Pushed the Tor Browser profile without the line denying write tot torrc.
The tor-launcher add-on does that.
torbrowser-launcher probably modifies torrcI didn't mean torbrowser-launcher. I really meant tor-launcher, a Firefox add-on. Screenshots: https://www.whonix.org/wiki/Dev/whonixsetup (Dev/whonixsetup is a confusing page name.)
It is confusing to have both, tor-launcher and torbrowser-launcher.
Regardless of the normal installation from torproject.org, it installs its own copy on the first run in ~/.torbrowser and check for updates on each subsequent launches, updates if necessary, keeping the profiles (bookmarks...).Interesting.
However, in my previous post I wasn’t referring to updates by tb-updater or torbrowser-launcher. Tor Browser itself is going to get an updater. Just as Firefox can update itself [only on Windows], Tor Browser will be able to update itself. (Without help of torbrowser-launcher.)
Good question. Separate topic.
Merged.
Pushed an update added Caches folder · troubadoour/apparmor-profile-torbrowser@a16fbc1 · GitHub.
Denied message when opening a link from an external application (icedove or open-link-confirmation).
Pushed an update to the torbrowser profile (some files required by VirtualBox and Gnome in /tor-browser_*/ hidden folders).
Merged.
We should probable not hardcode “/home/user/”, but use “@{HOME}”?
We should probable not hardcode "/home/user/", but use "@{HOME}"?Yes. Also replaced a @{HOME}/tor-browser_en-US with @{HOME}/tor-browser_*
For information, I have opened a new ticket apparmor modifications · Issue #119 · torproject/torbrowser-launcher · GitHub. The main profile was not working in jessie, so I propose some modifications.
Quote from: troubadour on July 27, 2014, 10:22:04 pm [quote] When installing Icedove for the first time, clicking a link in a message tries to start Iceweasel, which is not allowed (rightly) if Icedove is confined by AppArmor.To use Tor Browser instead, Preferences -> Advanced -> Config Editor -> network.protocol-handler.warn-external.http and Preferences -> Advanced -> Config Editor -> network.protocol-handler.warn-external.https have to be set to "true". When a link is clicked, a popup asking for the preferred browser is shown, where one should select "/home/user/tor-browser_[your-language]/Browser/firefox". Should we mention it somewhere in the wiki?[/quote]I am not sure I 100% understand, but please feel free to document this.
When I switched to Whonix 8.6, I had to install Icedove, like everyone, I guess. Clicking a link in an email was opening Iceweasel directly. One can use right-click “Copy Link Location” and paste it in Torbrowser, but I modified the preferences in Icedove to open it in Torbrowser, on the ground that it is safer that way than opening both browsers at the same time or Iceweasel only, despite the ongoing discussion in tor-talk and -no-remote prevents using Tor Browser as default browser (#12763) · Issues · Legacy / Trac · GitLab.
When installing Icedove for the first time, clicking a link in a message tries to start Iceweasel, which is not allowed (rightly) if Icedove is confined by AppArmor.
Because we would have to allow Iceweasel in the Icedove profile, which does not make sense.
Pushed improvements for downloads · troubadoour/apparmor-profile-torbrowser@eba6652 · GitHub
Some lines used in Micah’s profiles that should solve GNUser some GNUser issues.
Merged.
[quote=“troubadour, post:309, topic:108”][quote]
Quote from: troubadour on July 27, 2014, 10:22:04 pm
[quote]
When installing Icedove for the first time, clicking a link in a message tries to start Iceweasel, which is not allowed (rightly) if Icedove is confined by AppArmor.
To use Tor Browser instead,
Preferences -> Advanced -> Config Editor -> network.protocol-handler.warn-external.http and
Preferences -> Advanced -> Config Editor -> network.protocol-handler.warn-external.https
have to be set to "true".
When a link is clicked, a popup asking for the preferred browser is shown, where one should select "/home/user/tor-browser_[your-language]/Browser/firefox".
Should we mention it somewhere in the wiki?[/quote]
I am not sure I 100% understand, but please feel free to document this.[/quote]
When I switched to Whonix 8.6, I had to install Icedove, like everyone, I guess. Clicking a link in an email was opening Iceweasel directly. One can use right-click “Copy Link Location” and paste it in Torbrowser, but I modified the preferences in Icedove to open it in Torbrowser, on the ground that it is safer that way than opening both browsers at the same time or Iceweasel only, despite the ongoing discussion in tor-talk and Sign in · GitLab
Yes, that would be worth documenting.
Do you think we should somehow configure Icedove to use Tor Browser as default browser? Maybe some env var feature request for TorBirdy could implement this.
Pushed some updates to apparmor-profile-timesync and apparmor-profile-whonixcheck. Some new files in /usr/bin/ are required and “user” was replaced by “*” where necessary, because of the use of “–whoami” in msgcollector.
I am left with sdwdate. When enforced, it crashes without anything logged. The GUI result gives
ERROR: Network Time Synchronization (timesync) failed!!!
TIMESANITYCHECK_STATUS: Success
NO_PID_PROCESS Please report this bug!Could that lead me somewhere for debugging?
I am on IRC at the moment.
Yeah, some paths changed in Whonix 9.
Added:
https://github.com/Whonix/apparmor-profile-whonixcheck/commit/67d044ccbbb3b320f2d2051ef9bd1d0f28611161
(worked)
Added:
https://github.com/Whonix/apparmor-profile-whonixcheck/commit/267bf2353a49becf1089a38c730d4e9b68f37aa1
didn’t work. Can you fix it please?
[quote=“Patrick, post:315, topic:108”]Added:
https://github.com/Whonix/apparmor-profile-whonixcheck/commit/267bf2353a49becf1089a38c730d4e9b68f37aa1
didn’t work. Can you fix it please?[/quote]
Fixed:
https://github.com/Whonix/apparmor-profile-whonixcheck/commit/f8e0e840ddd6035a4129843f72b7f006330197e9
Pushed some changes to various apparmor profiles. Timesync and sdwdate are now working without apparmor denied messages.
I think the timesync profile contains lots of duplication from the sdwdate profile. Maybe it would be best if the timesync profile would source abstractions/sdwdate so we have less duplication?
Pushed some changes to various apparmor profiles. Timesync and sdwdate are now working without apparmor denied messages.Thanks. "make deb-pkg-install" works like a charm :).
I had to add a few permissions in the sdwdate profile, and I moved the “anon~~” permissions in abstractions/base.anondist. On that topic, we have some lines in base.anondist (I probably put them there) that do not look very specific to an anonymisation distribution.
/usr/share/kde-lowfat/share/config/kdeglobals r,
/usr/share/kde-mouse-doubleclick/share/config/kdeglobals r,
/usr/share/torbrowser-default-browser/share/config/kdeglobals r,I should probably move back them to where they belong.
I think the timesync profile contains lots of duplication from the sdwdate profile. Maybe it would be best if the timesync profile would source abstractions/sdwdate so we have less duplication?
I guess you mean “source abstractions/base.anondist”, or do we create a new abstraction?
[quote=“troubadour, post:318, topic:108”]On that topic, we have some lines in base.anondist (I probably put them there) that do not look very specific to an anonymisation distribution.
/usr/share/kde-lowfat/share/config/kdeglobals r,
/usr/share/kde-mouse-doubleclick/share/config/kdeglobals r,
/usr/share/torbrowser-default-browser/share/config/kdeglobals r,I should probably move back them to where they belong.[/quote]
Good point. Problem is there is no real alternative to base.anondist?
Those are only required when the related package (such as kde-lowfat […]) is installed. Which is the case on Whonix.
It depends on what we’re up to here. Putting them into a profile we would like to see getting merged into Debian is eventually counter productive to get them merged into Debian? Would confuse Debian maintainers? I guess having them in base.anondist is better as long as kde-lowfat […] does not enter Debian. I have no idea! What is the usual thing to do in such cases if there is such a thing as a usual thing here?
On the other hand, Debian maintainers may not care about an extra “/usr/share/kde-lowfat/share/config/kdeglobals r,” if there is no such file in Debian. Doesn’t worsen security and even if there is such a file one day in Debian, it would be required. So while I am very unsure about this, I tend to put them into the profile.
I guess you mean "source abstractions/base.anondist",No.
or do we create a new abstraction?Yes. One for sdwdate.
What timesync does is using “sudo service sdwdate” restart and then monitoring it.
Or somehow tell the timesync apparmor profile to run sdwdate using sdwdate’s profile?
As per http://wiki.apparmor.net/index.php/QuickProfileLanguage#Execute_permissions.
cx - the new process should run under a child profile that matches the name of the executable
px - the new process should run under another profile that matches the name of the executable
Using either cx or px.
Why remove dh-apparmor?
Merged. (And reverted 39834997b993ea51f2448aa42afe57b95148a254 for now.)