Project

General

Profile

Feature #12635

Install Tor Browser 7.0 final

Added by anonym over 2 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
06/09/2017
Due date:
% Done:

100%

Feature Branch:
feature/12635-tor-browser-7.0
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Browser

Description


Subtasks

Feature #12657: Upgrade Tor Browser to 7.0.1Resolved

Associated revisions

Revision 78e74613 (diff)
Added by anonym over 2 years ago

Upgrade Tor Browser to 7.0-build1.

Refs: #12635

Revision f7b5d54f (diff)
Added by anonym over 2 years ago

Tor Browser: enable e10s!

The two blockers have now been fixed! For the record, they were:

  • a permission (AppArmor) issue that led to web content not rendering.
  • the branding add-on has been removed, since it's an old school
    Firefox extension which prevents e10s from enabling.

Will-fix: #12635

Revision 1f03fb9b (diff)
Added by anonym over 2 years ago

Make the "default search engine" less error prone.

Without the added safeguards an exception will be thrown if
browser.search.defaultenginename is not set, so the Unsafe Browser and
standaline Tor Launcher won't start.

Refs: #12635

Revision d447db06 (diff)
Added by intrigeri over 2 years ago

Design doc: fix typo (refs: #12635).

Revision c822432e (diff)
Added by intrigeri over 2 years ago

Design doc: fix Markdown syntax (refs: #12635).

History

#1 Updated by anonym over 2 years ago

  • Status changed from Confirmed to In Progress

#2 Updated by intrigeri over 2 years ago

  • Feature Branch set to feature/12635-tor-browser-7.0

#3 Updated by anonym over 2 years ago

  • Assignee changed from anonym to intrigeri
  • Priority changed from Normal to Elevated
  • % Done changed from 0 to 50
  • QA Check set to Ready for QA

Jenkins test runs #2 and #3 are for the last commit (f7b5d54f923552b8e1c698da11a1be985a3b42a9) both failed only for unrelated senarios, so I think we should merge this ASAP. And we get e10s (#12569)! :)

#4 Updated by intrigeri over 2 years ago

Amazing! Will look into it when I'm back to work on Wednesday (triaging my own tickets and drawing my plans for the next 6 months doesn't count as work, obviously ;)

Meanwhile, it would help if you told me which fragile tests you're run by hand, if any.

#5 Updated by anonym over 2 years ago

intrigeri wrote:

Meanwhile, it would help if you told me which fragile tests you're run by hand, if any.

These:

features/documentation.feature:4
features/localization.feature
features/tor_enforcement.feature:15
features/tor_stream_isolation.feature:26
features/torified_browsing.feature
features/unsafe_browser.feature

#6 Updated by intrigeri over 2 years ago

I'm reviewing this (and will hopefully merge it :) but there are newer files there: https://people.torproject.org/~gk/builds/7.0/.

#7 Updated by intrigeri over 2 years ago

  • % Done changed from 50 to 60

Code review passes modulo:

  • typo is "with acces to the"
  • the design doc needs updating (e.g. it still references config/chroot_local-hooks/13-override-tbb-branding)
  • can we now re-enable e10s for the Unsafe Browser?

If my testing passes I'll merge this anyway and will reassign to anonym so he can polish these + look into the possibly newer 7.0 tarballs I've linked above.

#8 Updated by intrigeri over 2 years ago

Also, what's the status of upstreaming f11ebadf6f5911d17a0ec0ffb7e78bd987689b60 ?

#9 Updated by anonym over 2 years ago

intrigeri wrote:

Code review passes modulo:

Cheers!

  • typo is "with acces to the"

8730fae20f

  • the design doc needs updating (e.g. it still references config/chroot_local-hooks/13-override-tbb-branding)

4e9e5a62b5

  • can we now re-enable e10s for the Unsafe Browser?

The problem with Tor Browser was AppArmor-related, so it doesn't affect chroot browsers. So: no. :/

If my testing passes I'll merge this anyway and will reassign to anonym so he can polish these>

Let's see!

+ look into the possibly newer 7.0 tarballs I've linked above.

So I saw the rebuild but thought we could skip it since there will be a 7.0.1 (or yet another rebuild of 7.0 if they don't release it today, as planned) before 3.0 any way that we'll have to deal with before 3.0. While I suppose the single change it makes compared to what we have now could affect us (AFAICT it reverts a patch back to a state of 7.0a4, ie. what we shipped in Tails 3.0~rc1), I think we better take the risk of not testing it, and instead spend our time on our other priorities for 3.0. If there is a problem I have time to deal with it during the weekend.

Also, what's the status of upstreaming f11ebadf6f5911d17a0ec0ffb7e78bd987689b60 ?

My plan was to notify upstream in one go about all the changes we have done when 3.0 is out. This branch might not introduce the last change needed to that profile before 3.0, after all. Any way, it is indeed past time to create a ticket tracking this: #12653

#10 Updated by intrigeri over 2 years ago

I see that:

juin 07 16:26:41 amnesia audit[10878]: AVC apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/TorBrowser/UpdateInfo/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia audit[10878]: AVC apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/update.test/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia kernel: audit: type=1400 audit(1496852801.976:43): apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/TorBrowser/UpdateInfo/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia kernel: audit: type=1400 audit(1496852801.976:44): apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/update.test/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000

Might it be that we don't have updates disabled anymore?

#11 Updated by intrigeri over 2 years ago

  • the design doc needs updating (e.g. it still references config/chroot_local-hooks/13-override-tbb-branding)

4e9e5a62b5

Typo in "with out own".

`[mozilla.cfg](https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment)` doesn't do what you think. I think you want [`mozilla.cfg`](https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment). Please build locally before submitting this again for review :)

If my testing passes I'll merge this anyway and will reassign to anonym so he can polish these>

Let's see!

Merged.

+ look into the possibly newer 7.0 tarballs I've linked above.

So I saw the rebuild but thought we could skip it since there will be a 7.0.1 (or yet another rebuild of 7.0 if they don't release it today, as planned) before 3.0 any way that we'll have to deal with before 3.0. While I suppose the single change it makes compared to what we have now could affect us (AFAICT it reverts a patch back to a state of 7.0a4, ie. what we shipped in Tails 3.0~rc1), I think we better take the risk of not testing it, and instead spend our time on our other priorities for 3.0.

OK, good plan.

If there is a problem I have time to deal with it during the weekend.

OK. Note "2017-06-10: Build and upload the Tails 3.0 tentative ISO image" though.

#12 Updated by intrigeri over 2 years ago

  • Assignee changed from intrigeri to anonym
  • QA Check changed from Ready for QA to Dev Needed

#13 Updated by intrigeri over 2 years ago

  • Assignee changed from anonym to intrigeri

I've fixed the two design doc issues reported above straight on the testing branch. Left to do:

  • upgrade to TB 7.0.1 (tor-browser-52.2.0esr-7.0-1-build1 was just tagged)
  • look into "Might it be that we don't have updates disabled anymore?"

I'll file subtasks for both.

#14 Updated by intrigeri over 2 years ago

  • Status changed from In Progress to 11
  • Assignee deleted (intrigeri)
  • QA Check deleted (Dev Needed)

#15 Updated by intrigeri over 2 years ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF