Project

General

Profile

Bug #15270

devel branch FTBFS since torbrowser-launcher 0.2.9 entered sid

Added by intrigeri over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
Start date:
01/30/2018
Due date:
% Done:

100%

Feature Branch:
feature/12679-sandbox-firefox-content-renderers
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

That's due to the AppArmor profile changes I got upstreamed for #12679. My feature/12679-sandbox-firefox-content-renderers branches (in tails.git and in our torbrowser-launcher repo) might help fixing that if they're not too outdated.

Feel free to simply downgrade to torbrowser-launcher 0.2.8-6 as a temporary stopgap measure to fix this FTBFS ASAP; and then I'll handle the next steps myself on #12679.


Related issues

Blocks Tails - Feature #13245: Core work 2018Q1: Foundations Team Resolved 06/29/2017
Blocks Tails - Bug #15232: Revert to Stretch's xorg-xserver Resolved 01/23/2018
Blocks Tails - Bug #15029: Check list of backends in the usr.sbin.cups AppArmor profile (2018 edition) Resolved 12/09/2017
Blocks Tails - Bug #15116: X.Org does not start with some NVidia Maxwell and Pascal graphic cards Confirmed 12/27/2017
Blocks Tails - Bug #14521: Improve UX when GDM does not start Resolved 08/30/2017
Blocks Tails - Bug #15173: Upgrade Intel processor microcodes to mitigate the Spectre attack Resolved 01/16/2018
Blocks Tails - Feature #11753: Port complex shell scripts shipped in /usr/local to Python Resolved 08/27/2016
Blocks Tails - Feature #15309: Upgrade to Linux 4.15 Resolved 02/13/2018

Associated revisions

Revision 3735ab47 (diff)
Added by anonym over 1 year ago

Fix devel from FTBFS by downgrading torbrowser-launcher.

torbrowser-launcher 0.2.9 has entered sid and thus the APT snapshot
used by devel, and since our AppArmor profile patch does not apply, we
FTBFS. Updating the patch is the real fix, but is complex and will be
part of #12679.

Fix-committed: #15270
Refs: #12679

Revision 9e19bb4e
Added by anonym over 1 year ago

Merge remote-tracking branch 'origin/feature/12679-sandbox-firefox-content-renderers' into devel

Fix-committed: #12679, #15270

History

#1 Updated by anonym over 1 year ago

  • Status changed from Confirmed to Fix committed
  • Assignee changed from anonym to bertagaz
  • % Done changed from 0 to 100
  • QA Check set to Ready for QA

intrigeri wrote:

Feel free to simply downgrade to torbrowser-launcher 0.2.8-6

While that one is in Debian Testing, I thought it would be smarter to downgrade to 0.2.8-5~bpo9+1 so the fix (most likely) will work for us longer, e.g. even if the new version migrates to Debian Testing. I looked at the diff between 0.2.8-5~bpo9+1 and 0.2.8-6, and the AppArmor stuff isn't touched, so that version is fine (actually, the last change to our patch, 63ebac31880fd3415d9f3f0145c49315e46528a4, indicates that 0.2.8-4 would be fine). And devel built successfully locally for me and on jenkins!

bertagaz, please review this already pushed fix! Actually, my main reason for notifying you about this change is so that you are aware that the real fix (#12679) should be in Tails 3.6~rc1, ideally.

#2 Updated by bertagaz over 1 year ago

  • Assignee deleted (bertagaz)
  • QA Check changed from Ready for QA to Pass

anonym wrote:

bertagaz, please review this already pushed fix! Actually, my main reason for notifying you about this change is so that you are aware that the real fix (#12679) should be in Tails 3.6~rc1, ideally.

Ok, looks good and works to fix the FTBFS. Thanks for the notice!

#3 Updated by intrigeri over 1 year ago

  • Status changed from Fix committed to In Progress
  • Assignee set to intrigeri
  • % Done changed from 100 to 10
  • QA Check changed from Pass to Dev Needed

anonym wrote:

intrigeri wrote:

Feel free to simply downgrade to torbrowser-launcher 0.2.8-6

While that one is in Debian Testing, I thought it would be smarter to downgrade to 0.2.8-5~bpo9+1 so the fix (most likely) will work for us longer

Well, it lasted until 0.2.9 entered stretch-backports yesterday but now devel FTBFS again. I think I failed to communicate my suggestion clearly enough: I meant you could temporarily downgrade to a working version by importing it into our custom APT repo (not by fetching it from Buster which obviously would quickly fail just like fetching it from stretch-backports). I'll handle the next steps, either via #12679 or here.

#4 Updated by intrigeri over 1 year ago

#5 Updated by intrigeri over 1 year ago

  • Assignee changed from intrigeri to bertagaz
  • % Done changed from 10 to 50
  • QA Check changed from Dev Needed to Ready for QA
  • Feature Branch set to feature/12679-sandbox-firefox-content-renderers

This branch fixes the FTBFS, passes the subset of the test suite we run on Jenkins, and passes the relevant scenarios of torified_browsing.feature, pidgin.feature, and tor_stream_isolation.feature locally, except two scenarios (about persistence) that fail, one due to the Tor Browser bug wrt. file:///, the other one (persistent bookmarks) apparently due to a test suite bug that I'll investigate later on #12679. So please review'n'merge, mostly to fix the FTBFS and unblock other 3.6 dev work, and hope it does not introduce regressions that our test suite didn't spot. But let's not close #12679 right away: I want to do more QA and possibly polishing there.

#6 Updated by intrigeri over 1 year ago

  • Blocks Bug #15232: Revert to Stretch's xorg-xserver added

#7 Updated by intrigeri over 1 year ago

  • Blocks Bug #15029: Check list of backends in the usr.sbin.cups AppArmor profile (2018 edition) added

#8 Updated by intrigeri over 1 year ago

  • Blocks Bug #15116: X.Org does not start with some NVidia Maxwell and Pascal graphic cards added

#9 Updated by intrigeri over 1 year ago

  • Blocks Bug #14521: Improve UX when GDM does not start added

#10 Updated by intrigeri over 1 year ago

  • Blocks Bug #12679: Sandbox Tor Browser's content renderer processes more strictly added

#11 Updated by intrigeri over 1 year ago

  • Blocks Bug #15173: Upgrade Intel processor microcodes to mitigate the Spectre attack added

#12 Updated by intrigeri over 1 year ago

  • Blocks deleted (Bug #12679: Sandbox Tor Browser's content renderer processes more strictly)

#13 Updated by intrigeri over 1 year ago

  • Blocks Feature #11753: Port complex shell scripts shipped in /usr/local to Python added

#14 Updated by intrigeri over 1 year ago

#15 Updated by anonym over 1 year ago

  • Assignee changed from bertagaz to anonym

I'm taking this one over to relieve our overloaded RM, and to get stuff building again!

#16 Updated by anonym over 1 year ago

  • Status changed from In Progress to Fix committed
  • Assignee deleted (anonym)
  • % Done changed from 50 to 100
  • QA Check changed from Ready for QA to Pass

Works for me!

#17 Updated by bertagaz over 1 year ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF