Commit ce858b8c authored by sajolida's avatar sajolida
Browse files

Merge remote-tracking branch 'origin/master' into web/10634-DAVE-JS

parents b05d3a5d cb8f45f2
......@@ -79,18 +79,13 @@ MKSQUASHFS_OPTIONS="${MKSQUASHFS_OPTIONS} -wildcards -ef chroot/usr/share/amnesi
export MKSQUASHFS_OPTIONS
# get git branch or tag so we can set the basename appropriately, i.e.:
# * if we build from a tag: tails-$ARCH-$TAG.iso
# * if we build from a branch: tails-$ARCH-$BRANCH-$VERSION-$DATE.iso
# * if Jenkins builds from a branch: tails-$ARCH-$BRANCH-$VERSION-$TIME-$COMMIT.iso
# * if we build from a tag: tails-$ARCH-$TAG.iso
# * otherwise: tails-$ARCH-$BRANCH-$VERSION-$TIME-$COMMIT.iso
if GIT_REF="$(git symbolic-ref HEAD)"; then
GIT_BRANCH="${GIT_REF#refs/heads/}"
CLEAN_GIT_BRANCH=$(echo "$GIT_BRANCH" | sed 's,/,_,g')
if [ -n "$JENKINS_URL" ]; then
GIT_SHORT_ID="$(git rev-parse --short HEAD)"
BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_NOW}-${GIT_SHORT_ID}"
else
BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_TODAY}"
fi
GIT_SHORT_ID="$(git rev-parse --short HEAD)"
BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_NOW}-${GIT_SHORT_ID}"
else
GIT_CURRENT_COMMIT="$(git rev-parse HEAD)"
if GIT_TAG="$(git describe --tags --exact-match ${GIT_CURRENT_COMMIT})"; then
......
This diff is collapsed.
......@@ -34,10 +34,6 @@ Package: libeatmydata1
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: electrum
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: florence
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
......@@ -242,10 +238,22 @@ Package: python-ecdsa
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: python-electrum
Package: python-qrcode
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: python-requests
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: python-urllib3
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
Package: python-pbkdf2
Pin: release o=Debian,n=jessie
Pin-Priority: 999
Package: rsyslog
Pin: release o=Debian Backports,n=wheezy-backports
Pin-Priority: 999
......
......@@ -20,11 +20,11 @@ toplevel-id=top-panel
pack-index=1
@instance-config/location='/usr/share/applications/tor-browser.desktop'
[Object claws-launcher]
[Object icedove-launcher]
object-iid=PanelInternalFactory::Launcher
toplevel-id=top-panel
pack-index=2
@instance-config/location='/usr/share/applications/claws-mail.desktop'
@instance-config/location='/usr/share/applications/icedove.desktop'
[Object pidgin-launcher]
object-iid=PanelInternalFactory::Launcher
......
{
'protocol': 's',
'auto_cycle': True,
'server': 'electrum.coinwallet.me:50002:s',
'proxy': {'host': 'localhost', 'mode': 'socks5', 'port': '9050'},
"proxy": "socks5:localhost:9050",
}
#!/bin/sh
set -e
set -u
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
CLAWSMAIL_DIR="${HOME}/.claws-mail"
PROFILE="${HOME}/.icedove/profile.default"
claws_mail_config_is_persistent() {
[ "$(findmnt --noheadings --output SOURCE --target "${CLAWSMAIL_DIR}")" = "/dev/mapper/TailsData_unlocked[/claws-mail]" ]
}
warn_about_claws_mail_persistence() {
local dialog_msg="<b><big>`gettext \"The <b>Claws Mail</b> persistence feature is activated.\"`</big></b>
`gettext \"If you have emails saved in <b>Claws Mail</b>, you should <a href='https://tails.boum.org/doc/anonymous_internet/claws_mail_to_icedove'>migrate your data</a> before starting <b>Icedove</b>.\"`"
local launch="`gettext \"_Launch\"`"
local exit="`gettext \"_Exit\"`"
