser
COW=${CONF_DIR}/cow
CHROOT=${CONF_DIR}/chroot
BROWSER_NAME=unsafe-browser
BROWSER_USER=clearnet
NM_ENV_FILE=/var/lib/NetworkManager/env
CONF_DIR="/var/lib/unsafe-browser"
COW="${CONF_DIR}/cow"
CHROOT="${CONF_DIR}/chroot"
BROWSER_NAME="unsafe-browser"
BROWSER_USER="clearnet"
NM_ENV_FILE="/var/lib/NetworkManager/env"
BEST_LOCALE="$(guess_best_tor_browser_locale)"
WARNING_PAGE='/usr/share/doc/tails/website/misc/unsafe_browser_warning'
......@@ -95,7 +95,7 @@ else
fi
# Prevent multiple instances of the script.
exec 9>${LOCK}
exec 9>"${LOCK}"
if ! flock -x -n 9; then
error "`gettext \"Another Unsafe Browser is currently running, or being cleaned up. Please retry in a while.\"`"
fi
......@@ -117,7 +117,7 @@ verify_start
show_start_notification
echo "* Setting up chroot"
setup_browser_chroot ${CHROOT} ${COW} || \
setup_browser_chroot "${CHROOT}" "${COW}" || \
error "`gettext \"Failed to setup chroot.\"`"
echo "* Configuring chroot"
......@@ -125,11 +125,11 @@ configure_chroot_dns_servers "${CHROOT}" "${IP4_NAMESERVERS}"
configure_chroot_browser "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" \
"${START_PAGE}" "${TBB_EXT}"/langpack-*.xpi
set_chroot_browser_locale "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" "${BEST_LOCALE}"
set_chroot_browser_name ${CHROOT} "`gettext \"Unsafe Browser\"`" "${BEST_LOCALE}"
set_chroot_browser_name "${CHROOT}" "`gettext \"Unsafe Browser\"`" "${BEST_LOCALE}"
set_chroot_browser_permissions "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}"
echo "* Starting Unsafe Browser"
run_chroot_browser ${CHROOT} ${BROWSER_NAME} ${BROWSER_USER} ${SUDO_USER}
run_chroot_browser "${CHROOT}" "${BROWSER_NAME}" "${BROWSER_USER}" "${SUDO_USER}"
echo "* Exiting the Unsafe Browser"
show_shutdown_notification
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment