Re: [Tails-dev] TAILS (Tor Linux distribution) contains extra root CAs ?
Hi, 2013/10/17, Anonymous Remailer (austria) mixmas...@remailer.privacy.at: I have a question: Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR) Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution) To be found in Tails (not found in TBB), some additional certificates: DigiCert Inc - DigiCert High Assurance EV CA-1 DigiCert Inc - DigiCert High Assurance CA3 GeoTrust Inc. - Google Internet Authority G2 StartCom Ltd. - StartCom Class 2 Primary Intermediate Server CA The Go Daddy Group, Inc - Go Daddy Secure Certification Authority The USERTRUST Network - Gandi Standard SSL CA All these are listed as Software Security Device certificaties. The others are Builtin Object Token and baked in the browser. Mozilla's documentation explains about Software Security Devices: Software Security Device stores your certificates and keys that aren't stored on external security devices, including any CA certificates that you may have installed in addition to those that come with the browser. https://www.mozilla.org/projects/security/pki/psm/help_21/using_certs_help.html Question is: did TAILS added some extra CA's ? ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev I've got all of those (and more listed as Software Security Device) in Iceweasel on my regular Debian system. Likely, either Debian adds such certificates to upstream Firefox, or TorProject removes them when they build TorBrowser Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, I tried again a few times, but I didn't make any progress. i think I'll drop this task to more experienced people :) Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Installing Tails onto USB-Stick
Hi, 2013/8/7, Arne Hitzmann arne.hitzm...@ostfalia.de: Hello everybody, i was playing around with Tails the last days and there might be a little flaw in your documentation how to install tails onto a USB-Stick. The documentation suggesting it like this: isohybrid [tails.iso] --entry 4 --type 0x1c cat [tails.iso] [device] sync But this lead me (even with root rights of course) to a Permission Denied Exception. I don't why in particular but it might have something to do with the usage of the cat command for data transfer. Please correct me if i am wrong. But maybe i am not the only one with this problem, actually it worked fine link this : isohybrid [tails.iso] --entry 4 --type 0x1c (sudo/su) dd if=[tails.iso] of=[device] sync so maybe it's possible to add this method to the one shown on the website. Kind Regards Arne Hitzmann My OperatingSystem: Ubuntu 12.04.2 Maybe you are using sudo cat [tails.iso] [device]? This syntax can't work because cat runs as superuser but the redirection ( [device]) is done as the unprivileged user. The troubleshooting section of that page reports a correct way to do it: sudo su - isohybrid [tails.iso] --entry 4 --type 0x1c cat [tails.iso] [device] sync Using dd as you did is another valid method. Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Serendipitously stumbled upon
Hi Trung, thanks for reporting your experience, it may really be helpful to people with your PC! You can edit the ThinkPad X220 page you linked and write your method to boot from USB, so it can be used as a workaround until UEFI is properly supported. Greetings Alessandro 2013/7/22, Trung Tran gotthe...@gmail.com: Hi everyone Newbie here just trying to do my part of improving TAILS. I am very ignorant when it comes to computers and privacy, so no flaming Anyways regarding the issue https://tails.boum.org/support/known_issues/#index7h2 and https://tails.boum.org/bugs/ThinkPad_X220_vs_GPT/ I have known for a long time now that my Lenvo ThinkPad E320 cannot boot from USB, so i carry a USB CD drive around with my laptop (something about UEFI whatever that is). Having no persistence is annoying so I also carry around a USB as well. So today I was booting to TAILS connected my CD drive as normal, I rebooted and forgot i ALSO left my TAILS USB attached to the second USB slot. By the time it booted to TAILS it asked me for my persistence password. I found this rather odd knowing that my CD drive cannot have persistence. My USB stick was also flashing. so i disconnected my CD drive and TAILS continued to run. I entered my persistence password and indeed it had booted from my USB. I tried to boot it again without the CD drive it didnt boot. I tried it again with both the CD and USB attached and each time it would boot to my persistent USB. So in a sense accidentally leaving my TAILS USB in allowed it to boot on the USB, but it won't do this without a CD drive even though the CD drive can be disconnected when it successfully boots. Is there anyone else with Lenovo Laptops or UEFI problems (whatever it is lol) that has also experienced this? Anyone able to test? I'm not sure how valuable this information is or if the world has known about it for eons, but I'm just trying to do my part. Hopefully it can give some insight into a solution even if it's a temporary one. If you need more information, feel free to email me. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, 2013/3/6, intrigeri intrig...@boum.org: Perhaps you want to ask Jake what his ETA would be. I did so, more than 2 weeks ago. Still no answer. did you talk to him recently? ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, 2013/3/1, intrigeri intrig...@boum.org: Meanwhile, I'll try to talk to the author and make him include my patches (as configurable options, when needed). Any news on this? None, he still doesn't answer to me. BTW, smtube (http://smplayer.sourceforge.net/smtube.php) was uploaded to Debian (waiting in the NEW queue) two weeks ago, no idea if that might be a better candidate. I can't find any .deb packages yet. If upstream is willing to collaborate, it may be preferable, but I want to play with it first. There is still no answer on the trac ticket. What do we do? I would like to finish this in time for the next release :-) Greetings Alessadro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, 2013/2/2, Alessandro Grassi alessandro@gmail.com: 2013/2/2, intrigeri intrig...@boum.org: What version of Minitube were you inspecting? The same as before (1.9) as it's still the last downloadable version Update: version 2.0 is out, but gives compilation errors on tails. Looks like the author is using QT 4.8 now, and squeeze only has 4.6. I think we can include a patched minitube 1.9 for now, and update to 2.X when tails will use wheezy. Meanwhile, I'll try to talk to the author and make him include my patches (as configurable options, when needed). Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, 2013/2/2, intrigeri intrig...@boum.org: What version of Minitube were you inspecting? The same as before (1.9) as it's still the last downloadable version I guess upstream won't apply these patches as is (or would they?), so what's your plan? Implementing this as a pair of opt-in settings that we may set in the Minitube configuration file? I will try to get in contact with the developer, first. I already sent him the socks5 patch but he didn't answer Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Discussion on minitube
Hi, I have news, both good and bad. Bad: I found 2 issues, sniffing with wireshark Good: they're already fixed :-) The first one is about localization: auto-suggestion queries contain the sysem language. For example: http://suggestqueries.google.com/complete/search?ds=ytoutput=toolbarhl=it-ITq=some_search_keywords Notice the hl=it-IT part. Attached file minitube-suggest-locale-fix.patch hardcodes a en-US locale. The second one is about cookies: the author said that there are none, meaning that he didn't care in its code. However, from some QT documentation it turns out that: QNetworkAccessManager by default does not implement any cookie policy of its own: it accepts all cookies sent by the server, as long as they are well formed and meet the minimum security requirements (cookie domain matches the request's and cookie path matches the request's) As a result, minitube accepts cookies sent by youtube/google on the first serch query, and sends them back on subsequent searches. If the program is closed and reopened, cookies are cleaned, but searches within the same program session can be correlated! Attached file minitube-cookies-fix.patch corrects this to never send any cookie. 2013/1/20, intrigeri intrig...