# Since zenity can't set the default button to cancel, we switch the
# labels and interpret the return value as its negation.
if zenity --question --title "" --ok-label "${exit}" \
--cancel-label "${launch}" --text "${dialog_msg}"; then
return 1
fi
}
start_icedove() {
# Give Icedove its own temp directory, similar rationale to a1fd1f0f & #9558.
TMPDIR="${PROFILE}/tmp"
......@@ -21,4 +45,8 @@ start_icedove() {
/usr/bin/icedove --class "Icedove" -profile "${PROFILE}" "${@}"
}
if claws_mail_config_is_persistent && [ -f "${CLAWSMAIL_DIR}/accountrc" ]; then
warn_about_claws_mail_persistence || exit 0
fi
start_icedove "${@}"
http://torbrowser-archive.tails.boum.org/5.0.4/
http://torbrowser-archive.tails.boum.org/5.0.5/
c4d38b8a0d42f19f4883f2ecc58bcc0ae2f1abe6d707442821ddc2de844fc0a6 tor-browser-linux32-5.0.4_ar.tar.xz
ff441589c7a01f051092430405fdd1bccb61f6dcc0a3191018c427297acc30a9 tor-browser-linux32-5.0.4_de.tar.xz
3d0fd640693c91ddc9ffce744695b9a46e4cfc4b4aecd5d57b9044c1fa335c0f tor-browser-linux32-5.0.4_en-US.tar.xz
e70fd621f9fcec94b1c015d041031e73df2f0c84eba024a26adb39168ee50ad1 tor-browser-linux32-5.0.4_es-ES.tar.xz
4dd0ed35bcafde800fc0f87ec3d7b66b74d743e4fe95693d880efce1cf4d7611 tor-browser-linux32-5.0.4_fa.tar.xz
5402d358075782db6419bd7af014e158a06926be216a6ac603dbec3074828dbe tor-browser-linux32-5.0.4_fr.tar.xz
6d274dcc6ae4ee7b3da062fb1ad3266efb50f917e75f18d9c48b4c1431a84f9d tor-browser-linux32-5.0.4_it.tar.xz
69a5f26328a4ae43d2132434700d422583919068e2da9863dc14355ff78bc8da tor-browser-linux32-5.0.4_ko.tar.xz
a666205eccb8f745ed1ce5d80df5a61c2c9f555e807c37f018294caef52d0a99 tor-browser-linux32-5.0.4_nl.tar.xz
a5b8e423b28742f7c0bf8eb94739131820eec4a54a1b42ea3ed346a8ce3603b4 tor-browser-linux32-5.0.4_pl.tar.xz
19c65d9c8ec0cb56c3afa7d97a076a0f7b891503e77c484381e0c03bd69e3307 tor-browser-linux32-5.0.4_pt-PT.tar.xz
c635438b8dbaef18da891f6b298f61a31babe6925a0e208fae390b9d995498d6 tor-browser-linux32-5.0.4_ru.tar.xz
c3597cbfdfb625f3f9135b629b8713cb9fcdfd49a93bffbfe5d5aa0cd3cb2775 tor-browser-linux32-5.0.4_tr.tar.xz
adb8bc1db36490e07c0302e22bf0a5252dbda44d107c214e6205bd5bdce31560 tor-browser-linux32-5.0.4_vi.tar.xz
aff2788ef059cef86c12cfa0a83e5857cb38b876d4d05a9915a05f0f03130d92 tor-browser-linux32-5.0.4_zh-CN.tar.xz
3009a39dd0ebdd55be5f5fbc7b6e4562b766f915c7dd5684772b66931fa739fe tor-browser-linux32-5.0.5_ar.tar.xz
efcffad4fbcdebae3a1690399c48731038f8db6f92083562d36685391ac8d190 tor-browser-linux32-5.0.5_de.tar.xz
65c390586c1ff7a1c9241aaaee76508751ba5c2c3a5bfa6ca2b8e958e39eb695 tor-browser-linux32-5.0.5_en-US.tar.xz
8538bf463b942e32fb243c7ceddc3b45fa0f505be0f3e8722c18779f30c56440 tor-browser-linux32-5.0.5_es-ES.tar.xz
0ddd3f4312d09924257f266bcf694b2e5b4c41f29da90670d7722ddfa28e7496 tor-browser-linux32-5.0.5_fa.tar.xz
ea2335ea1a48d0d46e95055751fcf3ba975ad2ddac90cd5eca0564a6d1efdfb1 tor-browser-linux32-5.0.5_fr.tar.xz
39271c9cce2ad90c5e964c678d646b4f690c16e1fcd9513cb7a63a515785e6dd tor-browser-linux32-5.0.5_it.tar.xz
6bf11d82c145cfadafbb5320e243d02b42c64f6878ecdc7211c168e16b33dc34 tor-browser-linux32-5.0.5_ko.tar.xz
