Commit dfc10eb6 authored by intrigeri's avatar intrigeri
Browse files

Merge branch 'devel' into testing

parents f3de5eda 1e4e5c85
......@@ -21,12 +21,6 @@ Set_defaults
# Seems like we'll have work to do
Echo_message 'including syslinux in the ISO filesystem'
### Functions
syslinux_deb_version_in_chroot () {
chroot chroot dpkg-query -W -f='${Version}\n' syslinux
}
### Variables
LINUX_BINARY_UTILS_DIR='binary/utils/linux'
WIN32_BINARY_UTILS_DIR='binary/utils/win32'
......@@ -34,31 +28,16 @@ BINARY_MBR_DIR='binary/utils/mbr'
CHROOT_SYSLINUX_BIN='chroot/usr/bin/syslinux'
CHROOT_SYSLINUX_MBR='chroot/usr/lib/SYSLINUX/gptmbr.bin'
CHROOT_TEMP_APT_SOURCES='chroot/etc/apt/sources.list.d/tmp-deb-src.list'
SYSLINUX_DEB_VERSION_IN_CHROOT=$(syslinux_deb_version_in_chroot)
### Functions
syslinux_deb_version_in_chroot () {
chroot chroot dpkg-query -W -f='${Version}\n' syslinux
}
### Main
mkdir -p "$LINUX_BINARY_UTILS_DIR" "$WIN32_BINARY_UTILS_DIR" "$BINARY_MBR_DIR"
# Copy 32-bit syslinux binary
cp "$CHROOT_SYSLINUX_BIN" "$LINUX_BINARY_UTILS_DIR/"
# Copy 64-bit syslinux binary
(
olddir=$(pwd)
workdir=$(mktemp -d)
cd "$workdir"
chroot="$olddir/chroot"
Chroot "$chroot" \
apt-get --yes download \
syslinux:amd64="$SYSLINUX_DEB_VERSION_IN_CHROOT"
dpkg-deb --extract "$chroot"/syslinux_*.deb .
rm "$chroot"/syslinux_*.deb
cp ./usr/bin/syslinux "$olddir/$LINUX_BINARY_UTILS_DIR/syslinux-amd64"
cd "$olddir"
rm -r "$workdir"
)
# Copy syslinux MBR
cp "$CHROOT_SYSLINUX_MBR" "$BINARY_MBR_DIR/mbr.bin"
cat chroot/etc/apt/sources.list chroot/etc/apt/sources.list.d/*.list \
......@@ -68,7 +47,7 @@ cat chroot/etc/apt/sources.list chroot/etc/apt/sources.list.d/*.list \
> "$CHROOT_TEMP_APT_SOURCES"
Chroot chroot apt-get --yes update
Chroot chroot apt-get --yes install dpkg-dev
Chroot chroot apt-get source syslinux="$SYSLINUX_DEB_VERSION_IN_CHROOT"
Chroot chroot apt-get source syslinux="$(syslinux_deb_version_in_chroot)"
cp chroot/syslinux-*/bios/win32/syslinux.exe "$WIN32_BINARY_UTILS_DIR/"
rm -r chroot/syslinux*
rm "$CHROOT_TEMP_APT_SOURCES"
......
#! /bin/sh
# Some of this file was adapted from the Debian Installer's
# build/util/efi-image, which is:
#
# Copyright (C) 2010, 2011 Canonical Ltd.
# Author: Colin Watson <cjwatson@ubuntu.com>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the Free
# Software Foundation; either version 2, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
set -e
set -x
platform="i386-efi"
outdir="binary/EFI/BOOT/grub/$platform"
efi_name="ia32"
grub_cpmodules () {
if [ -z "$1" ] || [ -z "$2" ]; then
echo "usage: $0 OUTPUT-DIRECTORY GRUB-PLATFORM"
return 1
fi
outdir="$1"
platform="$2"
# Copy over GRUB modules, except for those already built in.
cp -a "chroot/usr/lib/grub/$platform"/*.lst "$outdir/"
for x in "chroot/usr/lib/grub/$platform"/*.mod; do
# Some of these exclusions are based on knowledge of module
# dependencies.
case $(basename "$x" .mod) in
configfile|search|search_fs_file|search_fs_uuid|search_label|tar|part_gpt|linux|gzio)
# included in boot image
;;
affs|afs|afs_be|befs|befs_be|minix|nilfs2|sfs|zfs|zfsinfo)
# unnecessary filesystem modules
;;
example_functional_test|functional_test|hello)
# other cruft
;;
*)
cp -a "$x" "$outdir/"
;;
esac
done
}
# Including common functions
. "${LB_BASE:-/usr/share/live/build}"/scripts/build.sh
# Setting static variables
DESCRIPTION="$(Echo 'including GRUB EFI for ia32 in the ISO filesystem')"
HELP=""
USAGE="${PROGRAM}"
# Reading configuration files
Read_conffiles config/all config/bootstrap config/common config/binary
Set_defaults
# Safeguards
[ "${LB_ARCHITECTURE}" = "i386" ] || exit 0