@boum.org: But still, someone should research a bit the potential anonymity issues. I suggest using the Torbutton Design Documentation as a lead to point you to the most typical problems. I'm sorry to say this, as I hate to feel like I may be discouraging you, but I'd hate even more to treat lack of time to research the same way as found no issue after searching ;) You were right, thanks for insisting on me to do more research ;-) Greetings Alessandro --- youtubesuggest.cpp.bak 2012-09-27 10:17:03.0 + +++ youtubesuggest.cpp 2013-01-31 11:24:57.0 + @@ -13,13 +13,13 @@ } void YouTubeSuggest::suggest(QString query) { -QString locale = QLocale::system().name().replace(_, -); +//QString locale = QLocale::system().name().replace(_, -); // case for system locales such as C -if (locale.length() 2) { -locale = en-US; -} +//if (locale.length() 2) { +//locale = en-US; +//} -QString url = QString(GSUGGEST_URL).arg(locale, query); +QString url = QString(GSUGGEST_URL).arg(en-US, query); QObject *reply = The::http()-get(url); connect(reply, SIGNAL(data(QByteArray)), SLOT(handleNetworkData(QByteArray))); --- networkaccess.cpp.bak 2012-09-27 10:17:03.0 + +++ networkaccess.cpp 2013-01-31 17:30:32.0 + @@ -117,6 +117,11 @@ NetworkAccess::NetworkAccess( QObject* parent) : QObject( parent ) {} +QListQNetworkCookie QNetworkCookieJar::cookiesForUrl ( const QUrl url ) const { +QListQNetworkCookie list = QListQNetworkCookie(); +return list; +} + QNetworkReply* NetworkAccess::manualGet(QNetworkRequest request, int operation) { QNetworkAccessManager *manager = The::networkAccessManager(); ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Off-topic section in forum
Hi, quite a number of people, in the Tails forum, ask questions not strictly related to Tails, but rather to Tor or general anonimity/privacy topics. They're almost always told to discuss such topics somewhere else, because the project has few developers, and they can't handle all of them and Tails development too. I agree. But IMHO, saying please go talk somewhere else may mistakenly sound like we don't like newbies here to them, and maybe discourage them from using Tails. Instead, we should provide something like an off-topic section where they can discuss about privacy and anonimity, and where competent and volunteering users can answer to them. Of course, users should be given appropriate warnings about it: - Tails developers do not directly support this section - do not blindly trust what anyone says, but ask for sources - do not feed the trolls - and so on... To not waste work, this could be implemented when the new forum is adopted (https://tails.boum.org/todo/improve_the_forum/). Let me know what you think of it. Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2013/1/12, intrigeri intrig...@boum.org: OK, great, thanks for the research! What version were you looking at? Version 1.9 (it's the source tarball that you can download from the official site) I've added a summary of this information to the ticket, and generally updated to clarify the next steps: https://tails.boum.org/todo/minitube/ what about this? * test if we're affected by Debian bug #666773. Since you're hunting this bug, can you confirm it only exists in gstreamer-plugins-bad version 0.10.23 (in wheezy)? That would mean that current versions (based on squeeze) are unaffected :) Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Discussion on minitube
Hi, according to the roadmap for minitube inclusion: https://tails.boum.org/todo/minitube/ the following points need to be solved by public discussion: * discuss if the search suggestion feature is blocker * research: one should think of other potential security issues and anonymity problems I already found out that it doesn't use cookies (http://flavio.tordini.org/forums/topic/cookies) and the recent keywords list doesn't look like a privacy problem (if I read the source code correctly, they're stored locally and that's it: https://mailman.boum.org/pipermail/tails-dev/2013-January/002430.html). Any other issues you can think of? Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2013/1/12, intrigeri intrig...@boum.org: I'd like to make sure we don't start shipping a piece of software while suspecting it will be broken once Tails is based on Wheezy. The path to Wheezy will be hard enough. This was already clear to me. Thanks for your great work on this issue :-) Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2012/12/14, intrigeri intrig...@boum.org: [..] that should be for another orthogonal patch: no sane upstream maintainer will accept a patch that supposedly implements SOCKS5 support, but also silently changes the behaviour for HTTP proxy users. See what I mean? :) Ok, I removed that last part from the patch. The upstream mantainer will decide what's best :) So, the question now becomes: how does the stored history affect the behaviour of Minitube? Does it affect this behaviour in any way that could be observable on the network, or on the YouTube / Google / 3rd party servers that are reached? (I guess, and hope, the answers will unanimously be no, but this is what should be checked.) I searched for recent in the source files and didn't find anything suspicious. There is code to save recent keywords, load them, clear them with a button, but they shouldn't affect the behaviour in any way. I hope someone else can confirm! Greetings Alessandro --- minitube/src/global.h 2012-09-27 12:17:03.0 +0200 +++ global.h 2012-12-15 15:50:00.0 +0100 @@ -123,11 +123,72 @@ } } + void networkSocks5ProxySetting() { +char *socks5_server_env; +socks5_server_env = std::getenv(socks5_server); +if (!socks5_server_env) { +socks5_server_env = std::getenv(SOCKS5_SERVER); +} + +if (socks5_server_env) { +QString proxy_host = ; +QString proxy_port = ; +QString proxy_user = ; +QString proxy_pass = ; +QString socks5_server = QString(socks5_server_env); +socks5_server.remove(QRegExp(/$)); + +// parse username and password +if (socks5_server.contains(QChar('@'))) { +QStringList socks5_server_list = socks5_server.split(QChar('@')); +QStringList socks5_server_user_pass = socks5_server_list[0].split(QChar(':')); +if (socks5_server_user_pass.size() 0) { +proxy_user = QUrl::fromPercentEncoding(socks5_server_user_pass[0].toUtf8()); +} +if (socks5_server_user_pass.size() == 2) { +proxy_pass = QUrl::fromPercentEncoding(socks5_server_user_pass[1].toUtf8()); +} +if (socks5_server_list.size() 1) { +socks5_server = socks5_server_list[1]; +} +} + +// parse hostname and port +QStringList socks5_server_list = socks5_server.split(QChar(':')); +if (socks5_server_list.size() 0) { +proxy_host = socks5_server_list[0]; +} +if (socks5_server_list.size() 1) { +proxy_port = socks5_server_list[1]; +} + +// set proxy setting +if (!proxy_host.isEmpty()) { +QNetworkProxy proxy; +proxy.setType(QNetworkProxy::Socks5Proxy); +proxy.setHostName(proxy_host); +if (!proxy_port.isEmpty()) { +proxy.setPort(proxy_port.toUShort()); +} +if (!proxy_user.isEmpty()) { +proxy.setUser(proxy_user); +} +if (!proxy_pass.isEmpty()) { +proxy.setPassword(proxy_pass); +} + +qDebug() Using SOCKS5 proxy: socks5_server_env; +QNetworkProxy::setApplicationProxy(proxy); +} +} + } + static QNetworkAccessManager *nam = 0; QNetworkAccessManager* networkAccessManager() { if (!nam) { networkHttpProxySetting(); +networkSocks5ProxySetting(); maybeSetSystemProxy(); nam = new QNetworkAccessManager(); } ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2012/12/12, intrigeri intrig...@boum.org: It seems like the maybeSetSystemProxy() is now called only if neither a SOCKS5 nor a HTTP proxy is configured, which effectively ignores system settings for specific URLs. If this change of behaviour is needed, then it should be documented; and if it's not needed, then it should be kept out. What do you think? I did it because maybeSetSystemProxy() could overwrite settings in env variables, which seemed counter-intuitive to me. Do you agree? Anyway, the upstream developer replied to my question about cookies in his forum: No cookies. Minitube does store your recent searches in its settings file. I think we can live with this (or try to lock such file...) Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2012/12/5, intrigeri intrig...@boum.org: Cool. Do you intend to ask for SOCKS support there? I want to try adding it myself. It should be a matter of parsing SOCKS5_SERVER environment variable and passing address, port etc. to the appropriate class. HTTP proxy is implemented this way, related code is in src/global.h 2012/12/5, adrelanos adrela...@riseup.net: And while you're on it, could you ask if there are any (flash-)cookies or other relevant stuff which could be used for tracking? A quick search in the source tree revealed just two instances of the word cookie, and both are commented. Do you want me to ask anyway? Also, I found it has an autosuggest feature which sends what you are typing to Google. Is it bad for us? Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
Hi, 2012/12/3, intrigeri intrig...@boum.org: Looks promising! I've not looked very far, but I have not found any upstream bug tracker. Did you find one? No, but here's the author's forum: http://flavio.tordini.org/forums/forum/minitube-forums Also, I'd like to be sure we're not affected by Debian bug #666773. That problem happened to me sometimes, but I'm unsure if it's your bug or my bad internet connection. I will check if I see the triple about to finish message in console, which looks like the bug's signature. Awesome! I don't see that about to finish. The cause of bug seems to be in gstreamer-plugins-bad version 0.10.22, while Tails ships 0.10.19. Did you experience issues with playback? Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] minitube (Youtube client)
2012/12/1, intrigeri intrig...@boum.org: Any clean (i.e. non-torsocks) way to make it use SOCKS instead? There isn't any socks-specific code, but it uses QNetworkProxy class which supports socks5 too. A patch should be doable. One should think of potential security issues and anonymity problems. I will have a look at network requests with wireshark, to see what happens and what gets sent. Any other idea/method? Also, I'd like to be sure we're not affected by Debian bug #666773. That problem happened to me sometimes, but I'm unsure if it's your bug or my bad internet connection. I will check if I see the triple about to finish message in console, which looks like the bug's signature. Greetings Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Bookmarks persistence - help needed
This one should also create an empty directory in /etc/skel. Otherwise the 'bookmarks' directory will not exist when no persistence is used, resulting in a broken Iceweasel. I missed it! Thank you! What is also needed before we can merge this work is an update to the design documents and the end-user documentation, see https://tails.boum.org/contribute/merge_policy/ for details. Do you want to carry on your work on this front as well? I'll do it ASAP, possibly 1 or 2 days. Is it too late to have this feature in 0.14? Alessandro ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Bookmarks persistence - help needed
Hi devs, attached patch 0001-Added-bookmarks-preset.patch adds a Browser bookmarks preset in tails-persistence-setup. It creates a bookmarks folder in the persistent volume and links files from this folder to /home/amnesia/.mozilla/firefox/default. It needs the 0001-generate-iceweasel-profile-at-build-time.patch to be applied to Tails (see generate Iceweasel profile at build time discussion). The bookmarks folder is supposed to contain the places.sqlite file alone. If it's not there when preset is turned on, a default one should be copied (creating an empty file won't work). I think it can be done in the go_button_pressed method in lib/Tails/Persistence/Step/Configure.pm, but I'm not confident with perl. Hope someone else can do it. Greetings Alessandro From 701d39c9645ecb52cddb776a0ce9ee6f4fee08a7 Mon Sep 17 00:00:00 2001 From: Tails developers amne...@boum.org Date: Fri, 5 Oct 2012 12:11:12 +0200 Subject: [PATCH] Added bookmarks preset --- lib/Tails/Persistence/Configuration/Presets.pm | 10 ++ 1 file changed, 10 insertions(+) diff --git a/lib/Tails/Persistence/Configuration/Presets.pm b/lib/Tails/Persistence/Configuration/Presets.pm index 5113828..5fd45da 100644 --- a/lib/Tails/Persistence/Configuration/Presets.pm +++ b/lib/Tails/Persistence/Configuration/Presets.pm @@ -114,6 +114,16 @@ method _build__presets { enabled = 0, icon_name = 'network-wired', }, + { +name= $self-encoding-decode(gettext(q{Browser bookmarks})), +description = $self-encoding-decode(gettext( +q{Bookmarks saved in Iceweasel browser} +)), +destination = '/home/amnesia/.mozilla/firefox/default', +options = [ 'source=bookmarks', link ], +enabled = 0, +icon_name = 'user-bookmarks', +}, { name= $self-encoding-decode(gettext(q{APT Packages})), description = $self-encoding-decode(gettext( -- 1.7.10.4 From c8394e520dd15fdbf80bd1e2651a464499a4a010 Mon Sep 17 00:00:00 2001 From: Alessandro Grassi alessandro@gmail.com Date: Sun, 30 Sep 2012 20:09:08 +0200 Subject: [PATCH] generate iceweasel profile at build time --- config/chroot_local-hooks/14-generate-iceweasel-profile | 11 +++ 1 file changed, 11 insertions(+) create mode 100755 config/chroot_local-hooks/14-generate-iceweasel-profile diff --git a/config/chroot_local-hooks/14-generate-iceweasel-profile b/config/chroot_local-hooks/14-generate-iceweasel-profile new file mode 100755 index 000..d910076 --- /dev/null +++ b/config/chroot_local-hooks/14-generate-iceweasel-profile @@ -0,0 +1,11 @@ +#!/bin/sh + +#generate iceweasel profile at build time, so that it has a fixed name + +set -e +apt-get --yes install xvfb +xvfb-run iceweasel -CreateProfile default +mv ~/.mozilla/firefox/*.default ~/.mozilla/firefox/default +sed -i s@Path=.*\.default@Path=default@ ~/.mozilla/firefox/profiles.ini +mv ~/.mozilla /etc/skel +apt-get --yes purge xvfb -- 1.7.10.4 ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] [patch, please review] generate Iceweasel profile at build time
People usually use Xvfb when they need a 'fake' X server. See the 'xvfb' package in Debian, and the `xvfb-run` script it contains. xvfb works fine, new patch is attached ;-) Now the real thing: make bookmarks persistent. I got it working using dotfiles and putting places.sqlite in the right subfolder, so I can make a preset in tails-persistence-setup which links bookmarks/places.sqlite to /home/amnesia/.mozilla/firefox/profiles/amnesia/places.sqlite (I looked at the code). The only missing thing is the first-time behaviour: the existing places.sqlite (or, if missing, a default one) must be moved to the persistent storage and linked to the profile folder, and Iceweasel should not be open while this happens. Is there a way for tails-persistence-setup to execute a script on preset activation? Alessandro From faf5d5d142c6d3a7928a106ec53dfb2660a8c2d6 Mon Sep 17 00:00:00 2001 From: Alessandro Grassi alessandro@gmail.com Date: Sun, 30 Sep 2012 15:43:03 +0200 Subject: [PATCH] generate iceweasel profile at build time --- config/chroot_local-hooks/14-generate-iceweasel-profile | 11 +++ 1 file changed, 11 insertions(+) create mode 100755 config/chroot_local-hooks/14-generate-iceweasel-profile diff --git a/config/chroot_local-hooks/14-generate-iceweasel-profile b/config/chroot_local-hooks/14-generate-iceweasel-profile new file mode 100755 index 000..be2054f --- /dev/null +++ b/config/chroot_local-hooks/14-generate-iceweasel-profile @@ -0,0 +1,11 @@ +#!/bin/sh + +#generate iceweasel profile at build time, so that it has a fixed name + +set -e +apt-get --yes install xvfb +xvfb-run iceweasel -CreateProfile default +mv ~/.mozilla/firefox/*.default ~/.mozilla/firefox/amnesia +sed -i s@Path=.*\.default@Path=amnesia@ ~/.mozilla/firefox/profiles.ini +mv ~/.mozilla /etc/skel +apt-get --yes purge xvfb -- 1.7.10.4 ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] [patch, please review] generate Iceweasel profile at build time
Great! The hook looks fine. Minor cosmetic remark:[...] Fixed and new patch attached I am not sure I understand. Do you already have code for that? No, I made tests on the running system [...] If the symlink points to a non-existent file, then Firefox will happily create it [...] Correct, I tried it too. This is ok for when no places.sqlite exists. If it exists, user may have some saved bookmarks already, and we should preserve them. Alessandro From c8394e520dd15fdbf80bd1e2651a464499a4a010 Mon Sep 17 00:00:00 2001 From: Alessandro Grassi alessandro@gmail.com Date: Sun, 30 Sep 2012 20:09:08 +0200 Subject: [PATCH] generate iceweasel profile at build time --- config/chroot_local-hooks/14-generate-iceweasel-profile | 11 +++ 1 file changed, 11 insertions(+) create mode 100755 config/chroot_local-hooks/14-generate-iceweasel-profile diff --git a/config/chroot_local-hooks/14-generate-iceweasel-profile b/config/chroot_local-hooks/14-generate-iceweasel-profile new file mode 100755 index 000..d910076 --- /dev/null +++ b/config/chroot_local-hooks/14-generate-iceweasel-profile @@ -0,0 +1,11 @@ +#!/bin/sh + +#generate iceweasel profile at build time, so that it has a fixed name + +set -e +apt-get --yes install xvfb +xvfb-run iceweasel -CreateProfile default +mv ~/.mozilla/firefox/*.default ~/.mozilla/firefox/default +sed -i s@Path=.*\.default@Path=default@ ~/.mozilla/firefox/profiles.ini +mv ~/.mozilla /etc/skel +apt-get --yes purge xvfb -- 1.7.10.4 ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev