Yeah. That’s it basically. You can also do “live” edits within TBB source folder. I am going to write some instructions on how to do this now. To help you get started with debugging and stuff.
Clone link here tor-launcher - tor-launcher component of TBB (archived to GitLab: https://gitlab.torproject.org/tpo/applications/tor-launcher) at the bottom:
https://git.torproject.org/tor-launcher.git
Here it is:
tor-launcher already has some standalone support.
References:
- https://mailman.boum.org/pipermail/tails-dev/2014-February/004834.html
- Support packaging Tor Launcher as a standalone XUL application (#11076) · Issues · Legacy / Trac · GitLab
[hr]
This is somewhat what Tails is/was doing.
/usr/bin/iceweasel -app /usr/share/tor-launcher-standalone/application.iniReferences:
Although apparently they do something quite different. Looks like they somehow limited tor-launcher to only support obfs3 and not meek and others. And their version of tor-launcher apparently uses system Tor instead of using the Tor that comes with the TBB folder as system Tor.
[hr]
One way that won’t work. Would have been way too simple. 
iceweasel --app /home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpiError: App:Name not specified in application.inTails design documentation mentioning tor-launcher:
https://tails.boum.org/contribute/design/Tor_network_configuration/
Links to Tails implementation:
- https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/usr/share/tor-launcher-standalone
- https://git-tails.immerda.ch/tails/plain/config/chroot_local-includes/usr/local/sbin/tails-tor-launcher
[hr]
Linostar and I figured out some interesting stuff:
tor-launcher’s makefile contains a standalone target, i.e. “make standalone”:
https://gitweb.torproject.org/tor-launcher.git/tree/Makefile
Differences of “make standalone”:
- creates a tarball instead of xpi (which is a zip)
- adds application.ini
Considerations:
-
We might suggest to TPO to add the application.ini by default to tor-launcher. The file would be unnecessary for browser users, but useful for application.ini users. Doesn’t seem to affect normal TBB use. (Tested by me.)
-
We might suggest to TPO, to ship folders rather than shipping xpi’s. Example xpi:
/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpiExample folder:
/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org[hr]
This could be a way to proceed:
iceweasel --app /home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org/application.iniGetting an error for now.
Unable to start Tor.
The Tor executable is missing.But that’s the part linostar might be able to help with.
To resolve this problem:
Unable to start Tor.
The Tor executable is missing.we need to provide tor paths. Tor paths are part of TBB preference (which are not so clear to me yet) but they can also be set in tor-luncher preferences.
if you open this file:
/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org/defaults/preferences/prefs.jswhat you see:
pref("extensions.torlauncher.loglevel", 4); // 1=verbose, 2=debug, 3=info, 4=note, 5=warn
pref("extensions.torlauncher.logmethod", 1); // 0=stdout, 1=errorconsole, 2=debuglog
pref("extensions.torlauncher.max_tor_log_entries", 1000);
pref("extensions.torlauncher.control_host", "127.0.0.1");
pref("extensions.torlauncher.control_port", 9151);
pref("extensions.torlauncher.start_tor", true);
pref("extensions.torlauncher.prompt_at_startup", true);
// All path prefs. are relative to the firefox executable's directory
pref("extensions.torlauncher.tor_path", "");
pref("extensions.torlauncher.torrc_path", "");
pref("extensions.torlauncher.tordatadir_path", "");
pref("extensions.torlauncher.transportproxy_path", "");
// Recommended default bridge type (can be set per localized bundle).
// pref("extensions.torlauncher.default_bridge_recommended_type", "obfs3");
// Default bridges.
// pref("extensions.torlauncher.default_bridge.TYPE.1", "TYPE x.x.x.x:yy");
// pref("extensions.torlauncher.default_bridge.TYPE.2", "TYPE x.x.x.x:yy");i know it’s bad practice but for test purposes if you fill ‘tor_path’, ‘torrc_path’, ‘tordatadir_path’ like this:
pref("extensions.torlauncher.tor_path", "/home/user/tor-browser_en-US/Browser/TorBrowser/Tor/tor");
pref("extensions.torlauncher.torrc_path", "/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Tor/tor");
pref("extensions.torlauncher.tordatadir_path", "/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Tor");the tor path would be resolved and if you run it again (like how @Patrick said before):
iceweasel --app /home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org/application.ini
it would run without error. yet it won’t completley work. it has no default-bridge.
the thing is it seems that TBB is overriding this preference file with some other options and values, for example some of option are in:
/home/user/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.jsfor example all default_bridges are defined in this file but eventually will override the tor-luncher preference file. if you copy this part of it:
// Default bridges.
pref("extensions.torlauncher.default_bridge.obfs3.1", "obfs3 83.212.101.3:80 A09D536DD1752D542E1FBB3C9CE4449D51298239");
pref("extensions.torlauncher.default_bridge.obfs3.2", "obfs3 169.229.59.74:31493 AF9F66B7B04F8FF6F32D455F05135250A16543C9");
pref("extensions.torlauncher.default_bridge.obfs3.3", "obfs3 169.229.59.75:46328 AF9F66B7B04F8FF6F32D455F05135250A16543C9");
pref("extensions.torlauncher.default_bridge.obfs3.4", "obfs3 109.105.109.163:38980 1E05F577A0EC0213F971D81BF4D86A9E4E8229ED");
pref("extensions.torlauncher.default_bridge.obfs3.5", "obfs3 109.105.109.163:47779 4C331FA9B3D1D6D8FB0D8FBBF0C259C360D97E6A");
pref("extensions.torlauncher.default_bridge.flashproxy.1", "flashproxy 0.0.1.0:1");
pref("extensions.torlauncher.default_bridge.flashproxy.2", "flashproxy 0.0.1.0:2");
pref("extensions.torlauncher.default_bridge.flashproxy.3", "flashproxy 0.0.1.0:3");
pref("extensions.torlauncher.default_bridge.flashproxy.4", "flashproxy 0.0.1.0:4");
pref("extensions.torlauncher.default_bridge.flashproxy.5", "flashproxy 0.0.1.0:5");
pref("extensions.torlauncher.default_bridge.fte.1", "fte 192.240.101.106:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E");
pref("extensions.torlauncher.default_bridge.fte.2", "fte 50.7.176.114:80 2BD466989944867075E872310EBAD65BC88C8AEF");
pref("extensions.torlauncher.default_bridge.fte.3", "fte 131.252.210.150:8080 0E858AC201BF0F3FA3C462F64844CBFFC7297A42");
pref("extensions.torlauncher.default_bridge.fte.4", "fte 128.105.214.161:8080 1E326AAFB3FCB515015250D8FCCC8E37F91A153B");
pref("extensions.torlauncher.default_bridge.fte.5", "fte 128.105.214.162:8080 FC562097E1951DCC41B7D7F324D88157119BB56D");
pref("extensions.torlauncher.default_bridge.fte.6", "fte 128.105.214.163:8080 A17A40775FBD2CA1184BF80BFC330A77ECF9D0E9");
pref("extensions.torlauncher.default_bridge.fte-ipv6.1", "fte [2001:49f0:d002:1::2]:80 B629B0B607C8AC9349B5646C24E9D242184F5B6E");
pref("extensions.torlauncher.default_bridge.fte-ipv6.2", "fte [2001:49f0:d00a:1::c]:80 2BD466989944867075E872310EBAD65BC88C8AEF");
pref("extensions.torlauncher.default_bridge.scramblesuit.1", "scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T");
pref("extensions.torlauncher.default_bridge.scramblesuit.2", "scramblesuit 83.212.101.3:443 A09D536DD1752D542E1FBB3C9CE4449D51298239 password=XTCXLG2JAMJKZW2POLBAOWOQETQSMASH");
pref("extensions.torlauncher.default_bridge.meek-google.1", "meek 0.0.2.0:1 url=https://meek-reflect.appspot.com/ front=www.google.com");
pref("extensions.torlauncher.default_bridge.meek-amazon.1", "meek 0.0.2.0:2 url=https://d2zfqthxsdq309.cloudfront.net/ front=a0.awsstatic.com");
pref("extensions.torlauncher.default_bridge.meek-azure.1", "meek 0.0.2.0:3 url=https://az668014.vo.msecnd.net/ front=ajax.aspnetcdn.com");(I don’t know if it’s the same for all of us or it differs, so fill free to check your machine setting too) and append it to tor-luncher preference file, and then run it again, it would contain the bridge config options too.
however, after all this, it’s not working smoothly yet (however i didn’t test it without bridge, because i can’t), it gives the following error:
Jan 12 16:01:22.000 [warn] Could not launch managed proxy executable at './TorBrowser/Tor/PluggableTransports/obfsproxy.bin' ('No such file or directory').I checked torrc and it doesn’t seem to have any error, so i’m still working on it.
Thanks neo13, that will move us a big step further.
[hr]
Small comment on the folder
~/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/Apparently is a .d style alike(?) folder.
(“.d style” concept explained for something else: Configuration Files - Kicksecure)
Unrelated: In next version of tb-updater / Whonix 10, we will be creating a file. (Whonix Forum)
~/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/tb_internal_updater_disable.jsMy critical point here: for testing purposes we could try to just create a file
~/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/tor_launcher_system.jsor
~/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/50_tor_launcher_system.jsand populate it.
(I don’t know yet if those are processed in lexical order.)
Any updates?
Posted on tor-talk mailing list:
https://lists.torproject.org/pipermail/tor-talk/2015-January/036581.html
No more progress so far. This isn’t the most simple task. There is a political / upstream discussion part involved.
make TBB usable as "system Tor" (#14121) · Issues · Legacy / Trac · GitLab still hasn’t received any feedback.
[quote=“Patrick, post:17, topic:665”]Posted on tor-talk mailing list:
https://lists.torproject.org/pipermail/tor-talk/2015-January/036581.html[/quote]
TODO: The post needs to be improved. The initial confusion that the above post generated needs to be prevented. And then it should be reposted on tbb-dev
Both neo123 and linostar are inactive.
Someone needs to take the lead here, otherwise I don’t know if it ever gets implemented.
Some (may be) good news here.
In TBB 5.0a1, there is a new option in tor-launcher preferences (tor-launcher@torproject.org/defaults/preferences/prefs.js) extracted from TBB.
pref("extensions.torlauncher.prompt_at_startup", [boolean]);The default (as per today) is set to true. It means that tor-launcher is started before tor browser and we have access to the buttons “Connect” and “Congigure”.
The pereference, like all the other in tor-launcher, can be overridden in [TBB-directory]/Browser/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js. When set to false, it behaves as before (you have try and catch the “Open Settings” button before the browser is loaded).
Started to play with some settings (for torrc especially) without much progress, but at least we have a starting point.
In https://phabricator.whonix.org/T386#6194, @HulaHoop wrote:
* The problems discussed in https://trac.torproject.org/projects/tor/ticket/14121 can be solved even if the features requested are never developed. Running TBB Tor headlessly is possible thru using xvfb (pkg that tricks a gui application into thinking its connected to a X-server) and something like selenium.
I don’t know. Likely by default when you run it through xvfb, not only the Tor Browser window will be hidden, but also the tor-launcher gui. TODO: research if it is possible to distinguish these two windows. Hide browser window, keep tor-launcher visible.
Even when we can run TBB headlessly and still take advanatge of torlauncher-gui I forsee problems that will make the entire idea a non-starter. We cannot redistribute TBB binaries.
On the gateway this is less problematic. Likely will not be an issue. Just now updated reasoning why:
They must be downloaded. Imagine users in censored areas where they can't connect with Tor how will they be able to fetch TBB when connections to TPO are censored? Downloading from alternative distribution channels using GetTor will leave all kinds of network fingerprints.Therefore does not apply.
The only sane solution is for TPO to spin off torlauncher-gui into its own independent package along with all pluggable transports, all in their repo so we can redistribute them freely and generate builds that include them without problems.Would be a very good solution, but I guess TPO is unlikely to go this route anytime soon.
I don’t know how helpful it is but here is a post about running application.ini standalone with xvfb, defining a window size for the addon (so it can be seen). Xulrunner is dead but the same can be done with “firefox -app”. We can wrap TBB on GW with another script that runs it under xvfb with window size 0:
http://techno-barje.fr/post/2009/09/30/Headless-xulrunner/
I’m not sure it will work because this presupposes that torlauncher has working standalone support but it doesn’t. I would be surprised if it works its too easy 
xvfb would have to discriminate the browser window vs the tor-launcher window. Since tor-launcher is started by Tor Browser, starting Tor Browser hidden will never show the tor-launcher window. It doesn’t look like it has such a feature.
firefox / iceweasel --app has been discussed before in this thread.
No, tor-launcher has no working standalone support. If it had, we wouldn’t need xvfb.
This could be either implemented using javascript patches or xvfb.
xvfb would have to discriminate the browser window vs the tor-launcher window. Since tor-launcher is started by Tor Browser, starting Tor Browser hidden will never show the tor-launcher window. It doesn't look like it has such a feature.
True.
I’ll discuss our choices and the tradeoffs we can make with the situation now in T118.
headless, unattended TBB updates [by script]
[tbb-dev] future of tor-launcher? - Firefox XPCOM / XUL based add-ons deprecation
[tbb-dev] future of tor-launcher? - Firefox XPCOM / XUL based add-ons deprecation
Investigate new WebExtensions API requirements for our extensions
Instructions for using Tor shipped by Tor Browser on Whonix-Gateway.
On Whonix-Gateway.
Disable apparmor for Tor Browser as we want to to access /etc/tor/torrc.
sudo aa-disable /etc/apparmor.d/home.tor-browser.firefox
Install tb-updater.
sudo apt --no-install-recommends install tb-updater
Login as user debian-tor.
sudo -u debian-tor bash
Change to the homer folder of debian-tor.
cd /var/lib/tor
Download Tor Browser.
update-torbrowser
Tor Browser will be installed in folder /var/lib/tor/.tb/tor-browser by now.
Go to another terminal emulator tab owned so it will use login user user. Stop system Tor. This is required so Tor shipped by Tor Browser can be used.
sudo systemctl stop tor@default
Go back to a terminal emulator running with login user debian-tor. Change directolry to the Tor Browser folder.
cd ~/.tb/tor-browser/
Start Tor Browser.
./start-tor-browser.desktop --debug
Here I am stuck. I tried to edit both files
./Browser/TorBrowser/Data/Tor/torrc-defaults./Browser/TorBrowser/Data/Tor/torrc
To add at the very top of the file:
%include /etc/tor/torrc
The idea was simply load the Whonix Tor configuration so all SocksPorts etc. that Whonix configured gets load as usual. In theory, Tor shipped by Tor Browser at that point would be in use as system Tor.
In practice somehow only Tor Browser default SocksPorts are opened. Maybe tor-launcher configures that.
Or not. Seems like Tor is doing that even when told to ignore all Tor Browser folder torrc settings files.
debian-tor@host:~/.tb/tor-browser$ ./Browser/TorBrowser/Tor/tor -f /etc/tor/torrc
Sep 21 06:30:11.450 [notice] Tor 0.4.1.5 (git-439ca48989ece545) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1c, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Sep 21 06:30:11.450 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at Tor Project | Download
Sep 21 06:30:11.450 [notice] Read configuration file “/etc/tor/torrc”.
Sep 21 06:30:11.456 [notice] Included configuration file or directory at recursion level 2: “/usr/local/etc/torrc.d/40_tor_control_panel.conf”.
Sep 21 06:30:11.456 [notice] Included configuration file or directory at recursion level 2: “/usr/local/etc/torrc.d/50_user.conf”.
Sep 21 06:30:11.456 [notice] Included configuration file or directory at recursion level 1: “/etc/torrc.d/95_whonix.conf”.
Sep 21 06:30:11.457 [notice] Opening Socks listener on 127.0.0.1:9050
Sep 21 06:30:11.457 [notice] Opened Socks listener on 127.0.0.1:9050