GitLab

Our live-config hook that imports our signing keys depend on that the
system clock isn't before the date when the keys where created (sanity
check by gpg). To avoid this, we ensure (via an early live-config
hook) that the system clock cannot be before the Tails image build
date (up to one day, to deal with potential timezone
differences/mismatches).

The old live-config hook races with Tails Greeter, see #8941.

That feels a bit more sane. Also give it a more consistent name.

Closes: #8735, #8736, #8882.

This will ensure a smooth transition when we sign the UDFs with the new signing
key once Tails 1.3.1 is out.

Closes: #8732

live-build expects to be the only one that manages APT sources.
Since feature/8194-APT-socks was merged, we're breaking this assumption of its,
by mangling APT sources under live-build's feet via chroot_local-hooks.

More specifically, if:

 * $LB_MIRROR_CHROOT != $LB_MIRROR_BINARY or
   $LB_MIRROR_CHROOT_SECURITY != $LB_MIRROR_BINARY_SECURITY,
   as is the case when building with Vagrant or when following our manual
   build setup instructions accurately (live-build defaults to
   ftp.de.debian.org for some of its APT configuration),

or:

 * one has dropped .deb's in config/chroot_local-packages, as contributors
   without write access to our APT repository may want to do,

then after completing the chroot_local-hooks stage, lb_chroot_sources would
rewrite APT sources to match what we have previously configured (see the check
at lines 490-498 in live-build 2.x tree), and therefore the ISO image would have
http:// URLs configured instead of the expected tor+http://.

Therefore, let's mangle APT sources configuration at boot time instead.

These files will not be needed if this branch is merged.

Browser specifically for I2P based on the scripts that
configure the "unsafe-browser".

* Adds a new i2pbrowser user
* change the I2P menu entry and related sudoers file to start
  this new browser. I2P will be started via NetworkManager (added in a later
  commit) when a user adds 'i2p' to the boot prompt.

Update I2P firewall rules

Since the anmesia user won't be browsing eepsites with the Torbrowser
anymore, and the i2pbrowser user *will* be browsing them, the firewall
rules needed another update.

disable cups

fixes the same problem as ticket #7771 addresses for the
'unsafe'browser'

Remove I2P settings from FoxyProxy

Since I2P Browser is now used for visiting eepsites (.i2p tld) the I2P
configs are no longer appropriate for FoxyProxy.

This way, if a bug such as the one fixed in the previous commit is introduced
again, then we'll notice by running the automated test suite (as I did this
time), that will fail since the remote shell won't be running.

This script, like all other live-config hooks, is *sourced* by a live-config
script, so using `set -e', `set -u' or `return' in it makes all further such
scripts be skipped.

Although I2P will likely not ship any files which are named 'wrapper',
this will avoid any potential future clobbering.

The firewall rules should be enough.

During the build process, the following are moved to /usr/share/tails:
  - /usr/share/i2p
  - /usr/sbin/wrapper to /usr/share/tails/i2p
  - /usr/share/applications/i2p.desktop to /usr/share/tails/i2p

The I2P binaries are changed to be owned by i2psvc:i2psvc to prevent it
being run from the new location under /usr/share/tails/i2p.

If the string 'i2p' is entered on at the boot prompt, these files are
returned to ther original locations, making I2P accessible. Also, the
I2P sudoers file is written to the system, allowing the amnesia user to
run tails-start-i2p as the i2psvc user.

Tails Upgrader is run as a non-privileged user, so it cannot create its run
directory itself.

Otherwise it's impossible to localize, because gettext will be called by live-config at boot

Oherwise it fails with "End of file unexpected"

- TrueCrypt's wrapper is now installed only if TrueCrypt is
- TrueCrypt's wrapper is also called when TrueCrypt is launched from the menu

This reverts commit a52af580.

This commit actually created this symlink in... /lib/live/overlay,
which obviously can't do anything useful.

The live-boot changes (commit d2b2a461) brought to fix Debian bug#696495 revert
some of our previous changes (commit 77dab1cb), and as a result, at the time
live-persist runs, no tmpfs is mounted on /live/overlay while this command is
run:

  mount -t aufs -o noatime,noxino,dirs=/live/overlay//home/amnesia/Persistent=rw:/live/persistence/sda2_unlocked/Persistent=rr+wh aufs /home/amnesia/Persistent

... and dmesg therefore reads:

  aufs test_add:264:mount[4677]: unsupported filesystem, /live/overlay//home/amnesia/Persistent (aufs)

So, let's just ensure /live/overlay points to a tmpfs.

This should bring back support for proxies of type other than obfsproxy.

https://tails.boum.org/todo/non-obfsproxy_proxy/

This seems to happen sometimes when restoring from a snapshot.

Now we can run commands even without a network connection on the guest
which some tests depend on. Also, not having to mess with the network
(especially the firewall) at all is much cleaner and less likely to
interfere with Tails in unexpected ways.

This reverts commit 887a6c0f.

Implementing todo/screen_locker turned out more complicated than
originally thought, so we'll wait with it until later.

Recent live-boot mounts the read-only live image in there..

This integrates well with pam e.g. for preventing screen locking to
completely lock out users who don't set a password in Tails Greeter
and don't know the default password (which previously was the default
for Debian Live, namely "live").

/live/image -> /lib/live/mount/medium

This should finally allow the progress bar to reach 100%.