boklm pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits: ac2bba26 by Nicolas Vigier at 2024-04-22T18:22:06+02:00 Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser
- - - - - 9b42ad01 by Nicolas Vigier at 2024-04-22T18:22:08+02:00 Bug 41083: Add more spaces to projects/browser/config
- - - - - c93586fc by Nicolas Vigier at 2024-04-22T18:22:11+02:00 Bug 41083: Make a deb package for Mullvad Browser
- - - - -
17 changed files:
- projects/browser/RelativeLink/start-browser - projects/browser/config - + projects/linux-packages/Makefile.in - + projects/linux-packages/build - + projects/linux-packages/config - + projects/linux-packages/debian/browser.desktop.in - + projects/linux-packages/debian/changelog.in - + projects/linux-packages/debian/compat - + projects/linux-packages/debian/control.in - + projects/linux-packages/debian/copyright.in - + projects/linux-packages/debian/docs.in - + projects/linux-packages/debian/install.in - + projects/linux-packages/debian/links.in - + projects/linux-packages/debian/rules - projects/release/build - projects/release/config - rbm
Changes:
===================================== projects/browser/RelativeLink/start-browser ===================================== @@ -9,9 +9,9 @@ complain_dialog_title="[% c('var/Project_Name') %]"
# Make sure this script wasn't started as 'sh start-[% c('var/project-name') %]' or similar. if [ "x$BASH" = "x" ]; then - echo "$complain_dialog_title should be started as './start-[% c('var/project-name') %]'" - echo "Exiting." >&2 - exit 1; + echo "$complain_dialog_title should be started as './start-[% c('var/project-name') %]'" + echo "Exiting." >&2 + exit 1; fi
# Do not (try to) connect to the session manager @@ -21,84 +21,86 @@ unset SESSION_MANAGER # Usage: complain message # message must not begin with a dash. complain () { - # Trim leading newlines, to avoid breaking formatting in some dialogs. - complain_message="`echo "$1" | sed '/./,$!d'`" - - # If we're being run in debug/verbose mode, complain to stderr. - if [ "$show_output" -eq 1 ]; then - echo "$complain_message" >&2 - return - fi - - # Otherwise, we're being run by a GUI program of some sort; - # try to pop up a message in the GUI in the nicest way - # possible. - # - # In mksh, non-existent commands return 127; I'll assume all - # other shells set the same exit code if they can't run a - # command. (xmessage returns 1 if the user clicks the WM - # close button, so we do need to look at the exact exit code, - # not just assume the command failed to display a message if - # it returns non-zero.) - - # First, try zenity. - zenity --error \ - --title="$complain_dialog_title" \ - --text="$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try kdialog. - kdialog --title "$complain_dialog_title" \ - --error "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try xmessage. - xmessage -title "$complain_dialog_title" \ - -center \ - -buttons OK \ - -default OK \ - -xrm '*message.scrollVertical: Never' \ - "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi - - # Try gxmessage. This one isn't installed by default on - # Debian with the default GNOME installation, so it seems to - # be the least likely program to have available, but it might - # be used by one of the 'lightweight' Gtk-based desktop - # environments. - gxmessage -title "$complain_dialog_title" \ - -center \ - -buttons GTK_STOCK_OK \ - -default OK \ - "$complain_message" - if [ "$?" -ne 127 ]; then - return - fi + # Trim leading newlines, to avoid breaking formatting in some dialogs. + complain_message="`echo "$1" | sed '/./,$!d'`" + + # If we're being run in debug/verbose mode, complain to stderr. + if [ "$show_output" -eq 1 ]; then + echo "$complain_message" >&2 + return + fi + + # Otherwise, we're being run by a GUI program of some sort; + # try to pop up a message in the GUI in the nicest way + # possible. + # + # In mksh, non-existent commands return 127; I'll assume all + # other shells set the same exit code if they can't run a + # command. (xmessage returns 1 if the user clicks the WM + # close button, so we do need to look at the exact exit code, + # not just assume the command failed to display a message if + # it returns non-zero.) + + # First, try zenity. + zenity --error \ + --title="$complain_dialog_title" \ + --text="$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try kdialog. + kdialog --title "$complain_dialog_title" \ + --error "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try xmessage. + xmessage -title "$complain_dialog_title" \ + -center \ + -buttons OK \ + -default OK \ + -xrm '*message.scrollVertical: Never' \ + "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi + + # Try gxmessage. This one isn't installed by default on + # Debian with the default GNOME installation, so it seems to + # be the least likely program to have available, but it might + # be used by one of the 'lightweight' Gtk-based desktop + # environments. + gxmessage -title "$complain_dialog_title" \ + -center \ + -buttons GTK_STOCK_OK \ + -default OK \ + "$complain_message" + if [ "$?" -ne 127 ]; then + return + fi }
if [ "`id -u`" -eq 0 ]; then - complain "The [% c('var/Project_Name') %] should not be run as root. Exiting." - exit 1 + complain "The [% c('var/Project_Name') %] should not be run as root. Exiting." + exit 1 fi
if test -r /proc/cpuinfo && ! grep -q '^flags\s*:.* sse2' /proc/cpuinfo; then - complain "[% c('var/Project_Name') %] requires a CPU with SSE2 support. Exiting." - exit 1 + complain "[% c('var/Project_Name') %] requires a CPU with SSE2 support. Exiting." + exit 1 fi
print_usage () { - printf "\n[% c('var/Project_Name') %] Script Options\n" - printf " --verbose Display [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in the terminal\n" - printf " --log [file] Record [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in file (default: [% c('var/project-name') %].log)\n" - printf " --detach Detach from terminal and run [% c('var/Project_Name') %] in the background.\n" + printf "\n[% c('var/Project_Name') %] Script Options\n" + printf " --verbose Display [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in the terminal\n" + printf " --log [file] Record [% IF c("var/tor-browser") -%]Tor and [% END -%]the browser output in file (default: [% c('var/project-name') %].log)\n" + printf " --detach Detach from terminal and run [% c('var/Project_Name') %] in the background.\n" + if test -z "$system_install"; then printf " --register-app Register [% c('var/Project_Name') %] as a desktop app for this user\n" printf " --unregister-app Unregister [% c('var/Project_Name') %] as a desktop app for this user\n" + fi } log_output=0 show_output=0 @@ -108,116 +110,122 @@ register_desktop_app=0 logfile=/dev/null while : do - case "$1" in - --detach) - detach=1 - shift - ;; - -v | --verbose | -d | --debug) - show_output=1 - verbose_arg="$2" - shift - ;; - -h | "-?" | --help | -help) - show_usage=1 - show_output=1 - shift - ;; - -l | --log) - if [ -z "$2" -o "${2:0:1}" == "-" ]; then - printf "Logging [% c('var/Project_Name') %] debug information to [% c('var/project-name') %].log\n" - logfile="../[% c('var/project-name') %].log" - elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then - printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" - logfile="$2" - shift - else - printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" - logfile="../$2" - shift - fi - log_output=1 - shift - ;; - --register-app) - register_desktop_app=1 - show_output=1 - shift - ;; - --unregister-app) - register_desktop_app=-1 - show_output=1 - shift - ;; - *) # No more options - break - ;; - esac + case "$1" in + --detach) + detach=1 + shift + ;; + -v | --verbose | -d | --debug) + show_output=1 + verbose_arg="$2" + shift + ;; + -h | "-?" | --help | -help) + show_usage=1 + show_output=1 + shift + ;; + -l | --log) + if [ -z "$2" -o "${2:0:1}" == "-" ]; then + printf "Logging [% c('var/Project_Name') %] debug information to [% c('var/project-name') %].log\n" + logfile="../[% c('var/project-name') %].log" + elif [ "${2:0:1}" == "/" -o "${2:0:1}" == "~" ]; then + printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" + logfile="$2" + shift + else + printf "Logging [% c('var/Project_Name') %] debug information to %s\n" "$2" + logfile="../$2" + shift + fi + log_output=1 + shift + ;; + --register-app) + register_desktop_app=1 + show_output=1 + shift + ;; + --unregister-app) + register_desktop_app=-1 + show_output=1 + shift + ;; + *) # No more options + break + ;; + esac done
# We can't detach and show output at the same time.. if [ "$show_output" -eq 1 -a "$detach" -eq 1 ]; then - detach=0 + detach=0 fi
if [ "$show_output" -eq 0 ]; then - # If the user hasn't requested 'debug mode' or --help, close stdout and stderr, - # to keep Firefox and the stuff loaded by/for it (including the - # system's shared-library loader) from printing messages to - # $HOME/.xsession-errors or other files. (Users wouldn't have seen - # messages there anyway.) - exec > "$logfile" - exec 2> "$logfile" + # If the user hasn't requested 'debug mode' or --help, close stdout and stderr, + # to keep Firefox and the stuff loaded by/for it (including the + # system's shared-library loader) from printing messages to + # $HOME/.xsession-errors or other files. (Users wouldn't have seen + # messages there anyway.) + exec > "$logfile" + exec 2> "$logfile" fi
# If XAUTHORITY is unset, set it to its default value of $HOME/.Xauthority # before we change HOME below. (See xauth(1) and #1945.) XDM and KDM rely # on applications using this default value. if [ -z "$XAUTHORITY" ]; then - XAUTHORITY=~/.Xauthority - export XAUTHORITY + XAUTHORITY=~/.Xauthority + export XAUTHORITY fi
# If this script is being run through a symlink, we need to know where # in the filesystem the script itself is, not where the symlink is. myname="$0" if [ -L "$myname" ]; then - # XXX readlink is not POSIX, but is present in GNU coreutils - # and on FreeBSD. Unfortunately, the -f option (which follows - # a whole chain of symlinks until it reaches a non-symlink - # path name) is a GNUism, so we have to have a fallback for - # FreeBSD. Fortunately, FreeBSD has realpath instead; - # unfortunately, that's also non-POSIX and is not present in - # GNU coreutils. - # - # If this launcher were a C program, we could just use the - # realpath function, which *is* POSIX. Too bad POSIX didn't - # make that function accessible to shell scripts. - - # If realpath is available, use it; it Does The Right Thing. - possibly_my_real_name="`realpath "$myname" 2>/dev/null`" - if [ "$?" -eq 0 ]; then - myname="$possibly_my_real_name" - else - # realpath is not available; hopefully readlink -f works. - myname="`readlink -f "$myname" 2>/dev/null`" - if [ "$?" -ne 0 ]; then - # Ugh. - complain "start-[% c('var/project-name') %] cannot be run using a symlink on this operating system." - fi - fi + # XXX readlink is not POSIX, but is present in GNU coreutils + # and on FreeBSD. Unfortunately, the -f option (which follows + # a whole chain of symlinks until it reaches a non-symlink + # path name) is a GNUism, so we have to have a fallback for + # FreeBSD. Fortunately, FreeBSD has realpath instead; + # unfortunately, that's also non-POSIX and is not present in + # GNU coreutils. + # + # If this launcher were a C program, we could just use the + # realpath function, which *is* POSIX. Too bad POSIX didn't + # make that function accessible to shell scripts. + + # If realpath is available, use it; it Does The Right Thing. + possibly_my_real_name="`realpath "$myname" 2>/dev/null`" + if [ "$?" -eq 0 ]; then + myname="$possibly_my_real_name" + else + # realpath is not available; hopefully readlink -f works. + myname="`readlink -f "$myname" 2>/dev/null`" + if [ "$?" -ne 0 ]; then + # Ugh. + complain "start-[% c('var/project-name') %] cannot be run using a symlink on this operating system." + fi + fi fi
-# Try to be agnostic to where we're being started from, chdir to where -# the script is. -mydir="`dirname "$myname"`" -test -d "$mydir" && cd "$mydir" +cd "$(dirname "$myname")" +browser_dir="$(pwd)" +if test -f "$browser_dir/is-packaged-app"; then + system_install=1 + browser_home="$HOME/.[% pc('linux-packages', 'var/system_pkg/pkg_name') %]" + mkdir -p "$browser_home" + cd "$browser_home" +else + browser_home="$browser_dir" +fi
# If ${PWD} results in a zero length string, we can try something else... if [ ! "${PWD}" ]; then - # "hacking around some braindamage" - PWD="`pwd`" - surveysays="This system has a messed up shell.\n" + # "hacking around some braindamage" + PWD="`pwd`" + surveysays="This system has a messed up shell.\n" fi
# This is a fix for an ibus issue on some Linux systems. See #9353 for more @@ -227,46 +235,48 @@ if [ ! -d ".config/ibus" ]; then ln -nsf ~/.config/ibus/bus .config/ibus fi
-# Fix up .desktop Icon and Exec Paths, and update the .desktop file from the -# canonical version if it was changed by the updater. -cp start-[% c('var/project-name') %].desktop ../ -sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop -sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop -sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop -sed -i -e "s,^Exec=.*,Exec=sh -c '"$PWD/start-[% c('var/project-name') %]" --detach || ([ ! -x "$PWD/start-[% c('var/project-name') %]" ] && "$(dirname "$*")"/Browser/start-[% c('var/project-name') %] --detach)' dummy %k,g" ../start-[% c('var/project-name') %].desktop - -if [ "$register_desktop_app" -eq 1 ]; then - mkdir -p "$HOME/.local/share/applications/" - cp ../start-[% c('var/project-name') %].desktop "$HOME/.local/share/applications/" - update-desktop-database "$HOME/.local/share/applications/" - printf "[% c('var/Project_Name') %] has been registered as a desktop app for this user in ~/.local/share/applications/\n" - exit 0 -fi - -if [ "$register_desktop_app" -eq -1 ]; then - if [ -e "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" ]; then - rm -f "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" - update-desktop-database "$HOME/.local/share/applications/" - printf "[% c('var/Project_Name') %] has been removed as a user desktop app (from ~/.local/share/applications/)\n" - else - printf "[% c('var/Project_Name') %] does not appear to be a desktop app (not present in ~/.local/share/applications/)\n" - fi - exit 0 +if test -z "$system_install"; then + # Fix up .desktop Icon and Exec Paths, and update the .desktop file from the + # canonical version if it was changed by the updater. + cp start-[% c('var/project-name') %].desktop ../ + sed -i -e "s,^Name=.*,Name=[% c('var/Project_Name') %],g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" ../start-[% c('var/project-name') %].desktop + sed -i -e "s,^Icon=.*,Icon=$PWD/browser/chrome/icons/default/default128.png,g" start-[% c('var/project-name') %].desktop + sed -i -e "s,^Exec=.*,Exec=sh -c '"$PWD/start-[% c('var/project-name') %]" --detach || ([ ! -x "$PWD/start-[% c('var/project-name') %]" ] && "$(dirname "$*")"/Browser/start-[% c('var/project-name') %] --detach)' dummy %k,g" ../start-[% c('var/project-name') %].desktop + + if [ "$register_desktop_app" -eq 1 ]; then + mkdir -p "$HOME/.local/share/applications/" + cp ../start-[% c('var/project-name') %].desktop "$HOME/.local/share/applications/" + update-desktop-database "$HOME/.local/share/applications/" + printf "[% c('var/Project_Name') %] has been registered as a desktop app for this user in ~/.local/share/applications/\n" + exit 0 + fi + + if [ "$register_desktop_app" -eq -1 ]; then + if [ -e "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" ]; then + rm -f "$HOME/.local/share/applications/start-[% c('var/project-name') %].desktop" + update-desktop-database "$HOME/.local/share/applications/" + printf "[% c('var/Project_Name') %] has been removed as a user desktop app (from ~/.local/share/applications/)\n" + else + printf "[% c('var/Project_Name') %] does not appear to be a desktop app (not present in ~/.local/share/applications/)\n" + fi + exit 0 + fi fi
export BB_ORIGINAL_HOME="$HOME" -HOME="${PWD}" +HOME="$browser_home" export HOME
# Prevent disk leaks in $HOME/.local/share (tor-browser#17560) function erase_leaky() { - local leaky="$1" - [ -e "$leaky" ] && - ( srm -r "$leaky" || - wipe -r "$leaky" || - find "$leaky" -type f -exec shred -u {} ; ; - rm -rf "$leaky" - ) > /dev/null 2>&1 + local leaky="$1" + [ -e "$leaky" ] && + ( srm -r "$leaky" || + wipe -r "$leaky" || + find "$leaky" -type f -exec shred -u {} ; ; + rm -rf "$leaky" + ) > /dev/null 2>&1 } local_dir="$HOME/.local/" share_dir="$local_dir/share" @@ -275,14 +285,14 @@ share_dir="$local_dir/share" # We're not using realpath/readlink for consistency with the (possibly # outdated) availability assumptions made elsewhere in this script. if ! [ -L "$local_dir" -o -L "$share_dir" ]; then - if [ -d "$share_dir" ]; then - for leaky_path in "gvfs-metadata" "recently-used.xbel"; do - erase_leaky "$share_dir/$leaky_path" - done - else - mkdir -p "$local_dir" - fi - ln -fs /dev/null "$share_dir" + if [ -d "$share_dir" ]; then + for leaky_path in "gvfs-metadata" "recently-used.xbel"; do + erase_leaky "$share_dir/$leaky_path" + done + else + mkdir -p "$local_dir" + fi + ln -fs /dev/null "$share_dir" fi [ -L "$HOME/.cache" ] || erase_leaky "$HOME/.cache/nvidia"
@@ -291,8 +301,8 @@ SYSARCHITECTURE=$(getconf LONG_BIT) TORARCHITECTURE=$(expr "$(file TorBrowser/Tor/tor)" : '.*ELF ([[:digit:]]*)')
if [ $SYSARCHITECTURE -ne $TORARCHITECTURE ]; then - complain "Wrong architecture? 32-bit vs. 64-bit." - exit 1 + complain "Wrong architecture? 32-bit vs. 64-bit." + exit 1 fi [% END -%]
@@ -305,27 +315,27 @@ export ASAN_OPTIONS
[% IF c("var/tor-browser") -%] function setControlPortPasswd() { - local ctrlPasswd=$1 - - if test -z "$ctrlPasswd" -o "$ctrlPasswd" = $'"secret"' ; then - unset TOR_CONTROL_PASSWD - return - fi - - if test "${ctrlPasswd:0:1}" = $'"'; then # First 2 chars were '" - printf "Using system Tor process.\n" - export TOR_CONTROL_PASSWD - else - complain "There seems to have been a quoting problem with your \ + local ctrlPasswd=$1 + + if test -z "$ctrlPasswd" -o "$ctrlPasswd" = $'"secret"' ; then + unset TOR_CONTROL_PASSWD + return + fi + + if test "${ctrlPasswd:0:1}" = $'"'; then # First 2 chars were '" + printf "Using system Tor process.\n" + export TOR_CONTROL_PASSWD + else + complain "There seems to have been a quoting problem with your \ TOR_CONTROL_PASSWD environment variable." - echo "The Tor ControlPort password should be given inside double" - echo "quotes, inside single quotes. That is, if the ControlPort" - echo 'password is “secret” (without curly quotes) then we must' - echo "start this script after setting the environment variable" - echo "exactly like this:" - echo - echo " $ TOR_CONTROL_PASSWD='"secret"' $myname" - fi + echo "The Tor ControlPort password should be given inside double" + echo "quotes, inside single quotes. That is, if the ControlPort" + echo 'password is “secret” (without curly quotes) then we must' + echo "start this script after setting the environment variable" + echo "exactly like this:" + echo + echo " $ TOR_CONTROL_PASSWD='"secret"' $myname" + fi }
# Using a system-installed Tor process with Tor Browser: @@ -367,7 +377,7 @@ setControlPortPasswd ${TOR_CONTROL_PASSWD:='"secret"'} [% END -%]
# Set up custom bundled fonts. See fonts-conf(5). -export FONTCONFIG_PATH="${HOME}/fontconfig" +export FONTCONFIG_PATH="$browser_dir/fontconfig" export FONTCONFIG_FILE="fonts.conf" [% # tor-browser#41776: We cannot make the updater remove this file. # So, let's remove it on this script, since we know that at this point the @@ -397,19 +407,19 @@ cd "${HOME}" # prevent from mixing up with them).
if [ "$show_usage" -eq 1 ]; then - # Display Firefox help, then our help - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] --help 2>/dev/null - print_usage + # Display Firefox help, then our help + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] --help 2>/dev/null + print_usage elif [ "$detach" -eq 1 ] ; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & - disown "$!" + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null & + disown "$!" elif [ "$log_output" -eq 1 -a "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ - tee "$logfile" + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" 2>&1 </dev/null | \ + tee "$logfile" elif [ "$show_output" -eq 1 ]; then - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" < /dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" < /dev/null else - [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] ./[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null + [% IF c("var/tor-browser") %]TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD}[% END %] "$browser_dir"/[% c('var/exe_name') %] "${@}" > "$logfile" 2>&1 </dev/null fi
exit $?
===================================== projects/browser/config ===================================== @@ -14,7 +14,9 @@ var: mar_osname: '[% c("var/osname") %]' version_json: version.json
+ targets: + linux: var: arch_deps: @@ -23,6 +25,7 @@ targets: # share the container to reduce space used. - libc6-i386 pt_path: ./TorBrowser/Tor/PluggableTransports/ + macos: var: arch_deps: @@ -32,14 +35,17 @@ targets: - python3-distutils-extra - python3-psutil pt_path: PluggableTransports/ + macos-universal: var: mar_osname: macos + windows: var: arch_deps: - python3-pefile pt_path: TorBrowser\Tor\PluggableTransports\ + android: build: '[% INCLUDE build.android %]' var: @@ -53,17 +59,21 @@ targets: # apksigner. suite: bookworm arch: amd64 + torbrowser: var: prefs_file: 000-tor-browser.js version_json: tbb_version.json + basebrowser: var: prefs_file: 001-base-profile.js + mullvadbrowser: var: prefs_file: 001-base-profile.js
+ input_files: - project: container-image - project: firefox
===================================== projects/linux-packages/Makefile.in ===================================== @@ -0,0 +1,7 @@ +build: + rm -f "${DEB_TARGET_ARCH}/Browser/start-[% c('var/project-name') %].desktop" + echo 'This is a packaged app.' > "${DEB_TARGET_ARCH}/Browser/is-packaged-app" + [% c("touch") %] "${DEB_TARGET_ARCH}/Browser/is-packaged-app" + +clean: + rm -f "${DEB_TARGET_ARCH}/Browser/is-packaged-app"
===================================== projects/linux-packages/build ===================================== @@ -0,0 +1,55 @@ +#!/bin/bash +[% c("var/set_default_env") -%] +distdir=/var/tmp/dist/[% project %] + +OUTDIR='[% dest_dir _ "/" _ c("filename") %]' +mkdir -p $OUTDIR +mkdir -p "$distdir" + +export SOURCE_DATE_EPOCH='[% c("timestamp") %]' + +[% IF c("var/build_deb_pkg") -%] + cd $distdir + project_dir=[% c("var/system_pkg/pkg_name") %]-[% c("var/system_pkg/pkg_version") %] + mkdir "$project_dir" + mv $rootdir/Makefile "$project_dir" + [% c('tar', { + tar_src => [ '$project_dir' ], + tar_args => '-cJf ' _ c("var/system_pkg/pkg_name") _ '_' _ c("var/system_pkg/pkg_version") _ '.orig.tar.xz', + }) %] + + cd "$project_dir" + mv $rootdir/debian . + chmod +x debian/install debian/docs debian/rules + mkdir debian/source + echo -n '3.0 (quilt)' > debian/source/format + + + function extract_src_tar { + src_tar="$1" + deb_arch="$2" + mkdir $deb_arch + tar -C $deb_arch --strip-components=1 -xf "$src_tar" + mv "$src_tar" \ + ../[% c("var/system_pkg/pkg_name") %]_[% c("var/system_pkg/pkg_version") %].orig-$deb_arch.tar.xz + } + [% IF c("var/browser-linux-x86_64") -%] + extract_src_tar \ + $rootdir/[% c('input_files_by_name/linux-x86_64') %]/[% c("var/project-name") %]-linux-x86_64-[% c("version") %].tar.xz \ + amd64 + [% END -%] + [% IF c("var/browser-linux-i686") -%] + extract_src_tar \ + $rootdir/[% c('input_files_by_name/linux-x86_64') %]/[% c("var/project-name") %]-linux-i686-[% c("version") %].tar.xz \ + i386 + [% END -%] + + [% FOREACH deb_arch = c("var_p/system_pkg/deb_archs") -%] + dpkg-buildpackage --unsigned-source --unsigned-changes --build=full --host-arch=[% deb_arch %] + deb_file_name='[% c("var/system_pkg/pkg_name") %]_[% c("var/system_pkg/pkg_version") %]-[% c("var/system_pkg/pkg_revision") %]_[% deb_arch %].deb' + dpkg-deb --info "../$deb_file_name" + pushd .. + mv -f "$deb_file_name" *.dsc *.orig.tar.xz *.debian.tar.xz "$OUTDIR/" + popd + [% END -%] +[% END %]
===================================== projects/linux-packages/config ===================================== @@ -0,0 +1,157 @@ +# vim: filetype=yaml sw=2 +version: '[% c("var/torbrowser_version") %]' +filename: '[% c("var/project-name") %]-[% c("version") %]-[% c("var/build_id") %]' +timestamp: '[% c("var/browser_release_date_timestamp") %]' +container: + use_container: 1 + +var: + build_deb_pkg: '[% c("var/mullvad-browser") %]' + system_pkg: + install_path: 'usr/lib/[% c("var/system_pkg/pkg_name") %]' + pkg_name: '[% c("var/project-name") %]-[% c("var/channel") %]' + pkg_version: '[% c("var/torbrowser_version") %]-[% c("var/torbrowser_build") %]' + pkg_revision: '1' + pkg_description: '[% c("var/display_name") %]' + deb_release_date: '[% USE date; date.format(c("timestamp"), format = "%a, %d %b %Y 01:02:03 +0000", locale = "en_US") %]' + # Use var_p/system_pkg/deb_archs for the processed list + deb_archs_list: + - '[% IF c("var/browser-linux-x86_64") %]amd64[% END %]' + - '[% IF c("var/browser-linux-i686") %]i386[% END %]' + + arch_deps: + # Packages needed to build the deb package + - dpkg-dev + - debhelper + - dh-exec + # Packages needed to generate dependencies for the deb package + - linux-libc-dev + - libasound2-dev + - libfontconfig1-dev + - libfreetype6-dev + - libgconf2-dev + - libgtk-3-dev + - libpango1.0-dev + - libpulse-dev + - libx11-xcb-dev + - libxt-dev + +targets: + + browser-all: + - browser-linux-x86_64 + - browser-linux-i686 + + browser-all-desktop: browser-all + + browser-linux-x86_64: + var: + browser-linux-x86_64: 1 + browser-linux-i686: + var: + browser-linux-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' + + torbrowser: + var: + browser_type: torbrowser + basebrowser: + var: + browser_type: basebrowser + mullvadbrowser: + var: + browser_type: mullvadbrowser + system_pkg: + pkg_description: 'Mullvad Browser is a privacy-focused web browser designed to minimize tracking and fingerprinting.' + + release: + var: + build_target: release + system_pkg: + pkg_name: '[% c("var/project-name") %]' + nightly: + var: + build_target: nightly + system_pkg: + # debian package version needs to start with a number + pkg_version: '[% pc("firefox", "var/browser_series") %]~[% c("var/torbrowser_version") FILTER remove("tbb-nightly.") %]' + alpha: + var: + build_target: alpha + testbuild: + var: + testbuild: 1 + build_target: '[% c("var/browser_type") %]-testbuild' + + +input_files: + + - project: container-image + + - name: linux-x86_64 + project: browser + enable: '[% c("var/browser-linux-x86_64") %]' + target: + - '[% c("var/build_target") %]' + - '[% c("var/browser_type") %]-linux-x86_64' + + - name: linux-i686 + project: browser + enable: '[% c("var/browser-linux-i686") %]' + target: + - '[% c("var/build_target") %]' + - '[% c("var/browser_type") %]-linux-i686' + + - filename: Makefile + content: "[% INCLUDE 'Makefile.in' %]" + refresh_input: 1 + + # Debian Package + - filename: debian/changelog + content: "[% INCLUDE 'debian/changelog.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/compat + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/control + content: "[% INCLUDE 'debian/control.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/copyright + content: "[% INCLUDE 'debian/copyright.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/install + content: "[% INCLUDE 'debian/install.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/docs + content: "[% INCLUDE 'debian/docs.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: 'debian/[% c("var/system_pkg/pkg_name") %].desktop' + content: "[% INCLUDE 'debian/browser.desktop.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/links + content: "[% INCLUDE 'debian/links.in' %]" + refresh_input: 1 + enable: '[% c("var/build_deb_pkg") %]' + - filename: debian/rules + enable: '[% c("var/build_deb_pkg") %]' + +--- | + # This part of the file contains options written in perl + ( + var_p => { + system_pkg => { + deb_archs => sub { + my ($project, $options) = @_; + my $deb_archs = project_config($project, + 'var/system_pkg/deb_archs_list', $options); + return [ + grep { $_ } map { process_template($project, $_, '.') } @$deb_archs + ]; + }, + }, + }, + )
===================================== projects/linux-packages/debian/browser.desktop.in ===================================== @@ -0,0 +1,10 @@ +[Desktop Entry] +Type=Application +Name=[% c("var/Project_Name") %] +GenericName=Web Browser +Comment=[% c("var/system_pkg/pkg_description") %] +Categories=Network;WebBrowser;Security; +Exec=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] --detach +X-[% c("var/ProjectName") %]-ExecShell=/[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] --detach +Icon=[% c("var/system_pkg/pkg_name") %] +StartupWMClass=[% c("var/display_name") %]
===================================== projects/linux-packages/debian/changelog.in ===================================== @@ -0,0 +1,5 @@ +[% c("var/system_pkg/pkg_name") %] ([% c("var/system_pkg/pkg_version") %]-[% c("var/system_pkg/pkg_revision") %]) UNRELEASED; urgency=medium + + * [% c("var/Project_Name") %] [% c("var/torbrowser_version") %] + + -- [% c("var/Project_Name") %] Developers torbrowser@torproject.org [% c("var/system_pkg/deb_release_date") %]
===================================== projects/linux-packages/debian/compat ===================================== @@ -0,0 +1 @@ +9
===================================== projects/linux-packages/debian/control.in ===================================== @@ -0,0 +1,11 @@ +Source: [% c("var/system_pkg/pkg_name") %] +Maintainer: [% c("var/Project_Name") %] Developers torbrowser@torproject.org +Priority: optional +Section: web +Build-Depends: debhelper (>= 9) + +Package: [% c("var/system_pkg/pkg_name") %] +Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %] +Depends: ${shlibs:Depends}, +Description: [% c('var/display_name') %] + [% c("var/system_pkg/pkg_description") %]
===================================== projects/linux-packages/debian/copyright.in ===================================== @@ -0,0 +1,10 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Source:: https://gitlab.torproject.org/tpo/applications/tor-browser-build/ +Upstream-Name: [% c("var/Project_Name") %] +Comment: + License for the build recipes and tools used for building [% c("var/Project_Name") %] + can be found at this URL: + https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main... + For the license of specific components included in [% c("var/Project_Name") %], see + this directory: + /usr/share/doc/[% c("var/system_pkg/pkg_name") %]/Licenses
===================================== projects/linux-packages/debian/docs.in ===================================== @@ -0,0 +1,3 @@ +#! /usr/bin/dh-exec +${DEB_HOST_ARCH}/Browser/[% c("var/ProjectName") %]/Docs/ChangeLog.txt +${DEB_HOST_ARCH}/Browser/[% c("var/ProjectName") %]/Docs/Licenses/
===================================== projects/linux-packages/debian/install.in ===================================== @@ -0,0 +1,3 @@ +#! /usr/bin/dh-exec +${DEB_HOST_ARCH}/Browser/* [% c("var/system_pkg/install_path") %] +debian/[% c("var/system_pkg/pkg_name") %].desktop usr/share/applications
===================================== projects/linux-packages/debian/links.in ===================================== @@ -0,0 +1,7 @@ +[% c("var/system_pkg/install_path") %]/start-[% c("var/project-name") %] usr/bin/[% c("var/system_pkg/pkg_name") %] +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default16.png usr/share/icons/hicolor/16x16/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default32.png usr/share/icons/hicolor/32x32/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default48.png usr/share/icons/hicolor/48x48/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default64.png usr/share/icons/hicolor/64x64/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/default128.png usr/share/icons/hicolor/128x128/apps/[% c("var/system_pkg/pkg_name") %].png +[% c("var/system_pkg/install_path") %]/browser/chrome/icons/default/about-logo.svg usr/share/icons/hicolor/scalable/apps/[% c("var/system_pkg/pkg_name") %].svg
===================================== projects/linux-packages/debian/rules ===================================== @@ -0,0 +1,10 @@ +#!/usr/bin/make -f + +%: + dh $@ + +override_dh_strip_nondeterminism: + dh_strip_nondeterminism -Xxpi + +override_dh_shlibdeps: + dh_shlibdeps -Xabicheck
===================================== projects/release/build ===================================== @@ -37,6 +37,9 @@ mkdir -p "$destdir" [% IF c("var/browser-linux-x86_64") -%] mv [% c('input_files_by_name/linux-x86_64') %]/* "$destdir"/ [% END -%] +[% IF c("var/linux-packages") -%] + mv [% c('input_files_by_name/linux-packages') %]/* "$destdir"/ +[% END -%] [% IF c("var/browser-src") -%] mv [% c('input_files_by_name/src-firefox') %] \ "$destdir"/ @@ -59,7 +62,7 @@ EOF # empty any existing sh256sums file echo -n > sha256sums-unsigned-build.txt # concat sha256sum entry for each file in set -for i in $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip *.tar.gz *.apk *.bspatch *.json | grep -v '.incremental.mar$' | sort) +for i in $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip *.tar.gz *.apk *.bspatch *.json *.deb | grep -v '.incremental.mar$' | sort) do sha256sum $i >> sha256sums-unsigned-build.txt done
===================================== projects/release/config ===================================== @@ -47,6 +47,7 @@ targets: browser-linux-x86_64: var: browser-linux-x86_64: 1 + linux-packages: '[% c("var/mullvad-browser") %]' browser-linux-x86_64-asan: var: browser-linux-x86_64: 1 @@ -54,6 +55,7 @@ targets: browser-linux-i686: var: browser-linux-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' + linux-packages: '[% c("var/mullvad-browser") %]' browser-windows-i686: var: browser-windows-i686: '[% c("var/browser_type") != "mullvadbrowser" %]' @@ -186,6 +188,14 @@ input_files: - '[% c("var/build_target") %]' - '[% c("var/browser_type") %]-linux-i686'
+ - name: linux-packages + project: linux-packages + enable: '[% c("var/linux-packages") %]' + # Add linux-x86_64 targets for container config + target_prepend: + - linux-x86_64 + - linux + - name: windows-i686 project: browser enable: '[% c("var/browser-windows-i686") %]'
===================================== rbm ===================================== @@ -1 +1 @@ -Subproject commit 10c6b24e90e3dc9c2578290a7d82a87b7f4eb9a3 +Subproject commit 05e32169dfad9f3cc3eb6aa3f93d9b7a1690290e
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/4...
tor-commits@lists.torproject.org