# Seems like we'll have work to do
Echo_message 'including GRUB EFI for ia32 in the ISO filesystem'
# Build the core image
Chroot chroot grub-mkimage -O "$platform" \
-o "/tmp/boot$efi_name.efi" -p "/efi/boot/grub" \
search configfile normal tar fat part_gpt linux \
gzio
mv "chroot/tmp/boot$efi_name.efi" "binary/EFI/BOOT/boot$efi_name.efi"
mkdir -p "$outdir"
grub_cpmodules "$outdir" "$platform"
function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}
set linux_gfx_mode=
export linux_gfx_mode
load_video
insmod syslinuxcfg
insmod cpuid
echo "Loading syslinux configuration..."
syslinux_configfile /efi/boot/syslinux.cfg
#! /bin/sh
set -e
echo "Configuring dpkg architectures"
dpkg --add-architecture amd64
/* Required, do not remove */
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
/* Hide Firefox Sync options. Sync hasn't been audited by the
Tor Browser developers yet (Tor bug #10368), and it doesn't seem to
work any way (Tor bug #13279). Weak passwords would be a pretty
serious issue too. */
#BrowserPreferences radio[pane="paneSync"],
#sync-button,
#sync-menu-button,
#sync-setup,
#sync-setup-appmenu,
#sync-status-button,
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the Tools -> Apps link to the Firefox Marketplace. It doesn't
seem to work in the Tor Browser, and may have privacy issues. */
#menu_openApps,
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. Note that this one likely
will be removed upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide HTTPS Everywhere button in the toolbar */
#https-everywhere-button { display: none; }
......@@ -78,3 +78,18 @@ pref("extensions.update.enabled", false);
pref("layout.spellcheckDefault", 0);
pref("network.dns.disableIPv6", true);
pref("security.warn_submit_insecure", true);
// Disable fetching of the new tab page's Tiles links/ads. Ads are
// generally unwanted, and also the fetching is a "phone home" type of
// feature that generates traffic at least the first time the browser
// is started.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
// Don't use geographically specific search prefs, like
// browser.search.*.US for US locales. Our generated amnesia branding
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
......@@ -15,3 +15,10 @@ pref("extensions.getAddons.showPane", false);
for several minutes while trying to communicate with CUPS, since
access to port 631 isn't allowed through. */
pref("print.postscript.cups.enabled", false);
// Disable fetching of the new tab page's Tiles links/ads. It will not
// work in the I2P Browser.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
......@@ -24,7 +24,13 @@
#wrapper-history-button,
#wrapper-bookmarks-button,
/* Remove the Addons menu options */
/* Hide the Tools -> Apps link to the Firefox Marketplace, and
Tools -> Add-ons link to the Add-ons manager. We do not want to
encourage installing such things as it's not part of the supported
use-cases and may have privacy issues. Also they will not persist a
restart, which is just confusing. In the I2P Browser, many of these
features will not work any way. */
#menu_openApps,
#menu_openAddons, /* traditional menu */
#add-ons-button, /* new style Firefox menu */
#wrapper-add-ons-button, /* Customize toolbar */
......@@ -70,6 +76,12 @@ menuitem[command="Browser:SendLink"],
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. These will not work in the
I2P browser any way. Note that this one likely will be removed
upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide the "Keyboard shortcuts" and "Tour" options from
from the Help menu */
#menu_keyboardShortcuts,
......
http://torbrowser-archive.tails.boum.org/4.5.3-build2/
http://people.torproject.org/~mikeperry/builds/5.0a4-build3/
9a6425afeeae40f1cd7ebd3dd0a8672b8ed13e4df1863282ee39607c5b3cea2d tor-browser-linux32-4.5.3_ar.tar.xz
d9af6bf2585ac7905534fecd8c9df016fa833ba90b95babdfbf7b2225760c774 tor-browser-linux32-4.5.3_de.tar.xz
154d659583048e91870c40921561f0519babf6d3c9ac439f6fb74ed66824463f tor-browser-linux32-4.5.3_en-US.tar.xz
196cfd81e726d0e1f7ecf0fe0183eac6b7e2cf8e8c5bc89b9105ce4d82e0922a tor-browser-linux32-4.5.3_es-ES.tar.xz
61dfee81c930f1b6c12911917b880bd62f99a7e61fdcc3d8d5cb71657770adeb tor-browser-linux32-4.5.3_fa.tar.xz
dcb98570ac927298a086771524b283ee4f64268b72d0b5ec36268817073612aa tor-browser-linux32-4.5.3_fr.tar.xz
6d94c31bf8ed708a49e0e4ecdbfd7c20db1b382fe4d8039971aadd8c87240fc6 tor-browser-linux32-4.5.3_it.tar.xz
59dad0fbcbc8fd02953af03cb587c1b89d534812c6580d9cd78e883c55f2b34c tor-browser-linux32-4.5.3_ko.tar.xz
0cf9401dd5383212871c12bc7c7db44953aa4796db2692528c949ebc2b0219e3 tor-browser-linux32-4.5.3_nl.tar.xz
487ebbe2260666476a9a72e927025783567767dc3fc1c5403ad60e7f37c80734 tor-browser-linux32-4.5.3_pl.tar.xz
78688df77ad688c0458e5ff959b5ff1bf5579435ee480093e98f9ad537400dbd tor-browser-linux32-4.5.3_pt-PT.tar.xz
0a1cbdae6e13dad17ab228970a3b7c0c1dd86c71c1ad4950d4c591947be1b04b tor-browser-linux32-4.5.3_ru.tar.xz
4ebce91c056b67e4b2aed183d816d299b005111f895f726d2bd49494231a76cb tor-browser-linux32-4.5.3_tr.tar.xz
71a80614bee6a0349b3e9e297c08925d0a6682768bf3f43352586d4c28e7dacd tor-browser-linux32-4.5.3_vi.tar.xz
6675936035691de5e20ac899c5c1a004462b41e38bda29040aba7351ca4fb3b2 tor-browser-linux32-4.5.3_zh-CN.tar.xz
14463ac344a60e08187566de3ff97796f5f8f1d20356c7ea434fbc50c1e107e6 tor-browser-linux32-5.0a4_ar.tar.xz
95da22c9ddd3a84d1c064e7cc90b5a47faf6642a1128a815878c4d0ef5e31d51 tor-browser-linux32-5.0a4_de.tar.xz
adb15b4526dd85c449af5cf088b462cb73539285098ddbd7cb429ccd205c0861 tor-browser-linux32-5.0a4_en-US.tar.xz
77fd6cdc2781a5191c57d2232914abc8816660db884c7e679f8834e2f165cf4a tor-browser-linux32-5.0a4_es-ES.tar.xz
3b8fac32a86383fe7cfb890177b86ccb607aacca1a0ce68578c6166ca53280ce tor-browser-linux32-5.0a4_fa.tar.xz
009e1b9b23ae4f5d62d0700aaf390108c0ba1cd686cc2233762112fa90f29a8f tor-browser-linux32-5.0a4_fr.tar.xz
d755e1fe4a4c7b28d8333d3b57785f75cf2dfcc4126817c6e26212462b6d8c6d tor-browser-linux32-5.0a4_it.tar.xz
63b4beaca5c9c69e7be76ae08e92a5cd024e5176d0f0380edf1324c16e51be58 tor-browser-linux32-5.0a4_ko.tar.xz
8240527be7369e0541c26d2f216c6b98d23498d766c54e1ae20490894a57e6a8 tor-browser-linux32-5.0a4_nl.tar.xz
d12e1e4434ac673b9d2448aaf96c50896b6c1e0a4ca0a0ebb88cdebdbe9e1f9c tor-browser-linux32-5.0a4_pl.tar.xz
c9316225a26883d0627a3df40295835e5f2a831b393c90748937ac6b2e630854 tor-browser-linux32-5.0a4_pt-PT.tar.xz
09651300fc51e06a3ffc033a630eb58bd33c2901b377a605cb96549e1866013a tor-browser-linux32-5.0a4_ru.tar.xz
de55a1870d8636ef6543b57343bcc666f207f7288b48fd806284d46658e9865a tor-browser-linux32-5.0a4_tr.tar.xz
3ee683edc60f10861668ebcca92ffaecb4ca36ef0c7ffe96d8345724434c517e tor-browser-linux32-5.0a4_vi.tar.xz
f5e5c808f7a34cecc9dd1be4e4d9844da2b6a7778bb5a6146db2493e8f4ca5ea tor-browser-linux32-5.0a4_zh-CN.tar.xz
......@@ -17,3 +17,18 @@ pref("extensions.getAddons.showPane", false);
engine for the Unsafe Browser's in-the-clear traffic. */
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
// Disable fetching of the new tab page's Tiles links/ads. Ads are
// generally unwanted, and also the fetching is a "phone home" type of
// feature that generates traffic at least the first time the browser
// is started.
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
// ... and disable the explanation shown the first time
pref("browser.newtabpage.introShown", true);
// Don't use geographically specific search prefs, like
// browser.search.*.US for US locales. Our generated amnesia branding
// add-on localizes search-engines in an incompatible but equivalent
// way.
pref("browser.search.geoSpecificDefaults", false);
/* Required, do not remove */
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
/* Remove the Addons menu options */
/* Hide Firefox Sync options. Sync hasn't been audited by the
Tor Browser developers yet (Tor bug #10368), and it doesn't seem to
work any way (Tor bug #13279). Weak passwords would be a pretty
serious issue too. */
#BrowserPreferences radio[pane="paneSync"],
#sync-button,
#sync-menu-button,
#sync-setup,
#sync-setup-appmenu,
#sync-status-button,
#sync-syncnowitem-appmenu,
#wrapper-sync-button,
/* Hide the Tools -> Apps link to the Firefox Marketplace, and
Tools -> Add-ons link to the Add-ons manager. We do not want to
encourage installing such things as it's not part of the supported
use-cases and may have privacy issues. Also they will not persist a
restart, which is just confusing. */
#menu_openApps,
#menu_openAddons, /* traditional menu */
#add-ons-button, /* new style Firefox menu */
#wrapper-add-ons-button, /* Customize toolbar */
/* Hide the "Share this page" button in the Tool bar, which encourages
the use of social (= tracking) networks. Note that this one likely
will be removed upstream in the final Tor Browser 5.0 release. */
#social-share-button,
/* Hide TorBrowser Health Report and its configuration option */
#appmenu_healthReport,
#dataChoicesTab,
......
......@@ -124,6 +124,7 @@ gobby-0.5
## breaks lb because of desktop-base.postinst (see Debian bug #467620)
#if ARCHITECTURE i386 amd64
# grub
grub-efi-ia32
#endif
gstreamer0.10-ffmpeg
gstreamer0.10-plugins-base
......
......@@ -22,8 +22,10 @@ Feature: Using Evince
Scenario: I cannot view a PDF file stored in non-persistent /home/amnesia/.gnupg
Given I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia"
And AppArmor has not denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
When I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
@keep_volumes
Scenario: Installing Tails on a USB drive, creating a persistent partition, copying PDF files to it
......@@ -48,6 +50,8 @@ Feature: Using Evince
Scenario: I cannot view a PDF file stored in persistent /home/amnesia/.gnupg
Given a computer
When I start Tails from USB drive "current" with network unplugged and I login with persistence password "asdf"
Then the file "/home/amnesia/Persistent/default-testpage.pdf" exists
Given AppArmor has not denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
And I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince
Then I see "EvinceUnableToOpen.png" after at most 10 seconds
And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf"
features/images/I2P_router_console.png

3.73 KB | W: | H:

features/images/I2P_router_console.png

2.74 KB | W: | H:

features/images/I2P_router_console.png
features/images/I2P_router_console.png
features/images/I2P_router_console.png
features/images/I2P_router_console.png
  • 2-up
  • Swipe
  • Onion skin
features/images/OpenWithImportKey.png

2.59 KB | W: | H:

features/images/OpenWithImportKey.png

2.41 KB | W: | H:

features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
features/images/OpenWithImportKey.png
  • 2-up
  • Swipe
  • Onion skin
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment