Commit d4fd3eda authored by Tails developers's avatar Tails developers

Move MAC spoof fail-safe to tails-spoof-mac.

Having the fail-safe in tails-unblock-network means that it's only run
*once*, there will be no fail-safe for devices hotplugged after
that. Now we have the fail-safe for each device, right after we try to
spoof them.

Note that we drop `set -u` because /usr/bin/gettext.sh uses the
uninitialized `ZSH_VERSION` variable.
parent c51dc2d9
......@@ -19,7 +19,6 @@ debug_command "/bin/dmesg"
debug_command "/bin/lsmod"
debug_command "/usr/bin/lspci"
debug_command grep spoof-mac: /var/log/messages
debug_command grep unblock-network: /var/log/messages
debug_file "/etc/X11/xorg.conf"
debug_file "/proc/asound/cards"
......
#!/bin/sh
set -eu
set -e
# This script spoofs or resets the MAC address of all NICs given as
# arguments according to the setting in Tails Greeter. The default (i.e
......@@ -10,6 +10,54 @@ set -eu
. /usr/local/lib/tails-shell-library/log.sh
. /usr/local/lib/tails-shell-library/tails_greeter.sh
. /usr/bin/gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
show_notification() {
until pgrep gnome-panel >/dev/null; do
sleep 1
done
/usr/local/sbin/tails-notify-user "${1}" "${2}" 0
}
notify_panic_success() {
local nic
local nic_name
nic="${1}"
nic_name="${2}"
show_notification "`gettext \"MAC spoofing failure!\"`" "`eval_gettext \"MAC spoofing failed for network device '\\\${nic_name}' (\\\${nic}). The device has been disabled to prevent it from leaking your geographical location. For more information, see the <a href='file:///usr/share/doc/tails/website/doc/advanced_topics/mac_changer.en.html'>documentation</a>.\"`"
}
notify_panic_failure() {
local nic
local nic_name
nic="${1}"
nic_name="${2}"
show_notification "`gettext \"MAC spoofing failure!\"`" "`eval_gettext \"MAC spoofing failed for network device '\\\${nic_name}' (\\\${nic}). Because of failures when trying to disable the device, networking has been completely disabled instead. For more information, see the <a href='file:///usr/share/doc/tails/website/doc/advanced_topics/mac_changer.en.html'>documentation</a>.\"`"
}
mac_spoof_panic() {
local nic
local module
local nic_name
local unload_success
nic=${1}
/sbin/ip link set dev "${nic}" down
module=$(get_module_used_by_nic "${nic}")
nic_name="$(get_name_of_nic ${nic})"
echo "blacklist ${module}" >> /etc/modprobe.d/"${module}"-blacklist.conf
unload_module_and_rev_deps "${module}"
if [ "$?" -ne 0 ] || lsmod | grep -q "^${module}\s"; then
service network-manager stop
log "Failed to unload module ${module} of NIC ${nic}. Stopping NetworkManager."
notify_panic_failure "${nic}" "${nic_name}" &
else
log "Successfully unloaded module ${module} of NIC ${nic}."
notify_panic_success "${nic}" "${nic_name}" &
fi
}
# Only use this helper when using macchanger options that may require
# the interface to be down, i.e. those that actually change the MAC
# address.
......@@ -71,10 +119,24 @@ fi
if nic_has_spoofed_mac "${NIC}"; then
log "NIC ${NIC}'s MAC address is already spoofed, skipping"
exit 0
else
if spoof_mac "${NIC}"; then
log "Successfully spoofed MAC address of NIC ${NIC}"
else
log "Something went wrong while trying to spoof MAC address of NIC ${NIC}"
fi
# Ignore errors since the fail-safe below will catch them.
spoof_mac "${NIC}" || :
# MAC spoofing fail-safe: if $NIC's MAC address isn't spoofed at this
# point we have to take some drastic measures in order to prevent
# potential leaks.
if ! nic_has_spoofed_mac "${NIC}"; then
log "Failed to spoof MAC address of NIC ${NIC}. Going into panic mode."
if ! mac_spoof_panic "${NIC}"; then
# If mac_spoof_panic() fails we're quite screwed, so we kill
# NetworkManager without notification to do our best to
# prevent a MAC address leak.
service network-manager stop
log "Panic mode failed for NIC ${NIC}. Killing NetworkManager."
fi
exit 1
fi
log "Successfully spoofed MAC address of NIC ${NIC}"
......@@ -2,60 +2,6 @@
set -e
. /usr/local/lib/tails-shell-library/hardware.sh
. /usr/local/lib/tails-shell-library/log.sh
. /usr/local/lib/tails-shell-library/tails_greeter.sh
set_log_tag unblock-network
. gettext.sh
TEXTDOMAIN="tails"
export TEXTDOMAIN
show_notification() {
until pgrep gnome-panel >/dev/null; do
sleep 1
done
/usr/local/sbin/tails-notify-user "${1}" "${2}" 0
}
notify_panic_success() {
local nic
local nic_name
nic="${1}"
nic_name="${2}"
show_notification "`gettext \"MAC spoofing failure!\"`" "`eval_gettext \"MAC spoofing failed for network device '\\\${nic_name}' (\\\${nic}). The device has been disabled to prevent it from leaking your geographical location. For more information, see the <a href='file:///usr/share/doc/tails/website/doc/advanced_topics/mac_changer.en.html'>documentation</a>.\"`"
}
notify_panic_failure() {
local nic
local nic_name
nic="${1}"
nic_name="${2}"
show_notification "`gettext \"MAC spoofing failure!\"`" "`eval_gettext \"MAC spoofing failed for network device '\\\${nic_name}' (\\\${nic}). Because of failures when trying to disable the device, networking has been completely disabled instead. For more information, see the <a href='file:///usr/share/doc/tails/website/doc/advanced_topics/mac_changer.en.html'>documentation</a>.\"`"
}
mac_spoof_panic() {
local nic
local module
local nic_name
local unload_success
nic=${1}
/sbin/ip link set dev "${nic}" down
module=$(get_module_used_by_nic "${nic}")
nic_name="$(get_name_of_nic ${nic})"
echo "blacklist ${module}" >> /etc/modprobe.d/"${module}"-blacklist.conf
unload_module_and_rev_deps ${module}
if [ "$?" -ne 0 ] || lsmod | grep -q "^${module}\s"; then
DISABLE_NETWORKMANAGER=true
log "Failed to unload module ${module} of NIC ${nic}. Refusing to start NetworkManager."
notify_panic_failure "${nic}" "${nic_name}" &
else
log "Successfully unloaded module ${module} of NIC ${nic}."
notify_panic_success "${nic}" "${nic_name}" &
fi
}
DISABLE_NETWORKMANAGER=false
BLACKLIST=/etc/modprobe.d/all-net-blacklist.conf
rm -f "${BLACKLIST}"
......@@ -76,18 +22,4 @@ fi
# if NM wins, the udev trigger's run of tails-spoof-mac will fail.
/sbin/udevadm settle
# MAC spoofing fail-safe: if any NIC's MAC address isn't spoofed at
# this point we have to take some drastic measures in order to prevent
# potential leaks.
if mac_spoof_is_enabled; then
for nic in $(get_all_ethernet_nics); do
if ! nic_has_spoofed_mac "${nic}"; then
log "MAC spoofing is enabled but NIC ${nic} is not spoofed. Going into panic mode for NIC ${nic}."
mac_spoof_panic "${nic}"
fi
done
fi
if [ "${DISABLE_NETWORKMANAGER}" = false ]; then
service network-manager start
fi
service network-manager start
......@@ -8,8 +8,8 @@ tmp/pot/tails-about.pot
tmp/pot/tails-additional-software.pot
tmp/pot/tails-htp-notify-user.pot
tmp/pot/tails-security-check.pot
tmp/pot/tails-spoof-mac.pot
tmp/pot/tails-start-i2p.pot
tmp/pot/tails-unblock-network.pot
tmp/pot/tails-virt-notify-user.pot
tmp/pot/unsafe-browser.pot
tmp/pot/truecrypt-wrapper.disabled.pot
......
......@@ -11,7 +11,7 @@ PYTHON_PROGS="/etc/whisperback/config.py /usr/local/bin/shutdown_helper_applet \
SHELL_PROGS="/etc/NetworkManager/dispatcher.d/60-tor-ready-notification.sh \
/usr/local/bin/iceweasel \
/usr/local/bin/tails-update-frontend-wrapper \
/usr/local/sbin/tails-unblock-network
/usr/local/sbin/tails-spoof-mac \
/usr/local/sbin/unsafe-browser /usr/share/tails/truecrypt-wrapper.disabled"
LOCALE_BASEDIR=config/chroot_local-includes/usr/share/locale
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment