#!/bin/sh set -e CMD=$(basename ${0}) LOCK=/var/lock/${CMD} . gettext.sh TEXTDOMAIN="tails" export TEXTDOMAIN CONF_DIR=/var/lib/unsafe-browser COW=${CONF_DIR}/cow CHROOT=${CONF_DIR}/chroot BROWSER_USER=clearnet # Import tor_is_working() . /usr/local/lib/tails-shell-library/tor.sh # Import the TBB_INSTALL, TBB_EXT and TBB_PROFILE variables, and # exec_firefox(), configure_xulrunner_app_locale() and # guess_best_tor_browser_locale() . /usr/local/lib/tails-shell-library/tor-browser.sh . /usr/local/lib/tails-shell-library/chroot-browser.sh WARNING_PAGE='/usr/share/doc/tails/website/misc/unsafe_browser_warning' LANG_CODE="$(echo ${LANG} | head -c 2)" if [ -r "${WARNING_PAGE}.${LANG_CODE}.html" ]; then START_PAGE="${WARNING_PAGE}.${LANG_CODE}.html" else START_PAGE="${WARNING_PAGE}.en.html" fi if [ -e /var/lib/gdm3/tails.camouflage ]; then CAMOUFLAGE=yes fi cleanup () { try_cleanup_browser_chroot ${CHROOT} ${COW} ${BROWSER_USER} } error () { local cli_text="${CMD}: `gettext \"error:\"` ${@}" local dialog_text="`gettext \"Error\"` ${@}" echo "${cli_text}" >&2 sudo -u ${SUDO_USER} zenity --error --title "" --text "${dialog_text}" exit 1 } verify_start () { # Make sure the user really wants to start the browser local dialog_msg="`gettext \"Do you really want to launch the Unsafe Browser?\"` `gettext \"Network activity within the Unsafe Browser is not anonymous. Only use the Unsafe Browser if necessary, for example if you have to login or register to activate your Internet connection.\"`" local launch="`gettext \"_Launch\"`" local exit="`gettext \"_Exit\"`" # Since zenity can't set the default button to cancel, we switch the # labels and interpret the return value as its negation. if sudo -u ${SUDO_USER} zenity --question --title "" --ok-label "${exit}" \ --cancel-label "${launch}" --text "${dialog_msg}"; then exit 0 fi } show_start_notification () { local title="`gettext \"Starting the Unsafe Browser...\"`" local body="`gettext \"This may take a while, so please be patient.\"`" tails-notify-user "${title}" "${body}" 10000 } configure_chroot () { # Prevent sudo from complaining about failing to resolve the 'amnesia' host echo "127.0.0.1 localhost amnesia" > ${CHROOT}/etc/hosts # Set the chroot's DNS servers to those obtained through DHCP rm -f ${CHROOT}/etc/resolv.conf for NS in ${IP4_NAMESERVERS}; do echo "nameserver ${NS}" >> ${CHROOT}/etc/resolv.conf done chmod a+r ${CHROOT}/etc/resolv.conf # Create a fresh browser profile for the clearnet user BROWSER_CONF="${CHROOT}/home/${BROWSER_USER}/.tor-browser" BROWSER_PROFILE="${BROWSER_CONF}/profile.default" BROWSER_EXT="${BROWSER_PROFILE}"/extensions mkdir -p "${BROWSER_EXT}" cp -Pr "${TBB_PROFILE}"/extensions/langpack-*.xpi "${BROWSER_EXT}" BROWSER_PREFS="${BROWSER_PROFILE}"/preferences/prefs.js mkdir -p "$(dirname "${BROWSER_PREFS}")" cp /usr/share/tails/unsafe-browser/unsafe-browser.js "${BROWSER_PREFS}" # Localization BEST_LOCALE="$(guess_best_tor_browser_locale)" configure_xulrunner_app_locale "${BROWSER_PROFILE}" "${BEST_LOCALE}" # Set the name (e.g. window title) of the browser set_chroot_browser_name ${CHROOT} "`gettext \"Unsafe Browser\"`" "${BEST_LOCALE}" # Set start page to something that explains what's going on echo 'user_pref("browser.startup.homepage", "'${START_PAGE}'");' >> \ "${BROWSER_PREFS}" BROWSER_CHROME="${BROWSER_PROFILE}/chrome/userChrome.css" mkdir -p "$(dirname "${BROWSER_CHROME}")" cp /usr/share/tails/unsafe-browser/userChrome.css ${BROWSER_CHROME} # Remove all bookmarks rm -f ${CHROOT}/"${TBB_PROFILE}"/bookmarks.html rm -f ${BROWSER_PROFILE}/bookmarks.html rm -f ${BROWSER_PROFILE}/places.sqlite chown -R ${BROWSER_USER}:${BROWSER_USER} "${BROWSER_CONF}" # Set a scary theme (except if we're using Windows # camouflage). Note that the tails-activate-win8-theme script that # we may run below requires that the browser profile is writable # by the user running the script (i.e. clearnet). if [ -z "${CAMOUFLAGE}" ]; then cat /usr/share/tails/unsafe-browser/unsafe-browser-theme.js >> "${BROWSER_PREFS}" else # The camouflage activation script requires a dbus server for # properly configuring GNOME, so we start one in the chroot chroot ${CHROOT} sudo -H -u ${BROWSER_USER} sh -c 'eval `dbus-launch --auto-syntax`; tails-activate-win8-theme' || : fi } show_shutdown_notification () { local title="`gettext \"Shutting down the Unsafe Browser...\"`" local body="`gettext \"This may take a while, and you may not restart the Unsafe Browser until it is properly shut down.\"`" tails-notify-user "${title}" "${body}" 10000 } maybe_restart_tor () { # Restart Tor if it's not working (a captive portal may have prevented # Tor from bootstrapping, and a restart is the fastest way to get # wheels turning) if ! tor_is_working; then echo "* Restarting Tor" restart-tor if ! service tor status >/dev/null; then error "`gettext \"Failed to restart Tor.\"`" fi fi } # Prevent multiple instances of the script. exec 9>${LOCK} if ! flock -x -n 9; then error "`gettext \"Another Unsafe Browser is currently running, or being cleaned up. Please retry in a while.\"`" fi # Get the DNS servers that was obtained from NetworkManager, if any... NM_ENV=/var/lib/NetworkManager/env if [ -r "${NM_ENV}" ]; then . ${NM_ENV} fi # ... otherwise fail. # FIXME: Or would it make sense to fallback to Google's DNS or OpenDNS? # Some stupid captive portals may allow DNS to any host, but chances are # that only the portal's DNS would forward to the login page. if [ -z "${IP4_NAMESERVERS}" ]; then error "`gettext \"No DNS server was obtained through DHCP or manually configured in NetworkManager.\"`" fi verify_start show_start_notification echo "* Setting up chroot" setup_browser_chroot ${CHROOT} ${COW} || \ error "`gettext \"Failed to setup chroot.\"`" echo "* Configuring chroot" configure_chroot echo "* Starting Unsafe Browser" run_chroot_browser ${CHROOT} ${BROWSER_USER} ${SUDO_USER} show_shutdown_notification maybe_restart_tor exit 0