Merge remote-tracking branch 'origin/stable' into bugfix/15838-asp-fix-non-blocking-issues

config/APT_snapshots.d/debian/serial

-2018081901
+2018100901

config/amnesia

@@ -26,7 +26,7 @@ AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63 --id 42 --verbose"
 REQUIRED_SYSLINUX_UTILS_UPSTREAM_VERSION="6.03~pre20"
 
 # Kernel version
-KERNEL_VERSION='4.17.0-3'
+KERNEL_VERSION='4.18.0-2'
 KERNEL_SOURCE_VERSION=$(
    echo "$KERNEL_VERSION" \
        | perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms'

config/chroot_apt/preferences

@@ -105,7 +105,8 @@ Package: vulcan* libvulkan*
 Pin: release o=Debian,n=stretch-backports
 Pin-Priority: 999
 
-Package: wayland-protocols
+Explanation: src:wayland and src:wayland-protocols
+Package: libwayland* wayland-protocols
 Pin: release o=Debian,n=stretch-backports
 Pin-Priority: 999
 

config/chroot_local-hooks/46-configure-htpdate

-#!/bin/sh
-
-set -e
-
-echo "Configuring htpdate HTTP User-Agent"
-
-CONFFILE='/etc/default/htpdate.user-agent'
-
-install -o root -g root -m 0644 /dev/null "$CONFFILE"
-
-echo "HTTP_USER_AGENT=\"$(/usr/local/lib/getTorBrowserUserAgent)\"" \
-     > "$CONFFILE"

config/chroot_local-includes/etc/default/htpdate.user-agent

+HTTP_USER_AGENT="Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"

config/chroot_local-includes/etc/whisperback/debugging-info.json

@@ -6,6 +6,8 @@
 ["command", {"args": ["/usr/bin/lspci", "-nn"]}],
 ["command", {"args": ["/bin/df", "--human-readable", "--print-type"]}],
 ["command", {"args": ["/bin/mount", "--show-labels"]}],
+["command", {"args": ["/sbin/dmsetup", "ls", "--tree", "--options=blkdevname,uuid,active,open,rw,notrunc"]}],
+["command", {"args": ["/sbin/losetup", "--list", "--output=NAME,BACK-FILE,AUTOCLEAR,RO,PARTSCAN,SIZELIMIT,OFFSET"]}],
 ["command", {"args": ["/bin/lsmod"]}],
 ["file", {"user": "root", "path": "/proc/asound/cards"}],
 ["file", {"user": "root", "path": "/proc/asound/devices"}],

config/chroot_local-includes/usr/local/lib/getTorBrowserUserAgent

-#!/bin/sh
-
-set -e
-set -u
-
-echo 'Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0'

config/chroot_local-includes/usr/local/lib/onion-grater

@@ -134,6 +134,7 @@ import socket
 import socketserver
 import stem
 import stem.control
+import stem.connection
 import struct
 import sys
 import textwrap
@@ -565,12 +566,8 @@ class FilteredControlPortProxyHandler(socketserver.StreamRequestHandler):
         ))
 
     def connect_to_real_control_port(self):
-        with open(global_args.control_cookie_path, "rb") as f:
-            cookie = f.read()
-        controller = stem.control.Controller.from_socket_file(
-            global_args.control_socket_path
-        )
-        controller.authenticate(cookie)
+        controller = stem.connection.connect(control_socket=global_args.control_socket_path)
+        stem.connection.authenticate_cookie(controller, cookie_path=global_args.control_cookie_path)
         return controller
 
     def handle(self):

config/chroot_local-includes/usr/share/tails/torbrowser-AppArmor-profile.patch

 diff --git a/etc/apparmor.d/torbrowser.Browser.firefox b/etc/apparmor.d/torbrowser.Browser.firefox
-index d0aded9..e718ed5 100644
+index 9f269e1..8c7c830 100644
 --- a/etc/apparmor.d/torbrowser.Browser.firefox
 +++ b/etc/apparmor.d/torbrowser.Browser.firefox
 @@ -1,10 +1,11 @@
  #include <tunables/global>
  #include <tunables/torbrowser>
  
--@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox
+-@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox.real
 +@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
  
  profile torbrowser_firefox @{torbrowser_firefox_executable} {
@@ -34,7 +34,7 @@ index d0aded9..e718ed5 100644
    owner @{PROC}/@{pid}/fd/ r,
    owner @{PROC}/@{pid}/mountinfo r,
    owner @{PROC}/@{pid}/stat r,
-@@ -39,30 +43,32 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -39,32 +43,34 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
    owner @{PROC}/@{pid}/task/*/stat r,
    @{PROC}/sys/kernel/random/uuid r,
  
@@ -53,7 +53,6 @@ index d0aded9..e718ed5 100644
 -  owner @{torbrowser_home_dir}/components/*.so mr,
 -  owner @{torbrowser_home_dir}/browser/components/*.so mr,
 -  owner @{torbrowser_home_dir}/firefox rix,
--  owner @{torbrowser_home_dir}/plugin-container px -> torbrowser_plugin_container,
 -  owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/updater ix,
 -  owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/0/MozUpdater/bgupdate/updater ix,
 -  owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
@@ -64,7 +63,6 @@ index d0aded9..e718ed5 100644
 -  owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so.* mr,
 +  @{torbrowser_home_dir}/ r,
 +  @{torbrowser_home_dir}/** mr,
-+  @{torbrowser_home_dir}/plugin-container px -> torbrowser_plugin_container,
 +
 +  owner "@{HOME}/Tor Browser/" rw,
 +  owner "@{HOME}/Tor Browser/**" rwk,
@@ -89,17 +87,13 @@ index d0aded9..e718ed5 100644
 +  /usr/share/doc/tails/website/ r,
 +  /usr/share/doc/tails/website/** r,
  
+   # Web Content processes
+-  owner @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
++  @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
+ 
    /etc/mailcap r,
    /etc/mime.types r,
-@@ -70,6 +76,7 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
-   /usr/share/ r,
-   /usr/share/mime/ r,
-   /usr/share/themes/ r,
-+  /usr/share/glib-2.0/schemas/gschemas.compiled r,
-   /usr/share/applications/** rk,
-   /usr/share/gnome/applications/ r,
-   /usr/share/gnome/applications/kde4/ r,
-@@ -85,12 +92,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -88,12 +94,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
    /sys/devices/system/node/node[0-9]*/meminfo r,
    deny /sys/devices/virtual/block/*/uevent r,
  
@@ -112,7 +106,7 @@ index d0aded9..e718ed5 100644
    # Required for multiprocess Firefox (aka Electrolysis, i.e. e10s)
    owner /{dev,run}/shm/org.chromium.* rw,
  
-@@ -104,6 +105,31 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -107,6 +107,29 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
    deny @{HOME}/.cache/fontconfig/** rw,
    deny @{HOME}/.config/gtk-2.0/ rw,
    deny @{HOME}/.config/gtk-2.0/** rw,
@@ -122,8 +116,6 @@ index d0aded9..e718ed5 100644
 +  deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
 +  deny /usr/local/lib/tor-browser/update.test/ rw,
 +
-+  @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
-+
 +  # Grant access to assistive technologies
 +  # (otherwise, Firefox crashes when Orca is enabled:
 +  # https://labs.riseup.net/code/issues/9261)
@@ -144,7 +136,7 @@ index d0aded9..e718ed5 100644
    deny @{PROC}/@{pid}/net/route r,
    deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
    deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,
-@@ -119,5 +145,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+@@ -122,5 +145,10 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
    /etc/xfce4/defaults.list r,
    /usr/share/xfce4/applications/ r,
  
@@ -157,10 +149,19 @@ index d0aded9..e718ed5 100644
 +  deny /tmp/                 rwklx,
  }
 diff --git a/etc/apparmor.d/torbrowser.Browser.plugin-container b/etc/apparmor.d/torbrowser.Browser.plugin-container
-index fe95fdb..32d0c38 100644
+index 7ec8a00..346f2ad 100644
 --- a/etc/apparmor.d/torbrowser.Browser.plugin-container
 +++ b/etc/apparmor.d/torbrowser.Browser.plugin-container
-@@ -10,9 +10,9 @@ profile torbrowser_plugin_container {
+@@ -1,7 +1,7 @@
+ #include <tunables/global>
+ #include <tunables/torbrowser>
+ 
+-@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox.real
++@{torbrowser_firefox_executable} = /usr/local/lib/tor-browser/firefox.real
+ 
+ profile torbrowser_plugin_container {
+   #include <abstractions/gnome>
+@@ -12,9 +12,9 @@ profile torbrowser_plugin_container {
    #  - the "deny" word in the machine-id lines
    #  - the rules that deny reading /etc/pulse/client.conf
    #    and executing /usr/bin/pulseaudio
@@ -173,7 +174,7 @@ index fe95fdb..32d0c38 100644
  
    signal (receive) set=("term") peer=torbrowser_firefox,
  
-@@ -24,14 +24,15 @@ profile torbrowser_plugin_container {
+@@ -26,8 +26,8 @@ profile torbrowser_plugin_container {
    deny /etc/group r,
    deny /etc/mailcap r,
  
@@ -184,14 +185,7 @@ index fe95fdb..32d0c38 100644
  
    /etc/mime.types r,
    /usr/share/applications/gnome-mimeapps.list r,
- 
-   /dev/shm/ r,
- 
-+  owner @{PROC}/@{pid}/environ r,
-   owner @{PROC}/@{pid}/fd/ r,
-   owner @{PROC}/@{pid}/mountinfo r,
-   owner @{PROC}/@{pid}/stat r,
-@@ -39,28 +40,28 @@ profile torbrowser_plugin_container {
+@@ -42,31 +42,29 @@ profile torbrowser_plugin_container {
    owner @{PROC}/@{pid}/task/*/stat r,
    @{PROC}/sys/kernel/random/uuid r,
  
@@ -205,11 +199,12 @@ index fe95fdb..32d0c38 100644
 -  owner @{torbrowser_home_dir}/browser/components/*.so mr,
 -  owner @{torbrowser_home_dir}/defaults/pref/     r,
 -  owner @{torbrowser_home_dir}/defaults/pref/*.js r,
+-  owner @{torbrowser_home_dir}/dependentlibs.list r,
 -  owner @{torbrowser_home_dir}/fonts/   r,
 -  owner @{torbrowser_home_dir}/fonts/** r,
 -  owner @{torbrowser_home_dir}/omni.ja r,
--  owner @{torbrowser_home_dir}/plugin-container ixmr,
 -  owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/extensions/*.xpi r,
+-  owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/startupCache/* r,
 -  owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/* rw,
 -  owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
 -  owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
@@ -217,11 +212,12 @@ index fe95fdb..32d0c38 100644
 -  owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so.* mr,
 -  owner @{torbrowser_home_dir}/Downloads/ rwk,
 -  owner @{torbrowser_home_dir}/Downloads/** rwk,
+-
+-  owner @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
 +  @{torbrowser_home_dir}/ r,
 +  @{torbrowser_home_dir}/** mr,
-+  @{torbrowser_home_dir}/plugin-container ixmr,
 +
-+  owner @{HOME}/.tor-browser/profile.default/startupCache/scriptCache-child-current.bin r,
++  owner @{HOME}/.tor-browser/profile.default/startupCache/* r,
 +  owner @{HOME}/.tor-browser/profile.default/tmp/* rw,
 +
 +  owner "@{HOME}/Tor Browser/" rw,
@@ -239,10 +235,12 @@ index fe95fdb..32d0c38 100644
 +
 +  /usr/share/doc/tails/website/ r,
 +  /usr/share/doc/tails/website/** r,
++
++  @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
  
    /sys/devices/system/cpu/ r,
    /sys/devices/system/cpu/present r,
-@@ -86,10 +87,16 @@ profile torbrowser_plugin_container {
+@@ -92,10 +90,16 @@ profile torbrowser_plugin_container {
    deny @{PROC}/@{pid}/net/route r,
    deny /sys/devices/system/cpu/cpufreq/policy[0-9]*/cpuinfo_max_freq r,
    deny /sys/devices/system/cpu/*/cache/index[0-9]*/size r,

config/chroot_local-patches/apparmor-adjust-freedesktop-abstraction.diff

+--- /etc/apparmor.d/abstractions/freedesktop.org	2018-10-07 19:38:49.308000000 +0000
++++ /etc/apparmor.d/abstractions/freedesktop.org	2018-10-07 19:48:40.400000000 +0000
+@@ -24,7 +24,7 @@
+   /usr/local/share/pixmaps/**           r,
+ 
+   # this should probably go elsewhere
+-  /usr/share/mime/**              r,
++  /usr/{local/,}share/mime/**              r,
+ 
+   # per-user configurations
+   owner @{HOME}/.icons/                 r,

features/step_definitions/usb.rb

@@ -194,7 +194,12 @@ When /^I (install|reinstall|upgrade) Tails (?:to|on) USB drive "([^"]+)" (by clo
       label = action.capitalize
     end
     @installer.button(label).click
-    @installer.child('Question', roleName: 'alert').button('Yes').click
+    if action == 'upgrade'
+      confirmation_label = 'Upgrade'
+    else
+      confirmation_label = 'Install'
+    end
+    @installer.child('Question', roleName: 'alert').button(confirmation_label).click
     try_for(15*60, { :delay => 10 }) do
       @installer
         .child('Information', roleName: 'alert')

aufs4-standalone @ bdda97c7

-Subproject commit 01543e47eae7653c7e9a35a7204301f8a0b3ca50
+Subproject commit bdda97c749604bb9ea3f19e0c1ffac9042e79f77

wiki/src/contribute/release_process/tor-browser.mdwn

@@ -136,7 +136,7 @@ Then, clone the metadata repository and initialize git-annex:
 
 	git clone gitolite@git.puppet.tails.boum.org:torbrowser-archive.git && \
 	cd torbrowser-archive && \
-	git annex init 
+	git annex init
 
 You now have a lot of (dangling) symlinks in place of the files that are
 available in this git-annex repo.
@@ -242,3 +242,21 @@ Clean up
 	cd "$TBB_ARCHIVE" && \
 	git annex drop -- "${TBB_VERSION}" && \
     rm -rf "$DL_DIR"
+
+Update the htpdate User Agent
+=============================
+
+We want to use the same user agent in our htpdate script (see the
+[[Time syncing design|contribute/design/Time_syncing]]
+for more info on that) as in Tor Browser.
+
+To find out the User Agent of the new Tor Browser:
+
+1. Start Tor Browser (outside of Tails, if there is no ISO yet with the new
+   Tor Browser)
+2. Open the _Network_ tab in the _Developer Tools_ (Ctrl+Shift+E)
+3. Load a website (e.g. <https://tails.boum.org>)
+4. Select one of the GET requests in the _Developer Tools_
+5. Scroll down to `User-Agent` in the _Request headers_ section
+
+Now replace the User Agent in `config/chroot_local-includes/etc/default/htpdate.user-agent` with the one you found above.