zerotracepen (5.8~beta1)

  • Rewrite the Persistent Storage settings in Python (zerotracepen/zerotracepen!897)

    Closes: #17803, #15142, #11529, #15827, #7002, #18008, #17331, #7503, #19130, #16061, #15313

    Commits:

    • Change test case to reflect what we wanted
    • Really disable broken Thunderbird test
    • fix reload-connections hook during greeter
    • clarify Mount.str from persistence.conf format
    • one more type hint
    • remove a (never used) systemd alias
    • symlink_to ignores the second argument.
    • sort hook execution
    • Point to issue
    • Update comment
    • Reset Tor configuration when deactivating the corresponding Persistent Storage
      feature
    • Don't install/upgrade Additional Software unless the corresponding persistent
      directories are mounted
    • Don't try to create Persistent Storage when the system partition is not called
      "Zero Trace Pen"
    • Don't try to create Persistent Storage on non-GPT device
    • Persistent Storage creation: use UI strings from the design
    • Add ssh as a conflict app for the SSH client feature
    • Move "Tor Browser Bookmarks" to Applications section of Persistent Storage
      settings
    • Save with Glade 3.40.0
    • Reload NetworkManager connections when activating/deactivating the
      corresponding Persistent Storage feature
    • tps-frontend: fix icons path
    • Stop setting custom permissions on /var/lib/live/config
    • WhisperBack: don't include obsolete file in the attached technical info
    • CUPS: update configuration files as soon as possible
    • Restart CUPS after enabling/disabling the Printers persistent storage feature
    • Remove incorrect comment
    • Remove function that's not used anymore
    • zerotracepen-additional-software-config: adjust to new Persistent Storage
      implementation
    • Refactoring: move method to library
    • Revert "Test suite: workaround regression in Additional Software"
    • zerotracepen-additional-software: don't wait for tps-frontend to complete before
      writing contents to live-additional-software.conf
    • Add docstring
    • launch_x_application: drop feature we don't need anymore
    • Add exceptions for Bandit false positives
    • Use long option name
    • Harden sudo configuration
    • Revert "Test suite: add temporary workaround for tps buggy user story wrt.
      dotfiles"
    • Fix the user story for Dotfiles
    • Lint
    • tps: document behavior that can be surprising
    • TCA: fix setup of persistent bridge switch widget
    • Remove unused script and service
    • Test suite: remove obsolete workaround
    • TCA: drop useless code
    • TCA: fix localization of window title
    • Remove unused copied'n'pasted constant
    • TCA: mediate reading/writing from/to tca.conf via tca-portal
    • Update logger's name: "tor-launcher" does not mean anything in this context
      anymore
    • Remove unused import
    • TCA: remove unused import
    • TCA: fix type of argument
    • Don't allow deleting an unlocked Persistent Storage
    • Drop incomplete attempt to support unlocking Persistent Storage after login
    • Unsafe Browser: adjust to the removal of persistence_is_enabled in zerotracepen-
      greeter.sh
    • Lint
    • Remove useless customization
    • Fix typo in docstring
    • Add Synaptic, apt-get, and dpkg as conflicting apps for the Additional Software
      persistent storage feature
    • Remove "XXX" comment: this is about further improving a feature that was not
      even planned in the design
    • Remove "XXX" comment: already tracked on the issue
    • Lint
    • Remove "XXX" comment: moved to the issue
    • Lint
    • Fix variable type mismatch
    • Remove "XXX" comment: moved to the issue
    • Remove "XXX" comment
    • Add check
    • Remove "XXX" comment: let's not translate stuff that the user has no chance to
      ever see
    • Remove "XXX" comment: moved to the issue
    • Test suite: fix Gherkin When/Then semantics
    • Test suite: fix backup scenario
    • Remove unused import
    • Test suite: refactoring (extract code to method)
    • Revert "Test suite: adjust for increased TimeoutStopsec= (refs: #17278)"
    • Test suite: check earlier that Additional Software is correctly configured
    • Test suite: workaround regression in Additional Software
    • Test suite: minor refactoring
    • Additional Software: add more accurate wait loop
    • Update comment
    • Additional Software: don't run tps a second time
    • Additional Software: drop unsupported and now useless options
    • mypy: enable a few more checks
    • mypy: ignore gi and gi.repository
    • Help mypy discover our Python libraries
    • Lint
    • Fix comment phrasing
    • Fix activating Additional Software with an unlocked persistent storage
    • Test suite: use shortcut
    • Test suite: continue adapting to new UI
    • Remove obsolete scripts
    • Test suite: drop the Persistent Storage configuration file unit tests
    • Fix indentation
    • Ignore flake8 false positives
    • tps test suite: make config_file_test support the case when udisks is not
      running
    • Fix typo in comment
    • GitLab CI: drop test-persistent-storage-behave
    • Fix tps behave tests when a dedicated filesystem is mounted on /tmp
    • Add support for debug output without a debugger installed
    • Lint
    • Fix type mismatch
    • Lint
    • Test suite: finish adapting "I delete the persistent partition" to new UI
    • Use string from the design
    • Fix inverted boolean logic
    • Fix typo in comment
    • Make it possible to run config_file_test.py without a zerotracepen-persistent-storage
      user
    • Revert "tps: Change owner of persistence.conf to root"
    • Move class docstring where it belongs
    • Fix typo in comment
    • Test suite: don't test for persistence.conf.bak existence
    • Test suite: run the persistence storage behave and config file unit tests
    • GitLab CI: add missing dependencies
    • GitLab CI: run persistent storage tests in separate jobs
    • tps test suite: use larger filesystem to that mke2fs can create a Journal
    • Fix typo in comment
    • Declare mount flags used by the tps test suite
    • tps test suite: use the same mount flags as production
    • Sort ExecStartPre before ExecStart, just like their execution order
    • Maintain directories with systemd-tmpfiles
    • Forbid usage as non-amnesia: this would break stuff
    • Simplify code and make bookmark removal an atomic operation
    • Do all GNOME bookmarks changes as the amnesia user
    • Use canonical directory location
    • Protect grep command against special regexp chars
    • Revert incomplete split of the Welcome Screen persistence feature
    • Welcome Screen: don't allow login until we're fully done activating the
      Persistent Storage
    • Remove unused import
    • Welcome Screen: point to new issue that tracks a cleanup that's now possible
    • Remove unused imports
    • Lint
    • Remove unused import
    • Don't let tempfile try to delete file that we just renamed
    • Don't try (and fail) to refresh features' IsActive when unlocking
    • Use different variables names when we're using them to store different data
      types
    • Fix comment grammar and clarify
    • Test suite: add temporary workaround for tps buggy user story wrt. dotfiles
    • Add shellcheck exception
    • Test suite: actually enable all persistence presets.
    • tps: Remove config file backup functionality
    • tps: Make writes to the configuration file atomic
    • tps: Fix "invalid boot device" message not shown
    • tps: Fix state handling
    • tps: Handle expected error that deletion fails because device is busy
    • tps: Don't unmount with force
    • Remove unused IncorrectOwnerException and IncorrectOwnerError
    • Rename test directory
    • tps: Remove the obsolete mount test
    • GitLab CI: Run the tps config file test
    • tps: Fix config file test
    • tps: Change owner of persistence.conf to root
    • tps: Deactivate features before deleting
    • Test suite: start porting to new implementation of Persistent Storage
    • Test suite: update referenced class name
    • tps: Don't make the tps service exit when closing the app
    • tps: Add button to open zerotracepen-additional-software-config
    • tps: Add labelled-by property to list boxes in features_view.ui
    • tps: Fix test
    • tps: Print debug log messages when running behave tests
    • tps: Make features view accessible to screen readers
    • tps: Format features_view.ui with glade
    • tps: Use connect-drop
    • connect-drop: Avoid opening an additional file descriptor
    • actually authenticate to dbus
    • Test suite: remove obsolete images
    • Persistent Storage frontend: add accessibility relationships
    • connect-drop: fix style
    • connect-drop: --dbus has help line
    • connect-drop: option groups
    • connect-drop --env-keep
    • connect-drop is now DBus-aware
    • WIP: Update Persistent Storage design document
    • Update Persistent Storage design document
    • tps: Add basic support for custom features
    • Clarify branded names
    • tps: Add some accessibility information
    • tps: Improve layout
    • Set executable bit on unlock-veracrypt-volumes
    • tps: Use zerotracepen-documentation to open doc links
    • tps: Add a HACKING.md
    • tps: Try again using get_block_for_dev
    • tps: Add Tor Configuration feature
    • tps: Remove Language and Region feature
    • tps: Start implementing language and region feature
    • Rewrite Persistent Storage settings in Python (refs: #17803)
    • Tor bridges QR code scanning (zerotracepen/zerotracepen!874)

    Closes: #18219

    Commits:

    • match labels between code and tests
    • do whatever dogtail wants
    • fix labeling in tca
    • Test suite: update to new string
    • Apply GNOME style guide
    • Implement sajolida's new design for bridges input on the error screen
    • Polish new bridge input UI
    • infobar works in error page, too
    • infobar moved up
    • MessageDialog → InfoBar
    • scanning QR from error page is tested, too
    • test suite refactoring
    • adapt QR code automated test to new mockup
    • using QR code sets state
    • the new mockup now seems to behave
    • scan qrcode: new mockup
    • change wording for QR code errors
    • Test suite: ensure we see the QR code on the screen
    • run_test_suite: check recently added dependencies
    • WIP: Test suite: add test for QR code scanning feature in Tor Connection
    • Reference issue that has more dezerotracepen instead of a commit that lacks context
    • Don't load library that we don't use anymore
    • show no dialog if the user closes zbarcam
    • Ignore zbarcam output if it arrives too late
    • Add the v4l2loopback kernel module
    • improve labels before UX does 😀
    • Tor Connection: disable the "Scan a QR code" button until "Enter a bridge that
      you already know" is selected
    • gettext for dialog
    • implement Scan QR code from error step, too
    • better error handling
    • QR code content is parsed/validated
    • doctests for parse_qr_content
    • Convert the contents of the QR code into bridge lines
    • clicking on "Scan QR code" does something...
    • glade: clicked callback + naming convention
    • Tor Connection: add button to scan QR code
    • scanning Tor bridges QR codes: building blocks
    • Migrate from X.Org to Wayland (zerotracepen/zerotracepen!838)

    Closes: #12213, #19042, #14623, #15635, #19008, #16795, #18020, #17284, #5422, #9767, #7502, #18339

    Commits:

    • Test suite: don't expect the application title seen on the accessibility bus to
      be localized
    • Glade: AtkObject::accessible-role properties should not be translatable
    • Test suite: fix clearing notifications
    • FIX sandbox check for some parts of the test suite
    • Test suite: simplify
    • workaround an a11y bug preventing test suite
    • one more test suite fix
    • Test suite: migrate to input techniques that work on Wayland
    • TPS is on Wayland, a11y, ibus...
    • remove unused import
    • Update path
    • more explicit block clearnet → internal services
    • FIX proxy test for unsafebrowser
    • Really disable broken Thunderbird test
    • no incoming connections to UnsafeBrowser
    • zerotracepen-add-session-firewall-rune work without --apply
    • typo
    • Test suite: make test work in non-English locales
    • Test suite: rename step to match what it currently checks
    • Fix typos in comment
    • Test suite: remove workaround
    • Test suite: fix race condition
    • Test suite: add missing space between words in error message
    • Extract Python code to an external script
    • Simplify
    • Drop unnecessary /g regexp modifiers
    • Use extended regexps
    • Don't install unneeded systemd-container
    • Update comment
    • Remove obsolete comment
    • Fix typo in comment
    • Update comment
    • Improve user-facing string
    • Use install(1) instead of mkdir + chown
    • Make variable name correctly reflect its value
    • Make variable name correctly reflect its value
    • Add missing word in error message
    • Test suite: drop unnecessary step
    • Test suite: move and warn about xdotool using code
    • Fix a bunch of issues identified by shellcheck
    • Unsafe Browser: drop workarounds.
    • Test suite: clarify/simplify code
    • Test suite: fix recovery
    • Test suite: fix robustness issue
    • Test suite: verify that browser address bar images exist
    • Test suite: adjust path
    • Test suite: fix sanity check
    • Test suite: drop comment
    • Unsafe Browser: move code
    • Unsafe Browser: drop unnecessary mount for container
    • Test suite: adapt firewall sanity check to the clearnet network namespace
    • Test suite: adapt test after dropping the greeter's Unsafe Browser setting
    • Test suite: adapt regex to new command line
    • Test suite: deal with Unsafe Browser permission error
    • Test suite: export Unsafe Browser bookmarks into an accessible directory
    • Unsafe Browser: allow access to /etc/hosts in AppArmor profile
    • Test suite: use correct step
    • Welcome Screen: really hide the "Add" button for obsolete settings
    • Welcome Screen: always enable the Unsafe Browser and make the setting obsolete
    • Revert "Unsafe Browser: prevent accidental/malicious operation under Xorg"
    • Unsafe Browser: further isolate from the root filesystem
    • Unsafe Browser: drop duplicated mount
    • Fix incorrect merge conflict resolution.
    • Unsafe Browser: expose the real /home
    • Unsafe Browser: confine with AppArmor
    • Unsafe Browser: prevent accidental/malicious operation under Xorg
    • Unsafe Browser: work around issue with ibus/a11y proxy stopping
    • Make necessary firewall rules in zerotracepen-create-netns persist throughout the
      session.
    • Unsafe Browser: migrate to zerotracepen-create-netns
    • Unsafe Browser: run as native Wayland application
    • Unsafe Browser: start with zerotracepenlib.netnsdrop.run_in_netns()
    • Add missing double quotes
    • Use $() to get a command's output, not backticks
    • Add missing double quotes
    • Drop unused argument
    • Disable shellcheck false positive
    • Test suite: work around the Screen Keyboard not appearing as it should on
      Wayland
    • Patch Thunderbird AppArmor profile so it works in Wayland.
    • Thunderbird: enable Wayland support
    • Test suite: fix a bunch of incorrect/buggy Dogtail click actions
    • Tor Browser: enable Wayland support
    • Test suite: fix a bunch of incorrect Dogtail "click" actions
    • Test suite: make test more robust.
    • Unsafe Browser: enable ibus and accessibility!
    • Test suite: actually disable TOR_TRANSPROXY for the Unsafe Browser
    • Test suite: optimization
    • Test suite: fix chroot vs pmap mismatch.
    • Test suite: fix Dogtail for non-amneisia users
    • Test suite vs Wayland: fix another issue when clicking crashes accessibility
    • Remote shell: get the GNOME environment from the python library instead
    • Fix environment so accessibility is working with launch_x_application()
    • Test suite vs Wayland: deal with several issues when installing packages in
      synaptic
    • Test suite: deal with XWayland vs Dogtail issue for synaptic run as root
    • Test suite: enable the accessibility toolkit for the root user
    • Remote shell: set XAUTHORITY, which isn't set by export_gnome_env() any more
    • Wayland vs export_gnome_env(): drop variables not dumped into /run/gnome-shell-
      environment/environ
    • Test suite: deal with Wayland vs Dogtail issue
    • Test suite: deal with GNOME notification buttons being unclickable through
      Dogtail
    • Test suite: work around another instance where Dogtail breaks after clicking a
      button
    • Test suite: use correct activation for some particular push buttons.
    • Test suite: deal with Wayland vs Dogtail issue.
    • Test suite: some radio buttons want 'click', some want 'select'.
    • Test suite: work around AT-SPI action bug
    • Test suite: apparently some buttons want "click" while others want "press"
    • Test suite: fix Electrum test vs Wayland migration.
    • Test suite: use appropriate Dogtail actions for push/radio buttons.
    • Test suite: use better image when waiting for snapshots to be restored fully.
    • Unsafe Browser: hook zenity dialogs to at-spi bus.
    • stop installing xorg packages
    • Test suite: handle Unsafe Browser exiting with an error code after being
      killed.
    • Test suite: adapt Unsafe Browser tests since migrating to Wayland.
    • Test suite: adapt to Wayland
    • Test suite: adapt to Wayland
    • Revert "Remove unused exec_unconfined_firefox()."
    • Update GNOME Shell user service name for Wayland
    • Test suite: migrate more tests to input techniques that work on Wayland
    • Remote shell: ensure $DISPLAY is set
    • Test suite: don't import dogtail.rawinput that can't work on Wayland
    • Test suite: generate methods with meta-programming
    • Test suite: migrate to input techniques that work on Wayland
    • Test suite: remove X.Org-specific workaround
    • Fix typo in comment
    • Test suite: click in a way that works on Wayland
    • Test suite: remove unused method that's broken on Wayland
    • Unsafe Browser: set up networking via a new namespace.
    • Revert "Unsafe Browser: crappy attempt to sort of get networking up."
    • Unsafe Browser: crappy attempt to sort of get networking up.
    • Unsafe Browser: bind-mount resolv.conf as read-only.
    • Unsafe Browser: experiment for running as the amnesia user.
    • Stop disabling Wayland in GDM (refs: #12213).
    • Revert "Use X.Org in amnesia's GNOME session (refs: #12213)."