- 14 Sep, 2019 7 commits
-
-
intrigeri authored
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Themes#Documentation says that "Lightweight themes have been deprecated", which explains why our old, custom lightweight theme is ignored. The only options to fix this are: - Create our own theme, get it automatically signed by Mozilla on AMO, download the resulting XPI, and somehow make it available at build time. - Use an existing theme with a GPL-3+ compliant license. I've chosen the latter option: this theme is almost identical to the one we had before. The XPI is 7.7K so I don't think it's worth devising a more complicated solution than just adding it to Git.
-
intrigeri authored
In the Browser Console of the Unsafe Browser, I see: Warning: unrecognized command line flag -DISPLAY
-
intrigeri authored
The Tor Browser is apparently going to do the same. But let's not wait for their next alpha, as I suspect the about:newtab we currently get is what makes our test suite brittle in new tabs (pressing Enter after pasting a URL in the address bar, in a newly opened tab, often has no visible effect).
-
intrigeri authored
Now that Torbutton is integrated in Tor Browser (https://trac.torproject.org/projects/tor/ticket/10760), we only have to patch its own localized branding files.
-
intrigeri authored
-
intrigeri authored
Our previous tweaks, when applied to Firefox 68, made it segfault on startup. The layout of omni.ja has changed a lot so let's adapt our code. Besides, there are no localized search extensions anymore so we can simplify things a bit.
-
intrigeri authored
There's no strong reason to handle Google Analytics differently than all other trackers. The security model of Tor Browser does not rely on arbitrary blocking of specific trackers, but instead on isolating different web activities from each other.
-
- 09 Sep, 2019 2 commits
-
- 08 Sep, 2019 2 commits
- 07 Sep, 2019 1 commit
-
-
intrigeri authored
commit 9efaffaf moved this unit to desktop.target, which has an unfortunate side-effect: the places-menu GNOME Shell extension has already loaded, and thus the bookmarks we're adding won't appear in the Places menu. So let's start this unit earlier, as part of gnome-early-initialization.target, that is during X-GNOME-Autostart-Phase=EarlyInitialization.
-
- 02 Sep, 2019 2 commits
-
-
Cyril 'kibi' Brulebois authored
-
Cyril 'kibi' Brulebois authored
-
- 31 Aug, 2019 6 commits
-
-
segfault authored
-
intrigeri authored
-
intrigeri authored
-
intrigeri authored
Terminate GDM's GNOME session after the amnesia user logs in, in order to free memory (refs: #12092) I've heard rumors that we can drop this hack when we switch to Wayland (#12213). We'll see :) We kill it as part of desktop.target, i.e. during the "Applications" phase of the initialization of the GNOME session. We cannot do this earlier reliably: - basic.target is started by "systemd --user" for almost every command run as the amnesia user and may thus be triggered too early, at a time when we still need GDM's processes. - If we do this as part of basic.target, it sometimes happens before amnesia's X.Org has started, and sometimes after that, which causes racy behaviour, weird bugs, and amnesia's $DISPLAY can be either :0 or :1, which breaks our code that relies on that value to be always the same. We're in no rush to kill GDM's GNOME session super early anyway. Note that we keep GDM running while we kill its GNOME session, otherwise, the amnesia user can't unlock the screen: Failed to open reauthentication channel: Gio:DBusError: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.DisplayManager was not provided by any .service files Also, we ensure gdm-session-worker does not start new sessions once the amnesia user has logged in, which should hopefully prevent GDM from activating such a session while we want the amnesia's user session to remain active.
-
segfault authored
OnionShare fails to open the URL providing more information about Stealth Onion Services. The added AppArmor rules allow executing xdg-open and dependencies to fix this. Edited by intrigeri: - Remove unnecessary permission to execute cut, head, awk, mawk, sed, tr, and xdg-mime. - Add missing permission to execute gio-launch-desktop.
- 30 Aug, 2019 2 commits
- 26 Aug, 2019 1 commit
-
-
segfault authored
This reverts commit 0c000cf8. This was a workaround for https://bugs.debian.org/934483, which is now fixed.
-
- 25 Aug, 2019 2 commits
- 23 Aug, 2019 2 commits
-
-
intrigeri authored
-
intrigeri authored
Sleeping 5 seconds unconditionally harms UX. The assumption here is that: - #9012 was caused by an aufs bug that somehow affects how udev (and the kernel?) monitor /etc/modprobe.d/, and make them need time until they notice that all-net-blacklist.conf was deleted. - The same bug would also affect the "-e" test done by the shell this script runs under. That is, it would affect essentially any process that accesses /etc/modprobe.d/. - So for example, this bug can't be "the inode number of /etc/modprobe.d changed between the time udev started monitoring it, and the time we trigger a replay of the kernel 'add' events". According to the aufs documentation, inode numbers can change when using the noxino mount option, which we do, and actually that's been one of my primary suspects when investigating #9012.
-
- 19 Aug, 2019 2 commits
-
-
intrigeri authored
This will give us UTF-8 support. Note the switch from raw bytes IO to StringIO: the equivalent of what we used to do in Python 3 is io.BytesIO(), but that won't work out of the box: the code we're running prints strings on stdout/stderr, not bytes, and Python 3 knows the difference. So accordingly, remove decoding of the output, since we get a string already. Drop anonym's "showingOnly" patch that was merged upstream :)
-
intrigeri authored
Otherwise, it gets lost (or at least I could not find it). In any case, it does not make sense to print "The error was:" somewhere and the actual error elsewhere.
-
- 16 Aug, 2019 1 commit
-
-
intrigeri authored
We should only lose the "shared folders" functionality, which seems acceptable and in line with our "best effort" strategy wrt. VirtualBox guest support.
-
- 14 Aug, 2019 1 commit
-
-
segfault authored
We used to ship patched files in the Greeter, which tend to be behind the original files shipped in Debian. This can potentially cause serious issues. This copies the GNOME files as shipped in Debian and applies our patches on top.
-
- 11 Aug, 2019 5 commits
-
-
intrigeri authored
-
segfault authored
-
segfault authored
-
segfault authored
-
intrigeri authored
tordate: treat clock as correct if it is in the [valid-after, valid-after + 2 hours + 55 minutes] range (refs: #16972). Let's avoid "fixing" a valid clock, as much as possible: this can break obfs4 in cases when it would have otherwise worked. This should still leave tor enough time to notice that its consensus is about to expire, and refresh it.
-
- 10 Aug, 2019 4 commits