Merge branch 'feature/14594-asp-gui' of webmasters.boum.org:wiki into feature/14594-asp-gui

.gitignore

@@ -23,11 +23,11 @@
 /config/source
 /config/chroot_local-includes/etc/amnesia/environment
 /config/chroot_local-includes/etc/amnesia/version
-/config/chroot_local-includes/usr/share/amnesia/readahead-list
-/config/chroot_local-includes/usr/share/amnesia/build/variables
 /config/chroot_local-includes/usr/share/doc/Changelog
 /config/chroot_local-includes/usr/share/doc/amnesia/Changelog
 /config/chroot_local-includes/usr/share/doc/tails/website
+/config/chroot_local-includes/usr/share/tails/build/variables
+/config/chroot_local-includes/usr/share/tails/readahead-list
 /.lock
 /.stage
 /source

Rakefile

@@ -647,7 +647,7 @@ namespace :basebox do
     boxes.sort! { |a, b| basebox_date(a) <=> basebox_date(b) }
     boxes.pop
     boxes.each do |box|
-      if basebox_date(box) < Date.today - 365.0/3.0
+      if basebox_date(box) < Date.today - 365.0/2.0
         clean_up_basebox(box)
       end
     end

auto/build

@@ -50,15 +50,15 @@ rm -rf cache/stages_rootfs
 
 # save variables that are needed by chroot_local-hooks
 echo "KERNEL_VERSION=${KERNEL_VERSION}" \
-   >> config/chroot_local-includes/usr/share/amnesia/build/variables
+   >> config/chroot_local-includes/usr/share/tails/build/variables
 echo "KERNEL_SOURCE_VERSION=${KERNEL_SOURCE_VERSION}" \
-   >> config/chroot_local-includes/usr/share/amnesia/build/variables
-echo "LB_DISTRIBUTION=${LB_DISTRIBUTION}" >> config/chroot_local-includes/usr/share/amnesia/build/variables
+   >> config/chroot_local-includes/usr/share/tails/build/variables
+echo "LB_DISTRIBUTION=${LB_DISTRIBUTION}" >> config/chroot_local-includes/usr/share/tails/build/variables
 echo "POTFILES_DOT_IN='$(
          /bin/grep -E --no-filename '[^ #]*\.in$' po/POTFILES.in \
        | sed -e 's,^config/chroot_local-includes,,' | tr "\n" ' '
    )'" \
-   >> config/chroot_local-includes/usr/share/amnesia/build/variables
+   >> config/chroot_local-includes/usr/share/tails/build/variables
 
 # fix permissions on some source files that will be copied as is to the chroot.
 # they may be wrong, e.g. if the Git repository was cloned with a strict umask.
@@ -111,7 +111,7 @@ DEBOOTSTRAP_OPTIONS="$DEBOOTSTRAP_OPTIONS --keyring=$DEBOOTSTRAP_GNUPG_KEYRING"
 export DEBOOTSTRAP_OPTIONS
 
 : ${MKSQUASHFS_OPTIONS:='-comp xz -Xbcj x86 -b 1024K -Xdict-size 1024K -no-exports'}
-MKSQUASHFS_OPTIONS="${MKSQUASHFS_OPTIONS} -wildcards -ef chroot/usr/share/amnesia/build/mksquashfs-excludes"
+MKSQUASHFS_OPTIONS="${MKSQUASHFS_OPTIONS} -wildcards -ef chroot/usr/share/tails/build/mksquashfs-excludes"
 export MKSQUASHFS_OPTIONS
 
 # build the doc wiki

auto/clean

@@ -33,7 +33,7 @@ for list in config/chroot_local-packageslists/*.list ; do
 done
 
 # files copied or created in the build stage
-rm -f config/chroot_local-includes/usr/share/amnesia/build/variables
+rm -f config/chroot_local-includes/usr/share/tails/build/variables
 
 # static wiki
 rm -rf config/chroot_local-includes/usr/share/doc/tails/website wiki/src/.ikiwiki

auto/config

@@ -184,11 +184,11 @@ cp debian/changelog config/chroot_local-includes/usr/share/doc/amnesia/Changelog
 
 # create readahead-list from squashfs.sort
 if [ -e config/binary_rootfs/squashfs.sort ]; then
-    mkdir -p config/chroot_local-includes/usr/share/amnesia
+    mkdir -p config/chroot_local-includes/usr/share/tails
     sort -k2 -n -r config/binary_rootfs/squashfs.sort | \
         cut -d' ' -f1 | \
         grep --invert-match --extended-regexp "$READAHEAD_EXCLUDE_PATTERN" \
-        > config/chroot_local-includes/usr/share/amnesia/readahead-list
+        > config/chroot_local-includes/usr/share/tails/readahead-list
 fi
 
 # custom APT sources

build-website

@@ -25,13 +25,4 @@ if ! "${git_dir}/bin/sanity-check-website" ; then
     fi
 fi
 
-# If I knew Ikiwiki better I'd probably figure out how to just make it
-# keep the misc/*.html files as-is instead of this hack.
-fixup_14962_workaround() {
-    mkdir -p config/chroot_local-includes/usr/share/doc/tails/website/misc
-    rm -f config/chroot_local-includes/usr/share/doc/tails/website/misc/*
-    cp wiki/src/misc/*.html \
-       config/chroot_local-includes/usr/share/doc/tails/website/misc
-}
-
-ikiwiki -setup ikiwiki.setup -refresh "$@" && fixup_14962_workaround
+ikiwiki -setup ikiwiki.setup -refresh "$@"

config/amnesia

@@ -26,7 +26,7 @@ AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63 --id 42 --verbose"
 REQUIRED_SYSLINUX_UTILS_UPSTREAM_VERSION="6.03~pre20"
 
 # Kernel version
-KERNEL_VERSION='4.15.0-3'
+KERNEL_VERSION='4.17.0-2'
 KERNEL_SOURCE_VERSION=$(
    echo "$KERNEL_VERSION" \
        | perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms'

config/chroot_apt/preferences

@@ -53,6 +53,31 @@ Package: thunderbird* calendar-google-provider
 Pin: origin deb.tails.boum.org
 Pin-Priority: 999
 
+Explanation: src:libdrm
+Package: libdrm*
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Explanation: src:libclc
+Package: libclc*
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Explanation: src:libglvnd
+Package: libglvnd* libegl1 libgles2 libgl1 libglx0 libopengl0
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Explanation: src:llvm-toolchain-5.0
+Package: clang* libclang* libfuzzer-* python-clang-* libllvm* llvm-* lld-* liblld-* lldb-* liblldb-* python-lldb-*
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Explanation: src:mesa
+Package: lib*-mesa* libgbm* libosmesa* libxatracker* mesa*
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
 Package: obfs4proxy
 Pin: release o=TorProject,n=obfs4proxy
 Pin-Priority: 990
@@ -63,10 +88,6 @@ Package: systemd systemd-sysv systemd-container systemd-journal-remote systemd-c
 Pin: release o=Debian,n=stretch-backports
 Pin-Priority: 999
 
-Package: onionshare
-Pin: release o=Debian,n=sid
-Pin-Priority: 999
-
 Package: openpgp-applet
 Pin: release o=Debian,n=sid
 Pin-Priority: 999
@@ -75,8 +96,21 @@ Package: tails-installer
 Pin: origin deb.tails.boum.org
 Pin-Priority: 999
 
+Package: tor tor-geoipdb
+Pin: release o=TorProject,n=tor-nightly-0.3.4.x-stretch
+Pin-Priority: 999
+
 Package: virtualbox*
-Pin: release o=Debian,n=sid
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Explanation: src:vulkan
+Package: vulcan* libvulkan*
+Pin: release o=Debian,n=stretch-backports
+Pin-Priority: 999
+
+Package: wayland-protocols
+Pin: release o=Debian,n=stretch-backports
 Pin-Priority: 999
 
 Explanation: src:xorg-server
@@ -84,7 +118,7 @@ Package: xserver-xorg-core xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-x
 Pin: release o=Debian,n=stretch
 Pin-Priority: 999
 
-Package: xul-ext-ublock-origin
+Package: webext-ublock-origin
 Pin: release o=Debian,n=sid
 Pin-Priority: 999
 

config/chroot_local-hooks/00-install-tailslib

@@ -17,10 +17,6 @@ ensure_hook_dependency_is_installed python3-setuptools
     python3 setup.py install
 
     package_glob_pattern="/usr/local/lib/python3.*/dist-packages/Tailslib*.egg"
-    if [ ! -f ${package_glob_pattern} ]; then
-       echo "Cannot find Tailslib Python package \"${package_glob_pattern}\"" >&2
-       exit 1
-    fi
-    strip_nondeterminism_wrapper --type zip "$(realpath ${package_glob_pattern})" 2>/dev/null
+    strip_nondeterminism_wrapper --type zip ${package_glob_pattern}
 )
 rm -rf /tmp/pythonlib

config/chroot_local-hooks/01-check-for-dot-orig-files

@@ -19,7 +19,7 @@ rm -f ${DOT_ORIG_WHITELIST_DELETE}
 DOT_ORIG_FILES=$(find / -type f -name *.orig || :)
 
 if [ "$DOT_ORIG_FILES" != "$DOT_ORIG_WHITELIST_KEEP" ]; then
-    echo "Some patches are fuzzy and leave .orig files around:" >&2
+    echo "E: Some patches are fuzzy and leave .orig files around:" >&2
     echo "$DOT_ORIG_FILES" >&2
     exit 1
 fi

config/chroot_local-hooks/04-change-gids-and-uids

@@ -6,14 +6,46 @@ set -e
 
 echo "Change GIDs and UIDs"
 
-TPS_GROUP_STEALER=$(getent group 122 | awk -F ':' '{print $1}')
-if [ -n "$TPS_GROUP_STEALER" ]; then
-   groupmod --gid 150 "$TPS_GROUP_STEALER"
-   find / -wholename /proc -prune -o \( \! -type l -a -gid 122 -exec chgrp 150 '{}' \; \)
-fi
-
-TPS_USER_STEALER=$(getent passwd 115 | awk -F ':' '{print $1}')
-if [ -n "$TPS_USER_STEALER" ]; then
-   usermod --uid 150 "$TPS_USER_STEALER"
-   find / -wholename /proc -prune -o \( \! -type l -a -uid 115 -exec chown 150 '{}' \; \)
-fi
+Change_uid () {
+	NAME="$1"
+	NEW="$2"
+	OLD="$(getent passwd "$NAME" | awk -F ':' '{print $3}')"
+
+	if [ -n "$OLD" ]; then
+		echo "Changing UID for $NAME ($OLD -> $NEW)"
+		usermod --uid "$NEW" "$NAME"
+		find / -wholename /proc -prune -o \( \! -type l -a -uid "$OLD" -exec chown "$NEW" '{}' \; \)
+	fi
+}
+
+Change_gid () {
+	NAME="$1"
+	NEW="$2"
+	OLD="$(getent group "$NAME" | awk -F ':' '{print $3}')"
+
+	if [ -n "$OLD" ]; then
+		echo "Changing GID for $NAME ($OLD -> $NEW)"
+		groupmod --gid "$NEW" "$NAME"
+		find / -wholename /proc -prune -o \( \! -type l -a -gid "$OLD" -exec chgrp "$NEW" '{}' \; \)
+	fi
+}
+
+
+Change_uid tails-persistent-setup 150
+Change_gid tails-persistent-setup 150
+
+### Ensure GIDs are stable accross releases
+#   ... otherwise, things such as tor@service are broken
+#   after applying an automatic upgrade (#15695, #15424, #13426, #15407)
+
+# Temporarily give these groups a GID that's out of the way, to avoid collisions
+Change_gid vboxsf       1120
+Change_gid monkeysphere 1130
+Change_gid debian-tor   1140
+Change_gid lpadmin      1150
+
+# Finally, give these groups the desired GID
+Change_gid vboxsf       112
+Change_gid monkeysphere 113
+Change_gid debian-tor   114
+Change_gid lpadmin      115

config/chroot_local-hooks/09-torsocks-apps

@@ -5,7 +5,8 @@ set -e
 echo "Wrapping some applications with torsocks"
 
 APPS="gobby-0.5 net.sourceforge.liferea openpgp-applet seahorse"
-DBUS_SERVICES="net.sourceforge.liferea org.gnome.seahorse.Application org.fedoraproject.Config.Printing"
+DBUS_SERVICES="org.gnome.seahorse.Application org.fedoraproject.Config.Printing"
+WRAPPED_DBUS_SERVICES="net.sourceforge.liferea"
 
 for app in $APPS; do
    sed -i'' --regexp-extended 's,^Exec=(.*),Exec=torsocks \1,' \
@@ -17,6 +18,12 @@ for dbus_service in $DBUS_SERVICES; do
        "/usr/share/dbus-1/services/${dbus_service}.service"
 done
 
+# Wrapped by both torsocks and a binary in /usr/local
+for dbus_service in $WRAPPED_DBUS_SERVICES; do
+   sed -i'' --regexp-extended 's,^Exec=/usr/(.*),Exec=/usr/bin/torsocks /usr/local/\1,' \
+       "/usr/share/dbus-1/services/${dbus_service}.service"
+done
+
 # Redirect to existing wrapper
 sed -i'' --regexp-extended 's,^Exec=pidgin$,Exec=/usr/local/bin/pidgin,' \
     "/usr/share/applications/pidgin.desktop"

config/chroot_local-hooks/10-tbb

@@ -118,17 +118,14 @@ EOF
 # TBB works around the lack of code signing for its extensions by
 # hacking in exceptions. We do the same!
 apply_extension_code_signing_hacks () {
-    local destination tmp tbb_timestamp
-    destination="${1}"
-
-    # For consistency we'll set timestamps of files we modify to the
-    # same one used by the Tor Browser instead of SOURCE_DATE_EPOCH.
-    tbb_timestamp="$(date --date='2000-01-01 00:00:00' +%s)"
+    local tbb_install tbb_timestamp
+    tbb_install="${1}"
+    tbb_timestamp="${2}"
 
     tmp="$(mktemp -d)"
     (
         cd "${tmp}"
-        7z x -tzip "${TBB_INSTALL}/omni.ja"
+        7z x -tzip "${tbb_install}/omni.ja"
         patch -p1 <<EOF
 diff -Naur a/chrome/toolkit/content/mozapps/extensions/extensions.js b/chrome/toolkit/content/mozapps/extensions/extensions.js
 --- a/chrome/toolkit/content/mozapps/extensions/extensions.js 2000-01-01 00:00:00.000000000 +0000
@@ -167,14 +164,14 @@ diff -Naur a/modules/addons/XPIProvider.jsm b/modules/addons/XPIProvider.jsm
 EOF
         touch --date="@${tbb_timestamp}" modules/addons/XPIProvider.jsm \
               chrome/toolkit/content/mozapps/extensions/extensions.js
-        rm "${TBB_INSTALL}/omni.ja"
-        7z a -mtc=off -tzip "${TBB_INSTALL}/omni.ja" *
+        rm "${tbb_install}/omni.ja"
+        7z a -mtc=off -tzip "${tbb_install}/omni.ja" *
     )
     rm -r "${tmp}"
     tmp="$(mktemp -d)"
     (
         cd "${tmp}"
-        7z x -tzip "${TBB_INSTALL}/browser/omni.ja"
+        7z x -tzip "${tbb_install}/browser/omni.ja"
         patch -p1 <<EOF
 diff -Naur x/components/nsBrowserGlue.js y/components/nsBrowserGlue.js
 --- a/components/nsBrowserGlue.js 2000-01-01 00:00:00.000000000 +0000
@@ -191,44 +188,47 @@ diff -Naur x/components/nsBrowserGlue.js y/components/nsBrowserGlue.js
            }
 EOF
         touch --date="@${tbb_timestamp}" components/nsBrowserGlue.js
-        rm "${TBB_INSTALL}/browser/omni.ja"
-        7z a -mtc=off -tzip "${TBB_INSTALL}/browser/omni.ja" *
+        rm "${tbb_install}/browser/omni.ja"
+        7z a -mtc=off -tzip "${tbb_install}/browser/omni.ja" *
     )
     rm -r "${tmp}"
-    for archive in "${TBB_INSTALL}/omni.ja" "${TBB_INSTALL}/browser/omni.ja"; do
-        strip_nondeterminism_wrapper --type zip --timestamp "${tbb_timestamp}" \
-                                     "${archive}" 2>/dev/null
-    done
 }
 
-# Modern Firefox doesn't apply browser.search.defaultenginename on
-# start, and the other ways to get it to work (e.g. pre-generating
-# search.json.mozlz4) seems rather complex. Instead, let's just make
-# browser.search.defaultenginename work again by employing some
-# Enterprise features to run arbitrary JavaScript with access to the
-# Firefox internals. For the details of this feature, see:
-# https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment
-apply_default_searchengine_hacks () {
-    local destination
-    destination="${1}"
-
-    cat > "${destination}/defaults/pref/autoconfig.js" <<EOF
-// This file must start with a comment
-pref("general.config.filename", "mozilla.cfg");
-pref("general.config.obscure_value", 0);
-EOF
+apply_prefs_hacks() {
+    local tbb_install tmp tbb_timestamp
+    tbb_install="${1}"
+    tbb_timestamp="${2}"
 
-    cat > "${destination}/mozilla.cfg" <<EOF
-// This file must start with a comment
-var searchService = Components.classes["@mozilla.org/browser/search-service;1"].getService(Components.interfaces.nsIBrowserSearchService);
-var engineName = getPref("browser.search.defaultenginename");
-if (engineName) {
-    var engine = searchService.getEngineByName(engineName);
-    if (engine) {
-        searchService.currentEngine = engine;
-    }
+    tmp="$(mktemp -d)"
+    (
+        cd "${tmp}"
+        7z x -tzip "${tbb_install}/browser/omni.ja"
+        # Remove TBB's Tor Launcher settings since we don't enable it in
+	# our Tor Browser.
+	sed -i '/extensions\.torlauncher\./d' defaults/preferences/000-tor-browser.js
+	# Display the Stop/Reload button: our test suite currently depends on it
+	perl -pi -E \
+	    's/^(pref\("browser.uiCustomization.state",.*\\"loop-button\\")/$1,\\"stop-reload-button\\"/' \
+	    defaults/preferences/000-tor-browser.js
+	# Append our custom prefs
+	cat /usr/share/tails/tor-browser-prefs.js \
+	    >> defaults/preferences/000-tor-browser.js
+	touch --date="@${tbb_timestamp}" defaults/preferences/000-tor-browser.js
+        rm "${tbb_install}/browser/omni.ja"
+        7z a -mtc=off -tzip "${tbb_install}/browser/omni.ja" *
+    )
+    rm -r "${tmp}"
 }
-EOF
+
+strip_nondeterminism () {
+    local tbb_install tbb_timestamp
+    tbb_install="${1}"
+    tbb_timestamp="${2}"
+
+    for archive in "${tbb_install}/omni.ja" "${tbb_install}/browser/omni.ja"; do
+        strip_nondeterminism_wrapper --type zip --timestamp "${tbb_timestamp}" \
+                                     "${archive}" 2>/dev/null
+    done
 }
 
 install_langpacks_from_bundles() {
@@ -262,8 +262,9 @@ install_debian_extensions() {
     destination="${1}"
     shift
     apt-get install --yes "${@}"
-    ln -s /usr/share/xul-ext/ublock-origin/ \
+    ln -s /usr/share/webext/ublock-origin/ \
           "${destination}"/'uBlock0@raymondhill.net'
+    patch -p1 < /usr/share/tails/uBlock-disable-autoUpdate.diff
 }
 
 create_default_profile() {
@@ -275,16 +276,16 @@ create_default_profile() {
     rsync -a --exclude bookmarks.html --exclude extensions \
           "${tbb_profile}"/ "${destination}"/
 
-    # Remove TBB's Tor Launcher settings since we don't enable it in
-    # our Tor Browser.
-    sed -i '/extensions\.torlauncher\./d' "${destination}"/preferences/extension-overrides.js
-
     mkdir -p "${destination}"/extensions
     for ext in "${tbb_extensions_dir}"/*; do
         ln -s "${ext}" "${destination}"/extensions/
     done
 }
 
+# For consistency we'll set timestamps of files we modify to the
+# same one used by the Tor Browser instead of SOURCE_DATE_EPOCH.
+TBB_TIMESTAMP="$(date --date='2000-01-01 00:00:00' +%s)"
+
 TBB_SHA256SUMS_FILE=/usr/share/tails/tbb-sha256sums.txt
 TBB_TARBALLS="$(grep "\<tor-browser-linux64-.*\.tar.xz$" "${TBB_SHA256SUMS_FILE}")"
 
@@ -301,16 +302,17 @@ fi
 TBB_DIST_URL_FILE=/usr/share/tails/tbb-dist-url.txt
 TBB_TARBALLS_BASE_URL="$(cat "${TBB_DIST_URL_FILE}")"
 
-# The Debian Iceweasel extensions we want to install and make
+# The Firefox extensions we want to install from Debian and make
 # available in the Tor Browser.
-DEBIAN_EXT_PKGS="xul-ext-ublock-origin"
+DEBIAN_EXT_PKGS="webext-ublock-origin"
 
 TMP="$(mktemp -d)"
 download_and_verify_files "${TBB_TARBALLS_BASE_URL}" "${TBB_TARBALLS}" "${TMP}"
 
 install_tor_browser "${TMP}/${MAIN_TARBALL}" "${TBB_INSTALL}"
-apply_extension_code_signing_hacks "${TBB_INSTALL}"
-apply_default_searchengine_hacks "${TBB_INSTALL}"
+apply_extension_code_signing_hacks "${TBB_INSTALL}" "${TBB_TIMESTAMP}"
+apply_prefs_hacks "${TBB_INSTALL}" "${TBB_TIMESTAMP}"
+strip_nondeterminism "${TBB_INSTALL}" "${TBB_TIMESTAMP}"
 
 mkdir -p "${TBB_EXT}"
 if [ "${NIGHTLY_BUILD}" != yes ]; then
@@ -324,11 +326,11 @@ rm -r "${TMP}"
 mv "${TBB_INSTALL}"/TorBrowser/Data/Browser/profile.default/extensions/* "${TBB_EXT}"
 rmdir "${TBB_INSTALL}"/TorBrowser/Data/Browser/profile.default/extensions
 
-# ... and then install a few Iceweasel extension by using a fake
-# Iceweasel equivs package to satisfy the dependencies.
+# ... and then install a few Firefox extension by using a fake
+# firefox equivs package to satisfy the dependencies.
 FIREFOX_VERSION=$(get_firefox_version "${TBB_INSTALL}"/application.ini)
-FAKE_ICEWEASEL_VERSION=${FIREFOX_VERSION}+fake1
-install_fake_package iceweasel "${FAKE_ICEWEASEL_VERSION}" web
+FAKE_FIREFOX_VERSION=${FIREFOX_VERSION}+fake1
+install_fake_package firefox "${FAKE_FIREFOX_VERSION}" web
 install_debian_extensions "${TBB_EXT}" ${DEBIAN_EXT_PKGS}
 
 mkdir -p "${TBB_PROFILE}"

config/chroot_local-hooks/11-localize_browser

@@ -19,11 +19,10 @@ echo "Localize each supported browser locale"
 
 ensure_hook_dependency_is_installed p7zip imagemagick
 
-TBB_LOCALIZED_SEARCHPLUGINS_DIR="${TBB_INSTALL}/distribution/searchplugins/locale/"
 BROWSER_LOCALIZATION_DIR="/usr/share/tails/browser-localization"
 DESCRIPTIONS_FILE="${BROWSER_LOCALIZATION_DIR}/descriptions"
 LOCALE_PROFILES_DIR="/etc/tor-browser/locale-profiles/"
-NO_SPELLCHECKER_LOCALES="ja ko nl pl tr zh"
+NO_SPELLCHECKER_LOCALES="ja tr zh"
 
 # Sanity check that each supported Tor Browser locale has a
 # description for how to localize it further.
@@ -34,21 +33,21 @@ for LOCALE in $(supported_tor_browser_locales); do
     fi
 done
 if [ -n "${BROKEN_LOCALES}" ]; then
-    echo "The following supported browser locales lack search plugin descriptions in ${DESCRIPTIONS_FILE}:${BROKEN_LOCALES}" >&2
+    echo "The following supported browser locales lack descriptions in ${DESCRIPTIONS_FILE}:${BROKEN_LOCALES}" >&2
     exit 1
 fi
 
 # This very long while-loop is fed the DESCRIPTIONS_FILE (IO
 # redirection at the bottom), which describes how we will localize
 # each supported Tor Browser locale. The format is:
-#   MOZILLA_LOCALE:LOCATION:LOCALIZED_LANG:STARTPAGE_LANG:STARTPAGE_LANG_UI
+#   MOZILLA_LOCALE:LOCATION:LOCALIZED_LANG
 # Note that we're forced to pick some representative location for the
 # language-only locales, like Egypt (EG) for Arabic (ar).
-while IFS=: read MOZILLA_LOCALE LOCATION LOCALIZED_LANG STARTPAGE_LANG STARTPAGE_LANG_UI; do
+while IFS=: read MOZILLA_LOCALE LOCATION LOCALIZED_LANG; do
     if [ -z "${MOZILLA_LOCALE}" ] || [ -z "${LOCATION}" ] || \
-       [ -z "${LOCALIZED_LANG}" ] || [ -z "${STARTPAGE_LANG}" ]; then
+       [ -z "${LOCALIZED_LANG}" ]; then
         echo "Something is wrong with ${DESCRIPTIONS_FILE}" >&2
-        echo "Description: ${MOZILLA_LOCALE}:${LOCATION}:${LOCALIZED_LANG}:${STARTPAGE_LANG}:${STARTPAGE_LANG_UI}" >&2
+        echo "Description: ${MOZILLA_LOCALE}:${LOCATION}:${LOCALIZED_LANG}" >&2
        exit 1
     fi
 
@@ -64,67 +63,11 @@ while IFS=: read MOZILLA_LOCALE LOCATION LOCALIZED_LANG STARTPAGE_LANG STARTPAGE
         NORMAL_LOCALE="${MOZILLA_LOCALE}_${LOCATION}"
     fi
     LANG_CODE="$(language_code_from_locale "${NORMAL_LOCALE}")"
-    TARGET_SEARCHPLUGINS_DIR="${TBB_LOCALIZED_SEARCHPLUGINS_DIR}/${MOZILLA_LOCALE}"
-    mkdir -p "${TARGET_SEARCHPLUGINS_DIR}"
-
-    if [ -z "${STARTPAGE_LANG_UI}" ]; then
-        STARTPAGE_LANG_UI=english
-    fi
-    sed -e "s/\${LOCALIZED_LANG}/${LOCALIZED_LANG}/" \
-        -e "s/\${LANG}/${STARTPAGE_LANG}/" \
-        -e "s/\${LANG_UI}/${STARTPAGE_LANG}/" \
-        "${BROWSER_LOCALIZATION_DIR}/startpage.xml-template" > \
-        "${TARGET_SEARCHPLUGINS_DIR}/startpage-${MOZILLA_LOCALE}.xml"
-
-    DDG_PLUGIN="${TARGET_SEARCHPLUGINS_DIR}/ddg-${MOZILLA_LOCALE}.xml"
-    DDG_LANG_UI="${NORMAL_LOCALE}"
-    if [ "${DDG_LANG_UI}" = "vi_VN" ]; then
-        # DDG uses a non-standard locale for Vietnamese
-        DDG_LANG_UI="vi_VI"
-    fi
-    sed -e "s/\${LOCALIZED_LANG}/${LOCALIZED_LANG}/" \
-        -e "s/\${LANG_UI}/${DDG_LANG_UI}/" \
-        "${BROWSER_LOCALIZATION_DIR}/ddg.xml-template" > \
-        "${DDG_PLUGIN}"
-
-    # We generate a Wikipedia plugin with localized icons since we
-    # want to provide both English and the locale's plugin, and
-    # Firefox' new search bar only shows icons; the description (which
-    # is localized) is only shown in a pop-up nowdays, so it's easy to
-    # mix them up.
-    CAPITALIZED_LANG_CODE="$(echo "${LANG_CODE}" | tr 'a-z' 'A-Z')"
-    LOCALIZED_WIKIPEDIA_ICON_PATH="/tmp/wikipedia-icon-${LANG_CODE}.png"
-    WIKIPEDIA_SEARCH_ICON_BASE64_PATH="${LOCALIZED_WIKIPEDIA_ICON_PATH}.base64"
-    WIKIPEDIA_ICON_TEMPLATE="${BROWSER_LOCALIZATION_DIR}/Wikipedia-icon.png"
-    convert "${WIKIPEDIA_ICON_TEMPLATE}" \
-            -gravity SouthEast -pointsize 130 -font Liberation-Sans-Bold \
-            -fill black -annotate 0 "${CAPITALIZED_LANG_CODE}" \
-            +set date:create +set date:modify -define png:exclude-chunk=time \
-            -resize 16x16 "${LOCALIZED_WIKIPEDIA_ICON_PATH}"
-    base64 "${LOCALIZED_WIKIPEDIA_ICON_PATH}" | tr -d "\n" > \
-           "${WIKIPEDIA_SEARCH_ICON_BASE64_PATH}"
-    sed -e "s/\${LANG_CODE}/${LANG_CODE}/" \
-        -e "s/\${LOCALIZED_LANG}/${LOCALIZED_LANG}/" \
-        -e "/\${BASE64_PNG_16x16}/ r ${WIKIPEDIA_SEARCH_ICON_BASE64_PATH}" \
-        -e "/\${BASE64_PNG_16x16}/d" \
-        "${BROWSER_LOCALIZATION_DIR}/wikipedia.xml-template" > \
-        "${TARGET_SEARCHPLUGINS_DIR}/wikipedia-${MOZILLA_LOCALE}.xml"
-    rm "${LOCALIZED_WIKIPEDIA_ICON_PATH}" \
-       "${WIKIPEDIA_SEARCH_ICON_BASE64_PATH}"
 
     # Our Tor Browser wrapper script will make use of the following
     # per-locale profiles to set localized defaults for various prefs.
     mkdir -p "${LOCALE_PROFILES_DIR}"
     LOCALE_PROFILE_FILE="${LOCALE_PROFILES_DIR}/${MOZILLA_LOCALE}.js"
-    for KEY in browser.search.defaultenginename \
-               browser.search.selectedEngine; do
-        PLUGIN="DuckDuckGo - ${LOCALIZED_LANG}"
-        if ! grep -q "<ShortName>${PLUGIN}</ShortName>" "${DDG_PLUGIN}"; then
-            echo "Trying to make search plugin '${PLUGIN}' the default for ${MOZILLA_LOCALE} but it unexpectedly wasn't the one we generated earlier" >&2
-            exit 1
-        fi
-        set_mozilla_pref "${LOCALE_PROFILE_FILE}" "${KEY}" "\"${PLUGIN}\""
-    done
     TBB_DICTIONARIES_DIR="${TBB_INSTALL}/dictionaries"
     unset SPELLCHECKER_LOCALE
     for LOCALE in "${NORMAL_LOCALE}" "${LANG_CODE}"; do
@@ -142,7 +85,8 @@ while IFS=: read MOZILLA_LOCALE LOCATION LOCALIZED_LANG STARTPAGE_LANG STARTPAGE
     fi
     set_mozilla_pref "${LOCALE_PROFILE_FILE}" \
                           "spellchecker.dictionary" \
-                          "\"${SPELLCHECKER_LOCALE}\""
+                          "\"${SPELLCHECKER_LOCALE}\"" \
+                           "user_pref"
     HOMEPAGE="https://tails.boum.org/home/"
     if echo "${TAILS_WIKI_SUPPORTED_LANGUAGES}" | grep -qw "${LANG_CODE}"; then
         HOMEPAGE="${HOMEPAGE}index.${LANG_CODE}.html"
@@ -154,47 +98,6 @@ done < "${DESCRIPTIONS_FILE}"
 # This directory is not needed after build time.
 rm -r "${BROWSER_LOCALIZATION_DIR}"
 
-# Remove unwanted browser search plugins bundled in the Tor Browser.
-# Note for posterity: the searchplugins/list.txt file must not be
-# removed! It must list the filename (excl. .xml) of each plugin
-# present, otherwise they won't work. It's not a problem to list
-# nonexisting ones, so as long as we delete plugins we do not have to
-# alter it.
-7z d -mtc=off -tzip "${TBB_INSTALL}/browser/omni.ja" \
-   'chrome/en-US/locale/browser/searchplugins/ddg*.xml' \
-   'chrome/en-US/locale/browser/searchplugins/startpage*.xml' \
-   'chrome/en-US/locale/browser/searchplugins/wikipedia*.xml' \
-   'chrome/en-US/locale/browser/searchplugins/yahoo*.xml'
-# For consistency, fixup the internal timestamps of these archives with
-# the same ones used by the Tor Browser instead of SOURCE_DATE_EPOCH.
-tbb_timestamp="$(date --date='2000-01-01 00:00:00' +%s)"
-strip_nondeterminism_wrapper --type zip --timestamp "${tbb_timestamp}" \