44ac753fa35f205e5ae9b5982317fa2424e0a517192d770d8f16f182d78d4cce tor-browser-linux32-5.0.5_nl.tar.xz
394a3a77c639ae4bd1dd530c80eb75dfa7cdef2cdc61737db5df64de0ad0d5cd tor-browser-linux32-5.0.5_pl.tar.xz
da7e06e9a4e7fe4e233cb7e986b8e31e37c123c6b880414bd44992cc9aeeeca2 tor-browser-linux32-5.0.5_pt-PT.tar.xz
9da3ca9676d10d091f70b42bd902b9bf61b0495645527db0b71b60a603e5020d tor-browser-linux32-5.0.5_ru.tar.xz
a00efd61a90eefb98bcea6fcd81599d759ff90816e35ac55dd8496b3baa1095f tor-browser-linux32-5.0.5_tr.tar.xz
f7028330eadacdced2ffff9c02c50d733514072af6547b1e4c7687d4b6acb228 tor-browser-linux32-5.0.5_vi.tar.xz
b495b5e2293043074175c6f45e2a260f12bff0af612a0ac11c0ba79a582ee2ab tor-browser-linux32-5.0.5_zh-CN.tar.xz
diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
index 7e68a08..2f40271 100644
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
--- /tmp/torbrowser-launcher-0.2.1/apparmor/torbrowser.Browser.firefox 2015-11-19 13:21:34.000000000 +0100
+++ apparmor/torbrowser.Browser.firefox 2015-11-19 13:19:30.680460539 +0100
@@ -1,13 +1,15 @@
# Last modified
#include <tunables/global>
......@@ -59,15 +57,15 @@ index 7e68a08..2f40271 100644
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/components/*.so mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/browser/components/*.so mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox rix,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Data/Browser/profiles.ini r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Data/Browser/profile.default/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Data/Browser/profile.default/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Tor/tor Px,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/TorBrowser/,}Tor/*.so{,.[0-9]*} mr,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Desktop/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Desktop/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Downloads/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/{Browser/,}Downloads/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profiles.ini r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/ r,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Data/Browser/profile.default/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Tor/tor Px,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/TorBrowser/Tor/libstdc++.so.6 m,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Desktop/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Desktop/** rwk,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Downloads/ rw,
- owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/Downloads/** rwk,
+ /usr/local/lib/tor-browser/ r,
+ /usr/local/lib/tor-browser/** r,
+ /usr/local/lib/tor-browser/*.so{,.6} mr,
......
tails (1.8) unstable; urgency=medium
* Security fixes
- Upgrade Tor to 0.2.7.6-1~d70.wheezy+1+tails1.
- Upgrade Tor Browser to 5.0.5. (Closes: #10751)
- Upgrade LibreOffice to 1:3.5.4+dfsg2-0+deb7u5.
- Upgrade krb5-based packages to 1.10.1+dfsg-5+deb7u6.
- Upgrade Linux to 3.16.7-ckt11-1+deb8u6.
- Upgrade wpasupplicant to 1.0-3+deb7u3.
- Upgrade libpng12-0 to 1.2.49-1+deb7u1.
- Upgrade openjdk-7 to 7u91-2.6.3-1~deb7u1.
- Upgrade libnspr4 to 2:4.9.2-1+deb7u3
- Upgrade dpkg to 1.16.17.
- Upgrade gnutls26 to 2.12.20-8+deb7u4.
- Upgrade Icedove to 1:38.0.1-1~deb7u1.
- Upgrade OpenSSL to 1.0.1e-2+deb7u18.
* Bugfixes
- Upgrade to Electrum 2.5.4-2~d70.wheezy+1+tails1. Now Electrum
should work again. Note that the documentation has not been
adapted to the slight changes in the Electrum account setup
wizard yet.
* Minor improvements
- Upgrade I2P to 0.9.23-2~deb7u+1.
- Rebase our patch against the Tor Browser AppArmor profile on top
of the one shipped in torbrowser-launcher 0.2.1-2.
- Warn if the claws-mail persistence is enabled and contains a
Claws Mail configuration when starting icedove. (Closes: #10458)
- Replace the Claws Mail GNOME launcher with Icedove. (Closes:
#10739)
- Remove the Claws Mail persistence feature from the Persistence
Assistant. (Closes: #10742)
* Build system
- Simplify ISO image naming rules by using the base rule we use
for Jenkins all the time, except when building from a tag
(i.e. building a release). (Closes: #10349)
* Test suite
- Lower the waiting time for USB installation in the test suite.
So far we were waiting up to one hour, which is just the same as
our Jenkins inactivity timeout, so in practice when Tails
Installer fails and displays an error message, instead of
reporting that the job failed (which is the point of the
exercise) we abort the job due to this timeout which
communicates less clearly that there's probably a bug. (Closes:
#10718)
- Remove the check for the sound icon in the systray in the
Windows Camouflage tests. (Closes: #10493)
- Retry running whois when "LIMIT EXCEEDED" is in its output for
increased robustness. (Closes: #10523)
- Make Seahorse tests more robust. (Closes: #9095, #10501)
- Make the handling of Pidgin's account manager more robust.
(Closes: #10506)
-- Tails developers <tails@boum.org> Mon, 14 Dec 2015 23:07:19 +0100
tails (1.7) unstable; urgency=medium
* Major new features and changes
......
@product
#10497: wait_until_tor_is_working
@product @fragile
Feature: Installing packages through APT
As a Tails user
when I set an administration password in Tails Greeter
......@@ -11,11 +12,13 @@ Feature: Installing packages through APT
Scenario: APT sources are configured correctly
Then the only hosts in APT sources are "ftp.us.debian.org,security.debian.org,backports.debian.org,deb.tails.boum.org,deb.torproject.org,mozilla.debian.net"
@check_tor_leaks
#10496: apt-get scenarios are fragile
@check_tor_leaks @fragile
Scenario: Install packages using apt-get
When I update APT using apt-get
Then I should be able to install a package using apt-get
#10441: Synaptic test is fragile
@check_tor_leaks @fragile
Scenario: Install packages using Synaptic
When I start Synaptic
......
......@@ -30,6 +30,7 @@ Feature: Various checks
Given I have started Tails from DVD without network and logged in
Then the shipped Debian repository key will be valid for the next 3 months
@doc @fragile
Scenario: The "Report an Error" launcher will open the support documentation
Given I have started Tails from DVD without network and logged in
And the network is plugged
......@@ -44,6 +45,7 @@ Feature: Various checks
And the live user is a member of only its own group and "audio cdrom dialout floppy video plugdev netdev fuse scanner lp lpadmin vboxsf"
And the live user owns its home dir and it has normal permissions
@fragile
Scenario: No initial network
Given I have started Tails from DVD without network and logged in
And I wait between 30 and 60 seconds
......@@ -53,18 +55,21 @@ Feature: Various checks
And the time has synced
And process "vidalia" is running within 30 seconds
@fragile
Scenario: The 'Tor is ready' notification is shown when Tor has bootstrapped
Given I have started Tails from DVD without network and logged in
And the network is plugged
When I see the 'Tor is ready' notification
Then Tor is ready
@fragile
Scenario: The tor process should be confined with Seccomp
Given I have started Tails from DVD without network and logged in
And the network is plugged
And Tor is ready
Then the running process "tor" is confined with Seccomp in filter mode
@fragile
Scenario: No unexpected network services
Given I have started Tails from DVD without network and logged in
When the network is plugged
......
@product
@product @fragile
Feature: Getting a DHCP lease without leaking too much information
As a Tails user
when I connect to a network with a DHCP server
......
@product @check_tor_leaks
#10497: wait_until_tor_is_working
#10720: Tails Installer freezes on Jenkins
@product @check_tor_leaks @fragile
Feature: Electrum Bitcoin client
As a Tails user
I might want to use a Bitcoin client
......
......@@ -40,6 +40,8 @@ Feature: Using Evince
# as /lib/live/mount/overlay.
And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"
#10720: Tails Installer freezes on Jenkins
@fragile
Scenario: I can view and print a PDF file stored in persistent /home/amnesia/Persistent but not /home/amnesia/.gnupg
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/Persistent" as user "amnesia"
......@@ -52,6 +54,8 @@ Feature: Using Evince
Then I see "CupsTestPage.png" after at most 10 seconds
And I can print the current document to "/home/amnesia/Persistent/output.pdf"
#10720: Tails Installer freezes on Jenkins
@fragile
Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg
Given I have started Tails without network from a USB drive with a persistent partition enabled and logged in
And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
......
......@@ -15,11 +15,13 @@ Feature: I2P
And the I2P Browser sudo rules are present
And the I2P firewall rules are enabled
@fragile
Scenario: I2P's AppArmor profile is in enforce mode
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
When I2P is running
Then the running process "i2p" is confined with AppArmor in enforce mode
@fragile
Scenario: The I2P Browser works as it should
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
And the I2P router console is ready
......@@ -27,6 +29,7 @@ Feature: I2P
Then the I2P router console is displayed in I2P Browser
And the I2P Browser uses all expected TBB shared libraries
@fragile
Scenario: Closing the I2P Browser shows a stop notification and properly tears down the chroot.
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
And the I2P router console is ready
......@@ -35,6 +38,7 @@ Feature: I2P
Then I see the I2P Browser stop notification
And the I2P Browser chroot is torn down
@fragile
Scenario: The I2P internal websites can be viewed in I2P Browser
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
And the I2P router console is ready
......@@ -44,13 +48,15 @@ Feature: I2P
When I open the address "http://i2p-projekt.i2p" in the I2P Browser
Then the I2P homepage loads in I2P Browser
Scenario: I2P is configured to run in Hidden mode
@fragile
Scenario: I2P is configured to run in Hidden mode
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
And the I2P router console is ready
When I start the I2P Browser through the GNOME menu
Then the I2P router console is displayed in I2P Browser
And I2P is running in hidden mode
@fragile
Scenario: Connecting to the #i2p IRC channel with the pre-configured account
Given I have started Tails from DVD with I2P enabled and logged in and the network is connected
And the I2P router console is ready
......@@ -62,6 +68,7 @@ Feature: I2P
Then Pidgin successfully connects to the "I2P" account
And I can join the "#i2p" channel on "I2P"
@fragile
Scenario: I2P displays a notice when bootstrapping fails
Given I have started Tails from DVD with I2P enabled and logged in
And I2P is not running
......@@ -76,6 +83,7 @@ Feature: I2P
When I start the I2P Browser through the GNOME menu
Then the I2P router console is displayed in I2P Browser
@fragile
Scenario: I2P displays a notice when it fails to start
Given I have started Tails from DVD with I2P enabled and logged in
And I2P is not running
......
@product @check_tor_leaks
@product @check_tor_leaks @fragile
Feature: Icedove email client
As a Tails user
I may want to use an email client
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment