GitLab

... instead of copying it, so the chroot's DNS configuration stays
up-to-date in case we switch network or similar.

Will-fix: #7903

This is cleaner, and will help us on our path to #8775.

Refs: #8775

Whenever persistent Claws Mail setting is enabled, this creates an empty
~/.icedove/ directory, that prevents Thunderbird from starting.

Will-fix: #6038

"." is a regexp special char. We mean "." literally so it ought to be escaped.

Wrong:

 $ echo 'user_pref("extensionsXenigmailYconfiguredVersion",' \
   | sed --regexp-extended \
        '/^(user_)?pref\("extensions.enigmail.configuredVersion",/d'

Right:

 $ echo 'user_pref("extensionsXenigmailYconfiguredVersion",' \
   | sed --regexp-extended \
        '/^(user_)?pref\("extensions\.enigmail\.configuredVersion",/d'
 user_pref("extensionsXenigmailYconfiguredVersion",

For any Thunderbird profile that was ever used, that pref will be
present there as well.

Will-fix: #12680

Refs: #12680

gksu is unmaintained, buggy (e.g. #12000) stuff, and it is the only
reason we ship GConf, which we want to remove (refs: #12738).

So /[D|d]/ will match "|" which wasn't the intention. Presumably the
intention was /(D|d)/, but a plain /[Dd]/ is cleaner.

It seems that some servers (sometimes) do not send their headers with
first letter uppercased, hence a lot of failures to find the date in it.

Otherwise, after closing Nautilus one gets the prompt back only after 5-15
seconds, which confuses users and makes our doc more complicated than it should.

As reported on https://labs.riseup.net/code/issues/12400#note-8,
we now know that's not exactly what "apt-get autoclean" does.

refs: #12400

refs: #12400

Most of the time, when reading such a bug report, after getting some context out
of the general hardware & system information, I am mainly interested in what's
near the end of the Journal. Previously I had to search for this place in the
middle of the technical details. Now I'll be able to simply scroll to the
bottom :)

This moves:

 * lspci and /proc/cmline closer to the top
 * lsmod after the filesystem information

Rationale: it is more logical (and efficient) to start with general system
information before zooming into technical details, so one has the context in
mind when analyzing more specific information.

Too often, we see bugs caused by a full filesystem, e.g. persistent volume.
Let's give ourselves means to identify those cases early, and avoid
wasting time debugging them when the solution is obvious.

Return to the initramfs (unpacked in /run/initramfs) on shutdown (refs: #12428, #12354, Debian#778849).

… otherwise the aufs read-write (tmpfs) branch, among possibly other things,
can't be properly unmounted and its content remains in memory.

Notes:

 * We have to handle some unmounting ourselves in initramfs-pre-shutdown-hook:
   systemd-shutdown doesn't manage to unmount the aufs read-write
   branch (/oldroot/lib/live/mount/overlay) as it is needed by the
   aufs (/oldroot) filesystem, and reciprocally it cannot unmount /oldroot as it
   is kept busy by /oldroot/lib/live/mount/*. So we disentangle this mess
   ourselves. And we have to manually empty the aufs read-write (tmpfs) branch,
   otherwise for some reason its content remains in memory. This code will of
   course need to be adapted for overlayfs some day.

 * We lock /bin/kill in memory: apparently systemd-exit.service needs it.

 * We remount /run on shutdown *before* dropping caches, just in case dropping
   caches removes what we've locked into memory.

 * We unpack the initramfs to /run/initramfs at *boot* time: sadly, I was not
   able to have it unpacked reliably in udev-watchdog-wrapper when the boot
   medium is ejected, so we'll use a little bit more RAM (instead of locking the
   compressed initramfs into memory, we're storing the uncompressed one there)
   and probably slow down the boot a bit, in order to make emergency shutdown
   robust. Note, however, that we save some of the RAM used by the uncompressed
   initramfs by deleting the worst offenders (kernel modules).

 * For now the whole procedure is quite noisy on the screen: the pre-shutdown
   hook runs under "set -x", doesn't run "clear", and spits out lots of
   debugging information. The goal is to enable users to provide useful
   debugging data if they have problems with emergency shutdown. Once we have
   shipped this code in a few releases and trust it's robust enough, we can
   surely reconsider and polish the UX by making the output less noisy.

 * We use absolute paths in many places to avoid $PATH lookup which might
   fail if the root filesystem is not there anymore.

It's not reliable enough and provides poor UX. Linux memory poisoning
works well enough to get rid of it.

Note that the backslash in the removed `\_${pattern}_`-style sed
patterns just says "the next character will be the delimiter", so _
becomes the delimiter. That allows you to use another delimiter than /
in compination with d, which is nice when the pattern is a path (that
tend to include /). It's a little known sed-feature. Just FYI! :)

This reverts commit b3abf4e5.

Also, tails-persistence-setup 1.1.8-1 has been uploaded to our APT
repo, which has adjusted for this migration.

Will-fix: #12242

…otherwise obsolete packages will pile up endlessly: we've had to disable
apt-daily.timer to ensure it doesn't 1. waste RAM; 2. run at the same time as
tails-additional-software (which would break the latter).

Will-fix: #12400

I suspect the "Potential Tor bug" doesn't exist any more, if ever, so
let's see if we can get rid of this crap.

Preliminary tests indicate that tor might have fixed the issues we
used to experience with the bootstrap process stalling and requiring a
restart to kickstart it.

Refs: #10238, #9516
Will-fix: #12411