Commit e5689c88 authored by intrigeri's avatar intrigeri

Merge branch 'feature/8415-overlayfs+force-all-tests' into feature/6560-secure-boot

parents bdc61613 65e815d2
......@@ -154,7 +154,10 @@ echo "I: ISO image was successfully created"
print_iso_size binary.iso
echo "I: Hybriding it..."
isohybrid $AMNESIA_ISOHYBRID_OPTS binary.iso || fatal "isohybrid failed"
touch chroot/binary.iso
mount --bind binary.iso chroot/binary.iso
chroot chroot isohybrid $AMNESIA_ISOHYBRID_OPTS binary.iso || fatal "isohybrid failed"
umount chroot/binary.iso
print_iso_size binary.iso
truncate -s %2048 binary.iso
print_iso_size binary.iso
......
......@@ -44,7 +44,6 @@ SYSTEM_PARTITION_ADDITIONAL_SIZE = 10
# the same syslinux version here and in Tails Installer is important to
# prevent issues when upgrading a Tails device via Tails Installer.
CHROOT_SYSLINUX_COM32MODULES_DIR = 'chroot/usr/lib/syslinux/modules/bios'
CHROOT_SYSLINUX_BIN='chroot/usr/bin/syslinux'
class ImageCreationError(Exception):
pass
......@@ -267,17 +266,33 @@ class ImageCreator(object):
src_path,
"::%s" % os.path.join('syslinux', module)])
@contextmanager
def mount_proc_and_image(self):
logger.info("Mounting proc and image")
execute(['mount', '--types', 'proc', '/proc', 'chroot/proc'])
execute(['mkdir', '-p', 'chroot%s' % os.path.dirname(self.image)])
execute(['touch', 'chroot%s' % self.image])
execute(['mount', '--bind', self.image, 'chroot%s' % self.image])
try:
yield
finally:
logger.info("Unmounting proc and image")
execute(['umount', 'chroot/proc'])
execute(['umount', 'chroot%s' % self.image])
def install_syslinux(self):
logger.info("Installing bootloader")
# We install syslinux directly on the image. Installing it on the loop
# device would cause this issue:
# https://bugs.chromium.org/p/chromium/issues/detail?id=508713#c8
execute([
CHROOT_SYSLINUX_BIN,
'--offset', str(self.partition.props.partition.props.offset),
'--directory', '/syslinux/',
'--install', self.image
])
with self.mount_proc_and_image():
execute([
'chroot', 'chroot',
'/usr/bin/syslinux',
'--offset', str(self.partition.props.partition.props.offset),
'--directory', '/syslinux/',
'--install', self.image
])
def set_guids(self):
logger.info("Setting disk and partition GUID")
......
......@@ -23,7 +23,7 @@ AMNESIA_APPEND="live-media=removable nopersistence noprompt timezone=Etc/UTC blo
AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63 --id 42 --verbose"
# Kernel version
KERNEL_VERSION='5.3.0-3'
KERNEL_VERSION='5.4.0-3'
KERNEL_SOURCE_VERSION=$(
echo "$KERNEL_VERSION" \
| perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms'
......
......@@ -68,7 +68,7 @@ Pin: origin deb.tails.boum.org
Pin-Priority: 999
Package: virtualbox*
Pin: origin deb.tails.boum.org
Pin: release o=Debian,n=sid
Pin-Priority: 999
Package: webext-ublock-origin
......@@ -96,6 +96,10 @@ Package: *
Pin: release l=Debian-Security,n=buster/updates
Pin-Priority: 990
Package: *
Pin: release o=Debian,n=buster-proposed-updates
Pin-Priority: 990
Package: *
Pin: release o=TorProject,n=buster
Pin-Priority: 990
......
......@@ -259,14 +259,20 @@ disable_and_create_empty_persistence_conf_file ()
{
local conf="$1"
local mode="$2"
local dest="${conf}.insecure_disabled"
if [ -z "$mode" ]
then
mode=0600
fi
mv "$conf" "${conf}.insecure_disabled" \
|| error "Failed to disable '$conf': $?"
if [ -s "$conf" ]
then
mv "$conf" "$dest" || error "Failed to disable '$conf': $?"
else
rm "$conf" || error "Failed to delete '$conf': $?"
fi
create_empty_persistence_conf_file "$conf" "$mode"
}
......
......@@ -776,7 +776,7 @@ method install_iuk (HashRef $upgrade_path, AbsDir $target_files_tempdir) {
my ($exit_code, $stdout, $stderr, $zenity_h);
my $success = 1;
$zenity_h = IPC::Run::start [qw{zenity --progress --pulsate --no-cancel},
$zenity_h = IPC::Run::start [qw{tail -f /dev/null}], '|', [qw{zenity --progress --pulsate --no-cancel --auto-close},
'--title', $title, '--text', $info] unless $self->batch;
IPC::Run::run \@cmd, '>', \$stdout, '2>', \$stderr or $success = 0;
$exit_code = $?;
......
......@@ -361,7 +361,7 @@ printer-driver-postscript-hp
### Enable MAT2's Nautilus extension
python-nautilus
### Needed by virtualbox-guest-utils
### WhisperBack uses lspci(8) to gather debugging info
pciutils
### SmartCard
......@@ -385,6 +385,7 @@ xdotool
# Enable Electrum's TREZOR support
python3-trezor
trezor
# onion-grater
python3-psutil
......
buster-proposed-updates.chroot
\ No newline at end of file
deb http://ftp.us.debian.org/debian/ buster-proposed-updates main contrib non-free
......@@ -26,35 +26,3 @@ Feature: Keyserver interaction with GnuPG
When I fetch the "30F80A2C" OpenPGP key using Seahorse via the OpenPGP Applet
And the Seahorse operation is successful
Then the "DF841752B55CD97FDA4879B29E5B04F430F80A2C" key is in the live user's public keyring
#14770, #17169
@fragile
Scenario: Syncing OpenPGP keys using Seahorse should work and be done over Tor.
Given I fetch the "DF841752B55CD97FDA4879B29E5B04F430F80A2C" OpenPGP key using the GnuPG CLI
And the GnuPG fetch is successful
And the "DF841752B55CD97FDA4879B29E5B04F430F80A2C" key is in the live user's public keyring
And the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has at least 1 subkey
And I delete the "85C7C1AAA3DFC34623B5516281119B9834AD5681" subkey from the live user's public keyring
And the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has no subkey
When I start Seahorse
Then Seahorse has opened
And I enable key synchronization in Seahorse
And I synchronize keys in Seahorse
And the Seahorse operation is successful
Then the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has at least 1 subkey
#14770, #17169
@fragile
Scenario: Syncing OpenPGP keys using Seahorse started from the OpenPGP Applet should work and be done over Tor.
Given I fetch the "DF841752B55CD97FDA4879B29E5B04F430F80A2C" OpenPGP key using the GnuPG CLI
And the GnuPG fetch is successful
And the "DF841752B55CD97FDA4879B29E5B04F430F80A2C" key is in the live user's public keyring
And the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has at least 1 subkey
And I delete the "85C7C1AAA3DFC34623B5516281119B9834AD5681" subkey from the live user's public keyring
And the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has no subkey
When I start Seahorse via the OpenPGP Applet
Then Seahorse has opened
And I enable key synchronization in Seahorse
And I synchronize keys in Seahorse
And the Seahorse operation is successful
Then the key "DF841752B55CD97FDA4879B29E5B04F430F80A2C" has at least 1 subkey
......@@ -107,9 +107,6 @@ apt-get -y install \
python3-gi \
rsync \
ruby \
syslinux \
syslinux-common \
syslinux-utils \
time \
udisks2
......
......@@ -8,14 +8,15 @@ msgstr ""
"Project-Id-Version: Tails i10n Team\n"
"Report-Msgid-Bugs-To: tails-l10n@boum.org\n"
"POT-Creation-Date: 2017-07-31 21:51+0000\n"
"PO-Revision-Date: 2018-04-15 11:04+0200\n"
"Last-Translator: Tails translators\n"
"PO-Revision-Date: 2020-01-16 00:25+0000\n"
"Last-Translator: John Doe <osman@surkatty.org>\n"
"Language-Team: Tails translators <tails-l10n@boum.org>\n"
"Language: id\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Poedit 1.8.11\n"
"Plural-Forms: nplurals=1; plural=0;\n"
"X-Generator: Weblate 3.5.1\n"
#. type: Plain text
#, no-wrap
......@@ -62,12 +63,12 @@ msgstr ""
#. type: Plain text
#, no-wrap
msgid "[[!toc levels=2]]\n"
msgstr ""
msgstr "[[!toc levels=2]]\n"
#. type: Plain text
#, no-wrap
msgid "<a id=\"tor\"></a>\n"
msgstr ""
msgstr "<a id=\"tor\"></a>\n"
#. type: Title =
#, no-wrap
......@@ -80,6 +81,8 @@ msgid ""
"Tor\n"
"---\n"
msgstr ""
"Tor\n"
"---\n"
#. type: Plain text
msgid ""
......@@ -167,7 +170,7 @@ msgstr ""
#. type: Plain text
#, no-wrap
msgid "<a id=\"amnesia\"></a>\n"
msgstr ""
msgstr "<a id=\"amnesia\"></a>\n"
#. type: Title =
#, no-wrap
......@@ -202,7 +205,7 @@ msgstr ""
#. type: Plain text
#, no-wrap
msgid "<a id=\"cryptography\"></a>\n"
msgstr ""
msgstr "<a id=\"cryptography\"></a>\n"
#. type: Title =
#, no-wrap
......
......@@ -8,15 +8,16 @@ msgstr ""
"Project-Id-Version: 1\n"
"Report-Msgid-Bugs-To: tails-l10n@boum.org\n"
"POT-Creation-Date: 2017-08-05 14:00+0200\n"
"PO-Revision-Date: 2016-06-11 18:33+0100\n"
"Last-Translator: Zeyev <zeyev@autistici.org>\n"
"PO-Revision-Date: 2020-01-31 17:26+0000\n"
"Last-Translator: _ignifugo <ignifugo@insicuri.net>\n"
"Language-Team: ita <transitails@inventati.org>\n"
"Language: it\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
"X-Generator: Weblate 3.5.1\n"
"X-Poedit-SourceCharset: utf-8\n"
"X-Generator: Poedit 1.8.11\n"
#. type: Plain text
#, no-wrap
......@@ -29,7 +30,7 @@ msgid ""
"> **amnesia**, *noun*:<br/>\n"
"> forgetfulness; loss of long-term memory.\n"
msgstr ""
"> **amnésia**, *sostantivo*:<br/>\n"
"> **amnesia**, *sostantivo*:<br/>\n"
"> assenza di ricordo; perdita della memoria a lungo termine.\n"
#. type: Plain text
......@@ -38,8 +39,8 @@ msgid ""
"> **incognito**, *adjective & adverb*:<br/>\n"
"> (of a person) having one's true identity concealed.\n"
msgstr ""
"> **incógnito**, *aggettivo*:<br/>\n"
"(di una persona) che tiene la sua vera identità nascosta.\n"
"> **incognito**, *aggettivo e avverbio*:<br/>\n"
"> (di una persona) la cui vera identità è nascosta.\n"
#. type: Plain text
msgid ""
......@@ -48,11 +49,10 @@ msgid ""
"anywhere you go and on any computer but leaving no trace unless you ask it "
"to explicitly."
msgstr ""
"Tails é un sistema operativo \"live\" che ha come obiettivo preservare la "
"tua privacy e anonimato. Ti aiuta ad utilizzare internet in forma anonima e "
"a evitare i filtri della censura, praticamente in qualunque luogo tu vada e "
"su qualunque computer, senza lasciare tracce a meno che tu non voglia farlo "
"esplicitamente."
"Tails è un sistema live che mira a preservare la tua privacy e il tuo "
"anonimato. Ti permette di utilizzare Internet in forma anonima e di aggirare "
"la censura in qualsiasi luogo e su qualunque computer, senza lasciare tracce "
"a meno che lo vogliate esplicitamente."
#. type: Plain text
msgid ""
......@@ -61,10 +61,10 @@ msgid ""
"Software|doc/about/license]] and based on [[Debian GNU/Linux|https://www."
"debian.org/]]."
msgstr ""
"É un Sistema Operativo completo progettato per essere avviato dauna chiave "
"USB o un DVD e funziona indipendentemente dal sistema operativo originale "
"installato sul computer. É un [[Software Libero|doc/about/license]] basato "
"su [[Debian GNU/Linux|https://www.debian.org/index.it.html]]."
"È un sistema operativo completo, progettato per essere utilizzato da una "
"chiavetta USB o da un DVD, indipendentemente dal sistema operativo presente "
"sul computer. È un [[software libero|doc/about/license]] basato su [[Debian "
"GNU/Linux|https://www.debian.org/index.it.html]]."
#. type: Plain text
msgid ""
......@@ -72,10 +72,10 @@ msgid ""
"in mind: web browser, instant messaging client, email client, office suite, "
"image and sound editor, etc."
msgstr ""
"Tails ti arriva con diverse applicazioni già pre-configurate, tenendo sempre "
"in mente la sicurezza: un browser per il web, un client di messaggistica "
"istantanea, un programma client di posta elettronica, una suite di "
"scrittura, software per editare immagini e suoni, etc."
"Tails contiene diverse applicazioni, preconfigurate in modo da ottimizzare "
"la sicurezza: browser web, client di messaggistica istantanea, client di "