@product Feature: System memory erasure on shutdown As a Tails user when I shutdown Tails I want the system memory to be free from sensitive data. Scenario: Anti-test: no memory erasure on a modern computer # features/erase_memory.feature:7 Given a computer # features/step_definitions/common_steps.rb:122 And the computer is a modern 64-bit system # features/step_definitions/erase_memory.rb:23 And the computer has 8 GiB of RAM # features/step_definitions/common_steps.rb:127 And I set Tails to boot with options "debug=wipemem" # features/step_definitions/common_steps.rb:180 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse debug=wipemem " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 291ms [profile] Finder.findAll START [profile] Finder.findAll END: 283ms [profile] Finder.findAll START [profile] Finder.findAll END: 302ms [profile] Finder.findAll START [profile] Finder.findAll END: 317ms [profile] Finder.findAll START [profile] Finder.findAll END: 312ms [profile] Finder.findAll START [profile] Finder.findAll END: 268ms [profile] Finder.findAll START [profile] Finder.findAll END: 303ms [log] CLICK on (51,16) And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as root: tails-get-bootinfo kernel call returned: [0, "/lib/live/mount/medium/live/vmlinuz2\n", ""] Then the PAE kernel is running # features/step_definitions/erase_memory.rb:44 calling as root: free -m | awk '/^Mem:/ { print $2 }' call returned: [0, "8003\n", ""] And at least 8 GiB of RAM was detected # features/step_definitions/erase_memory.rb:62 Detected 8003 MiB of RAM calling as root: pidof -x -o '%PPID' memlockd call returned: [0, "1413\n", ""] And process "memlockd" is running # features/step_definitions/common_steps.rb:490 calling as root: pidof -x -o '%PPID' udev-watchdog call returned: [0, "1450\n", ""] And process "udev-watchdog" is running # features/step_definitions/common_steps.rb:490 calling as root: ps -wweo cmd call returned: [0, "CMD\n/sbin/init config nopersistence noprompt splash noautologin slab_nomerge autotest_never_use_this_option\n[kthreadd]\n[ksoftirqd/0]\n[kworker/0:0]\n[kworker/0:0H]\n[kworker/u2:0]\n[rcu_sched]\n[rcu_bh]\n[migration/0]\n[watchdog/0]\n[khelper]\n[kdevtmpfs]\n[netns]\n[khungtaskd]\n[writeback]\n[ksmd]\n[khugepaged]\n[crypto]\n[kintegrityd]\n[bioset]\n[kblockd]\n[kworker/0:1]\n[kswapd0]\n[vmstat]\n[fsnotify_mark]\n[kthrotld]\n[ipv6_addrconf]\n[deferwq]\n[kworker/u2:1]\n[khubd]\n[ata_sff]\n[scsi_eh_0]\n[scsi_tmf_0]\n[scsi_eh_1]\n[scsi_tmf_1]\n[kworker/u2:2]\n[kworker/0:2]\n[kworker/0:3]\n[kworker/0:1H]\n[loop0]\n/lib/systemd/systemd-journald\n[kauditd]\n/lib/systemd/systemd-udevd\n[vballoon]\n[kpsmoused]\n[hd-audio0]\n/usr/sbin/haveged --Foreground --verbose=1 --write=1024\n/usr/lib/accountsservice/accounts-daemon\n/bin/sh -c . /usr/local/lib/tails-shell-library/tor.sh ; while ! tor_is_working ; do /bin/sleep 1 ; done\n/usr/sbin/ModemManager\n/usr/sbin/cron -f\n/usr/bin/python3 /usr/local/lib/tails-autotest-remote-shell /dev/ttyS0\n/usr/bin/python /usr/local/lib/tor-controlport-filter\n/lib/systemd/systemd-logind\n/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/sbin/spice-vdagentd\n/usr/sbin/ekeyd\n/usr/lib/policykit-1/polkitd --no-debug\n/usr/sbin/memlockd -f -u memlockd\n/bin/sh /usr/local/lib/udev-watchdog-wrapper\n/usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0 cd\n/usr/sbin/gdm3\n/usr/bin/Xorg :0 -novtswitch -background none -noreset -verbose 3 -auth /var/run/gdm3/auth-for-Debian-gdm-OMsGHf/database -seat seat0 -nolisten tcp vt7\n/sbin/agetty --noclear tty1 linux\n/lib/systemd/systemd --user\n(sd-pam) \n/usr/bin/spice-vdagent\n/usr/lib/upower/upowerd\n/usr/lib/colord/colord\n/lib/systemd/systemd-localed\ngdm-session-worker [pam/gdm-autologin]\n/lib/systemd/systemd --user\n(sd-pam) \nx-session-manager\ndbus-launch --autolaunch=92d88fccce686640b50daf2f1b6947d0 --binary-syntax --close-stderr\n/usr/bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session\n/usr/bin/gpg-agent --daemon --sh --write-env-file=/home/amnesia/.gnupg/gpg-agent-info-amnesia /usr/bin/dbus-launch --exit-with-session /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/bin/dbus-launch --exit-with-session /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/bin/dbus-daemon --fork --print-pid 4 --print-address 6 --session\n/usr/bin/perl -wT /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/lib/at-spi2-core/at-spi-bus-launcher\n/usr/bin/dbus-daemon --config-file=/etc/at-spi2/accessibility.conf --nofork --print-address 3\n/usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session\n/usr/lib/gvfs/gvfsd\n/usr/lib/gnome-settings-daemon/gnome-settings-daemon\n/usr/bin/gnome-keyring-daemon --start --components=secrets\n/usr/bin/spice-vdagent\n/usr/bin/pulseaudio --start\n/usr/lib/gvfs/gvfs-udisks2-volume-monitor\n/usr/lib/udisks2/udisksd --no-debug\n/usr/lib/gvfs/gvfs-mtp-volume-monitor\n/usr/lib/gvfs/gvfs-gphoto2-volume-monitor\n/usr/lib/gvfs/gvfs-goa-volume-monitor\n/usr/lib/gvfs/gvfs-afc-volume-monitor\n/usr/bin/gnome-shell\n/lib/systemd/systemd-hostnamed\n/usr/sbin/cupsd -f\n/usr/lib/gnome-settings-daemon/gsd-printer\n/usr/lib/dconf/dconf-service\n/usr/sbin/NetworkManager --no-daemon\n[cfg80211]\nibus-daemon --xim --panel disable\n/bin/sh /usr/local/lib/start-systemd-desktop-target\nnautilus -n\n/bin/systemctl --user start desktop.target\n/bin/sh -c [ \"$(/usr/bin/id -u)\" = 1000 ] || exit 0 ; while ! [ -e /run/tor-has-bootstrapped/done ] ; do /bin/sleep 1 ; done\nflorence\n/usr/bin/perl /usr/local/bin/gpgApplet\nnm-applet\nflorence\n/usr/lib/i386-linux-gnu/gconf/gconfd-2\n/usr/lib/ibus/ibus-dconf\n/usr/lib/ibus/ibus-x11 --kill-daemon\n/usr/lib/ibus/ibus-engine-simple\n/usr/lib/gvfs/gvfsd-trash --spawner :1.5 /org/gtk/gvfs/exec_spaw/0\n/usr/lib/gvfs/gvfsd-burn --spawner :1.5 /org/gtk/gvfs/exec_spaw/1\n/usr/lib/gvfs/gvfsd-metadata\n/bin/sleep 1\n/bin/sleep 1\n/bin/sh -c ps -wweo cmd\nps -wweo cmd\n", ""] calling as root: cat /sys/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0/dev call returned: [0, "11:0\n", ""] calling as root: readlink -f /dev/block/'11:0' call returned: [0, "/dev/sr0\n", ""] calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium call returned: [0, "11:0\n", ""] calling as root: readlink -f /dev/block/'11:0' call returned: [0, "/dev/sr0\n", ""] And udev-watchdog is monitoring the correct device # features/step_definitions/erase_memory.rb:19 calling as root: echo 3 > /proc/sys/vm/drop_caches call returned: [0, "", ""] calling as root: sysctl vm.oom_kill_allocating_task=0 call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] calling as root: sysctl vm.oom_dump_tasks=0 call returned: [0, "vm.oom_dump_tasks = 0\n", ""] calling as root: sysctl vm.overcommit_memory=0 call returned: [0, "vm.overcommit_memory = 0\n", ""] calling as root: sysctl vm.min_free_kbytes=65536 call returned: [0, "vm.min_free_kbytes = 65536\n", ""] calling as root: sysctl vm.admin_reserve_kbytes=131072 call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "465\n", ""] spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "584\n", ""] Memory fill progress: 10% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "702\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "813\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "943\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1063\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1180\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1306\n", ""] Memory fill progress: 20% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1431\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1548\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1662\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1769\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1887\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2012\n", ""] Memory fill progress: 30% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2139\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2208\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2337\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2447\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2576\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2701\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2824\n", ""] Memory fill progress: 40% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2949\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3079\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3203\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3330\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3453\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3579\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3703\n", ""] Memory fill progress: 50% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3836\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3951\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4070\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4194\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4314\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4442\n", ""] Memory fill progress: 60% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4564\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4688\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4810\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "4936\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5063\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5182\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5303\n", ""] Memory fill progress: 70% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5419\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5544\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5656\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5781\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "5891\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6011\n", ""] Memory fill progress: 80% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6140\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6264\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6387\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6511\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6639\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6763\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "6887\n", ""] Memory fill progress: 90% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7010\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7133\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7254\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7374\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7498\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7617\n", ""] Memory fill progress: 100% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7734\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "7856\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3171 3156 3141 3127 3113 3098 3083 3069\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "452\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [1, "", ""] Memory fill progress: finished When I fill the guest's memory with a known pattern without verifying # features/step_definitions/erase_memory.rb:100 And I reboot without wiping the memory # features/step_definitions/erase_memory.rb:198 [log] TYPE " " And I stop the boot at the bootloader menu # features/step_definitions/erase_memory.rb:202 Then I find many patterns in the guest's memory # features/step_definitions/erase_memory.rb:190 Pattern coverage: 100.377% (7373 MiB out of 7346 MiB initial free memory) Scenario: Anti-test: no memory erasure on an old computer # features/erase_memory.feature:40 Given a computer # features/step_definitions/common_steps.rb:122 And the computer is an old pentium without the PAE extension # features/step_definitions/erase_memory.rb:29 And the computer has 8 GiB of RAM # features/step_definitions/common_steps.rb:127 And I set Tails to boot with options "debug=wipemem" # features/step_definitions/common_steps.rb:180 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse debug=wipemem " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 243ms [profile] Finder.findAll START [profile] Finder.findAll END: 325ms [profile] Finder.findAll START [profile] Finder.findAll END: 297ms [profile] Finder.findAll START [profile] Finder.findAll END: 277ms [profile] Finder.findAll START [profile] Finder.findAll END: 254ms [profile] Finder.findAll START [profile] Finder.findAll END: 278ms [profile] Finder.findAll START [profile] Finder.findAll END: 261ms [log] CLICK on (51,16) And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as root: tails-get-bootinfo kernel call returned: [0, "/lib/live/mount/medium/live/vmlinuz\n", ""] Then the non-PAE kernel is running # features/step_definitions/erase_memory.rb:49 calling as root: free -m | awk '/^Mem:/ { print $2 }' call returned: [0, "3548\n", ""] And at least 3500 MiB of RAM was detected # features/step_definitions/erase_memory.rb:62 Detected 3548 MiB of RAM calling as root: pidof -x -o '%PPID' memlockd call returned: [0, "1343\n", ""] And process "memlockd" is running # features/step_definitions/common_steps.rb:490 calling as root: pidof -x -o '%PPID' udev-watchdog call returned: [0, "1416\n", ""] And process "udev-watchdog" is running # features/step_definitions/common_steps.rb:490 calling as root: ps -wweo cmd call returned: [0, "CMD\n/sbin/init config nopersistence noprompt splash noautologin slab_nomerge autotest_never_use_this_option\n[kthreadd]\n[ksoftirqd/0]\n[kworker/0:0]\n[kworker/0:0H]\n[kworker/u2:0]\n[watchdog/0]\n[khelper]\n[kdevtmpfs]\n[netns]\n[khungtaskd]\n[writeback]\n[ksmd]\n[crypto]\n[kintegrityd]\n[bioset]\n[kblockd]\n[kworker/0:1]\n[kswapd0]\n[fsnotify_mark]\n[kthrotld]\n[ipv6_addrconf]\n[deferwq]\n[kworker/u2:1]\n[khubd]\n[ata_sff]\n[scsi_eh_0]\n[scsi_tmf_0]\n[scsi_eh_1]\n[scsi_tmf_1]\n[kworker/u2:2]\n[kworker/u2:3]\n[kworker/0:2]\n[kworker/0:3]\n[kworker/0:1H]\n[loop0]\n/lib/systemd/systemd-journald\n[kauditd]\n/lib/systemd/systemd-udevd\n[kpsmoused]\n[vballoon]\n[hd-audio0]\n/usr/sbin/haveged --Foreground --verbose=1 --write=1024\n/usr/lib/accountsservice/accounts-daemon\n/bin/sh -c . /usr/local/lib/tails-shell-library/tor.sh ; while ! tor_is_working ; do /bin/sleep 1 ; done\n/usr/sbin/ModemManager\n/usr/sbin/cron -f\n/usr/bin/python3 /usr/local/lib/tails-autotest-remote-shell /dev/ttyS0\n/usr/bin/python /usr/local/lib/tor-controlport-filter\n/lib/systemd/systemd-logind\n/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation\n/usr/lib/policykit-1/polkitd --no-debug\n/usr/sbin/memlockd -f -u memlockd\n/bin/sh /usr/local/lib/udev-watchdog-wrapper\n/usr/sbin/spice-vdagentd\n/usr/sbin/ekeyd\n/usr/local/sbin/udev-watchdog /devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0 cd\n/usr/sbin/gdm3\n/usr/bin/Xorg :0 -novtswitch -background none -noreset -verbose 3 -auth /var/run/gdm3/auth-for-Debian-gdm-u2g1bW/database -seat seat0 -nolisten tcp vt7\n/sbin/agetty --noclear tty1 linux\n/lib/systemd/systemd --user\n(sd-pam) \n/usr/bin/spice-vdagent\n/usr/lib/upower/upowerd\n/usr/lib/colord/colord\n/lib/systemd/systemd-localed\ngdm-session-worker [pam/gdm-autologin]\n/lib/systemd/systemd --user\n(sd-pam) \nx-session-manager\ndbus-launch --autolaunch=92d88fccce686640b50daf2f1b6947d0 --binary-syntax --close-stderr\n/usr/bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session\n/usr/bin/gpg-agent --daemon --sh --write-env-file=/home/amnesia/.gnupg/gpg-agent-info-amnesia /usr/bin/dbus-launch --exit-with-session /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/bin/dbus-launch --exit-with-session /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/bin/dbus-daemon --fork --print-pid 4 --print-address 6 --session\n/usr/bin/perl -wT /usr/bin/monkeysphere-validation-agent x-session-manager\n/usr/lib/at-spi2-core/at-spi-bus-launcher\n/usr/bin/dbus-daemon --config-file=/etc/at-spi2/accessibility.conf --nofork --print-address 3\n/usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session\n/usr/lib/gvfs/gvfsd\n/usr/lib/gnome-settings-daemon/gnome-settings-daemon\n/usr/bin/pulseaudio --start\n/usr/bin/gnome-keyring-daemon --start --components=secrets\n/usr/bin/spice-vdagent\n/usr/lib/gvfs/gvfs-udisks2-volume-monitor\n/usr/lib/udisks2/udisksd --no-debug\n/usr/lib/gvfs/gvfs-mtp-volume-monitor\n/usr/lib/gvfs/gvfs-gphoto2-volume-monitor\n/usr/lib/gvfs/gvfs-goa-volume-monitor\n/usr/lib/gvfs/gvfs-afc-volume-monitor\n/usr/bin/gnome-shell\n/lib/systemd/systemd-hostnamed\n/usr/sbin/cupsd -f\n/usr/lib/gnome-settings-daemon/gsd-printer\n/usr/lib/dconf/dconf-service\n/usr/sbin/NetworkManager --no-daemon\n[cfg80211]\nibus-daemon --xim --panel disable\n/bin/sh /usr/local/lib/start-systemd-desktop-target\nnautilus -n\n/bin/systemctl --user start desktop.target\n/bin/sh -c [ \"$(/usr/bin/id -u)\" = 1000 ] || exit 0 ; while ! [ -e /run/tor-has-bootstrapped/done ] ; do /bin/sleep 1 ; done\nflorence\n/usr/bin/perl /usr/local/bin/gpgApplet\nnm-applet\nflorence\n/usr/lib/i386-linux-gnu/gconf/gconfd-2\n/usr/lib/ibus/ibus-dconf\n/usr/lib/ibus/ibus-x11 --kill-daemon\n/usr/lib/ibus/ibus-engine-simple\n/usr/lib/gvfs/gvfsd-trash --spawner :1.5 /org/gtk/gvfs/exec_spaw/0\n/usr/lib/gvfs/gvfsd-burn --spawner :1.5 /org/gtk/gvfs/exec_spaw/1\n/usr/lib/gvfs/gvfsd-metadata\n/bin/sleep 1\n/bin/sleep 1\n/bin/sh -c ps -wweo cmd\nps -wweo cmd\n", ""] calling as root: cat /sys/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0/dev call returned: [0, "11:0\n", ""] calling as root: readlink -f /dev/block/'11:0' call returned: [0, "/dev/sr0\n", ""] calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium call returned: [0, "11:0\n", ""] calling as root: readlink -f /dev/block/'11:0' call returned: [0, "/dev/sr0\n", ""] And udev-watchdog is monitoring the correct device # features/step_definitions/erase_memory.rb:19 calling as root: echo 3 > /proc/sys/vm/drop_caches call returned: [0, "", ""] calling as root: sysctl vm.oom_kill_allocating_task=0 call returned: [0, "vm.oom_kill_allocating_task = 0\n", ""] calling as root: sysctl vm.oom_dump_tasks=0 call returned: [0, "vm.oom_dump_tasks = 0\n", ""] calling as root: sysctl vm.overcommit_memory=0 call returned: [0, "vm.overcommit_memory = 0\n", ""] calling as root: sysctl vm.min_free_kbytes=65536 call returned: [0, "vm.min_free_kbytes = 65536\n", ""] calling as root: sysctl vm.admin_reserve_kbytes=131072 call returned: [0, "vm.admin_reserve_kbytes = 131072\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "428\n", ""] spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram spawning as amnesia: sh -c 'echo 1000 > /proc/$$/oom_score_adj && exec /usr/local/sbin/fillram'; killall fillram calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "463\n", ""] Memory fill progress: 10% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "563\n", ""] Memory fill progress: 20% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "663\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "762\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "862\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "951\n", ""] Memory fill progress: 30% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1050\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1146\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1239\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1338\n", ""] Memory fill progress: 40% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1433\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1533\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1633\n", ""] Memory fill progress: 50% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1734\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1834\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "1935\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2037\n", ""] Memory fill progress: 60% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2138\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2238\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2338\n", ""] Memory fill progress: 70% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2438\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2537\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2637\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2737\n", ""] Memory fill progress: 80% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2837\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "2933\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3033\n", ""] Memory fill progress: 90% calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3124\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "3223\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [0, "3032 3018 3004 2989\n", ""] calling as root: free -m | awk '/^Mem:/ { print $3 }' call returned: [0, "433\n", ""] calling as root: pidof -x -o '%PPID' fillram call returned: [1, "", ""] Memory fill progress: finished When I fill the guest's memory with a known pattern without verifying # features/step_definitions/erase_memory.rb:100 And I reboot without wiping the memory # features/step_definitions/erase_memory.rb:198 [log] TYPE " " And I stop the boot at the bootloader menu # features/step_definitions/erase_memory.rb:202 Then I find many patterns in the guest's memory # features/step_definitions/erase_memory.rb:190 Pattern coverage: 97.244% (2847 MiB out of 2928 MiB initial free memory) @product Feature: Untrusted partitions As a Tails user I don't want to touch other media than the one Tails runs from Scenario: Tails will not enable disk swap # features/untrusted_partitions.feature:6 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "swap" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/swap" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "gpt" libguestfs: trace: part_disk = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: mkswap "/dev/sda1" libguestfs: trace: mkswap = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create a gpt swap partition on disk "swap" # features/step_definitions/untrusted_partitions.rb:1 And I plug ide drive "swap" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 246ms [profile] Finder.findAll START [profile] Finder.findAll END: 253ms [profile] Finder.findAll START [profile] Finder.findAll END: 253ms [profile] Finder.findAll START [profile] Finder.findAll END: 276ms [profile] Finder.findAll START [profile] Finder.findAll END: 287ms [profile] Finder.findAll START [profile] Finder.findAll END: 266ms [profile] Finder.findAll START [profile] Finder.findAll END: 250ms [log] CLICK on (51,16) When I start Tails with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as root: blkid '/dev/sda' call returned: [0, "/dev/sda: PTUUID=\"a70b6d78-5bc2-4d59-b8f3-d94cb3c5a6b2\" PTTYPE=\"gpt\"\n", ""] Then a "swap" partition was detected by Tails on drive "swap" # features/step_definitions/untrusted_partitions.rb:5 calling as root: tail -n+2 /proc/swaps call returned: [0, "", ""] calling as root: grep '^Swap' /proc/meminfo call returned: [0, "SwapCached: 0 kB\nSwapTotal: 0 kB\nSwapFree: 0 kB\n", ""] But Tails has no disk swap enabled # features/step_definitions/untrusted_partitions.rb:12 Scenario: Tails will detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is set # features/untrusted_partitions.feature:15 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "gpt" libguestfs: trace: part_disk = 0 libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" libguestfs: trace: part_set_name = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: luks_format "/dev/sda1" "***" 0 libguestfs: trace: luks_format = 0 libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" libguestfs: trace: luks_open = 0 libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" libguestfs: trace: mkfs = 0 libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" libguestfs: trace: luks_close = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug removable usb drive "fake_TailsData" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) When I start the computer # features/step_definitions/common_steps.rb:184 [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails # features/step_definitions/common_steps.rb:273 calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:152 And Tails Greeter has detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on USB drives as persistence volumes when the removable flag is unset # features/untrusted_partitions.feature:25 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "gpt" libguestfs: trace: part_disk = 0 libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" libguestfs: trace: part_set_name = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: luks_format "/dev/sda1" "***" 0 libguestfs: trace: luks_format = 0 libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" libguestfs: trace: luks_open = 0 libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" libguestfs: trace: mkfs = 0 libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" libguestfs: trace: luks_close = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug non-removable usb drive "fake_TailsData" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) When I start the computer # features/step_definitions/common_steps.rb:184 [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails # features/step_definitions/common_steps.rb:273 calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:152 And Tails Greeter has not detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails will not detect LUKS-encrypted GPT partitions labeled "TailsData" stored on local hard drives as persistence volumes # features/untrusted_partitions.feature:35 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "fake_TailsData" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/fake_TailsData" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "gpt" libguestfs: trace: part_disk = 0 libguestfs: trace: part_set_name "/dev/sda" 1 "TailsData" libguestfs: trace: part_set_name = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: luks_format "/dev/sda1" "***" 0 libguestfs: trace: luks_format = 0 libguestfs: trace: luks_open "/dev/sda1" "***" "sda1_unlocked" libguestfs: trace: luks_open = 0 libguestfs: trace: mkfs "ext4" "/dev/mapper/sda1_unlocked" libguestfs: trace: mkfs = 0 libguestfs: trace: luks_close "/dev/mapper/sda1_unlocked" libguestfs: trace: luks_close = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create a gpt partition labeled "TailsData" with an ext4 filesystem encrypted with password "asdf" on disk "fake_TailsData" # features/step_definitions/untrusted_partitions.rb:23 And I plug ide drive "fake_TailsData" # features/step_definitions/common_steps.rb:145 When I start the computer # features/step_definitions/common_steps.rb:184 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails # features/step_definitions/common_steps.rb:273 calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "fake_TailsData" is detected by Tails # features/step_definitions/common_steps.rb:152 And Tails Greeter has not detected a persistence partition # features/step_definitions/untrusted_partitions.rb:55 Scenario: Tails can boot from live systems stored on hard drives # features/untrusted_partitions.feature:45 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 2 GiB disk named "live_hd" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-i386-stable-2.4.1-20160622T0754Z-dadd01c.iso" "readonly:true" "format:raw" libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfsbm38Vh/overlay1" "qcow2" -1 "backingfile:/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-i386-stable-2.4.1-20160622T0754Z-dadd01c.iso" "backingformat:raw" libguestfs: trace: disk_create = 0 libguestfs: trace: add_drive = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/live_hd" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda", "/dev/sdb"] libguestfs: trace: copy_device_to_device "/dev/sda" "/dev/sdb" libguestfs: trace: copy_device_to_device = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I cat an ISO of the Tails image to disk "live_hd" # features/step_definitions/untrusted_partitions.rb:30 And the computer is set to boot from ide drive "live_hd" # features/step_definitions/common_steps.rb:135 And I set Tails to boot with options "live-media=" # features/step_definitions/common_steps.rb:180 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse live-media= " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 232ms [profile] Finder.findAll START [profile] Finder.findAll END: 267ms [profile] Finder.findAll START [profile] Finder.findAll END: 255ms [profile] Finder.findAll START [profile] Finder.findAll END: 331ms [profile] Finder.findAll START [profile] Finder.findAll END: 233ms [profile] Finder.findAll START [profile] Finder.findAll END: 288ms [profile] Finder.findAll START [profile] Finder.findAll END: 315ms [log] CLICK on (51,16) When I start Tails with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium call returned: [0, "8:1\n", ""] calling as root: readlink -f /dev/block/'8:1' call returned: [0, "/dev/sda1\n", ""] calling as root: udevadm info --query=property --name='/dev/sda1' call returned: [0, "DEVLINKS=/dev/disk/by-id/ata-QEMU_HARDDISK_QM00001-part1 /dev/disk/by-label/TAILS\\x202.4.1\\x20-\\x2020160622 /dev/disk/by-uuid/2016-06-22-08-45-34-00\nDEVNAME=/dev/sda1\nDEVPATH=/devices/pci0000:00/0000:00:01.1/ata1/host0/target0:0:0/0:0:0:0/block/sda/sda1\nDEVTYPE=partition\nID_ATA=1\nID_ATA_FEATURE_SET_SMART=1\nID_ATA_FEATURE_SET_SMART_ENABLED=1\nID_ATA_WRITE_CACHE=1\nID_ATA_WRITE_CACHE_ENABLED=1\nID_BUS=ata\nID_FS_APPLICATION_ID=The\\x20Amnesic\\x20Incognito\\x20Live\\x20System\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_2.4.1_-_20160622\nID_FS_LABEL_ENC=TAILS\\x202.4.1\\x20-\\x2020160622\nID_FS_PUBLISHER_ID=https:\\x2f\\x2ftails.boum.org\\x2f\nID_FS_SYSTEM_ID=LINUX\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2016-06-22-08-45-34-00\nID_FS_UUID_ENC=2016-06-22-08-45-34-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_HARDDISK\nID_MODEL_ENC=QEMU\\x20HARDDISK\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_ENTRY_DISK=8:0\nID_PART_ENTRY_FLAGS=0x80\nID_PART_ENTRY_NUMBER=1\nID_PART_ENTRY_OFFSET=0\nID_PART_ENTRY_SCHEME=dos\nID_PART_ENTRY_SIZE=2249100\nID_PART_ENTRY_TYPE=0x17\nID_PART_ENTRY_UUID=0ff67302-01\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0ff67302\nID_REVISION=0.15\nID_SERIAL=QEMU_HARDDISK_QM00001\nID_SERIAL_SHORT=QM00001\nID_TYPE=disk\nMAJOR=8\nMINOR=1\nSUBSYSTEM=block\nTAGS=:systemd:\nUDISKS_IGNORE=1\nUSEC_INITIALIZED=79198\n", ""] calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium call returned: [0, "8:1\n", ""] calling as root: readlink -f /dev/block/'8:1' call returned: [0, "/dev/sda1\n", ""] Then Tails is running from ide drive "live_hd" # features/step_definitions/usb.rb:395 Scenario: Tails booting from a DVD does not use live systems stored on hard drives # features/untrusted_partitions.feature:54 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 2 GiB disk named "live_hd" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-i386-stable-2.4.1-20160622T0754Z-dadd01c.iso" "readonly:true" "format:raw" libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: disk_create "/tmp/TailsToaster/libguestfsM6Rmyh/overlay1" "qcow2" -1 "backingfile:/var/lib/jenkins/workspace/test_Tails_ISO_stable/tmp/tails-i386-stable-2.4.1-20160622T0754Z-dadd01c.iso" "backingformat:raw" libguestfs: trace: disk_create = 0 libguestfs: trace: add_drive = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/live_hd" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda", "/dev/sdb"] libguestfs: trace: copy_device_to_device "/dev/sda" "/dev/sdb" libguestfs: trace: copy_device_to_device = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I cat an ISO of the Tails image to disk "live_hd" # features/step_definitions/untrusted_partitions.rb:30 And I plug ide drive "live_hd" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 268ms [profile] Finder.findAll START [profile] Finder.findAll END: 280ms [profile] Finder.findAll START [profile] Finder.findAll END: 302ms [profile] Finder.findAll START [profile] Finder.findAll END: 311ms [profile] Finder.findAll START [profile] Finder.findAll END: 285ms [profile] Finder.findAll START [profile] Finder.findAll END: 241ms [profile] Finder.findAll START [profile] Finder.findAll END: 233ms [log] CLICK on (51,16) And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "live_hd" is detected by Tails # features/step_definitions/common_steps.rb:152 calling as root: grep -qs '^/dev/sda' /proc/mounts call returned: [1, "", ""] And drive "live_hd" is not mounted # features/step_definitions/untrusted_partitions.rb:49 Scenario: Booting Tails does not automount untrusted ext2 partitions # features/untrusted_partitions.feature:63 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "gpt_ext2" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/gpt_ext2" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "gpt" libguestfs: trace: part_disk = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: mkfs "ext2" "/dev/sda1" libguestfs: trace: mkfs = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create a gpt partition with an ext2 filesystem on disk "gpt_ext2" # features/step_definitions/untrusted_partitions.rb:23 And I plug ide drive "gpt_ext2" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 243ms [profile] Finder.findAll START [profile] Finder.findAll END: 233ms [profile] Finder.findAll START [profile] Finder.findAll END: 234ms [profile] Finder.findAll START [profile] Finder.findAll END: 310ms [profile] Finder.findAll START [profile] Finder.findAll END: 299ms [profile] Finder.findAll START [profile] Finder.findAll END: 274ms [profile] Finder.findAll START [profile] Finder.findAll END: 300ms And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 [log] CLICK on (51,16) calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "gpt_ext2" is detected by Tails # features/step_definitions/common_steps.rb:152 calling as root: grep -qs '^/dev/sda' /proc/mounts call returned: [1, "", ""] And drive "gpt_ext2" is not mounted # features/step_definitions/untrusted_partitions.rb:49 Scenario: Booting Tails does not automount untrusted fat32 partitions # features/untrusted_partitions.feature:72 Given a computer # features/step_definitions/common_steps.rb:122 And I temporarily create a 100 MiB disk named "msdos_fat32" # features/step_definitions/common_steps.rb:139 libguestfs: trace: set_autosync true libguestfs: trace: set_autosync = 0 libguestfs: trace: add_drive "/tmp/TailsToaster/TailsToasterStorage/msdos_fat32" "format:qcow2" libguestfs: trace: add_drive = 0 libguestfs: trace: launch libguestfs: trace: get_tmpdir libguestfs: trace: get_tmpdir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "force_tcg" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: get_cachedir libguestfs: trace: get_cachedir = "/tmp/TailsToaster" libguestfs: trace: get_backend_setting "gdb" libguestfs: trace: get_backend_setting = NULL (error) libguestfs: trace: launch = 0 libguestfs: trace: list_devices libguestfs: trace: list_devices = ["/dev/sda"] libguestfs: trace: part_disk "/dev/sda" "msdos" libguestfs: trace: part_disk = 0 libguestfs: trace: list_partitions libguestfs: trace: list_partitions = ["/dev/sda1"] libguestfs: trace: mkfs "vfat" "/dev/sda1" libguestfs: trace: mkfs = 0 libguestfs: trace: close libguestfs: trace: internal_autosync libguestfs: trace: internal_autosync = 0 And I create an msdos partition with a vfat filesystem on disk "msdos_fat32" # features/step_definitions/untrusted_partitions.rb:23 And I plug ide drive "msdos_fat32" # features/step_definitions/common_steps.rb:145 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 229ms [profile] Finder.findAll START [profile] Finder.findAll END: 259ms [profile] Finder.findAll START [profile] Finder.findAll END: 272ms [profile] Finder.findAll START [profile] Finder.findAll END: 305ms [profile] Finder.findAll START [profile] Finder.findAll END: 334ms [profile] Finder.findAll START [profile] Finder.findAll END: 304ms [profile] Finder.findAll START [profile] Finder.findAll END: 315ms And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 [log] CLICK on (51,16) calling as root: test -b /dev/sda call returned: [0, "", ""] Then drive "msdos_fat32" is detected by Tails # features/step_definitions/common_steps.rb:152 calling as root: grep -qs '^/dev/sda' /proc/mounts call returned: [1, "", ""] And drive "msdos_fat32" is not mounted # features/step_definitions/untrusted_partitions.rb:49 @product Feature: Installing packages through APT As a Tails user when I set an administration password in Tails Greeter I should be able to install packages using APT and Synaptic and all Internet traffic should flow only through Tor. Background: # features/apt.feature:8 Checkpoint: I have started Tails from DVD without network and stopped at Tails Greeter's login screen Given the network is unplugged [log] CLICK on (1024,384) And I start the computer [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466587196' call returned: [0, "Wed Jun 22 09:19:56 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with an administration password Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen [log] CLICK on (433,404) [log] CLICK on (643,447) And I enable more Tails Greeter options And I set an administration password [log] TYPE "asdf" [log] TYPE " " [log] TYPE "asdf" [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466587234' call returned: [0, "Wed Jun 22 09:20:34 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD and logged in with an administration password and the network is connected Given I have started Tails from DVD without network and logged in with an administration password And the network is plugged calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 91ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked Given I have started Tails from DVD and logged in with an administration password and the network is connected # features/step_definitions/snapshots.rb:199 Scenario: APT sources are configured correctly # features/apt.feature:11 calling as root: cat /etc/apt/sources.list /etc/apt/sources.list.d/* call returned: [0, "# /etc/apt/sources.list\n\ndeb tor+http://ftp.us.debian.org/debian/ jessie main contrib non-free\ndeb tor+http://security.debian.org/ jessie/updates main contrib non-free\ndeb tor+http://ftp.us.debian.org/debian/ jessie-backports main contrib non-free\ndeb tor+http://ftp.us.debian.org/debian/ sid main contrib non-free\ndeb tor+http://deb.tails.boum.org/ stable main\ndeb tor+http://ftp.us.debian.org/debian/ stretch main contrib non-free\ndeb tor+http://deb.torproject.org/torproject.org/ obfs4proxy main\ndeb tor+http://deb.torproject.org/torproject.org/ jessie main\ndeb tor+http://deb.torproject.org/torproject.org/ sid main\n", ""] Then the only hosts in APT sources are "ftp.us.debian.org,security.debian.org,deb.tails.boum.org,deb.torproject.org" # features/step_definitions/apt.rb:3 @product Feature: I2P As a Tails user I *might* want to use I2P Scenario: I2P is disabled by default # features/i2p.feature:6 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466587293' call returned: [0, "Wed Jun 22 09:21:33 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD without network and logged in Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: test -e /usr/share/applications/i2p-browser.desktop call returned: [1, "", ""] Then the I2P Browser desktop file is not present # features/step_definitions/i2p.rb:27 calling as root: test -e /etc/sudoers.d/zzz_i2pbrowser call returned: [1, "", ""] And the I2P Browser sudo rules are not present # features/step_definitions/i2p.rb:32 calling as root: getent passwd i2psvc | awk -F ':' '{print $3}' call returned: [0, "116\n", ""] calling as root: iptables -L -n -v | grep -E '^ +[0-9]+ +[0-9]+ +ACCEPT.*owner UID match 116$' call returned: [1, "", ""] calling as root: id -u clearnet call returned: [0, "117\n", ""] calling as root: id -u debian-tor call returned: [0, "107\n", ""] calling as root: iptables-save -c -t filter | iptables-xml call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 121\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 122\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 124\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

tcp

\n
\n \n 53\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 117\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 107\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n 116\n \n \n \n \n icmp-port-unreachable\n \n \n\n \n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the I2P firewall rules are disabled # features/step_definitions/i2p.rb:37 Scenario: I2P is enabled when the "i2p" boot parameter is added # features/i2p.feature:12 Checkpoint: I have started Tails from DVD with I2P enabled and logged in Given I set Tails to boot with options "i2p" And the network is unplugged [log] CLICK on (1024,384) And I start the computer [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse i2p " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session Given I have started Tails from DVD with I2P enabled and logged in # features/step_definitions/snapshots.rb:199 calling as root: test -e /usr/share/applications/i2p-browser.desktop call returned: [0, "", ""] Then the I2P Browser desktop file is present # features/step_definitions/i2p.rb:27 calling as root: test -e /etc/sudoers.d/zzz_i2pbrowser call returned: [0, "", ""] And the I2P Browser sudo rules are present # features/step_definitions/i2p.rb:32 calling as root: getent passwd i2psvc | awk -F ':' '{print $3}' call returned: [0, "116\n", ""] calling as root: iptables -L -n -v | grep -E '^ +[0-9]+ +[0-9]+ +ACCEPT.*owner UID match 116$' call returned: [0, " 0 0 ACCEPT udp -- * lo 0.0.0.0/0 127.0.0.1 udp dpt:5353 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp flags:0x17/0x02 multiport dports 7658,7659,7660 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31000 dpt:32000 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31000 dpt:32001 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31000 dpt:32002 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31001 dpt:32000 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31001 dpt:32001 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31001 dpt:32002 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31002 dpt:32000 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31002 dpt:32001 owner UID match 116\n 0 0 ACCEPT tcp -- * lo 0.0.0.0/0 127.0.0.1 tcp spt:31002 dpt:32002 owner UID match 116\n 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 owner UID match 116\n 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 owner UID match 116\n", ""] calling as root: id -u clearnet call returned: [0, "117\n", ""] calling as root: id -u i2psvc call returned: [0, "116\n", ""] calling as root: id -u debian-tor call returned: [0, "107\n", ""] calling as root: iptables-save -c -t filter | iptables-xml call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 121\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 122\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 124\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

tcp

\n
\n \n 53\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 6668,7656,7659,7660,8998\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 7658,7659,7660\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 4444,7657,7658\n \n \n 119\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31000\n 32000\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31000\n 32001\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31000\n 32002\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31001\n 32000\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31001\n 32001\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31001\n 32002\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31002\n 32000\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31002\n 32001\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 31002\n 32002\n \n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 117\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 107\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 116\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n 116\n \n \n \n \n icmp-port-unreachable\n \n \n\n \n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the I2P firewall rules are enabled # features/step_definitions/i2p.rb:37 Scenario: I2P's AppArmor profile is in enforce mode # features/i2p.feature:18 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [1, "", ""] calling as root: date -s '@1466587473' call returned: [0, "Wed Jun 22 09:24:33 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD with I2P enabled and logged in and the network is connected Given I have started Tails from DVD with I2P enabled and logged in And the network is plugged calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready calling as root: systemctl --quiet is-active i2p call returned: [0, "", ""] And I2P is running [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 68ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_reseed_completed call returned: [0, "", ""] And I2P's reseeding completed Given I have started Tails from DVD with I2P enabled and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: systemctl --quiet is-active i2p call returned: [0, "", ""] When I2P is running # features/step_definitions/i2p.rb:1 calling as root: service i2p status call returned: [0, "\u25cf i2p.service - load-balanced unspoofable packet switching network\n Loaded: loaded (/lib/systemd/system/i2p.service; disabled)\n Drop-In: /lib/systemd/system/i2p.service.d\n \u2514\u2500AppArmor.conf\n Active: active (running) since Wed 2016-06-22 09:24:50 UTC; 34s ago\n Process: 3340 ExecStart=/usr/sbin/aa-exec --profile=system_i2p -- /usr/sbin/wrapper $I2P_ARGS (code=exited, status=0/SUCCESS)\n Process: 3339 ExecStartPre=/bin/chmod 750 /var/log/i2p (code=exited, status=0/SUCCESS)\n Process: 3338 ExecStartPre=/bin/chown -R ${I2PUSER}:${I2PUSER} /var/log/i2p /run/i2p /tmp/i2p-daemon (code=exited, status=0/SUCCESS)\n Process: 3337 ExecStartPre=/bin/mkdir -p /tmp/i2p-daemon (code=exited, status=0/SUCCESS)\n Main PID: 3368 (wrapper)\n CGroup: /system.slice/i2p.service\n \u251c\u25003368 /usr/sbin/wrapper /etc/i2p/wrapper.config wrapper.java.additional.1=-DloggerFilenameOverride=/var/log/i2p/log-router-@.txt wrapper.java.additional.10=-Dwrapper.logfile=/var/log/i2p/wrapper.log wrapper.java.additional.11=-Di2p.dir.pid=/run/i2p wrapper.java.additional.12=-Di2p.dir.temp=/tmp/i2p-daemon wrapper.logfile=/var/log/i2p/wrapper.log wrapper.pidfile=/run/i2p/i2p.pid wrapper.java.pidfile=/run/i2p/routerjvm.pid wrapper.daemonize=TRUE\n \u2514\u25003410 /usr/lib/jvm/java-7-openjdk-i386/jre/bin/java -DloggerFilenameOverride=/var/log/i2p/log-router-@.txt -Di2p.dir.base=/usr/share/i2p -Dwrapper.logfile=/var/log/i2p/wrapper.log -Di2p.dir.pid=/run/i2p -Di2p.dir.temp=/tmp/i2p-daemon -Xmx128m -Djava.library.path=/usr/lib/jni:/usr/share/java/lib -classpath /usr/share/i2p/lib/BOB.jar:/usr/share/i2p/lib/commons-el.jar:/usr/share/i2p/lib/commons-logging.jar:/usr/share/i2p/lib/desktopgui.jar:/usr/share/i2p/lib/eclipse-ecj.jar:/usr/share/i2p/lib/i2p.jar:/usr/share/i2p/lib/i2psnark.jar:/usr/share/i2p/lib/i2ptunnel.jar:/usr/share/i2p/lib/jasper-runtime.jar:/usr/share/i2p/lib/javax.servlet.jar:/usr/share/i2p/lib/jetty-continuation.jar:/usr/share/i2p/lib/jetty-deploy.jar:/usr/share/i2p/lib/jetty-http.jar:/usr/share/i2p/lib/jetty-i2p.jar:/usr/share/i2p/lib/jetty-io.jar:/usr/share/i2p/lib/jetty-rewrite-handler.jar:/usr/share/i2p/lib/jetty-security.jar:/usr/share/i2p/lib/jetty-servlet.jar:/usr/share/i2p/lib/jetty-servlets.jar:/usr/share/i2p/lib/jetty-start.jar:/usr/share/i2p/lib/jetty-util.jar:/usr/share/i2p/lib/jetty-webapp.jar:/usr/share/i2p/lib/jetty-xml.jar:/usr/share/i2p/lib/jrobin.jar:/usr/share/i2p/lib/jstl.jar:/usr/share/i2p/lib/mstreaming.jar:/usr/share/i2p/lib/org.mortbay.jetty.jar:/usr/share/i2p/lib/org.mortbay.jmx.jar:/usr/share/i2p/lib/router.jar:/usr/share/i2p/lib/routerconsole.jar:/usr/share/i2p/lib/sam.jar:/usr/share/i2p/lib/standard.jar:/usr/share/i2p/lib/streaming.jar:/usr/share/i2p/lib/systray4j.jar:/usr/share/i2p/lib/systray.jar:/usr/share/java/wrapper.jar -Dwrapper.key=8F5mj2H1XLlt_Lq2 -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.disable_console_input=TRUE -Dwrapper.pid=3368 -Dwrapper.version=3.5.22 -Dwrapper.native_library=wrapper -Dwrapper.arch=x86 -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.tanukisoftware.wrapper.WrapperSimpleApp net.i2p.router.Router\n", ""] calling as root: cat /run/i2p/i2p.pid call returned: [0, "3368\n", ""] calling as root: cat /proc/3368/attr/current call returned: [0, "system_i2p (enforce)\n", ""] Then the running process "i2p" is confined with AppArmor in enforce mode # features/step_definitions/checks.rb:186 Scenario: The I2P Browser works as it should # features/i2p.feature:23 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466587535' call returned: [0, "Wed Jun 22 09:25:35 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse i2p\n", ""] calling as root: /usr/local/sbin/tails-i2p stop call returned: [0, "", ""] calling as root: killall tails-i2p call returned: [0, "", ""] spawning as root: /usr/local/sbin/tails-i2p start Given I have started Tails from DVD with I2P enabled and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [0, "", ""] And the I2P router console is ready # features/step_definitions/i2p.rb:17 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.s7rwUn48da\n", ""] calling as root: rm -f '/tmp/tmp.s7rwUn48da' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.s7rwUn48da' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.s7rwUn48da' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.s7rwUn48da_20160622-092549_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.s7rwUn48da' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.vX34krQTPH\n", ""] calling as root: rm -f '/tmp/tmp.vX34krQTPH' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.vX34krQTPH' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.vX34krQTPH' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.vX34krQTPH_20160622-092553_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.vX34krQTPH' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.8ThAdw8qFz\n", ""] calling as root: rm -f '/tmp/tmp.8ThAdw8qFz' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'I2P Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.8ThAdw8qFz' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.8ThAdw8qFz' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.8ThAdw8qFz_20160622-092557_debug ...\nClicking on [label | I2P Browser]\nMouse button 1 click at (298,160)\n", ""] calling as root: rm -f '/tmp/tmp.8ThAdw8qFz' call returned: [0, "", ""] When I start the I2P Browser through the GNOME menu # features/step_definitions/browser.rb:14 Then the I2P router console is displayed in I2P Browser # features/step_definitions/i2p.rb:23 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: pgrep --uid i2pbrowser --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/i2pbrowser/.i2p-browser/profile.default' call returned: [0, "5618\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && ls -1 /var/lib/i2p-browser/chroot${TBB_INSTALL}/*.so call returned: [0, "/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libfreebl3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/liblgpllibs.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libmozsqlite3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnspr4.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnss3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssckbi.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssdbm3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssutil3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplc4.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplds4.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsmime3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsoftokn3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libssl3.so\n/var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libxul.so\n", ""] calling as root: pmap --show-path 5618 call returned: [0, "5618: /usr/local/lib/tor-browser/firefox -DISPLAY=:0 -profile /home/i2pbrowser/.i2p-browser/profile.default\nd8f00000 1024K rw--- [ anon ]\nd9080000 512K rw-s- [ shmid=0xb0006 ]\nd9100000 1024K rw--- [ anon ]\nd9251000 576K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Italic.ttf\nd92e1000 576K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Italic.ttf\nd9371000 572K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\nd9400000 2048K rw--- [ anon ]\nd9600000 4K ----- [ anon ]\nd9601000 8188K rwx-- [ anon ]\nd9e00000 2048K rw--- [ anon ]\nda021000 192K rwx-- [ anon ]\nda051000 572K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\nda0e0000 128K rwx-- [ anon ]\nda100000 1024K rw--- [ anon ]\nda200000 4K ----- [ anon ]\nda201000 8188K rwx-- [ anon ]\ndaa00000 4K ----- [ anon ]\ndaa01000 8188K rwx-- [ anon ]\ndb200000 4096K rw--- [ anon ]\ndb600000 4K ----- [ anon ]\ndb601000 8188K rwx-- [ anon ]\ndbe00000 3072K rw--- [ anon ]\ndc100000 4K ----- [ anon ]\ndc101000 8188K rwx-- [ anon ]\ndc900000 3072K rw--- [ anon ]\ndcc02000 64K rwx-- [ anon ]\ndcc12000 4K ----- [ anon ]\ndcc13000 380K rwx-- [ anon ]\ndcc72000 568K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ndcd00000 29696K rw--- [ anon ]\ndea00000 1024K rwx-- [ anon ]\ndeb00000 5120K rw--- [ anon ]\ndf000000 4K ----- [ anon ]\ndf001000 8188K rwx-- [ anon ]\ndf800000 1024K rw--- [ anon ]\ndf900000 4K ----- [ anon ]\ndf901000 8188K rwx-- [ anon ]\ne0100000 1024K rw--- [ anon ]\ne0200000 4K ----- [ anon ]\ne0201000 1020K rwx-- [ anon ]\ne0300000 6144K rw--- [ anon ]\ne0900000 4K ----- [ anon ]\ne0901000 8188K rwx-- [ anon ]\ne1100000 3072K rw--- [ anon ]\ne1400000 4K ----- [ anon ]\ne1401000 8188K rwx-- [ anon ]\ne1c00000 4K ----- [ anon ]\ne1c01000 8188K rwx-- [ anon ]\ne2400000 4K ----- [ anon ]\ne2401000 8188K rwx-- [ anon ]\ne2c00000 4K ----- [ anon ]\ne2c01000 8188K rwx-- [ anon ]\ne3400000 4K ----- [ anon ]\ne3401000 8188K rwx-- [ anon ]\ne3c00000 1024K rw--- [ anon ]\ne3d03000 568K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ne3d91000 1468K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_COLLATE\ne3f00000 1024K rw--- [ anon ]\ne4004000 32K rw-s- /var/lib/i2p-browser/chroot/home/i2pbrowser/.i2p-browser/profile.default/webappsstore.sqlite-shm\ne400c000 256K rwx-- [ anon ]\ne404c000 384K rw-s- [ shmid=0x90004 ]\ne40ac000 120K r--s- /var/lib/i2p-browser/chroot/usr/share/mime/mime.cache\ne40ca000 208K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne40fe000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne40ff000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne4100000 4096K rw--- [ anon ]\ne4500000 4K ----- [ anon ]\ne4501000 8188K rwx-- [ anon ]\ne4d00000 3072K rw--- [ anon ]\ne5000000 4K ----- [ anon ]\ne5001000 1020K rwx-- [ anon ]\ne5100000 4K ----- [ anon ]\ne5101000 8188K rwx-- [ anon ]\ne5900000 1024K rw--- [ anon ]\ne5a01000 152K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_CTYPE\ne5a27000 552K r---- /var/lib/i2p-browser/chroot/usr/local/share/tor-browser-extensions/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\ne5ab1000 256K rwx-- [ anon ]\ne5af1000 20K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/zu_ZA/LC_COLLATE\ne5af6000 84K r--s- /var/lib/i2p-browser/chroot/home/i2pbrowser/.cache/fontconfig/42f746296937150ee8e3c23c67344d6d-le32d4.cache-4\ne5b0b000 512K rwx-- [ anon ]\ne5b8b000 4K ----- [ anon ]\ne5b8c000 8188K rwx-- [ anon ]\ne638b000 4K ----- [ anon ]\ne638c000 8188K rwx-- [ anon ]\ne6b8b000 396K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssckbi.so\ne6bee000 48K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssckbi.so\ne6bfa000 24K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssckbi.so\ne6c00000 1024K rw--- [ anon ]\ne6d00000 4K ----- [ anon ]\ne6d01000 8188K rwx-- [ anon ]\ne7500000 4K ----- [ anon ]\ne7501000 8188K rwx-- [ anon ]\ne7d00000 4K ----- [ anon ]\ne7d01000 8188K rwx-- [ anon ]\ne8500000 8192K rw--- [ anon ]\ne8d00000 4K ----- [ anon ]\ne8d01000 8188K rwx-- [ anon ]\ne9500000 6144K rw--- [ anon ]\ne9b00000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXss.so.1.0.0\ne9b02000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXss.so.1.0.0\ne9b03000 32K rw-s- /var/lib/i2p-browser/chroot/home/i2pbrowser/.i2p-browser/profile.default/places.sqlite-shm\ne9b0b000 420K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libfreebl3.so\ne9b74000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libfreebl3.so\ne9b75000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libfreebl3.so\ne9b76000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libfreebl3.so\ne9b77000 16K rw--- [ anon ]\ne9b7b000 212K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsoftokn3.so\ne9bb0000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsoftokn3.so\ne9bb1000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsoftokn3.so\ne9bb2000 64K rwx-- [ anon ]\ne9bc2000 4K ----- [ anon ]\ne9bc3000 124K rwx-- [ anon ]\ne9be2000 172K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne9c0d000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne9c0e000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne9c0f000 72K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne9c21000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne9c22000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne9c23000 496K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne9c9f000 72K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne9cb1000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne9cb2000 212K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9ce7000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9ce8000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9ce9000 84K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libnsl-2.19.so\ne9cfe000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libnsl-2.19.so\ne9cff000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libnsl-2.19.so\ne9d00000 8K rw--- [ anon ]\ne9d02000 692K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9daf000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9db0000 12K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9db3000 152K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/liblzma.so.5.0.0\ne9dd9000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/liblzma.so.5.0.0\ne9ddb000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/liblzma.so.5.0.0\ne9ddc000 456K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9e4e000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9e50000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9e51000 16K rw--- [ anon ]\ne9e55000 156K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9e7c000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9e7d000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9e7e000 512K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9efe000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9eff000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9f00000 1024K rw--- [ anon ]\nea000000 4K ----- [ anon ]\nea001000 8188K rwx-- [ anon ]\nea800000 3072K rw--- [ anon ]\neab00000 4K ----- [ anon ]\neab01000 8188K rwx-- [ anon ]\neb300000 16384K rw--- [ anon ]\nec300000 4K ----- [ anon ]\nec301000 2044K rwx-- [ anon ]\nec500000 4K ----- [ anon ]\nec501000 2044K rwx-- [ anon ]\nec700000 4K ----- [ anon ]\nec701000 2044K rwx-- [ anon ]\nec900000 4K ----- [ anon ]\nec901000 2044K rwx-- [ anon ]\necb00000 4K ----- [ anon ]\necb01000 2044K rwx-- [ anon ]\necd00000 1024K rw--- [ anon ]\nece01000 20K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\nece06000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\nece07000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\nece08000 28K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libogg.so.0.8.2\nece0f000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libogg.so.0.8.2\nece10000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libogg.so.0.8.2\nece11000 16K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libattr.so.1.1.0\nece15000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libattr.so.1.1.0\nece16000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libattr.so.1.1.0\nece17000 344K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nece6d000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nece6e000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nece6f000 388K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neced0000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neced2000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neced3000 4K ----- [ anon ]\neced4000 8188K rwx-- [ anon ]\ned6d3000 4K ----- [ anon ]\ned6d4000 8188K rwx-- [ anon ]\neded3000 12136K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/browser/omni.ja\neeaad000 9548K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/omni.ja\nef400000 1024K rw--- [ anon ]\nef502000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_NUMERIC\nef503000 20K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nef508000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nef509000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nef50a000 32K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libwrap.so.0.7.6\nef512000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libwrap.so.0.7.6\nef513000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libwrap.so.0.7.6\nef514000 24K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXtst.so.6.1.0\nef51a000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXtst.so.6.1.0\nef51b000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXtst.so.6.1.0\nef51c000 40K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libjson-c.so.2.0.0\nef526000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libjson-c.so.2.0.0\nef527000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libjson-c.so.2.0.0\nef528000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_TIME\nef529000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_MONETARY\nef52a000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES\nef52b000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_PAPER\nef52c000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_NAME\nef52d000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_ADDRESS\nef52e000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_TELEPHONE\nef52f000 64K rwx-- [ anon ]\nef53f000 568K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\nef5cd000 128K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef5ed000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef5ee000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef5ef000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef5f0000 196K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef621000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef622000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef623000 4K rw--- [ anon ]\nef624000 188K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef653000 12K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef656000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef657000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_MEASUREMENT\nef658000 16K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libcap.so.2.24\nef65c000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libcap.so.2.24\nef65d000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libcap.so.2.24\nef65e000 64K rwx-- [ anon ]\nef66e000 32K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef676000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef677000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef678000 4K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nef679000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nef67a000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nef67b000 28K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef682000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef683000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef684000 4K ----- [ anon ]\nef685000 28K rwx-- [ anon ]\nef68c000 4K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nef68d000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nef68e000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nef68f000 360K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef6e9000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef6ea000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef6eb000 40K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef6f5000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef6f7000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef6f8000 1216K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/zu_ZA.utf8/LC_COLLATE\nef828000 4K ----- [ anon ]\nef829000 8188K rwx-- [ anon ]\nf0028000 252K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/zu_ZA.utf8/LC_CTYPE\nf0067000 16K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libuuid.so.1.3.0\nf006b000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libuuid.so.1.3.0\nf006c000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libuuid.so.1.3.0\nf006d000 20K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\nf0072000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\nf0073000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf0075000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf0076000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf0077000 28K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf007e000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf007f000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf0080000 148K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf00a5000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf00a7000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf00a8000 100K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf00c1000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf00c2000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf00c3000 8K rw--- [ anon ]\nf00c5000 32K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf00cd000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf00ce000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf00cf000 144K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf00f3000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf00f4000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf00f5000 36K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf00fe000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf00ff000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0100000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0102000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0103000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0104000 712K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf01b6000 24K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf01bc000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf01bd000 32K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf01c5000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf01c6000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf01c7000 40K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf01d1000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf01d2000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf01d3000 40K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf01dd000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf01de000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf01df000 68K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf01f0000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf01f1000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf01f2000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf01f4000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf01f5000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf01f6000 364K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0251000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0252000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0253000 76K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libresolv-2.19.so\nf0266000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libresolv-2.19.so\nf0268000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libresolv-2.19.so\nf0269000 8K rw--- [ anon ]\nf026b000 148K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libselinux.so.1\nf0290000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libselinux.so.1\nf0291000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libselinux.so.1\nf0292000 4K rw--- [ anon ]\nf0293000 20K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf0298000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf0299000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf029a000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf029c000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf029d000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf029e000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf02a0000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf02a1000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf02a2000 448K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpcre.so.3.13.1\nf0312000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpcre.so.3.13.1\nf0314000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpcre.so.3.13.1\nf0315000 152K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libexpat.so.1.6.0\nf033b000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libexpat.so.1.6.0\nf033d000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libexpat.so.1.6.0\nf033e000 172K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpng12.so.0.50.0\nf0369000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpng12.so.0.50.0\nf036a000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpng12.so.0.50.0\nf036b000 104K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libz.so.1.2.8\nf0385000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libz.so.1.2.8\nf0387000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libz.so.1.2.8\nf0388000 392K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf03ea000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf03eb000 12K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf03ee000 4K rw--- [ anon ]\nf03ef000 76K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0402000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0403000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0404000 1332K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0551000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0553000 12K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0556000 1300K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf069b000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf069d000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf069e000 4K rw--- [ anon ]\nf069f000 320K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf06ef000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf06f0000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf06f1000 156K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0718000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0719000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf071a000 48K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0726000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0727000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0728000 756K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf07e5000 12K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf07e8000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf07e9000 88K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf07ff000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0800000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0801000 1732K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf09b2000 12K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf09b5000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf09b6000 4K rw--- [ anon ]\nf09b7000 148K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf09dc000 8K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf09de000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf09df000 5056K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0ecf000 16K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0ed3000 8K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0ed5000 8K rw--- [ anon ]\nf0ed7000 1176K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0ffd000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0ffe000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0fff000 368K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf105b000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf105c000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf105d000 336K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf10b1000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf10b3000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf10b4000 148K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf10d9000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf10da000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf10db000 1036K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf11de000 16K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf11e2000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf11e3000 40K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf11ed000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf11ee000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf11ef000 256K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf122f000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf1230000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf1231000 692K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf12de000 16K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf12e2000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf12e3000 91548K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libxul.so\nf6c4a000 2612K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libxul.so\nf6ed7000 348K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libxul.so\nf6f2e000 196K rw--- [ anon ]\nf6f5f000 748K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libmozsqlite3.so\nf701a000 8K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libmozsqlite3.so\nf701c000 8K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libmozsqlite3.so\nf701e000 880K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnss3.so\nf70fa000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnss3.so\nf70fb000 12K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnss3.so\nf70fe000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnss3.so\nf70ff000 2052K rw--- [ anon ]\nf7300000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/C.UTF-8/LC_IDENTIFICATION\nf7301000 4K ----- [ anon ]\nf7302000 24K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf7308000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf7309000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf730a000 8K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf730c000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf730d000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf730e000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/zu_ZA.utf8/LC_NUMERIC\nf730f000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/en_US.utf8/LC_TIME\nf7310000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/en_US.utf8/LC_MONETARY\nf7311000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/ug_CN/LC_MESSAGES/SYS_LC_MESSAGES\nf7312000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/yi_US.utf8/LC_PAPER\nf7313000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/yi_US.utf8/LC_NAME\nf7314000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/en_US.utf8/LC_ADDRESS\nf7315000 12K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf7318000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf7319000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf731a000 28K r--s- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/gconv/gconv-modules.cache\nf7321000 40K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/liblgpllibs.so\nf732b000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/liblgpllibs.so\nf732c000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/liblgpllibs.so\nf732d000 204K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libssl3.so\nf7360000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libssl3.so\nf7361000 8K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libssl3.so\nf7363000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libssl3.so\nf7364000 116K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsmime3.so\nf7381000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsmime3.so\nf7382000 8K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsmime3.so\nf7384000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libsmime3.so\nf7385000 120K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssutil3.so\nf73a3000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssutil3.so\nf73a4000 12K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssutil3.so\nf73a7000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnssutil3.so\nf73a8000 304K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnspr4.so\nf73f4000 4K ----- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnspr4.so\nf73f5000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnspr4.so\nf73f6000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libnspr4.so\nf73f7000 20K rw--- [ anon ]\nf73fc000 1464K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libc-2.19.so\nf756a000 8K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libc-2.19.so\nf756c000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libc-2.19.so\nf756d000 12K rw--- [ anon ]\nf7570000 112K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgcc_s.so.1\nf758c000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libgcc_s.so.1\nf758d000 268K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libm-2.19.so\nf75d0000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libm-2.19.so\nf75d1000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libm-2.19.so\nf75d2000 1600K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libstdc++.so.6\nf7762000 24K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libstdc++.so.6\nf7768000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libstdc++.so.6\nf7769000 8K rw--- [ anon ]\nf776b000 28K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/librt-2.19.so\nf7772000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/librt-2.19.so\nf7773000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/librt-2.19.so\nf7774000 12K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdl-2.19.so\nf7777000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdl-2.19.so\nf7778000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libdl-2.19.so\nf7779000 92K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpthread-2.19.so\nf7790000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpthread-2.19.so\nf7791000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/libpthread-2.19.so\nf7792000 8K rw--- [ anon ]\nf7794000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/yi_US.utf8/LC_TELEPHONE\nf7795000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/yi_US.utf8/LC_MEASUREMENT\nf7796000 12K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf7799000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf779a000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf779b000 4K r-x-- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf779c000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf779d000 4K rw--- /var/lib/i2p-browser/chroot/usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf779e000 12K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplds4.so\nf77a1000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplds4.so\nf77a2000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplds4.so\nf77a3000 20K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplc4.so\nf77a8000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplc4.so\nf77a9000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/libplc4.so\nf77aa000 4K r---- /var/lib/i2p-browser/chroot/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION\nf77ab000 8K rw--- [ anon ]\nf77ad000 4K r-x-- [ anon ]\nf77ae000 8K r---- [ anon ]\nf77b0000 124K r-x-- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/ld-2.19.so\nf77cf000 4K r---- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/ld-2.19.so\nf77d0000 4K rw--- /var/lib/i2p-browser/chroot/lib/i386-linux-gnu/ld-2.19.so\nf77d1000 148K r-x-- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/firefox\nf77f6000 4K rw--- [ anon ]\nf77f7000 4K r---- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/firefox\nf77f8000 4K rw--- /var/lib/i2p-browser/chroot/usr/local/lib/tor-browser/firefox\nffdf2000 124K rwx-- [ stack ]\nffe11000 8K rw--- [ anon ]\n total 499820K\n", ""] calling as root: find /usr/lib /lib -name "libfreebl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libfreebl3.so\n", ""] calling as root: find /usr/lib /lib -name "liblgpllibs.so" call returned: [0, "/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/liblgpllibs.so\n", ""] calling as root: find /usr/lib /lib -name "libmozsqlite3.so" call returned: [0, "/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsqlite3.so\n", ""] calling as root: find /usr/lib /lib -name "libnspr4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnspr4.so\n/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnspr4.so\n", ""] calling as root: find /usr/lib /lib -name "libnss3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnss3.so\n/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnss3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssckbi.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssckbi.so\n", ""] calling as root: find /usr/lib /lib -name "libnssdbm3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssdbm3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssutil3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnssutil3.so\n/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssutil3.so\n", ""] calling as root: find /usr/lib /lib -name "libplc4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplc4.so\n/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplc4.so\n", ""] calling as root: find /usr/lib /lib -name "libplds4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplds4.so\n/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplds4.so\n", ""] calling as root: find /usr/lib /lib -name "libsmime3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libsmime3.so\n/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsmime3.so\n", ""] calling as root: find /usr/lib /lib -name "libsoftokn3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsoftokn3.so\n", ""] calling as root: find /usr/lib /lib -name "libssl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libssl3.so\n/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libssl3.so\n", ""] calling as root: find /usr/lib /lib -name "libxul.so" call returned: [0, "/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libxul.so\n", ""] And the I2P Browser uses all expected TBB shared libraries # features/step_definitions/browser.rb:162 Scenario: I2P is configured to run in Hidden mode # features/i2p.feature:51 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466587608' call returned: [0, "Wed Jun 22 09:26:48 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse i2p\n", ""] calling as root: /usr/local/sbin/tails-i2p stop call returned: [0, "", ""] calling as root: killall tails-i2p call returned: [0, "", ""] spawning as root: /usr/local/sbin/tails-i2p start Given I have started Tails from DVD with I2P enabled and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [1, "", ""] calling as root: . /usr/local/lib/tails-shell-library/i2p.sh && i2p_router_console_is_ready call returned: [0, "", ""] And the I2P router console is ready # features/step_definitions/i2p.rb:17 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.dAW9y74Tdt\n", ""] calling as root: rm -f '/tmp/tmp.dAW9y74Tdt' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.dAW9y74Tdt' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.dAW9y74Tdt' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.dAW9y74Tdt_20160622-092702_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.dAW9y74Tdt' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.KFDVPyjyd2\n", ""] calling as root: rm -f '/tmp/tmp.KFDVPyjyd2' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.KFDVPyjyd2' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.KFDVPyjyd2' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.KFDVPyjyd2_20160622-092705_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.KFDVPyjyd2' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.kLjimLaUuZ\n", ""] calling as root: rm -f '/tmp/tmp.kLjimLaUuZ' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'I2P Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.kLjimLaUuZ' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.kLjimLaUuZ' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.kLjimLaUuZ_20160622-092710_debug ...\nClicking on [label | I2P Browser]\nMouse button 1 click at (298,160)\n", ""] calling as root: rm -f '/tmp/tmp.kLjimLaUuZ' call returned: [0, "", ""] When I start the I2P Browser through the GNOME menu # features/step_definitions/browser.rb:14 Then the I2P router console is displayed in I2P Browser # features/step_definitions/i2p.rb:23 And I2P is running in hidden mode # features/step_definitions/i2p.rb:51 @product Feature: Root access control enforcement As a Tails user when I set an administration password in Tails Greeter I can use the password for attaining administrative privileges. But when I do not set an administration password I should not be able to attain administration privileges at all. Scenario: If an administrative password is set in Tails Greeter the live user should be able to run arbitrary commands with administrative privileges. # features/root_access_control.feature:9 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466587653' call returned: [0, "Wed Jun 22 09:27:33 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with an administration password Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen [log] CLICK on (433,404) [log] CLICK on (643,447) And I enable more Tails Greeter options [log] TYPE "asdf" [log] TYPE " " [log] TYPE "asdf" And I set an administration password [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session Given I have started Tails from DVD without network and logged in with an administration password # features/step_definitions/snapshots.rb:199 calling as amnesia: echo asdf | sudo -S whoami call returned: [0, "root\n", "\nWe trust you have received the usual lecture from the local System\nAdministrator. It usually boils down to these three things:\n\n #1) Respect the privacy of others.\n #2) Think before you type.\n #3) With great power comes great responsibility.\n\n[sudo] password for amnesia: "] Then I should be able to run administration commands as the live user # features/step_definitions/root_access_control.rb:1 Scenario: If no administrative password is set in Tails Greeter the live user should not be able to run arbitrary commands administrative privileges. # features/root_access_control.feature:13 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466587696' call returned: [0, "Wed Jun 22 09:28:16 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: echo | sudo -S whoami call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] Then I should not be able to run administration commands as the live user with the "" password # features/step_definitions/root_access_control.rb:8 calling as amnesia: echo amnesia | sudo -S whoami call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] And I should not be able to run administration commands as the live user with the "amnesia" password # features/step_definitions/root_access_control.rb:8 calling as amnesia: echo live | sudo -S whoami call returned: [1, "", "By default, the administration password is disabled for better security.\n\nIn order to perform administration tasks, you need to setup an administration\npassword when starting Tails.\n\nSee the corresponding documentation:\nfile:///usr/share/doc/tails/website/doc/first_steps/startup_options/administration_password.en.html\nSorry, user amnesia is not allowed to execute '/usr/bin/whoami' as root on localhost.\n"] And I should not be able to run administration commands as the live user with the "live" password # features/step_definitions/root_access_control.rb:8 Scenario: If an administrative password is set in Tails Greeter the live user should be able to get administrative privileges through PolicyKit # features/root_access_control.feature:19 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466587701' call returned: [0, "Wed Jun 22 09:28:21 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in with an administration password # features/step_definitions/snapshots.rb:199 calling as root: pkaction --verbose --action-id org.freedesktop.policykit.exec call returned: [1, "org.freedesktop.policykit.exec:\n description: Run programs as another user\n message: Authentication is required to run a program as another user\n vendor: The PolicyKit Project\n vendor_url: http://hal.freedesktop.org/docs/PolicyKit/\n icon: \n implicit any: auth_admin\n implicit inactive: auth_admin\n implicit active: auth_admin\n\n", ""] And running a command as root with pkexec requires PolicyKit administrator privileges # features/step_definitions/root_access_control.rb:15 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.mQGguVcKOt\n", ""] calling as root: rm -f '/tmp/tmp.mQGguVcKOt' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.mQGguVcKOt' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.mQGguVcKOt' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.mQGguVcKOt_20160622-092823_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.mQGguVcKOt' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.q5gItg3M5C\n", ""] calling as root: rm -f '/tmp/tmp.q5gItg3M5C' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.q5gItg3M5C' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.q5gItg3M5C' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.q5gItg3M5C_20160622-092826_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.q5gItg3M5C' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.0kURKl4Y19\n", ""] calling as root: rm -f '/tmp/tmp.0kURKl4Y19' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.0kURKl4Y19' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.0kURKl4Y19' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.0kURKl4Y19_20160622-092830_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.0kURKl4Y19' call returned: [0, "", ""] [log] TYPE "pkexec touch /root/pkexec-test " [log] TYPE "asdf" [log] TYPE " " calling as root: ls /root/pkexec-test call returned: [0, "/root/pkexec-test\n", ""] Then I should be able to run a command as root with pkexec # features/step_definitions/root_access_control.rb:26 Scenario: If no administrative password is set in Tails Greeter the live user should not be able to get administrative privileges through PolicyKit with the standard passwords. # features/root_access_control.feature:24 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466587724' call returned: [0, "Wed Jun 22 09:28:44 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: pkaction --verbose --action-id org.freedesktop.policykit.exec call returned: [1, "org.freedesktop.policykit.exec:\n description: Run programs as another user\n message: Authentication is required to run a program as another user\n vendor: The PolicyKit Project\n vendor_url: http://hal.freedesktop.org/docs/PolicyKit/\n icon: \n implicit any: auth_admin\n implicit inactive: auth_admin\n implicit active: auth_admin\n\n", ""] And running a command as root with pkexec requires PolicyKit administrator privileges # features/step_definitions/root_access_control.rb:15 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.B4aTdkcVKG\n", ""] calling as root: rm -f '/tmp/tmp.B4aTdkcVKG' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.B4aTdkcVKG' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.B4aTdkcVKG' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.B4aTdkcVKG_20160622-092845_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.B4aTdkcVKG' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.sEvmjHei5f\n", ""] calling as root: rm -f '/tmp/tmp.sEvmjHei5f' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.sEvmjHei5f' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.sEvmjHei5f' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.sEvmjHei5f_20160622-092848_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.sEvmjHei5f' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.OfCxuqSaOW\n", ""] calling as root: rm -f '/tmp/tmp.OfCxuqSaOW' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.OfCxuqSaOW' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.OfCxuqSaOW' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.OfCxuqSaOW_20160622-092852_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.OfCxuqSaOW' call returned: [0, "", ""] [log] TYPE "pkexec touch /root/pkexec-test " [log] TYPE "" [log] TYPE " " [log] TYPE "live" [log] TYPE " " [log] TYPE "amnesia" [log] TYPE " " [log] TYPE "" Then I should not be able to run a command as root with pkexec and the standard passwords # features/step_definitions/root_access_control.rb:34 @product @check_tor_leaks Feature: Time syncing As a Tails user I want Tor to work properly And for that I need a reasonably accurate system clock Scenario: Clock with host's time # features/time_syncing.feature:7 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466587778' call returned: [0, "Wed Jun 22 09:29:38 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 When the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: date --rfc-2822 call returned: [0, "Wed, 22 Jun 2016 09:29:58 +0000\n", ""] Then Tails clock is less than 5 minutes incorrect # features/step_definitions/time_syncing.rb:40 Time was 1.185144869 seconds off Scenario: Clock with host's time in bridge mode # features/time_syncing.feature:13 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466587802' call returned: [0, "Wed Jun 22 09:30:02 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with bridge mode enabled Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen [log] CLICK on (433,404) [log] CLICK on (643,447) And I enable more Tails Greeter options [log] CLICK on (511,609) And I enable the specific Tor configuration option [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 241ms [profile] Finder.findAll START [profile] Finder.findAll END: 232ms [profile] Finder.findAll START [profile] Finder.findAll END: 288ms [profile] Finder.findAll START [profile] Finder.findAll END: 261ms [profile] Finder.findAll START [profile] Finder.findAll END: 310ms [profile] Finder.findAll START [profile] Finder.findAll END: 284ms [profile] Finder.findAll START [profile] Finder.findAll END: 261ms [log] CLICK on (51,16) And all notifications have disappeared Given I have started Tails from DVD without network and logged in with bridge mode enabled # features/step_definitions/snapshots.rb:199 When the network is plugged # features/step_definitions/common_steps.rb:159 And the Tor Launcher autostarts # features/step_definitions/tor.rb:335 [log] CLICK on (239,455) [log] CLICK on (243,305) [log] CLICK on (791,624) [log] CLICK on (301,326) [log] TYPE "bridge 10.2.1.1:5037 623FDCC8438DB79F223C0307B4ECBC347B18AA72 " [log] TYPE "bridge 10.2.1.1:5036 76C9F1F31ACF31EB1CAD85CF961FDE52A14E8D60 " [log] TYPE "bridge 10.2.1.1:5035 9E8F5ACA898802BBFED662FE32FA872884BCFCAE " [log] CLICK on (791,624) [log] CLICK on (791,624) And I configure some bridge pluggable transports in Tor Launcher # features/step_definitions/tor.rb:339 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 try_for() timeout expired (Timeout::Error) ./features/support/helpers/misc_helpers.rb:83:in `rescue in try_for' ./features/support/helpers/misc_helpers.rb:33:in `try_for' ./features/step_definitions/common_steps.rb:388:in `block (2 levels) in ' ./features/step_definitions/common_steps.rb:387:in `each' ./features/step_definitions/common_steps.rb:387:in `/^the time has synced$/' ./features/step_definitions/common_steps.rb:375:in `/^Tor is ready$/' features/time_syncing.feature:18:in `And Tor is ready' Then Tails clock is less than 5 minutes incorrect # features/step_definitions/time_syncing.rb:40 Scenario failed at time 00:46:19 Screenshot: https://jenkins.tails.boum.org/job/test_Tails_ISO_stable/319/artifact/build-artifacts/00:46:19_Clock_with_host_s_time_in_bridge_mode.png Video: https://jenkins.tails.boum.org/job/test_Tails_ISO_stable/319/artifact/build-artifacts/00:46:19_Clock_with_host_s_time_in_bridge_mode.mkv Scenario: The system time is not synced to the hardware clock # features/time_syncing.feature:21 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588199' call returned: [0, "Wed Jun 22 09:36:39 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: date call returned: [0, "Wed Jun 22 09:36:39 UTC 2016\n", ""] calling as root: date -s 'now -15 days' call returned: [0, "Tue Jun 7 09:36:39 UTC 2016\n", ""] calling as root: date call returned: [0, "Tue Jun 7 09:36:39 UTC 2016\n", ""] When I bump the system time with "-15 days" # features/step_definitions/time_syncing.rb:20 spawning as root: reboot And I warm reboot the computer # features/step_definitions/common_steps.rb:543 [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer reboots Tails # features/step_definitions/common_steps.rb:273 calling as root: hwclock -r call returned: [0, "Wed 22 Jun 2016 09:38:36 AM UTC -0.623797 seconds\n", ""] Then Tails' hardware clock is close to the host system's time # features/step_definitions/time_syncing.rb:69 Scenario: Anti-test: Changes to the hardware clock are kept when rebooting # features/time_syncing.feature:28 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588320' call returned: [0, "Wed Jun 22 09:38:40 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: hwclock -r call returned: [0, "Wed 22 Jun 2016 09:38:41 AM UTC -0.821537 seconds\n", ""] calling as root: hwclock --set --date 'now -15 days' call returned: [0, "", ""] calling as root: hwclock -r call returned: [0, "Tue 07 Jun 2016 09:38:43 AM UTC -0.243017 seconds\n", ""] When I bump the hardware clock's time with "-15 days" # features/step_definitions/time_syncing.rb:20 spawning as root: reboot And I warm reboot the computer # features/step_definitions/common_steps.rb:543 [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer reboots Tails # features/step_definitions/common_steps.rb:273 calling as root: hwclock -r call returned: [0, "Tue 07 Jun 2016 09:40:40 AM UTC -0.697143 seconds\n", ""] Then the hardware clock is still off by "-15 days" # features/step_definitions/time_syncing.rb:77 Scenario: Boot with a hardware clock set way in the past and make sure that Tails sets the clock to the build date # features/time_syncing.feature:35 Given a computer # features/step_definitions/common_steps.rb:122 And the network is unplugged # features/step_definitions/common_steps.rb:163 And the hardware clock is set to "01 Jan 2000 12:34:56" # features/step_definitions/common_steps.rb:167 And I start the computer # features/step_definitions/common_steps.rb:184 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] And the computer boots Tails # features/step_definitions/common_steps.rb:273 calling as root: date call returned: [0, "Wed Jun 22 00:01:06 UTC 2016\n", ""] calling as root: sed -n -e "1s/^.* - \([0-9]\+\)$/\1/p;q" /etc/amnesia/version call returned: [0, "20160622\n", ""] Then the system clock is just past Tails' build date # features/step_definitions/time_syncing.rb:50 @product Feature: Using Tails with Tor pluggable transports As a Tails user I want to circumvent censorship of Tor by using Tor pluggable transports And avoid connecting directly to the Tor Network Background: # features/tor_bridges.feature:7 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466588544' call returned: [0, "Wed Jun 22 09:42:24 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD without network and logged in with bridge mode enabled Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen [log] CLICK on (433,404) [log] CLICK on (643,447) And I enable more Tails Greeter options [log] CLICK on (511,609) And I enable the specific Tor configuration option [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 285ms [profile] Finder.findAll START [profile] Finder.findAll END: 254ms [profile] Finder.findAll START [profile] Finder.findAll END: 231ms [profile] Finder.findAll START [profile] Finder.findAll END: 227ms [profile] Finder.findAll START [profile] Finder.findAll END: 227ms [profile] Finder.findAll START [profile] Finder.findAll END: 236ms [profile] Finder.findAll START [profile] Finder.findAll END: 231ms [profile] Finder.findAll START [profile] Finder.findAll END: 231ms [log] CLICK on (51,16) And all notifications have disappeared Given I have started Tails from DVD without network and logged in with bridge mode enabled # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 When the network is plugged # features/step_definitions/common_steps.rb:159 Then the Tor Launcher autostarts # features/step_definitions/tor.rb:335 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TOR_LAUNCHER_INSTALL} call returned: [0, "/usr/local/lib/tor-launcher-standalone\n", ""] calling as root: pgrep --uid tor-launcher --full --exact '/usr/local/lib/tor-browser/firefox-unconfined +-app /usr/local/lib/tor-launcher-standalone/application.ini.*' call returned: [0, "2879\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && ls -1 ${TBB_INSTALL}/*.so call returned: [0, "/usr/local/lib/tor-browser/libfreebl3.so\n/usr/local/lib/tor-browser/liblgpllibs.so\n/usr/local/lib/tor-browser/libmozsqlite3.so\n/usr/local/lib/tor-browser/libnspr4.so\n/usr/local/lib/tor-browser/libnss3.so\n/usr/local/lib/tor-browser/libnssckbi.so\n/usr/local/lib/tor-browser/libnssdbm3.so\n/usr/local/lib/tor-browser/libnssutil3.so\n/usr/local/lib/tor-browser/libplc4.so\n/usr/local/lib/tor-browser/libplds4.so\n/usr/local/lib/tor-browser/libsmime3.so\n/usr/local/lib/tor-browser/libsoftokn3.so\n/usr/local/lib/tor-browser/libssl3.so\n/usr/local/lib/tor-browser/libxul.so\n", ""] calling as root: pmap --show-path 2879 call returned: [0, "2879: /usr/local/lib/tor-browser/firefox-unconfined -app /usr/local/lib/tor-launcher-standalone/application.ini -profile /home/tor-launcher/.tor-launcher/profile.default\ne1f00000 3072K rw--- [ anon ]\ne2290000 208K r-x-- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne22c4000 4K r---- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne22c5000 4K rw--- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne22c6000 572K r---- /usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\ne2355000 572K r---- /usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\ne23e4000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ne2472000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ne2500000 4K ----- [ anon ]\ne2501000 1020K rwx-- [ anon ]\ne2600000 4K ----- [ anon ]\ne2601000 8188K rwx-- [ anon ]\ne2e00000 1024K rw--- [ anon ]\ne2f00000 4K ----- [ anon ]\ne2f01000 8188K rwx-- [ anon ]\ne3700000 4K ----- [ anon ]\ne3701000 8188K rwx-- [ anon ]\ne3f00000 4K ----- [ anon ]\ne3f01000 8188K rwx-- [ anon ]\ne4700000 4K ----- [ anon ]\ne4701000 8188K rwx-- [ anon ]\ne4f00000 4K ----- [ anon ]\ne4f01000 8188K rwx-- [ anon ]\ne5700000 4K ----- [ anon ]\ne5701000 8188K rwx-- [ anon ]\ne5f00000 1024K rw--- [ anon ]\ne6000000 256K rwx-- [ anon ]\ne6040000 120K r--s- /usr/share/mime/mime.cache\ne605e000 64K rwx-- [ anon ]\ne606e000 84K r--s- /home/tor-launcher/.cache/fontconfig/42f746296937150ee8e3c23c67344d6d-le32d4.cache-4\ne6083000 64K rwx-- [ anon ]\ne6093000 4K ----- [ anon ]\ne6094000 8188K rwx-- [ anon ]\ne6893000 172K r-x-- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68be000 4K r---- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68bf000 4K rw--- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68c0000 496K r-x-- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne693c000 72K r---- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne694e000 4K rw--- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne694f000 692K r-x-- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne69fc000 4K r---- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne69fd000 12K rw--- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne6a00000 4K ----- [ anon ]\ne6a01000 8188K rwx-- [ anon ]\ne7200000 4K ----- [ anon ]\ne7201000 8188K rwx-- [ anon ]\ne7a00000 4K ----- [ anon ]\ne7a01000 8188K rwx-- [ anon ]\ne8200000 4K ----- [ anon ]\ne8201000 8188K rwx-- [ anon ]\ne8a00000 4K ----- [ anon ]\ne8a01000 8188K rwx-- [ anon ]\ne9200000 8192K rw--- [ anon ]\ne9a00000 4K ----- [ anon ]\ne9a01000 8188K rwx-- [ anon ]\nea200000 5120K rw--- [ anon ]\nea709000 28K r-x-- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea710000 4K r---- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea711000 4K rw--- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea712000 72K r-x-- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\nea724000 4K r---- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\nea725000 4K rw--- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\nea726000 212K r-x-- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea75b000 4K r---- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea75c000 4K rw--- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea75d000 84K r-x-- /lib/i386-linux-gnu/libnsl-2.19.so\nea772000 4K r---- /lib/i386-linux-gnu/libnsl-2.19.so\nea773000 4K rw--- /lib/i386-linux-gnu/libnsl-2.19.so\nea774000 8K rw--- [ anon ]\nea776000 152K r-x-- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea79c000 8K r---- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea79e000 4K rw--- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea79f000 456K r-x-- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea811000 8K r---- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea813000 4K rw--- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea814000 16K rw--- [ anon ]\nea818000 156K r-x-- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea83f000 4K r---- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea840000 4K rw--- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea841000 512K r-x-- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c1000 4K r---- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c2000 4K rw--- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c3000 344K r-x-- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea919000 4K r---- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea91a000 4K rw--- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea91b000 396K r-x-- /usr/local/lib/tor-browser/libnssckbi.so\nea97e000 48K r---- /usr/local/lib/tor-browser/libnssckbi.so\nea98a000 24K rw--- /usr/local/lib/tor-browser/libnssckbi.so\nea990000 420K r-x-- /usr/local/lib/tor-browser/libfreebl3.so\nea9f9000 4K ----- /usr/local/lib/tor-browser/libfreebl3.so\nea9fa000 4K r---- /usr/local/lib/tor-browser/libfreebl3.so\nea9fb000 4K rw--- /usr/local/lib/tor-browser/libfreebl3.so\nea9fc000 1040K rw--- [ anon ]\neab06000 16K r-x-- /lib/i386-linux-gnu/libattr.so.1.1.0\neab0a000 4K r---- /lib/i386-linux-gnu/libattr.so.1.1.0\neab0b000 4K rw--- /lib/i386-linux-gnu/libattr.so.1.1.0\neab0c000 20K r-x-- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\neab11000 4K r---- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\neab12000 4K rw--- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\neab13000 32K r-x-- /lib/i386-linux-gnu/libwrap.so.0.7.6\neab1b000 4K r---- /lib/i386-linux-gnu/libwrap.so.0.7.6\neab1c000 4K rw--- /lib/i386-linux-gnu/libwrap.so.0.7.6\neab1d000 24K r-x-- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab23000 4K r---- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab24000 4K rw--- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab25000 4K r-x-- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neab26000 4K r---- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neab27000 4K rw--- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neab28000 16K r-x-- /lib/i386-linux-gnu/libcap.so.2.24\neab2c000 4K r---- /lib/i386-linux-gnu/libcap.so.2.24\neab2d000 4K rw--- /lib/i386-linux-gnu/libcap.so.2.24\neab2e000 20K r-x-- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab33000 4K r---- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab34000 4K rw--- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab35000 64K rwx-- [ anon ]\neab45000 212K r-x-- /usr/local/lib/tor-browser/libsoftokn3.so\neab7a000 4K r---- /usr/local/lib/tor-browser/libsoftokn3.so\neab7b000 4K rw--- /usr/local/lib/tor-browser/libsoftokn3.so\neab7c000 4K ----- [ anon ]\neab7d000 124K rwx-- [ anon ]\neab9c000 388K r-x-- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neabfd000 8K r---- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neabff000 4K rw--- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neac00000 4K ----- [ anon ]\neac01000 8188K rwx-- [ anon ]\neb400000 3072K rw--- [ anon ]\neb700000 4K ----- [ anon ]\neb701000 8188K rwx-- [ anon ]\nebf00000 16384K rw--- [ anon ]\necf00000 4K ----- [ anon ]\necf01000 2044K rwx-- [ anon ]\ned100000 4K ----- [ anon ]\ned101000 2044K rwx-- [ anon ]\ned300000 4K ----- [ anon ]\ned301000 2044K rwx-- [ anon ]\ned500000 4K ----- [ anon ]\ned501000 2044K rwx-- [ anon ]\ned700000 4K ----- [ anon ]\ned701000 2044K rwx-- [ anon ]\ned900000 1024K rw--- [ anon ]\neda00000 112K r-x-- /usr/local/lib/tor-browser/libnssdbm3.so\neda1c000 4K ----- /usr/local/lib/tor-browser/libnssdbm3.so\neda1d000 4K r---- /usr/local/lib/tor-browser/libnssdbm3.so\neda1e000 4K rw--- /usr/local/lib/tor-browser/libnssdbm3.so\neda1f000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\nedaad000 4K ----- [ anon ]\nedaae000 8188K rwx-- [ anon ]\nee2ad000 4K ----- [ anon ]\nee2ae000 8188K rwx-- [ anon ]\neeaad000 9548K r---- /usr/local/lib/tor-browser/omni.ja\nef400000 1024K rw--- [ anon ]\nef500000 40K r-x-- /lib/i386-linux-gnu/libjson-c.so.2.0.0\nef50a000 4K r---- /lib/i386-linux-gnu/libjson-c.so.2.0.0\nef50b000 4K rw--- /lib/i386-linux-gnu/libjson-c.so.2.0.0\nef50c000 128K rwx-- [ anon ]\nef52c000 196K r-x-- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef55d000 4K r---- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef55e000 4K rw--- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef55f000 4K rw--- [ anon ]\nef560000 188K r-x-- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef58f000 12K r---- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef592000 4K rw--- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef593000 32K r-x-- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef59b000 4K r---- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef59c000 4K rw--- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef59e000 28K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef5a5000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef5a6000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef5a7000 4K ----- [ anon ]\nef5a8000 28K rwx-- [ anon ]\nef5af000 12K r-x-- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef5b2000 4K r---- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef5b3000 4K rw--- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef5b4000 360K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef60e000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef60f000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef610000 40K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef61a000 8K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef61c000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef61d000 252K r---- /usr/lib/locale/zu_ZA.utf8/LC_CTYPE\nef65c000 1216K r---- /usr/lib/locale/zu_ZA.utf8/LC_COLLATE\nef78c000 4K ----- [ anon ]\nef78d000 8188K rwx-- [ anon ]\neff8c000 16K r-x-- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff90000 4K r---- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff91000 4K rw--- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff92000 20K r-x-- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\neff97000 4K rw--- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\neff98000 8K r-x-- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff9a000 4K r---- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff9b000 4K rw--- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff9c000 28K r-x-- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neffa3000 4K r---- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neffa4000 4K rw--- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neffa5000 148K r-x-- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffca000 8K r---- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffcc000 4K rw--- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffcd000 100K r-x-- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffe6000 4K r---- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffe7000 4K rw--- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffe8000 8K rw--- [ anon ]\neffea000 32K r-x-- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nefff2000 4K r---- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nefff3000 4K rw--- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nefff4000 144K r-x-- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf0018000 4K r---- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf0019000 4K rw--- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf001a000 36K r-x-- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0023000 4K r---- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0024000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0025000 8K r-x-- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0027000 4K r---- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0028000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0029000 712K r-x-- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00db000 24K r---- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00e1000 4K rw--- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00e2000 32K r-x-- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00ea000 4K r---- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00eb000 4K rw--- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00ec000 40K r-x-- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00f6000 4K r---- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00f7000 4K rw--- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00f8000 40K r-x-- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0102000 4K r---- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0103000 4K rw--- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0104000 68K r-x-- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0115000 4K r---- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0116000 4K rw--- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0117000 8K r-x-- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf0119000 4K r---- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf011a000 4K rw--- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf011b000 364K r-x-- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0176000 4K r---- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0177000 4K rw--- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf0178000 76K r-x-- /lib/i386-linux-gnu/libresolv-2.19.so\nf018b000 8K r---- /lib/i386-linux-gnu/libresolv-2.19.so\nf018d000 4K rw--- /lib/i386-linux-gnu/libresolv-2.19.so\nf018e000 8K rw--- [ anon ]\nf0190000 148K r-x-- /lib/i386-linux-gnu/libselinux.so.1\nf01b5000 4K r---- /lib/i386-linux-gnu/libselinux.so.1\nf01b6000 4K rw--- /lib/i386-linux-gnu/libselinux.so.1\nf01b7000 4K rw--- [ anon ]\nf01b8000 20K r-x-- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01bd000 4K r---- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01be000 4K rw--- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01bf000 8K r-x-- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01c1000 4K r---- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01c2000 4K rw--- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01c3000 448K r-x-- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf0233000 8K r---- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf0235000 4K rw--- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf0236000 24K r-x-- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf023c000 4K r---- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf023d000 4K rw--- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf023e000 152K r-x-- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf0264000 8K r---- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf0266000 4K rw--- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf0267000 172K r-x-- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0292000 4K r---- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0293000 4K rw--- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0294000 104K r-x-- /lib/i386-linux-gnu/libz.so.1.2.8\nf02ae000 8K r---- /lib/i386-linux-gnu/libz.so.1.2.8\nf02b0000 4K rw--- /lib/i386-linux-gnu/libz.so.1.2.8\nf02b1000 392K r-x-- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf0313000 4K r---- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf0314000 12K rw--- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf0317000 4K rw--- [ anon ]\nf0318000 76K r-x-- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf032b000 4K r---- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf032c000 4K rw--- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf032d000 1332K r-x-- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf047a000 8K r---- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf047c000 12K rw--- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf047f000 1300K r-x-- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05c4000 8K r---- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05c6000 4K rw--- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05c7000 4K rw--- [ anon ]\nf05c8000 320K r-x-- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf0618000 4K r---- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf0619000 4K rw--- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf061a000 156K r-x-- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0641000 4K r---- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0642000 4K rw--- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0643000 48K r-x-- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf064f000 4K r---- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0650000 4K rw--- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0651000 756K r-x-- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf070e000 12K r---- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf0711000 4K rw--- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf0712000 88K r-x-- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0728000 4K r---- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0729000 4K rw--- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf072a000 1732K r-x-- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08db000 12K r---- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08de000 4K rw--- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08df000 4K rw--- [ anon ]\nf08e0000 148K r-x-- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf0905000 8K r---- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf0907000 4K rw--- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf0908000 5056K r-x-- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0df8000 16K r---- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0dfc000 8K rw--- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0dfe000 8K rw--- [ anon ]\nf0e00000 1176K r-x-- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f26000 4K r---- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f27000 4K rw--- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f28000 368K r-x-- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f84000 4K r---- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f85000 4K rw--- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f86000 336K r-x-- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fda000 8K r---- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fdc000 4K rw--- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fdd000 148K r-x-- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1002000 4K r---- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1003000 4K rw--- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1004000 1036K r-x-- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf1107000 16K r---- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf110b000 4K rw--- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf110c000 256K r-x-- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf114c000 4K r---- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf114d000 4K rw--- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf114e000 692K r-x-- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf11fb000 16K r---- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf11ff000 4K rw--- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf1202000 4K ----- [ anon ]\nf1203000 4K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1204000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1205000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1206000 8K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf1208000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf1209000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf120a000 4K r---- /usr/lib/locale/zu_ZA.utf8/LC_NUMERIC\nf120b000 4K r---- /usr/lib/locale/en_US.utf8/LC_TIME\nf120c000 4K r---- /usr/lib/locale/en_US.utf8/LC_MONETARY\nf120d000 4K r---- /usr/lib/locale/ug_CN/LC_MESSAGES/SYS_LC_MESSAGES\nf120e000 4K r---- /usr/lib/locale/yi_US.utf8/LC_PAPER\nf120f000 4K r---- /usr/lib/locale/yi_US.utf8/LC_NAME\nf1210000 28K r--s- /usr/lib/i386-linux-gnu/gconv/gconv-modules.cache\nf1217000 91548K r-x-- /usr/local/lib/tor-browser/libxul.so\nf6b7e000 2612K r---- /usr/local/lib/tor-browser/libxul.so\nf6e0b000 348K rw--- /usr/local/lib/tor-browser/libxul.so\nf6e62000 196K rw--- [ anon ]\nf6e93000 748K r-x-- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f4e000 8K r---- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f50000 8K rw--- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f52000 204K r-x-- /usr/local/lib/tor-browser/libssl3.so\nf6f85000 4K ----- /usr/local/lib/tor-browser/libssl3.so\nf6f86000 8K r---- /usr/local/lib/tor-browser/libssl3.so\nf6f88000 4K rw--- /usr/local/lib/tor-browser/libssl3.so\nf6f89000 116K r-x-- /usr/local/lib/tor-browser/libsmime3.so\nf6fa6000 4K ----- /usr/local/lib/tor-browser/libsmime3.so\nf6fa7000 8K r---- /usr/local/lib/tor-browser/libsmime3.so\nf6fa9000 4K rw--- /usr/local/lib/tor-browser/libsmime3.so\nf6faa000 880K r-x-- /usr/local/lib/tor-browser/libnss3.so\nf7086000 4K ----- /usr/local/lib/tor-browser/libnss3.so\nf7087000 12K r---- /usr/local/lib/tor-browser/libnss3.so\nf708a000 4K rw--- /usr/local/lib/tor-browser/libnss3.so\nf708b000 4K rw--- [ anon ]\nf708c000 120K r-x-- /usr/local/lib/tor-browser/libnssutil3.so\nf70aa000 4K ----- /usr/local/lib/tor-browser/libnssutil3.so\nf70ab000 12K r---- /usr/local/lib/tor-browser/libnssutil3.so\nf70ae000 4K rw--- /usr/local/lib/tor-browser/libnssutil3.so\nf70af000 304K r-x-- /usr/local/lib/tor-browser/libnspr4.so\nf70fb000 4K ----- /usr/local/lib/tor-browser/libnspr4.so\nf70fc000 4K r---- /usr/local/lib/tor-browser/libnspr4.so\nf70fd000 4K rw--- /usr/local/lib/tor-browser/libnspr4.so\nf70fe000 2056K rw--- [ anon ]\nf7300000 4K r---- /usr/lib/locale/en_US.utf8/LC_ADDRESS\nf7301000 8K r-x-- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf7303000 4K r---- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf7304000 4K rw--- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf7305000 40K r-x-- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf730f000 4K r---- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf7310000 4K rw--- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf7311000 40K r-x-- /usr/local/lib/tor-browser/liblgpllibs.so\nf731b000 4K r---- /usr/local/lib/tor-browser/liblgpllibs.so\nf731c000 4K rw--- /usr/local/lib/tor-browser/liblgpllibs.so\nf731d000 12K rw--- [ anon ]\nf7320000 1464K r-x-- /lib/i386-linux-gnu/libc-2.19.so\nf748e000 8K r---- /lib/i386-linux-gnu/libc-2.19.so\nf7490000 4K rw--- /lib/i386-linux-gnu/libc-2.19.so\nf7491000 12K rw--- [ anon ]\nf7494000 112K r-x-- /lib/i386-linux-gnu/libgcc_s.so.1\nf74b0000 4K rw--- /lib/i386-linux-gnu/libgcc_s.so.1\nf74b1000 268K r-x-- /lib/i386-linux-gnu/libm-2.19.so\nf74f4000 4K r---- /lib/i386-linux-gnu/libm-2.19.so\nf74f5000 4K rw--- /lib/i386-linux-gnu/libm-2.19.so\nf74f6000 1600K r-x-- /usr/local/lib/tor-browser/libstdc++.so.6\nf7686000 24K r---- /usr/local/lib/tor-browser/libstdc++.so.6\nf768c000 4K rw--- /usr/local/lib/tor-browser/libstdc++.so.6\nf768d000 8K rw--- [ anon ]\nf768f000 28K r-x-- /lib/i386-linux-gnu/librt-2.19.so\nf7696000 4K r---- /lib/i386-linux-gnu/librt-2.19.so\nf7697000 4K rw--- /lib/i386-linux-gnu/librt-2.19.so\nf7698000 12K r-x-- /lib/i386-linux-gnu/libdl-2.19.so\nf769b000 4K r---- /lib/i386-linux-gnu/libdl-2.19.so\nf769c000 4K rw--- /lib/i386-linux-gnu/libdl-2.19.so\nf769d000 92K r-x-- /lib/i386-linux-gnu/libpthread-2.19.so\nf76b4000 4K r---- /lib/i386-linux-gnu/libpthread-2.19.so\nf76b5000 4K rw--- /lib/i386-linux-gnu/libpthread-2.19.so\nf76b6000 8K rw--- [ anon ]\nf76b8000 4K r---- /usr/lib/locale/yi_US.utf8/LC_TELEPHONE\nf76b9000 4K r---- /usr/lib/locale/yi_US.utf8/LC_MEASUREMENT\nf76ba000 12K r-x-- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76bd000 4K r---- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76be000 4K rw--- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76bf000 4K r-x-- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76c0000 4K r---- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76c1000 4K rw--- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76c2000 12K r-x-- /usr/local/lib/tor-browser/libplds4.so\nf76c5000 4K r---- /usr/local/lib/tor-browser/libplds4.so\nf76c6000 4K rw--- /usr/local/lib/tor-browser/libplds4.so\nf76c7000 20K r-x-- /usr/local/lib/tor-browser/libplc4.so\nf76cc000 4K r---- /usr/local/lib/tor-browser/libplc4.so\nf76cd000 4K rw--- /usr/local/lib/tor-browser/libplc4.so\nf76ce000 4K r---- /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION\nf76cf000 8K rw--- [ anon ]\nf76d1000 4K r-x-- [ anon ]\nf76d2000 8K r---- [ anon ]\nf76d4000 124K r-x-- /lib/i386-linux-gnu/ld-2.19.so\nf76f3000 4K r---- /lib/i386-linux-gnu/ld-2.19.so\nf76f4000 4K rw--- /lib/i386-linux-gnu/ld-2.19.so\nf76f5000 148K r-x-- /usr/local/lib/tor-browser/firefox-unconfined\nf771a000 4K rw--- [ anon ]\nf771b000 4K r---- /usr/local/lib/tor-browser/firefox-unconfined\nf771c000 4K rw--- /usr/local/lib/tor-browser/firefox-unconfined\nff8eb000 132K rwx-- [ stack ]\n total 351856K\n", ""] calling as root: find /usr/lib /lib -name "libfreebl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libfreebl3.so\n", ""] calling as root: find /usr/lib /lib -name "liblgpllibs.so" call returned: [0, "/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/liblgpllibs.so\n", ""] calling as root: find /usr/lib /lib -name "libmozsqlite3.so" call returned: [0, "/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsqlite3.so\n", ""] calling as root: find /usr/lib /lib -name "libnspr4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnspr4.so\n/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnspr4.so\n", ""] calling as root: find /usr/lib /lib -name "libnss3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnss3.so\n/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnss3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssckbi.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssckbi.so\n", ""] calling as root: find /usr/lib /lib -name "libnssdbm3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssdbm3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssutil3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnssutil3.so\n/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssutil3.so\n", ""] calling as root: find /usr/lib /lib -name "libplc4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplc4.so\n/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplc4.so\n", ""] calling as root: find /usr/lib /lib -name "libplds4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplds4.so\n/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplds4.so\n", ""] calling as root: find /usr/lib /lib -name "libsmime3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libsmime3.so\n/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsmime3.so\n", ""] calling as root: find /usr/lib /lib -name "libsoftokn3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsoftokn3.so\n", ""] calling as root: find /usr/lib /lib -name "libssl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libssl3.so\n/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libssl3.so\n", ""] calling as root: find /usr/lib /lib -name "libxul.so" call returned: [0, "/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libxul.so\n", ""] And the Tor Launcher uses all expected TBB shared libraries # features/step_definitions/browser.rb:162 Scenario: Using bridges # features/tor_bridges.feature:14 [log] CLICK on (239,455) [log] CLICK on (243,305) [log] CLICK on (791,624) [log] CLICK on (301,326) [log] TYPE "bridge 10.2.1.1:5037 623FDCC8438DB79F223C0307B4ECBC347B18AA72 " [log] TYPE "bridge 10.2.1.1:5036 76C9F1F31ACF31EB1CAD85CF961FDE52A14E8D60 " [log] TYPE "bridge 10.2.1.1:5035 9E8F5ACA898802BBFED662FE32FA872884BCFCAE " [log] CLICK on (791,624) [log] CLICK on (791,624) When I configure some bridge pluggable transports in Tor Launcher # features/step_definitions/tor.rb:339 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] Then Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked # features/step_definitions/common_steps.rb:392 And all Internet traffic has only flowed through the configured pluggable transports # features/step_definitions/tor.rb:390 Scenario: Using obfs4 pluggable transports # features/tor_bridges.feature:20 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588693' call returned: [0, "Wed Jun 22 09:44:53 UTC 2016\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TOR_LAUNCHER_INSTALL} call returned: [0, "/usr/local/lib/tor-launcher-standalone\n", ""] calling as root: pgrep --uid tor-launcher --full --exact '/usr/local/lib/tor-browser/firefox-unconfined +-app /usr/local/lib/tor-launcher-standalone/application.ini.*' call returned: [0, "2948\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && ls -1 ${TBB_INSTALL}/*.so call returned: [0, "/usr/local/lib/tor-browser/libfreebl3.so\n/usr/local/lib/tor-browser/liblgpllibs.so\n/usr/local/lib/tor-browser/libmozsqlite3.so\n/usr/local/lib/tor-browser/libnspr4.so\n/usr/local/lib/tor-browser/libnss3.so\n/usr/local/lib/tor-browser/libnssckbi.so\n/usr/local/lib/tor-browser/libnssdbm3.so\n/usr/local/lib/tor-browser/libnssutil3.so\n/usr/local/lib/tor-browser/libplc4.so\n/usr/local/lib/tor-browser/libplds4.so\n/usr/local/lib/tor-browser/libsmime3.so\n/usr/local/lib/tor-browser/libsoftokn3.so\n/usr/local/lib/tor-browser/libssl3.so\n/usr/local/lib/tor-browser/libxul.so\n", ""] calling as root: pmap --show-path 2948 call returned: [0, "2948: /usr/local/lib/tor-browser/firefox-unconfined -app /usr/local/lib/tor-launcher-standalone/application.ini -profile /home/tor-launcher/.tor-launcher/profile.default\ne1700000 1024K rw--- [ anon ]\ne1800000 4K ----- [ anon ]\ne1801000 8188K rwx-- [ anon ]\ne2000000 4K ----- [ anon ]\ne2001000 8188K rwx-- [ anon ]\ne2800000 2048K rw--- [ anon ]\ne2a70000 128K rwx-- [ anon ]\ne2a90000 208K r-x-- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2ac4000 4K r---- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2ac5000 4K rw--- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2ac6000 572K r---- /usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\ne2b55000 572K r---- /usr/local/lib/tor-browser/fonts/Arimo-Bold.ttf\ne2be4000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ne2c72000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ne2d00000 4K ----- [ anon ]\ne2d01000 1020K rwx-- [ anon ]\ne2e00000 1024K rw--- [ anon ]\ne2f00000 4K ----- [ anon ]\ne2f01000 8188K rwx-- [ anon ]\ne3700000 4K ----- [ anon ]\ne3701000 8188K rwx-- [ anon ]\ne3f00000 4K ----- [ anon ]\ne3f01000 8188K rwx-- [ anon ]\ne4700000 4K ----- [ anon ]\ne4701000 8188K rwx-- [ anon ]\ne4f00000 4K ----- [ anon ]\ne4f01000 8188K rwx-- [ anon ]\ne5700000 4K ----- [ anon ]\ne5701000 8188K rwx-- [ anon ]\ne5f00000 1024K rw--- [ anon ]\ne600c000 128K rwx-- [ anon ]\ne602c000 120K r--s- /usr/share/mime/mime.cache\ne604a000 64K rwx-- [ anon ]\ne605a000 84K r--s- /home/tor-launcher/.cache/fontconfig/42f746296937150ee8e3c23c67344d6d-le32d4.cache-4\ne606f000 64K rwx-- [ anon ]\ne607f000 4K ----- [ anon ]\ne6080000 8188K rwx-- [ anon ]\ne687f000 172K r-x-- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68aa000 4K r---- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68ab000 4K rw--- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne68ac000 72K r-x-- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne68be000 4K r---- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne68bf000 4K rw--- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne68c0000 496K r-x-- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne693c000 72K r---- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne694e000 4K rw--- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne694f000 692K r-x-- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne69fc000 4K r---- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne69fd000 12K rw--- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne6a00000 4K ----- [ anon ]\ne6a01000 8188K rwx-- [ anon ]\ne7200000 4K ----- [ anon ]\ne7201000 8188K rwx-- [ anon ]\ne7a00000 4K ----- [ anon ]\ne7a01000 8188K rwx-- [ anon ]\ne8200000 4K ----- [ anon ]\ne8201000 8188K rwx-- [ anon ]\ne8a00000 4K ----- [ anon ]\ne8a01000 8188K rwx-- [ anon ]\ne9200000 8192K rw--- [ anon ]\ne9a00000 4K ----- [ anon ]\ne9a01000 8188K rwx-- [ anon ]\nea200000 5120K rw--- [ anon ]\nea706000 28K r-x-- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea70d000 4K r---- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea70e000 4K rw--- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\nea70f000 212K r-x-- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea744000 4K r---- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea745000 4K rw--- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\nea746000 84K r-x-- /lib/i386-linux-gnu/libnsl-2.19.so\nea75b000 4K r---- /lib/i386-linux-gnu/libnsl-2.19.so\nea75c000 4K rw--- /lib/i386-linux-gnu/libnsl-2.19.so\nea75d000 8K rw--- [ anon ]\nea75f000 152K r-x-- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea785000 8K r---- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea787000 4K rw--- /lib/i386-linux-gnu/liblzma.so.5.0.0\nea788000 16K r-x-- /lib/i386-linux-gnu/libattr.so.1.1.0\nea78c000 4K r---- /lib/i386-linux-gnu/libattr.so.1.1.0\nea78d000 4K rw--- /lib/i386-linux-gnu/libattr.so.1.1.0\nea78e000 20K r-x-- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nea793000 4K r---- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nea794000 4K rw--- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nea795000 456K r-x-- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea807000 8K r---- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea809000 4K rw--- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\nea80a000 16K rw--- [ anon ]\nea80e000 32K r-x-- /lib/i386-linux-gnu/libwrap.so.0.7.6\nea816000 4K r---- /lib/i386-linux-gnu/libwrap.so.0.7.6\nea817000 4K rw--- /lib/i386-linux-gnu/libwrap.so.0.7.6\nea818000 156K r-x-- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea83f000 4K r---- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea840000 4K rw--- /lib/i386-linux-gnu/libsystemd.so.0.3.1\nea841000 512K r-x-- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c1000 4K r---- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c2000 4K rw--- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\nea8c3000 344K r-x-- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea919000 4K r---- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea91a000 4K rw--- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\nea91b000 396K r-x-- /usr/local/lib/tor-browser/libnssckbi.so\nea97e000 48K r---- /usr/local/lib/tor-browser/libnssckbi.so\nea98a000 24K rw--- /usr/local/lib/tor-browser/libnssckbi.so\nea990000 420K r-x-- /usr/local/lib/tor-browser/libfreebl3.so\nea9f9000 4K ----- /usr/local/lib/tor-browser/libfreebl3.so\nea9fa000 4K r---- /usr/local/lib/tor-browser/libfreebl3.so\nea9fb000 4K rw--- /usr/local/lib/tor-browser/libfreebl3.so\nea9fc000 1040K rw--- [ anon ]\neab01000 24K r-x-- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab07000 4K r---- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab08000 4K rw--- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\neab09000 16K r-x-- /lib/i386-linux-gnu/libcap.so.2.24\neab0d000 4K r---- /lib/i386-linux-gnu/libcap.so.2.24\neab0e000 4K rw--- /lib/i386-linux-gnu/libcap.so.2.24\neab0f000 20K r-x-- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab14000 4K r---- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab15000 4K rw--- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\neab16000 64K rwx-- [ anon ]\neab26000 112K r-x-- /usr/local/lib/tor-browser/libnssdbm3.so\neab42000 4K ----- /usr/local/lib/tor-browser/libnssdbm3.so\neab43000 4K r---- /usr/local/lib/tor-browser/libnssdbm3.so\neab44000 4K rw--- /usr/local/lib/tor-browser/libnssdbm3.so\neab45000 212K r-x-- /usr/local/lib/tor-browser/libsoftokn3.so\neab7a000 4K r---- /usr/local/lib/tor-browser/libsoftokn3.so\neab7b000 4K rw--- /usr/local/lib/tor-browser/libsoftokn3.so\neab7c000 4K ----- [ anon ]\neab7d000 124K rwx-- [ anon ]\neab9c000 388K r-x-- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neabfd000 8K r---- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neabff000 4K rw--- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\neac00000 4K ----- [ anon ]\neac01000 8188K rwx-- [ anon ]\neb400000 3072K rw--- [ anon ]\neb700000 4K ----- [ anon ]\neb701000 8188K rwx-- [ anon ]\nebf00000 16384K rw--- [ anon ]\necf00000 4K ----- [ anon ]\necf01000 2044K rwx-- [ anon ]\ned100000 4K ----- [ anon ]\ned101000 2044K rwx-- [ anon ]\ned300000 4K ----- [ anon ]\ned301000 2044K rwx-- [ anon ]\ned500000 4K ----- [ anon ]\ned501000 2044K rwx-- [ anon ]\ned700000 4K ----- [ anon ]\ned701000 2044K rwx-- [ anon ]\ned900000 1024K rw--- [ anon ]\neda00000 4K r-x-- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neda01000 4K r---- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neda02000 4K rw--- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\neda03000 40K r-x-- /lib/i386-linux-gnu/libjson-c.so.2.0.0\neda0d000 4K r---- /lib/i386-linux-gnu/libjson-c.so.2.0.0\neda0e000 4K rw--- /lib/i386-linux-gnu/libjson-c.so.2.0.0\neda0f000 64K rwx-- [ anon ]\neda1f000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\nedaad000 4K ----- [ anon ]\nedaae000 8188K rwx-- [ anon ]\nee2ad000 4K ----- [ anon ]\nee2ae000 8188K rwx-- [ anon ]\neeaad000 9548K r---- /usr/local/lib/tor-browser/omni.ja\nef400000 1024K rw--- [ anon ]\nef500000 64K rwx-- [ anon ]\nef510000 196K r-x-- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef541000 4K r---- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef542000 4K rw--- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef543000 4K rw--- [ anon ]\nef544000 188K r-x-- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef573000 12K r---- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef576000 4K rw--- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef577000 32K r-x-- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef57f000 4K r---- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef580000 4K rw--- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef582000 28K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef589000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef58a000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef58b000 4K ----- [ anon ]\nef58c000 28K rwx-- [ anon ]\nef593000 12K r-x-- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef596000 4K r---- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef597000 4K rw--- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nef598000 360K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef5f2000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef5f3000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef5f4000 40K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef5fe000 8K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef600000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef601000 252K r---- /usr/lib/locale/zu_ZA.utf8/LC_CTYPE\nef640000 1216K r---- /usr/lib/locale/zu_ZA.utf8/LC_COLLATE\nef770000 4K ----- [ anon ]\nef771000 8188K rwx-- [ anon ]\neff70000 16K r-x-- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff74000 4K r---- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff75000 4K rw--- /lib/i386-linux-gnu/libuuid.so.1.3.0\neff76000 20K r-x-- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\neff7b000 4K rw--- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\neff7c000 8K r-x-- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff7e000 4K r---- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff7f000 4K rw--- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\neff80000 28K r-x-- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neff87000 4K r---- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neff88000 4K rw--- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\neff89000 148K r-x-- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffae000 8K r---- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffb0000 4K rw--- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\neffb1000 100K r-x-- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffca000 4K r---- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffcb000 4K rw--- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\neffcc000 8K rw--- [ anon ]\neffce000 32K r-x-- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\neffd6000 4K r---- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\neffd7000 4K rw--- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\neffd8000 144K r-x-- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nefffc000 4K r---- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nefffd000 4K rw--- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nefffe000 36K r-x-- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0007000 4K r---- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0008000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0009000 8K r-x-- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf000b000 4K r---- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf000c000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf000d000 712K r-x-- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00bf000 24K r---- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00c5000 4K rw--- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf00c6000 32K r-x-- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00ce000 4K r---- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00cf000 4K rw--- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf00d0000 40K r-x-- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00da000 4K r---- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00db000 4K rw--- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf00dc000 40K r-x-- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf00e6000 4K r---- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf00e7000 4K rw--- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf00e8000 68K r-x-- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf00f9000 4K r---- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf00fa000 4K rw--- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf00fb000 8K r-x-- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf00fd000 4K r---- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf00fe000 4K rw--- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf00ff000 364K r-x-- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf015a000 4K r---- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf015b000 4K rw--- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf015c000 76K r-x-- /lib/i386-linux-gnu/libresolv-2.19.so\nf016f000 8K r---- /lib/i386-linux-gnu/libresolv-2.19.so\nf0171000 4K rw--- /lib/i386-linux-gnu/libresolv-2.19.so\nf0172000 8K rw--- [ anon ]\nf0174000 148K r-x-- /lib/i386-linux-gnu/libselinux.so.1\nf0199000 4K r---- /lib/i386-linux-gnu/libselinux.so.1\nf019a000 4K rw--- /lib/i386-linux-gnu/libselinux.so.1\nf019b000 4K rw--- [ anon ]\nf019c000 20K r-x-- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01a1000 4K r---- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01a2000 4K rw--- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf01a3000 8K r-x-- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01a5000 4K r---- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01a6000 4K rw--- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf01a7000 8K r-x-- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf01a9000 4K r---- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf01aa000 4K rw--- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf01ab000 448K r-x-- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf021b000 8K r---- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf021d000 4K rw--- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf021e000 24K r-x-- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf0224000 4K r---- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf0225000 4K rw--- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf0226000 152K r-x-- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf024c000 8K r---- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf024e000 4K rw--- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf024f000 172K r-x-- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf027a000 4K r---- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf027b000 4K rw--- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf027c000 104K r-x-- /lib/i386-linux-gnu/libz.so.1.2.8\nf0296000 8K r---- /lib/i386-linux-gnu/libz.so.1.2.8\nf0298000 4K rw--- /lib/i386-linux-gnu/libz.so.1.2.8\nf0299000 392K r-x-- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf02fb000 4K r---- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf02fc000 12K rw--- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf02ff000 4K rw--- [ anon ]\nf0300000 76K r-x-- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0313000 4K r---- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0314000 4K rw--- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf0315000 1332K r-x-- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0462000 8K r---- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0464000 12K rw--- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf0467000 1300K r-x-- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05ac000 8K r---- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05ae000 4K rw--- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf05af000 4K rw--- [ anon ]\nf05b0000 320K r-x-- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf0600000 4K r---- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf0601000 4K rw--- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf0602000 156K r-x-- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf0629000 4K r---- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf062a000 4K rw--- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf062b000 48K r-x-- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0637000 4K r---- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0638000 4K rw--- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf0639000 756K r-x-- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf06f6000 12K r---- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf06f9000 4K rw--- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf06fa000 88K r-x-- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0710000 4K r---- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0711000 4K rw--- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf0712000 1732K r-x-- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08c3000 12K r---- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08c6000 4K rw--- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf08c7000 4K rw--- [ anon ]\nf08c8000 148K r-x-- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf08ed000 8K r---- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf08ef000 4K rw--- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf08f0000 5056K r-x-- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0de0000 16K r---- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0de4000 8K rw--- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0de6000 8K rw--- [ anon ]\nf0de8000 1176K r-x-- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f0e000 4K r---- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f0f000 4K rw--- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f10000 368K r-x-- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f6c000 4K r---- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f6d000 4K rw--- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0f6e000 336K r-x-- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fc2000 8K r---- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fc4000 4K rw--- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf0fc5000 148K r-x-- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf0fea000 4K r---- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf0feb000 4K rw--- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf0fec000 1036K r-x-- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf10ef000 16K r---- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf10f3000 4K rw--- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf10f4000 40K r-x-- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf10fe000 4K r---- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf10ff000 4K rw--- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf1100000 256K r-x-- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf1140000 4K r---- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf1141000 4K rw--- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf1142000 692K r-x-- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf11ef000 16K r---- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf11f3000 4K rw--- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf11f5000 4K ----- [ anon ]\nf11f6000 4K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf11f7000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf11f8000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf11f9000 8K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf11fb000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf11fc000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf11fd000 4K r---- /usr/lib/locale/zu_ZA.utf8/LC_NUMERIC\nf11fe000 4K r---- /usr/lib/locale/en_US.utf8/LC_TIME\nf11ff000 4K r---- /usr/lib/locale/en_US.utf8/LC_MONETARY\nf1200000 4K r---- /usr/lib/locale/ug_CN/LC_MESSAGES/SYS_LC_MESSAGES\nf1201000 4K r---- /usr/lib/locale/yi_US.utf8/LC_PAPER\nf1202000 4K r---- /usr/lib/locale/yi_US.utf8/LC_NAME\nf1203000 4K r---- /usr/lib/locale/en_US.utf8/LC_ADDRESS\nf1204000 28K r--s- /usr/lib/i386-linux-gnu/gconv/gconv-modules.cache\nf120b000 91548K r-x-- /usr/local/lib/tor-browser/libxul.so\nf6b72000 2612K r---- /usr/local/lib/tor-browser/libxul.so\nf6dff000 348K rw--- /usr/local/lib/tor-browser/libxul.so\nf6e56000 196K rw--- [ anon ]\nf6e87000 40K r-x-- /usr/local/lib/tor-browser/liblgpllibs.so\nf6e91000 4K r---- /usr/local/lib/tor-browser/liblgpllibs.so\nf6e92000 4K rw--- /usr/local/lib/tor-browser/liblgpllibs.so\nf6e93000 748K r-x-- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f4e000 8K r---- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f50000 8K rw--- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6f52000 204K r-x-- /usr/local/lib/tor-browser/libssl3.so\nf6f85000 4K ----- /usr/local/lib/tor-browser/libssl3.so\nf6f86000 8K r---- /usr/local/lib/tor-browser/libssl3.so\nf6f88000 4K rw--- /usr/local/lib/tor-browser/libssl3.so\nf6f89000 116K r-x-- /usr/local/lib/tor-browser/libsmime3.so\nf6fa6000 4K ----- /usr/local/lib/tor-browser/libsmime3.so\nf6fa7000 8K r---- /usr/local/lib/tor-browser/libsmime3.so\nf6fa9000 4K rw--- /usr/local/lib/tor-browser/libsmime3.so\nf6faa000 880K r-x-- /usr/local/lib/tor-browser/libnss3.so\nf7086000 4K ----- /usr/local/lib/tor-browser/libnss3.so\nf7087000 12K r---- /usr/local/lib/tor-browser/libnss3.so\nf708a000 4K rw--- /usr/local/lib/tor-browser/libnss3.so\nf708b000 4K rw--- [ anon ]\nf708c000 120K r-x-- /usr/local/lib/tor-browser/libnssutil3.so\nf70aa000 4K ----- /usr/local/lib/tor-browser/libnssutil3.so\nf70ab000 12K r---- /usr/local/lib/tor-browser/libnssutil3.so\nf70ae000 4K rw--- /usr/local/lib/tor-browser/libnssutil3.so\nf70af000 304K r-x-- /usr/local/lib/tor-browser/libnspr4.so\nf70fb000 4K ----- /usr/local/lib/tor-browser/libnspr4.so\nf70fc000 4K r---- /usr/local/lib/tor-browser/libnspr4.so\nf70fd000 4K rw--- /usr/local/lib/tor-browser/libnspr4.so\nf70fe000 2068K rw--- [ anon ]\nf7303000 1464K r-x-- /lib/i386-linux-gnu/libc-2.19.so\nf7471000 8K r---- /lib/i386-linux-gnu/libc-2.19.so\nf7473000 4K rw--- /lib/i386-linux-gnu/libc-2.19.so\nf7474000 12K rw--- [ anon ]\nf7477000 112K r-x-- /lib/i386-linux-gnu/libgcc_s.so.1\nf7493000 4K rw--- /lib/i386-linux-gnu/libgcc_s.so.1\nf7494000 268K r-x-- /lib/i386-linux-gnu/libm-2.19.so\nf74d7000 4K r---- /lib/i386-linux-gnu/libm-2.19.so\nf74d8000 4K rw--- /lib/i386-linux-gnu/libm-2.19.so\nf74d9000 1600K r-x-- /usr/local/lib/tor-browser/libstdc++.so.6\nf7669000 24K r---- /usr/local/lib/tor-browser/libstdc++.so.6\nf766f000 4K rw--- /usr/local/lib/tor-browser/libstdc++.so.6\nf7670000 8K rw--- [ anon ]\nf7672000 28K r-x-- /lib/i386-linux-gnu/librt-2.19.so\nf7679000 4K r---- /lib/i386-linux-gnu/librt-2.19.so\nf767a000 4K rw--- /lib/i386-linux-gnu/librt-2.19.so\nf767b000 12K r-x-- /lib/i386-linux-gnu/libdl-2.19.so\nf767e000 4K r---- /lib/i386-linux-gnu/libdl-2.19.so\nf767f000 4K rw--- /lib/i386-linux-gnu/libdl-2.19.so\nf7680000 92K r-x-- /lib/i386-linux-gnu/libpthread-2.19.so\nf7697000 4K r---- /lib/i386-linux-gnu/libpthread-2.19.so\nf7698000 4K rw--- /lib/i386-linux-gnu/libpthread-2.19.so\nf7699000 8K rw--- [ anon ]\nf769b000 4K r---- /usr/lib/locale/yi_US.utf8/LC_TELEPHONE\nf769c000 4K r---- /usr/lib/locale/yi_US.utf8/LC_MEASUREMENT\nf769d000 12K r-x-- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76a0000 4K r---- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76a1000 4K rw--- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf76a2000 4K r-x-- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76a3000 4K r---- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76a4000 4K rw--- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf76a5000 12K r-x-- /usr/local/lib/tor-browser/libplds4.so\nf76a8000 4K r---- /usr/local/lib/tor-browser/libplds4.so\nf76a9000 4K rw--- /usr/local/lib/tor-browser/libplds4.so\nf76aa000 20K r-x-- /usr/local/lib/tor-browser/libplc4.so\nf76af000 4K r---- /usr/local/lib/tor-browser/libplc4.so\nf76b0000 4K rw--- /usr/local/lib/tor-browser/libplc4.so\nf76b1000 4K r---- /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION\nf76b2000 8K rw--- [ anon ]\nf76b4000 4K r-x-- [ anon ]\nf76b5000 8K r---- [ anon ]\nf76b7000 124K r-x-- /lib/i386-linux-gnu/ld-2.19.so\nf76d6000 4K r---- /lib/i386-linux-gnu/ld-2.19.so\nf76d7000 4K rw--- /lib/i386-linux-gnu/ld-2.19.so\nf76d8000 148K r-x-- /usr/local/lib/tor-browser/firefox-unconfined\nf76fd000 4K rw--- [ anon ]\nf76fe000 4K r---- /usr/local/lib/tor-browser/firefox-unconfined\nf76ff000 4K rw--- /usr/local/lib/tor-browser/firefox-unconfined\nffdcd000 128K rwx-- [ stack ]\nffded000 4K rw--- [ anon ]\n total 360048K\n", ""] calling as root: find /usr/lib /lib -name "libfreebl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libfreebl3.so\n", ""] calling as root: find /usr/lib /lib -name "liblgpllibs.so" call returned: [0, "/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/liblgpllibs.so\n", ""] calling as root: find /usr/lib /lib -name "libmozsqlite3.so" call returned: [0, "/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsqlite3.so\n", ""] calling as root: find /usr/lib /lib -name "libnspr4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnspr4.so\n/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnspr4.so\n", ""] calling as root: find /usr/lib /lib -name "libnss3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnss3.so\n/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnss3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssckbi.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssckbi.so\n", ""] calling as root: find /usr/lib /lib -name "libnssdbm3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssdbm3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssutil3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnssutil3.so\n/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssutil3.so\n", ""] calling as root: find /usr/lib /lib -name "libplc4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplc4.so\n/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplc4.so\n", ""] calling as root: find /usr/lib /lib -name "libplds4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplds4.so\n/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplds4.so\n", ""] calling as root: find /usr/lib /lib -name "libsmime3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libsmime3.so\n/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsmime3.so\n", ""] calling as root: find /usr/lib /lib -name "libsoftokn3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsoftokn3.so\n", ""] calling as root: find /usr/lib /lib -name "libssl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libssl3.so\n/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libssl3.so\n", ""] calling as root: find /usr/lib /lib -name "libxul.so" call returned: [0, "/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libxul.so\n", ""] [log] CLICK on (239,455) [log] CLICK on (243,305) [log] CLICK on (791,624) [log] CLICK on (301,326) [log] TYPE "obfs4 10.2.1.1:33186 21113CF3035B1DA5496E230985E0FA0C716A92C7 cert=TLSf4Yy35MyvUKUzn0MVZFpkWrEbj1Pah+/Ho3bKWfpHYXDTIRBhCJ9fjeCnExWpoM2dWw iat-mode=0 " [log] TYPE "obfs4 10.2.1.1:45838 6C7E46E9F30C6633C352AD7925F0294BC7BA9D78 cert=LtSx1mvtBDX/zhS7UrxGseqe8FYf4z1q6p2tVANxqW4g8b5FFx9wQLVHu7MRSVh0Ah66GA iat-mode=0 " [log] TYPE "obfs4 10.2.1.1:41926 BAA024F6DEA6EF34529B26214AA258013775C5F6 cert=O5+qagOoSmautMKB7CgKCqPb6fZ0ZMruVQHvB/nuL/qMZiD5lstSIMl0IbkH9vth0TCMcQ iat-mode=0 " [log] CLICK on (791,624) [log] CLICK on (791,624) When I configure some obfs4 pluggable transports in Tor Launcher # features/step_definitions/tor.rb:339 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] Then Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked # features/step_definitions/common_steps.rb:392 And all Internet traffic has only flowed through the configured pluggable transports # features/step_definitions/tor.rb:390 @product Feature: Installing Tails to a USB drive As a Tails user I want to install Tails to a suitable USB drive Scenario: Try installing Tails to a too small USB drive # features/usb_install.feature:6 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588804' call returned: [0, "Wed Jun 22 09:46:44 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And I temporarily create a 2 GiB disk named "too-small-device" # features/step_definitions/common_steps.rb:139 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.RLHIxVbrbX\n", ""] calling as root: rm -f '/tmp/tmp.RLHIxVbrbX' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.RLHIxVbrbX' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.RLHIxVbrbX' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.RLHIxVbrbX_20160622-094645_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.RLHIxVbrbX' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.SMKXiSw5f1\n", ""] calling as root: rm -f '/tmp/tmp.SMKXiSw5f1' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tails'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.SMKXiSw5f1' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.SMKXiSw5f1' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.SMKXiSw5f1_20160622-094648_debug ...\nClicking on [label | Tails]\nMouse button 1 click at (47,364)\n", ""] calling as root: rm -f '/tmp/tmp.SMKXiSw5f1' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.i7LhfynLbH\n", ""] calling as root: rm -f '/tmp/tmp.i7LhfynLbH' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tails Installer'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.i7LhfynLbH' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.i7LhfynLbH' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.i7LhfynLbH_20160622-094652_debug ...\nClicking on [label | Tails Installer]\nMouse button 1 click at (301,249)\n", ""] calling as root: rm -f '/tmp/tmp.i7LhfynLbH' call returned: [0, "", ""] [log] CLICK on (279,216) And I start Tails Installer in "Clone & Install" mode # features/step_definitions/usb.rb:87 But a suitable USB device is not found # features/step_definitions/usb.rb:607 calling as root: test -b /dev/sda call returned: [1, "", ""] calling as root: test -b /dev/sda call returned: [1, "", ""] calling as root: test -b /dev/sda call returned: [0, "", ""] When I plug USB drive "too-small-device" # features/step_definitions/common_steps.rb:145 Then Tails Installer detects that a device is too small # features/step_definitions/usb.rb:101 And a suitable USB device is not found # features/step_definitions/usb.rb:607 When I unplug USB drive "too-small-device" # features/step_definitions/usb.rb:55 And I create a 4 GiB disk named "big-enough" # features/step_definitions/common_steps.rb:139 calling as root: test -b /dev/sda call returned: [1, "", ""] calling as root: test -b /dev/sda call returned: [0, "", ""] And I plug USB drive "big-enough" # features/step_definitions/common_steps.rb:145 Then the "big-enough" USB drive is selected # features/step_definitions/usb.rb:611 Scenario: Detecting when a target USB drive is inserted or removed # features/usb_install.feature:19 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [1, "", ""] calling as root: date -s '@1466588831' call returned: [0, "Wed Jun 22 09:47:11 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And I temporarily create a 4 GiB disk named "temp" # features/step_definitions/common_steps.rb:139 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.8mwZsFrrvB\n", ""] calling as root: rm -f '/tmp/tmp.8mwZsFrrvB' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.8mwZsFrrvB' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.8mwZsFrrvB' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.8mwZsFrrvB_20160622-094712_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.8mwZsFrrvB' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.5rpQrOMwcC\n", ""] calling as root: rm -f '/tmp/tmp.5rpQrOMwcC' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tails'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.5rpQrOMwcC' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.5rpQrOMwcC' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.5rpQrOMwcC_20160622-094715_debug ...\nClicking on [label | Tails]\nMouse button 1 click at (47,364)\n", ""] calling as root: rm -f '/tmp/tmp.5rpQrOMwcC' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.7LD9XjQqDY\n", ""] calling as root: rm -f '/tmp/tmp.7LD9XjQqDY' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tails Installer'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.7LD9XjQqDY' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.7LD9XjQqDY' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.7LD9XjQqDY_20160622-094719_debug ...\nClicking on [label | Tails Installer]\nMouse button 1 click at (301,249)\n", ""] calling as root: rm -f '/tmp/tmp.7LD9XjQqDY' call returned: [0, "", ""] And I start Tails Installer in "Clone & Install" mode # features/step_definitions/usb.rb:87 [log] CLICK on (279,216) But a suitable USB device is not found # features/step_definitions/usb.rb:607 calling as root: test -b /dev/sda call returned: [1, "", ""] calling as root: test -b /dev/sda call returned: [0, "", ""] When I plug USB drive "temp" # features/step_definitions/common_steps.rb:145 Then the "temp" USB drive is selected # features/step_definitions/usb.rb:611 When I unplug USB drive "temp" # features/step_definitions/usb.rb:55 Then no USB drive is selected # features/step_definitions/usb.rb:615 And a suitable USB device is not found # features/step_definitions/usb.rb:607 @source Feature: custom APT sources to build branches As a Tails developer, when I build Tails, I'd be happy if the proper APT sources were automatically picked depending on which Git branch I am working on. Scenario: build from an untagged stable branch where the config/APT_overlays.d directory is empty # features/build.feature:7 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 1.0 # features/step_definitions/build.rb:36 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'stable' suite # features/step_definitions/build.rb:113 Scenario: build from an untagged stable branch where config/APT_overlays.d is not empty # features/build.feature:15 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 1.0 # features/step_definitions/build.rb:36 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'stable' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '1.0' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged stable branch with no encoded time-based snapshot # features/build.feature:27 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged stable branch with encoded time-based snapshots # features/build.feature:41 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a tagged stable branch where the config/APT_overlays.d directory is empty # features/build.feature:55 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And I am working on the stable base branch # features/step_definitions/build.rb:70 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.10' suite # features/step_definitions/build.rb:113 Scenario: build from a tagged stable branch where config/APT_overlays.d is not empty # features/build.feature:64 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And I am working on the stable base branch # features/step_definitions/build.rb:70 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a tagged stable branch with no encoded time-based snapshot # features/build.feature:73 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a tagged stable branch with encoded time-based snapshots # features/build.feature:87 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10 # features/step_definitions/build.rb:36 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 And I checkout the 0.10 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a bugfix branch without overlays for a stable release # features/build.feature:101 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'stable' suite # features/step_definitions/build.rb:113 Scenario: build from a bugfix branch with overlays for a stable release # features/build.feature:110 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'bugfix-disable-gdomap' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'stable' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-disable-gdomap' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '0.10' suite # features/step_definitions/build.rb:118 Scenario: build from a bugfix branch with no encoded time-based snapshot for a stable release # features/build.feature:123 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.10 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a bugfix branch with encoded time-based snapshots for a stable release # features/build.feature:137 Given Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.10.1 # features/step_definitions/build.rb:36 And Tails 0.10.1 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on stable # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged testing branch where the config/APT_overlays.d directory is empty # features/build.feature:151 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has not been released yet # features/step_definitions/build.rb:32 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'testing' suite # features/step_definitions/build.rb:109 And I should not see the '0.11' suite # features/step_definitions/build.rb:118 And I should not see the 'feature-foo' suite # features/step_definitions/build.rb:118 And I should not see the 'bugfix-bar' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged testing branch where config/APT_overlays.d is not empty # features/build.feature:162 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has not been released yet # features/step_definitions/build.rb:32 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'testing' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 But I should not see the '0.11' suite # features/step_definitions/build.rb:118 Scenario: build from an untagged testing branch with no encoded time-based snapshot # features/build.feature:174 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from an untagged testing branch with encoded time-based snapshots # features/build.feature:188 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10 and 1.0 # features/step_definitions/build.rb:45 And Tails 1.0 has not been released yet # features/step_definitions/build.rb:32 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a tagged testing branch where the config/APT_overlays.d directory is empty # features/build.feature:202 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.11' suite # features/step_definitions/build.rb:113 Scenario: build from a tagged testing branch where config/APT_overlays.d is not empty # features/build.feature:211 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a tagged testing branch with no encoded time-based snapshot # features/build.feature:220 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build from a tagged testing branch with encoded time-based snapshots # features/build.feature:234 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And the last version mentioned in debian/changelog is 0.11 # features/step_definitions/build.rb:36 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 And I checkout the 0.11 tag # features/step_definitions/build.rb:82 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see the 0.11 tagged snapshot # features/step_definitions/build.rb:147 Scenario: build a release candidate from a tagged testing branch # features/build.feature:248 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.12~rc1 # features/step_definitions/build.rb:36 And Tails 0.12-rc1 has been tagged # features/step_definitions/build.rb:28 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 And I checkout the 0.12-rc1 tag # features/step_definitions/build.rb:82 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the '0.12-rc1' suite # features/step_definitions/build.rb:113 Scenario: build a release candidate from a tagged testing branch where config/APT_overlays.d is not empty # features/build.feature:258 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.11 has been released # features/step_definitions/build.rb:1 And the last version mentioned in debian/changelog is 0.12~rc1 # features/step_definitions/build.rb:36 And Tails 0.12-rc1 has been tagged # features/step_definitions/build.rb:28 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 And I checkout the 0.12-rc1 tag # features/step_definitions/build.rb:82 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a bugfix branch with no encoded time-based snapshot for a major release # features/build.feature:268 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10~rc1 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10 # features/step_definitions/build.rb:45 And Tails 0.10 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on testing # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a bugfix branch with encoded time-based snapshots for a major release # features/build.feature:283 Given I am working on the testing base branch # features/step_definitions/build.rb:70 And Tails 0.10~rc1 has been released # features/step_definitions/build.rb:1 And the last versions mentioned in debian/changelog are 0.10~rc1 and 0.10 # features/step_definitions/build.rb:45 And Tails 0.10 has not been released yet # features/step_definitions/build.rb:32 And I am working on the bugfix/disable_gdomap branch based on testing # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the devel branch without overlays # features/build.feature:298 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'devel' suite # features/step_definitions/build.rb:113 Scenario: build from the devel branch with overlays # features/build.feature:304 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And config/APT_overlays.d contains 'feature-foo' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-foo' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from the devel branch with no encoded time-based snapshot # features/build.feature:313 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the devel branch with encoded time-based snapshots # features/build.feature:324 Given I am working on the devel base branch # features/step_definitions/build.rb:70 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from the feature/jessie branch without overlays # features/build.feature:335 Given I am working on the feature/jessie base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'feature-jessie' suite # features/step_definitions/build.rb:113 Scenario: build from the feature/jessie branch with overlays # features/build.feature:341 Given I am working on the feature/jessie base branch # features/step_definitions/build.rb:70 And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'feature-jessie' suite # features/step_definitions/build.rb:109 And I should see the 'feature-7756-reintroduce-whisperback' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch with overlays based on devel # features/build.feature:348 Given I am working on the feature/icedove branch based on devel # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-icedove' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-icedove' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch without overlays based on devel # features/build.feature:357 Given I am working on the feature/icedove branch based on devel # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'devel' suite # features/step_definitions/build.rb:113 Scenario: build from a feature branch based on devel with no encoded time-based snapshot # features/build.feature:363 Given I am working on the feature/icedove branch based on devel # features/step_definitions/build.rb:87 And no frozen APT snapshot is encoded in config/APT_snapshots.d # features/step_definitions/build.rb:50 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I successfully run "apt-mirror debian" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror torproject" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a feature branch based on devel with encoded time-based snapshots # features/build.feature:374 Given I am working on the feature/icedove branch based on devel # features/step_definitions/build.rb:87 And frozen APT snapshots are encoded in config/APT_snapshots.d # features/step_definitions/build.rb:58 When I successfully run "apt-snapshots-serials prepare-build" # features/step_definitions/build.rb:99 And I run "apt-mirror debian" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I run "apt-mirror torproject" # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 When I successfully run "apt-mirror debian-security" # features/step_definitions/build.rb:99 Then I should see a time-based snapshot # features/step_definitions/build.rb:151 Scenario: build from a feature branch with overlays based on feature/jessie # features/build.feature:385 Given I am working on the feature/7756-reintroduce-whisperback branch based on feature/jessie # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-7756-reintroduce-whisperback' # features/step_definitions/build.rb:127 And config/APT_overlays.d contains 'bugfix-bar' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'feature-jessie' suite # features/step_definitions/build.rb:109 And I should see the 'feature-7756-reintroduce-whisperback' suite # features/step_definitions/build.rb:109 And I should see the 'bugfix-bar' suite # features/step_definitions/build.rb:109 Scenario: build from a feature branch without overlays based on feature/jessie # features/build.feature:394 Given I am working on the feature/icedove branch based on feature/jessie # features/step_definitions/build.rb:87 And the config/APT_overlays.d directory is empty # features/step_definitions/build.rb:122 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see only the 'feature-jessie' suite # features/step_definitions/build.rb:113 Scenario: build from a feature branch based on devel with dots in its name # features/build.feature:400 Given I am working on the feature/live-boot-3.x branch based on devel # features/step_definitions/build.rb:87 And config/APT_overlays.d contains 'feature-live-boot-3.x' # features/step_definitions/build.rb:127 When I successfully run tails-custom-apt-sources # features/step_definitions/build.rb:99 Then I should see the 'devel' suite # features/step_definitions/build.rb:109 And I should see the 'feature-live-boot-3.x' suite # features/step_definitions/build.rb:109 Scenario: build from a branch that has no config/APT_overlays.d directory # features/build.feature:407 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/APT_overlays.d directory does not exist # features/step_definitions/build.rb:139 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a branch that has no config/base_branch file # features/build.feature:413 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/base_branch file does not exist # features/step_definitions/build.rb:135 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 Scenario: build from a branch where config/base_branch is empty # features/build.feature:419 Given I am working on the stable base branch # features/step_definitions/build.rb:70 And the config/base_branch file is empty # features/step_definitions/build.rb:143 When I run tails-custom-apt-sources # features/step_definitions/build.rb:104 Then it should fail # features/step_definitions/build.rb:131 @product Feature: Various checks Scenario: AppArmor is enabled and has enforced profiles # features/checks.feature:4 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588925' call returned: [0, "Wed Jun 22 09:48:45 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: aa-status call returned: [0, "apparmor module is loaded.\n24 profiles are loaded.\n21 profiles are in enforce mode.\n /usr/bin/evince\n /usr/bin/evince-previewer\n /usr/bin/evince-previewer//sanitized_helper\n /usr/bin/evince-thumbnailer\n /usr/bin/evince-thumbnailer//sanitized_helper\n /usr/bin/evince//sanitized_helper\n /usr/bin/irssi\n /usr/bin/pidgin\n /usr/bin/pidgin//sanitized_helper\n /usr/bin/tor\n /usr/bin/totem\n /usr/bin/totem-audio-preview\n /usr/bin/totem-video-thumbnailer\n /usr/lib/cups/backend/cups-pdf\n /usr/local/lib/tor-browser/firefox\n /usr/sbin/apt-cacher-ng\n /usr/sbin/cupsd\n /usr/sbin/cupsd//third_party\n /usr/sbin/tcpdump\n gst_plugin_scanner\n system_i2p\n3 profiles are in complain mode.\n /usr/sbin/avahi-daemon\n /usr/{sbin/traceroute,bin/traceroute.db}\n /{usr/,}bin/ping\n1 processes have profiles defined.\n1 processes are in enforce mode.\n /usr/sbin/cupsd (2190) \n0 processes are in complain mode.\n0 processes are unconfined but have a profile defined.\n", ""] Then AppArmor is enabled # features/step_definitions/checks.rb:159 calling as root: aa-status --enforced call returned: [0, "21\n", ""] And some AppArmor profiles are enforced # features/step_definitions/checks.rb:163 Scenario: A screenshot is taken when the PRINTSCREEN key is pressed # features/checks.feature:9 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588930' call returned: [0, "Wed Jun 22 09:48:50 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: find '/home/amnesia/Pictures' -name 'Screenshot*.png' -maxdepth 1 call returned: [0, "", ""] And there is no screenshot in the live user's Pictures directory # features/step_definitions/checks.rb:104 [log] TYPE "" When I press the "PRINTSCREEN" key # features/step_definitions/common_steps.rb:682 calling as root: find '/home/amnesia/Pictures' -name 'Screenshot*.png' -maxdepth 1 call returned: [0, "", ""] calling as root: find '/home/amnesia/Pictures' -name 'Screenshot*.png' -maxdepth 1 call returned: [0, "/home/amnesia/Pictures/Screenshot from 2016-06-22 09:48:50.png\n", ""] Then a screenshot is saved to the live user's Pictures directory # features/step_definitions/checks.rb:112 Scenario: VirtualBox guest modules are available # features/checks.feature:15 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588936' call returned: [0, "Wed Jun 22 09:48:56 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: uname -r | grep -qs 'amd64$' call returned: [0, "", ""] When Tails has booted a 64-bit kernel # features/step_definitions/checks.rb:99 calling as root: modinfo vboxguest call returned: [0, "filename: /lib/modules/3.16.0-4-amd64/updates/vboxguest.ko\nversion: 4.3.36_Debian\nlicense: GPL\ndescription: Oracle VM VirtualBox Guest Additions for Linux Module\nauthor: Oracle Corporation\nsrcversion: AD862EFF066EF98EB79BCCE\nalias: pci:v000080EEd0000CAFEsv00000000sd00000000bc*sc*i*\ndepends: \nvermagic: 3.16.0-4-amd64 SMP mod_unload modversions \n", ""] Then the VirtualBox guest modules are available # features/step_definitions/checks.rb:121 Scenario: The shipped Tails OpenPGP keys are up-to-date # features/checks.feature:20 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588940' call returned: [0, "Wed Jun 22 09:49:00 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: gpg --batch --with-colons --fingerprint --list-key call returned: [0, "tru::1:1466587135:0:3:1:5\npub:-:4096:1:C436090F4BB47C6F:2014-07-11:::-:Tails accounting team (schleuder list) ::escaESCA:\nfpr:::::::::256DEB9077880CD681678528C436090F4BB47C6F:\nuid:-::::2014-07-11::860DB6331C0F426D92DAD98F2BA7DA31AB280658::Tails accounting team (schleuder list) :\nuid:-::::2014-07-11::7B211AEF221E8740CE46D12D87A6C17D432003D7::Tails accounting team (schleuder list) :\nsub:-:4096:1:289A5B45A9E89475:2014-07-11::::::esa:\nfpr:::::::::7C0815E885B151F0F7B82273289A5B45A9E89475:\npub:-:4096:1:EC57B56EF0C43132:2013-07-24:2018-07-23::-:Tails bug squad ::scESC:\nfpr:::::::::1F56EDD30741048035DAC1C5EC57B56EF0C43132:\nuid:-::::2014-02-04::3C8AD9F790E35644AAE05A8AF50215E17064C8AF::Tails bug squad (schleuder list) :\nuid:-::::2014-02-04::D6A38EAB24671D5465AF7FBA66EE4604FDAAF742::Tails bug squad (schleuder list) :\nuid:-::::2014-08-12::C7C338FDD8528B045BAE64637C70E204A58FB93B::Tails private user support :\nsub:-:4096:1:9D6D6472AFC1AD77:2013-07-24:2018-07-23:::::e:\nfpr:::::::::0012C2281573FE8D1C24E3509D6D6472AFC1AD77:\npub:-:4096:1:1D2975EDF93E735F:2009-08-14:2016-12-27::-:Tails developers (Schleuder mailing-list) ::scESC:\nfpr:::::::::09F6BC8FEEC9D8EE005DBAA41D2975EDF93E735F:\nuid:-::::2014-12-28::60E13D6723C9457B7304C3C6E5452D7B0D7DEDAD::Tails list (schleuder list) :\nuid:-::::2014-12-28::CA2EF3B42A28EC119780E908046D4B9FCBF99BAB::Tails list (schleuder list) :\nuid:r::::::9933827C0B9BDC6F26DD5C4396AE098A27091851::Amnesia :\nuid:r::::::12DFA836D53698FFABE5061FB3DD3CD796DF26F9::T(A)ILS developers (Schleuder mailing-list) :\nsub:-:4096:1:D843C2F5E89382EB:2009-08-14:2016-12-27:::::e:\nfpr:::::::::C3948FE7B604C6114E294DDFD843C2F5E89382EB:\npub:-:4096:1:D2EDA621B572DD73:2016-04-29:::-:Tails mirror pool managers (schleuder list) ::escaESCA:\nfpr:::::::::0B088E31D4F8E59A3D399137D2EDA621B572DD73:\nuid:-::::2016-04-29::F9D65DB569B07586B0DA61F8DA4C9C8F732AC4AD::Tails mirror pool managers (schleuder list) :\nuid:-::::2016-04-29::C450DB00E0BE9AAB5E58FF748A7A221411EB0FE1::Tails mirror pool managers (schleuder list) :\nsub:-:4096:1:3DCFC1EB1C62C73C:2016-04-29::::::esa:\nfpr:::::::::C3B6EA2B3704474BCF2454C33DCFC1EB1C62C73C:\npub:-:4096:1:457080B5A072CBE3:2014-07-11:::-:Tails press team (schleuder list) ::escaESCA:\nfpr:::::::::F3CD9B7B4BDF9995DA22088E457080B5A072CBE3:\nuid:-::::2014-07-11::A6BDD1625A8F0B65F154829FCEB33D68A6841624::Tails press team (schleuder list) :\nuid:-::::2014-07-11::2BA6F200D94205F82E9F3A809BD2D57B0EA9042F::Tails press team (schleuder list) :\nsub:-:4096:1:5748DE3BC338BFFC:2014-07-11::::::esa:\nfpr:::::::::79600454A497A88CC0D7F8685748DE3BC338BFFC:\npub:-:4096:1:DBB802B258ACD84F:2015-01-18:2017-01-11::-:Tails developers (offline long-term identity key) ::cSC:\nfpr:::::::::A490D0F4D311A4153E2BB7CADBB802B258ACD84F:\nuid:-::::2015-09-27::56CE2B43AA9493872A802884F36253ED9A504FF1::Tails developers :\nsub:-:4096:1:98FEC6BC752A3DB6:2015-01-18:2017-01-11:::::s:\nfpr:::::::::BA2C222F44AC00ED9899389398FEC6BC752A3DB6:\nsub:-:4096:1:3C83DCB52F699C56:2015-01-18:2017-01-11:::::s:\nfpr:::::::::A5091F72C746BA6B163D1C183C83DCB52F699C56:\nsub:r:4096:1:AA9E014656987A65:2015-01-18:2016-01-11:::::s:\nfpr:::::::::C3B6813CD95D79C212F5AA21AA9E014656987A65:\npub:-:4096:1:70F4F03116525F43:2012-08-23:2018-05-16::-:Tails system administrators ::scESC:\nfpr:::::::::D113CB6D5131D34BA5F0FE9E70F4F03116525F43:\nuid:-::::2016-05-16::DA6CF2C472639E55AB464CB7E1F76416FE91069C::Tails system administrators (schleuder list) :\nuid:-::::2016-05-16::0C10D3FD3B1C9750C5C547D5AE15A6B355950802::Tails system administrators (schleuder list) :\nsub:-:4096:1:58BA940CCA0A30B4:2012-08-23:2018-05-16:::::e:\nfpr:::::::::373DA2F425C9D097B95ADAD458BA940CCA0A30B4:\n", ""] calling as amnesia: gpg --batch --list-key 256DEB9077880CD681678528C436090F4BB47C6F call returned: [0, "pub 4096R/0xC436090F4BB47C6F 2014-07-11\n Key fingerprint = 256D EB90 7788 0CD6 8167 8528 C436 090F 4BB4 7C6F\nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nsub 4096R/0x289A5B45A9E89475 2014-07-11\n\n", ""] calling as amnesia: gpg --batch --list-key 7C0815E885B151F0F7B82273289A5B45A9E89475 call returned: [0, "pub 4096R/0xC436090F4BB47C6F 2014-07-11\n Key fingerprint = 256D EB90 7788 0CD6 8167 8528 C436 090F 4BB4 7C6F\nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nuid [ unknown] Tails accounting team (schleuder list) \nsub 4096R/0x289A5B45A9E89475 2014-07-11\n\n", ""] calling as amnesia: gpg --batch --list-key 1F56EDD30741048035DAC1C5EC57B56EF0C43132 call returned: [0, "pub 4096R/0xEC57B56EF0C43132 2013-07-24 [expires: 2018-07-23]\n Key fingerprint = 1F56 EDD3 0741 0480 35DA C1C5 EC57 B56E F0C4 3132\nuid [ unknown] Tails bug squad \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails private user support \nsub 4096R/0x9D6D6472AFC1AD77 2013-07-24 [expires: 2018-07-23]\n\n", ""] calling as amnesia: gpg --batch --list-key 0012C2281573FE8D1C24E3509D6D6472AFC1AD77 call returned: [0, "pub 4096R/0xEC57B56EF0C43132 2013-07-24 [expires: 2018-07-23]\n Key fingerprint = 1F56 EDD3 0741 0480 35DA C1C5 EC57 B56E F0C4 3132\nuid [ unknown] Tails bug squad \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails bug squad (schleuder list) \nuid [ unknown] Tails private user support \nsub 4096R/0x9D6D6472AFC1AD77 2013-07-24 [expires: 2018-07-23]\n\n", ""] calling as amnesia: gpg --batch --list-key 09F6BC8FEEC9D8EE005DBAA41D2975EDF93E735F call returned: [0, "pub 4096R/0x1D2975EDF93E735F 2009-08-14 [expires: 2016-12-27]\n Key fingerprint = 09F6 BC8F EEC9 D8EE 005D BAA4 1D29 75ED F93E 735F\nuid [ unknown] Tails developers (Schleuder mailing-list) \nuid [ unknown] Tails list (schleuder list) \nuid [ unknown] Tails list (schleuder list) \nsub 4096R/0xD843C2F5E89382EB 2009-08-14 [expires: 2016-12-27]\n\n", ""] calling as amnesia: gpg --batch --list-key C3948FE7B604C6114E294DDFD843C2F5E89382EB call returned: [0, "pub 4096R/0x1D2975EDF93E735F 2009-08-14 [expires: 2016-12-27]\n Key fingerprint = 09F6 BC8F EEC9 D8EE 005D BAA4 1D29 75ED F93E 735F\nuid [ unknown] Tails developers (Schleuder mailing-list) \nuid [ unknown] Tails list (schleuder list) \nuid [ unknown] Tails list (schleuder list) \nsub 4096R/0xD843C2F5E89382EB 2009-08-14 [expires: 2016-12-27]\n\n", ""] calling as amnesia: gpg --batch --list-key 0B088E31D4F8E59A3D399137D2EDA621B572DD73 call returned: [0, "pub 4096R/0xD2EDA621B572DD73 2016-04-29\n Key fingerprint = 0B08 8E31 D4F8 E59A 3D39 9137 D2ED A621 B572 DD73\nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nsub 4096R/0x3DCFC1EB1C62C73C 2016-04-29\n\n", ""] calling as amnesia: gpg --batch --list-key C3B6EA2B3704474BCF2454C33DCFC1EB1C62C73C call returned: [0, "pub 4096R/0xD2EDA621B572DD73 2016-04-29\n Key fingerprint = 0B08 8E31 D4F8 E59A 3D39 9137 D2ED A621 B572 DD73\nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nuid [ unknown] Tails mirror pool managers (schleuder list) \nsub 4096R/0x3DCFC1EB1C62C73C 2016-04-29\n\n", ""] calling as amnesia: gpg --batch --list-key F3CD9B7B4BDF9995DA22088E457080B5A072CBE3 call returned: [0, "pub 4096R/0x457080B5A072CBE3 2014-07-11\n Key fingerprint = F3CD 9B7B 4BDF 9995 DA22 088E 4570 80B5 A072 CBE3\nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nsub 4096R/0x5748DE3BC338BFFC 2014-07-11\n\n", ""] calling as amnesia: gpg --batch --list-key 79600454A497A88CC0D7F8685748DE3BC338BFFC call returned: [0, "pub 4096R/0x457080B5A072CBE3 2014-07-11\n Key fingerprint = F3CD 9B7B 4BDF 9995 DA22 088E 4570 80B5 A072 CBE3\nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nuid [ unknown] Tails press team (schleuder list) \nsub 4096R/0x5748DE3BC338BFFC 2014-07-11\n\n", ""] calling as amnesia: gpg --batch --list-key A490D0F4D311A4153E2BB7CADBB802B258ACD84F call returned: [0, "pub 4096R/0xDBB802B258ACD84F 2015-01-18 [expires: 2017-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub 4096R/0x98FEC6BC752A3DB6 2015-01-18 [expires: 2017-01-11]\nsub 4096R/0x3C83DCB52F699C56 2015-01-18 [expires: 2017-01-11]\n\n", ""] calling as amnesia: gpg --batch --list-key BA2C222F44AC00ED9899389398FEC6BC752A3DB6 call returned: [0, "pub 4096R/0xDBB802B258ACD84F 2015-01-18 [expires: 2017-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub 4096R/0x98FEC6BC752A3DB6 2015-01-18 [expires: 2017-01-11]\nsub 4096R/0x3C83DCB52F699C56 2015-01-18 [expires: 2017-01-11]\n\n", ""] calling as amnesia: gpg --batch --list-key A5091F72C746BA6B163D1C183C83DCB52F699C56 call returned: [0, "pub 4096R/0xDBB802B258ACD84F 2015-01-18 [expires: 2017-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub 4096R/0x98FEC6BC752A3DB6 2015-01-18 [expires: 2017-01-11]\nsub 4096R/0x3C83DCB52F699C56 2015-01-18 [expires: 2017-01-11]\n\n", ""] calling as amnesia: gpg --batch --list-key C3B6813CD95D79C212F5AA21AA9E014656987A65 call returned: [0, "pub 4096R/0xDBB802B258ACD84F 2015-01-18 [expires: 2017-01-11]\n Key fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F\nuid [ unknown] Tails developers (offline long-term identity key) \nuid [ unknown] Tails developers \nsub 4096R/0x98FEC6BC752A3DB6 2015-01-18 [expires: 2017-01-11]\nsub 4096R/0x3C83DCB52F699C56 2015-01-18 [expires: 2017-01-11]\n\n", ""] calling as amnesia: gpg --batch --list-key D113CB6D5131D34BA5F0FE9E70F4F03116525F43 call returned: [0, "pub 4096R/0x70F4F03116525F43 2012-08-23 [expires: 2018-05-16]\n Key fingerprint = D113 CB6D 5131 D34B A5F0 FE9E 70F4 F031 1652 5F43\nuid [ unknown] Tails system administrators \nuid [ unknown] Tails system administrators (schleuder list) \nuid [ unknown] Tails system administrators (schleuder list) \nsub 4096R/0x58BA940CCA0A30B4 2012-08-23 [expires: 2018-05-16]\n\n", ""] calling as amnesia: gpg --batch --list-key 373DA2F425C9D097B95ADAD458BA940CCA0A30B4 call returned: [0, "pub 4096R/0x70F4F03116525F43 2012-08-23 [expires: 2018-05-16]\n Key fingerprint = D113 CB6D 5131 D34B A5F0 FE9E 70F4 F031 1652 5F43\nuid [ unknown] Tails system administrators \nuid [ unknown] Tails system administrators (schleuder list) \nuid [ unknown] Tails system administrators (schleuder list) \nsub 4096R/0x58BA940CCA0A30B4 2012-08-23 [expires: 2018-05-16]\n\n", ""] Then the OpenPGP keys shipped with Tails will be valid for the next 3 months # features/step_definitions/checks.rb:7 Scenario: The Tails Debian repository key is up-to-date # features/checks.feature:24 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588949' call returned: [0, "Wed Jun 22 09:49:09 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: apt-key adv --batch --list-key 221F9A3C6FA3E09E182E060BC7988EA7A358D82E call returned: [0, "Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.zbP4K1npem --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --batch --list-key 221F9A3C6FA3E09E182E060BC7988EA7A358D82E\npub 4096R/A358D82E 2012-02-04 [expires: 2018-01-25]\nuid deb.tails.boum.org archive signing key\n\n", ""] Then the shipped Debian repository key will be valid for the next 3 months # features/step_definitions/checks.rb:20 @doc Scenario: The "Report an Error" launcher will open the support documentation # features/checks.feature:29 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588954' call returned: [0, "Wed Jun 22 09:49:14 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 101ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared # features/step_definitions/common_steps.rb:434 [log] DOUBLE CLICK on (89,174) When I double-click the Report an Error launcher on the desktop # features/step_definitions/checks.rb:38 Then the support documentation page opens in Tor Browser # features/step_definitions/checks.rb:137 Scenario: The live user is setup correctly # features/checks.feature:37 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588992' call returned: [0, "Wed Jun 22 09:49:52 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: test -e /var/lib/live/config/user-setup call returned: [0, "", ""] calling as root: . /etc/live/config/username.conf; echo $LIVE_USERNAME call returned: [0, "amnesia\n", ""] Then the live user has been setup by live-boot # features/step_definitions/checks.rb:42 calling as root: groups amnesia call returned: [0, "amnesia : amnesia lp dialout cdrom floppy audio video plugdev netdev lpadmin scanner vboxsf\n", ""] And the live user is a member of only its own group and "audio cdrom dialout floppy video plugdev netdev scanner lp lpadmin vboxsf" # features/step_definitions/checks.rb:50 calling as root: test -d /home/amnesia call returned: [0, "", ""] calling as root: stat -c %U:%G /home/amnesia call returned: [0, "amnesia:amnesia\n", ""] calling as root: stat -c %a /home/amnesia call returned: [0, "700\n", ""] And the live user owns its home dir and it has normal permissions # features/step_definitions/checks.rb:61 Scenario: No initial network # features/checks.feature:43 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466588998' call returned: [0, "Wed Jun 22 09:49:58 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And I wait between 30 and 60 seconds # features/step_definitions/common_steps.rb:851 Slept for 39 seconds Then the Tor Status icon tells me that Tor is not usable # features/step_definitions/checks.rb:249 When the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [1, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] Then Tor is ready # features/step_definitions/common_steps.rb:373 And the Tor Status icon tells me that Tor is usable # features/step_definitions/checks.rb:249 [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 82ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared # features/step_definitions/common_steps.rb:434 calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] And the time has synced # features/step_definitions/common_steps.rb:386 Scenario: The tor process should be confined with Seccomp # features/checks.feature:61 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589059' call returned: [0, "Wed Jun 22 09:50:59 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: pidof -x -o '%PPID' tor call returned: [0, "3120\n", ""] calling as root: pidof -x -o '%PPID' tor call returned: [0, "3120\n", ""] calling as root: cat /proc/3120/status call returned: [0, "Name:\ttor\nState:\tS (sleeping)\nTgid:\t3120\nNgid:\t0\nPid:\t3120\nPPid:\t1\nTracerPid:\t0\nUid:\t107\t107\t107\t107\nGid:\t116\t116\t116\t116\nFDSize:\t128\nGroups:\t116 \nVmPeak:\t 13904 kB\nVmSize:\t 13904 kB\nVmLck:\t 0 kB\nVmPin:\t 0 kB\nVmHWM:\t 10756 kB\nVmRSS:\t 10756 kB\nVmData:\t 5012 kB\nVmStk:\t 136 kB\nVmExe:\t 2364 kB\nVmLib:\t 6020 kB\nVmPTE:\t 36 kB\nVmSwap:\t 0 kB\nThreads:\t1\nSigQ:\t0/7970\nSigPnd:\t0000000000000000\nShdPnd:\t0000000000000000\nSigBlk:\t0000000000000000\nSigIgn:\t0000000000000000\nSigCgt:\t00000001d1015ecb\nCapInh:\t0000000000000000\nCapPrm:\t0000000000000000\nCapEff:\t0000000000000000\nCapBnd:\t00000000000004cb\nSeccomp:\t2\nCpus_allowed:\t1\nCpus_allowed_list:\t0\nMems_allowed:\t00000000,00000001\nMems_allowed_list:\t0\nvoluntary_ctxt_switches:\t148\nnonvoluntary_ctxt_switches:\t667\n", ""] Then the running process "tor" is confined with Seccomp in filter mode # features/step_definitions/checks.rb:197 Scenario: No unexpected network services # features/checks.feature:67 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589083' call returned: [0, "Wed Jun 22 09:51:23 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 When the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: netstat -ltupn call returned: [0, "Active Internet connections (only servers)\nProto Recv-Q Send-Q Local Address Foreign Address State PID/Program name\ntcp 0 0 127.0.0.1:6136 0.0.0.0:* LISTEN 2104/perl \ntcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:9051 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:9052 0.0.0.0:* LISTEN 1336/python \ntcp 0 0 127.0.0.1:9150 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:9061 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:9062 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:9040 0.0.0.0:* LISTEN 3129/tor \ntcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2190/cupsd \nudp 0 0 0.0.0.0:33247 0.0.0.0:* 2809/dhclient \nudp 0 0 127.0.0.2:53 0.0.0.0:* 3448/ttdnsd \nudp 0 0 0.0.0.0:68 0.0.0.0:* 2809/dhclient \nudp 0 0 127.0.0.1:5353 0.0.0.0:* 3129/tor \nudp6 0 0 :::35267 :::* 2809/dhclient \n", ""] Then no unexpected services are listening for network connections # features/step_definitions/checks.rb:71 Service 'dhclient' is listening on 0.0.0.0:33247 but has an exception Service 'dhclient' is listening on 0.0.0.0:68 but has an exception Scenario: The emergency shutdown applet can shutdown Tails # features/checks.feature:73 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589105' call returned: [0, "Wed Jun 22 09:51:45 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 [log] CLICK on (987,12) When I request a shutdown using the emergency shutdown applet # features/step_definitions/common_steps.rb:537 [log] CLICK on (945,146) Then Tails eventually shuts down # features/step_definitions/common_steps.rb:519 Scenario: The emergency shutdown applet can reboot Tails # features/checks.feature:78 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [1, "", ""] calling as root: date -s '@1466589137' call returned: [0, "Wed Jun 22 09:52:17 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 [log] CLICK on (987,12) [log] CLICK on (840,146) When I request a reboot using the emergency shutdown applet # features/step_definitions/common_steps.rb:547 Then Tails eventually restarts # features/step_definitions/common_steps.rb:527 Scenario: tails-debugging-info does not leak information # features/checks.feature:83 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589169' call returned: [0, "Wed Jun 22 09:52:49 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: echo 'T0P S3Cr1t -- 3yEs oN1y' >> '/secret' call returned: [0, "", ""] calling as root: chmod u=rw,go= /secret call returned: [0, "", ""] calling as root: chown root:root /secret call returned: [0, "", ""] calling as root: cat /usr/local/sbin/tails-debugging-info call returned: [0, "#!/bin/sh\n\ndebug_command() {\n echo\n echo \"===== output of command $@ =====\"\n \"$@\"\n}\n\ndebug_file() {\n local user=\"${1}\"\n shift\n file=\"${1}\"\n [ ! -e \"${file}\" ] && return\n echo\n echo \"===== content of $1 =====\"\n sudo -u \"${user}\" -- cat \"${file}\"\n}\n\ndebug_command /usr/sbin/dmidecode -s system-manufacturer\ndebug_command /usr/sbin/dmidecode -s system-product-name\ndebug_command /usr/sbin/dmidecode -s system-version\ndebug_command \"/bin/lsmod\"\ndebug_command \"/bin/mount\"\ndebug_command \"/usr/bin/lspci\"\ndebug_command /bin/journalctl --catalog --no-pager\n\n# Great attention must be given to the ownership situation of these\n# files and their parent directories in order to avoid a symlink-based\n# attack that could read the contents of any file and make it\n# accessible to the user running this script (typicall the live\n# user). Therefore, when adding a new file, give as the first argument\n# 'root' only if the complete path to it (including the file itself)\n# is owned by root and already exists before the system is connected to\n# the network (that is, before GDM's PostLogin script is run).\n# If not, the following rules must be followed strictly:\n#\n# * only one non-root user is involved in the ownership situation (the\n# file, its dir and the parent dirs). From now on let's assume it is\n# the case and call it $USER.\n#\n# * if any non-root group has write access, it must not have any\n# members.\n#\n# If any of these rules does not apply, the file cannot be added here\n# safely and something is probably quite wrong and should be\n# investigated carefully.\ndebug_file root \"/etc/X11/xorg.conf\"\ndebug_file root \"/proc/asound/cards\"\ndebug_file root \"/proc/asound/devices\"\ndebug_file root \"/proc/asound/modules\"\ndebug_file Debian-gdm \"/var/log/gdm3/tails-greeter.errors\"\ndebug_file root \"/var/log/live-persist\"\ndebug_file root \"/var/log/live/boot.log\"\ndebug_file root \"/var/log/live/config.log\"\ndebug_file root \"/var/lib/gdm3/tails.persistence\"\ndebug_file root \"/var/lib/live/config/tails.physical_security\"\ndebug_file root \"/live/persistence/TailsData_unlocked/persistence.conf\"\ndebug_file root \"/live/persistence/TailsData_unlocked/live-additional-software.conf\"\n", ""] calling as root: rm /var/log/gdm3/tails-greeter.errors call returned: [1, "", "rm: cannot remove \u2018/var/log/gdm3/tails-greeter.errors\u2019: No such file or directory\n"] Then tails-debugging-info is not susceptible to symlink attacks # features/step_definitions/checks.rb:208 Scenario: Tails shuts down on DVD boot medium removal # features/checks.feature:87 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589175' call returned: [0, "Wed Jun 22 09:52:55 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: udevadm info --device-id-of-file=/lib/live/mount/medium call returned: [0, "11:0\n", ""] calling as root: readlink -f /dev/block/'11:0' call returned: [0, "/dev/sr0\n", ""] calling as root: udevadm info --query=property --name='/dev/sr0' call returned: [0, "DEVLINKS=/dev/cdrom /dev/disk/by-id/ata-QEMU_DVD-ROM_QM00003 /dev/disk/by-label/TAILS\\x202.4.1\\x20-\\x2020160622 /dev/disk/by-uuid/2016-06-22-08-45-34-00 /dev/dvd\nDEVNAME=/dev/sr0\nDEVPATH=/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0/block/sr0\nDEVTYPE=disk\nID_ATA=1\nID_BUS=ata\nID_CDROM=1\nID_CDROM_DVD=1\nID_CDROM_MEDIA=1\nID_CDROM_MEDIA_DVD=1\nID_CDROM_MEDIA_SESSION_COUNT=1\nID_CDROM_MEDIA_STATE=complete\nID_CDROM_MEDIA_TRACK_COUNT=1\nID_CDROM_MEDIA_TRACK_COUNT_DATA=1\nID_CDROM_MRW=1\nID_CDROM_MRW_W=1\nID_FS_APPLICATION_ID=The\\x20Amnesic\\x20Incognito\\x20Live\\x20System\nID_FS_BOOT_SYSTEM_ID=EL\\x20TORITO\\x20SPECIFICATION\nID_FS_LABEL=TAILS_2.4.1_-_20160622\nID_FS_LABEL_ENC=TAILS\\x202.4.1\\x20-\\x2020160622\nID_FS_PUBLISHER_ID=https:\\x2f\\x2ftails.boum.org\\x2f\nID_FS_SYSTEM_ID=LINUX\nID_FS_TYPE=iso9660\nID_FS_USAGE=filesystem\nID_FS_UUID=2016-06-22-08-45-34-00\nID_FS_UUID_ENC=2016-06-22-08-45-34-00\nID_FS_VERSION=Joliet Extension\nID_MODEL=QEMU_DVD-ROM\nID_MODEL_ENC=QEMU\\x20DVD-ROM\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\\x20\nID_PART_TABLE_TYPE=dos\nID_PART_TABLE_UUID=0ff67302\nID_REVISION=0.15\nID_SERIAL=QEMU_DVD-ROM_QM00003\nID_SERIAL_SHORT=QM00003\nID_TYPE=cd\nMAJOR=11\nMINOR=0\nSUBSYSTEM=block\nTAGS=:seat:systemd:uaccess:\nUSEC_INITIALIZED=82362\n", ""] When I eject the boot medium # features/step_definitions/common_steps.rb:903 Then Tails eventually shuts down # features/step_definitions/common_steps.rb:519 Scenario: The Tails Greeter "disable all networking" option disables networking within Tails # features/checks.feature:99 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466589198' call returned: [0, "Wed Jun 22 09:53:18 UTC 2016\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:199 [log] CLICK on (433,404) [log] CLICK on (643,447) And I enable more Tails Greeter options # features/step_definitions/common_steps.rb:308 [log] CLICK on (512,671) And I disable all networking in the Tails Greeter # features/step_definitions/checks.rb:240 [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:292 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "", ""] Then no network interfaces are enabled # features/step_definitions/mac_spoofing.rb:75 @product Feature: Getting a DHCP lease without leaking too much information As a Tails user when I connect to a network with a DHCP server I should be able to connect to the Internet and the hostname should not have been leaked on the network. Background: # features/dhcp.feature:8 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589240' call returned: [0, "Wed Jun 22 09:54:00 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 And the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 78ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared # features/step_definitions/common_steps.rb:434 calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked # features/step_definitions/common_steps.rb:392 Scenario: Getting a DHCP lease with the default NetworkManager connection # features/dhcp.feature:16 calling as root: hostname call returned: [0, "amnesia\n", ""] Then the hostname should not have been leaked on the network # features/step_definitions/dhcp.rb:1 Scenario: Getting a DHCP lease with a manually configured NetworkManager connection # features/dhcp.feature:19 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [1, "", ""] calling as root: date -s '@1466589297' call returned: [0, "Wed Jun 22 09:54:57 UTC 2016\n", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 65ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] calling as root: echo '[802-3-ethernet]' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'duplex=full' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '[connection]' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'id=manually-added-con' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'uuid=bbc60668-1be0-11e4-a9c6-2f1ce0e75bf1' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'type=802-3-ethernet' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'timestamp=1395406011' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '[ipv6]' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'method=auto' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo '[ipv4]' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: echo 'method=auto' >> /tmp/NM.manually-added-con call returned: [0, "", ""] calling as root: install -m 0600 '/tmp/NM.manually-added-con' '/etc/NetworkManager/system-connections/manually-added-con' call returned: [0, "", ""] calling as root: nmcli connection load '/etc/NetworkManager/system-connections/manually-added-con' call returned: [0, "", ""] calling as root: nmcli --terse --fields NAME connection show call returned: [0, "manually-added-con\nWired connection\n", ""] When I add a wired DHCP NetworkManager connection called "manually-added-con" # features/step_definitions/common_steps.rb:578 calling as root: nmcli connection up id manually-added-con call returned: [0, "Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)\n", ""] calling as root: nmcli --terse --fields NAME,STATE connection show call returned: [0, "manually-added-con:activated\nWired connection:--\n", ""] And I switch to the "manually-added-con" NetworkManager connection # features/step_definitions/common_steps.rb:607 calling as root: hostname call returned: [0, "amnesia\n", ""] Then the hostname should not have been leaked on the network # features/step_definitions/dhcp.rb:1 @product @check_tor_leaks Feature: Electrum Bitcoin client As a Tails user I might want to use a Bitcoin client And all Internet traffic should flow only through Tor Scenario: A warning will be displayed if Electrum is not persistent # features/electrum.feature:7 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589353' call returned: [0, "Wed Jun 22 09:55:53 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.Cp2JVToCGP\n", ""] calling as root: rm -f '/tmp/tmp.Cp2JVToCGP' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.Cp2JVToCGP' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.Cp2JVToCGP' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.Cp2JVToCGP_20160622-095554_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.Cp2JVToCGP' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.utC5Baseev\n", ""] calling as root: rm -f '/tmp/tmp.utC5Baseev' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.utC5Baseev' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.utC5Baseev' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.utC5Baseev_20160622-095557_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.utC5Baseev' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.g8fvr3K1Wp\n", ""] calling as root: rm -f '/tmp/tmp.g8fvr3K1Wp' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Electrum Bitcoin Wallet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.g8fvr3K1Wp' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.g8fvr3K1Wp' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.g8fvr3K1Wp_20160622-095601_debug ...\nClicking on [label | Electrum Bitcoin Wallet]\nMouse button 1 click at (334,72)\n", ""] calling as root: rm -f '/tmp/tmp.g8fvr3K1Wp' call returned: [0, "", ""] When I start Electrum through the GNOME menu # features/step_definitions/electrum.rb:1 calling as root: perl -E ' use strict; use warnings FATAL => "all"; use Tails::Persistence::Configuration::Presets; foreach my $preset (Tails::Persistence::Configuration::Presets->new()->all) { say $preset->destination, ":", join(",", @{$preset->options}); }' call returned: [0, "/home/amnesia/Persistent:source=Persistent\n/home/amnesia/.gnupg:source=gnupg\n/home/amnesia/.ssh:source=openssh-client\n/home/amnesia/.purple:source=pidgin\n/home/amnesia/.icedove:source=icedove\n/home/amnesia/.gnome2/keyrings:source=gnome-keyrings\n/etc/NetworkManager/system-connections:source=nm-system-connections\n/home/amnesia/.mozilla/firefox/bookmarks:source=bookmarks\n/etc/cups:source=cups-configuration\n/home/amnesia/.electrum:source=electrum\n/var/cache/apt/archives:source=apt/cache\n/var/lib/apt/lists:source=apt/lists\n/home/amnesia:source=dotfiles,link\n", ""] calling as root: findmnt --noheadings --output SOURCE --target '/home/amnesia/.electrum' call returned: [0, "aufs\n", ""] But persistence for "electrum" is not enabled # features/step_definitions/common_steps.rb:662 Then I see a warning that Electrum is not persistent # features/step_definitions/electrum.rb:39 @product Feature: Encryption and verification using GnuPG As a Tails user I want to be able to easily encrypt and sign messages using GnuPG And decrypt and verify GnuPG blocks Background: # features/encryption.feature:7 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589372' call returned: [0, "Wed Jun 22 09:56:12 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: echo ' Key-Type: RSA' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Key-Length: 4096' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Subkey-Type: RSA' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Subkey-Length: 4096' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Name-Real: test' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Name-Comment: Blah' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Name-Email: test@test.org' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Expire-Date: 0' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' Passphrase: asdf' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: echo ' %commit' >> /tmp/gpg_key_recipie call returned: [0, "", ""] calling as amnesia: gpg --batch --gen-key < /tmp/gpg_key_recipie call returned: [0, "", "............+++++\n.......+++++\n+++++\n......+++++\ngpg: key 0xB8F88AAB2BC7F346 marked as ultimately trusted\n"] And I generate an OpenPGP key named "test" with password "asdf" # features/step_definitions/encryption.rb:11 @product Feature: Using Evince As a Tails user I want to view and print PDF files in Evince And AppArmor should prevent Evince from doing dangerous things Scenario: I cannot view a PDF file stored in non-persistent /home/amnesia/.gnupg # features/evince.feature:24 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589389' call returned: [0, "Wed Jun 22 09:56:29 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: cp "/usr/share/cups/data/default-testpage.pdf" "/home/amnesia/.gnupg" call returned: [0, "", ""] And I copy "/usr/share/cups/data/default-testpage.pdf" to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/common_steps.rb:650 calling as root: test -e '/home/amnesia/.gnupg/default-testpage.pdf' call returned: [0, "", ""] Then the file "/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:628 calling as root: test -e '/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf' call returned: [0, "", ""] And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:628 calling as root: test -e '/live/overlay/home/amnesia/.gnupg/default-testpage.pdf' call returned: [0, "", ""] And the file "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 09:56:30\n", ""] Given I start monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.rOk7GBbI3c\n", ""] calling as root: rm -f '/tmp/tmp.rOk7GBbI3c' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.rOk7GBbI3c' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.rOk7GBbI3c' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.rOk7GBbI3c_20160622-095632_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.rOk7GBbI3c' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.vrt9PGCaHH\n", ""] calling as root: rm -f '/tmp/tmp.vrt9PGCaHH' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.vrt9PGCaHH' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.vrt9PGCaHH' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.vrt9PGCaHH_20160622-095635_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.vrt9PGCaHH' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.5QjPSnlveh\n", ""] calling as root: rm -f '/tmp/tmp.5QjPSnlveh' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.5QjPSnlveh' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.5QjPSnlveh' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.5QjPSnlveh_20160622-095639_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.5QjPSnlveh' call returned: [0, "", ""] [log] TYPE "evince /home/amnesia/.gnupg/default-testpage.pdf " When I try to open "/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 09:56:30' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/home/amnesia/.gnupg/default-testpage.pdf"' call returned: [0, "Jun 22 09:56:47 amnesia kernel: audit: type=1400 audit(1466589407.552:26): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=3318 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 09:56:47 amnesia kernel: audit: type=1400 audit(1466589407.552:27): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/home/amnesia/.gnupg/default-testpage.pdf\" pid=3318 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:873 [log] Ctrl+TYPE "w" calling as root: pidof -x -o '%PPID' evince call returned: [1, "", ""] When I close Evince # features/step_definitions/evince.rb:22 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 09:56:50\n", ""] Given I restart monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "3244\n", ""] [log] CLICK on (226,173) [log] TYPE "evince /lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf " When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 09:56:50' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"' call returned: [0, "Jun 22 09:56:55 amnesia kernel: audit: type=1400 audit(1466589415.364:28): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=3472 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 09:56:55 amnesia kernel: audit: type=1400 audit(1466589415.364:29): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=3472 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:873 [log] Ctrl+TYPE "w" calling as root: pidof -x -o '%PPID' evince call returned: [1, "", ""] When I close Evince # features/step_definitions/evince.rb:22 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 09:56:58\n", ""] Given I restart monitoring the AppArmor log of "/usr/bin/evince" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "3244\n", ""] [log] CLICK on (226,227) [log] TYPE "evince /live/overlay/home/amnesia/.gnupg/default-testpage.pdf " When I try to open "/live/overlay/home/amnesia/.gnupg/default-testpage.pdf" with Evince # features/step_definitions/evince.rb:1 Then I see "EvinceUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 09:56:58' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf"' call returned: [0, "Jun 22 09:57:02 amnesia kernel: audit: type=1400 audit(1466589422.276:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=3620 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 09:57:02 amnesia kernel: audit: type=1400 audit(1466589422.276:31): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/evince\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf\" pid=3620 comm=\"EvJobScheduler\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/evince" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/default-testpage.pdf" # features/step_definitions/common_steps.rb:873 @product Feature: Localization As a Tails user I want Tails to be localized in my native language And various Tails features should still work @doc Scenario: The Report an Error launcher will open the support documentation in supported non-English locales # features/localization.feature:8 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466589427' call returned: [0, "Wed Jun 22 09:57:07 UTC 2016\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:199 And the network is plugged # features/step_definitions/common_steps.rb:159 [log] CLICK on (310,753) [log] CLICK on (292,704) [log] CLICK on (639,447) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [0, "27262981\n", ""] [log] CLICK on (642,13) calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session in German # features/step_definitions/common_steps.rb:292 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 [log] DOUBLE CLICK on (89,174) When I double-click the Report an Error launcher on the desktop # features/step_definitions/checks.rb:38 Then the support documentation page opens in Tor Browser # features/step_definitions/checks.rb:137 Scenario: The Unsafe Browser can be used in all languages supported in Tails # features/localization.feature:16 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466589494' call returned: [0, "Wed Jun 22 09:58:14 UTC 2016\n", ""] Checkpoint: I have started Tails from DVD and logged in and the network is connected Given I have started Tails from DVD without network and logged in And the network is plugged calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 65ms [log] CLICK on (991,697) [log] CLICK on (990,584) [log] CLICK on (51,16) And all notifications have disappeared calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [1, "", ""] calling as root: test -e '/var/run/tails-upgrader/checked_upgrades' call returned: [0, "", ""] And available upgrades have been checked Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: test -d '/usr/lib/locale/ar_EG.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/de_DE.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/es_ES_ES.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/es_ES.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/en_US_US.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/en_US.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/fa_IR.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/fa.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/fa_IR' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/fr_FR.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/it_IT.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/ja_JP.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/ko_KR.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/nl_NL.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/pl_PL.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/pt_PT_PT.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/pt_PT.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/ru_RU.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/tr_TR.utf8' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/vi_VN.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/vi.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/vi_VN' call returned: [0, "", ""] calling as root: test -d '/usr/lib/locale/zh_CN_CN.utf8' call returned: [1, "", ""] calling as root: test -d '/usr/lib/locale/zh_CN.utf8' call returned: [0, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.RUB4g7VeYb\n", ""] calling as root: rm -f '/tmp/tmp.RUB4g7VeYb' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.RUB4g7VeYb' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.RUB4g7VeYb' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.RUB4g7VeYb_20160622-095914_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.RUB4g7VeYb' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.Ti2japVAGk\n", ""] calling as root: rm -f '/tmp/tmp.Ti2japVAGk' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.Ti2japVAGk' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.Ti2japVAGk' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.Ti2japVAGk_20160622-095917_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.Ti2japVAGk' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.9Mk6P3XibS\n", ""] calling as root: rm -f '/tmp/tmp.9Mk6P3XibS' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.9Mk6P3XibS' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.9Mk6P3XibS' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.9Mk6P3XibS_20160622-095921_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.9Mk6P3XibS' call returned: [0, "", ""] [log] TYPE "LANG=ar_EG.utf8 LC_ALL=ar_EG.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=de_DE.utf8 LC_ALL=de_DE.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=es_ES.utf8 LC_ALL=es_ES.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=en_US.utf8 LC_ALL=en_US.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=fa_IR LC_ALL=fa_IR sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=fr_FR.utf8 LC_ALL=fr_FR.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=it_IT.utf8 LC_ALL=it_IT.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=ja_JP.utf8 LC_ALL=ja_JP.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=ko_KR.utf8 LC_ALL=ko_KR.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=nl_NL.utf8 LC_ALL=nl_NL.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=pl_PL.utf8 LC_ALL=pl_PL.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=pt_PT.utf8 LC_ALL=pt_PT.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=ru_RU.utf8 LC_ALL=ru_RU.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=tr_TR.utf8 LC_ALL=tr_TR.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=vi_VN LC_ALL=vi_VN sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "4865\n", ""] [log] CLICK on (226,587) [log] TYPE "LANG=zh_CN.utf8 LC_ALL=zh_CN.utf8 sudo unsafe-browser " [log] TYPE " " [log] Ctrl+TYPE "q" calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [0, "", ""] calling as root: test -d '/var/lib/unsafe-browser/chroot' call returned: [1, "", ""] Then the Unsafe Browser works in all supported languages # features/step_definitions/unsafe_browser.rb:30 @product Feature: Spoofing MAC addresses In order to not reveal information about the physical location As a Tails user I want to be able to control whether my network devices MAC addresses should be spoofed And I want this feature to fail safe and notify me in case of errors Background: # features/mac_spoofing.feature:8 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466589855' call returned: [0, "Wed Jun 22 10:04:15 UTC 2016\n", ""] Given I have started Tails from DVD without network and stopped at Tails Greeter's login screen # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 And the network is plugged # features/step_definitions/common_steps.rb:159 Scenario: MAC address spoofing is disabled # features/mac_spoofing.feature:13 [log] CLICK on (433,404) [log] CLICK on (643,447) When I enable more Tails Greeter options # features/step_definitions/common_steps.rb:308 [log] CLICK on (511,441) And I disable MAC spoofing in Tails Greeter # features/step_definitions/mac_spoofing.rb:7 [log] CLICK on (812,712) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] And I log in to a new session # features/step_definitions/common_steps.rb:292 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] Then 1 network interface is enabled # features/step_definitions/mac_spoofing.rb:75 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 call returned: [0, "52:54:00:ac:dd:ee\n", ""] And the network device has its default MAC address configured # features/step_definitions/mac_spoofing.rb:11 And the real MAC address was leaked # features/step_definitions/mac_spoofing.rb:34 Scenario: MAC address spoofing is successful # features/mac_spoofing.feature:22 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466589900' call returned: [0, "Wed Jun 22 10:05:00 UTC 2016\n", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] When I log in to a new session # features/step_definitions/common_steps.rb:292 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] Then 1 network interface is enabled # features/step_definitions/mac_spoofing.rb:75 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "eth0\n", ""] calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_current_mac_of_nic eth0 call returned: [0, "50:54:00:24:a4:1a\n", ""] And the network device has a spoofed MAC address configured # features/step_definitions/mac_spoofing.rb:11 And the real MAC address was not leaked # features/step_definitions/mac_spoofing.rb:34 Scenario: The MAC address is not leaked when booting Tails # features/mac_spoofing.feature:58 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", "eth0: error fetching interface information: Device not found\n"] calling as root: date -s '@1466589942' call returned: [0, "Wed Jun 22 10:05:42 UTC 2016\n", ""] Given a computer # features/step_definitions/common_steps.rb:122 And I capture all network traffic # features/step_definitions/common_steps.rb:171 [log] CLICK on (1024,384) When I start the computer # features/step_definitions/common_steps.rb:184 [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] Then the computer boots Tails # features/step_definitions/common_steps.rb:273 calling as root: . /usr/local/lib/tails-shell-library/hardware.sh && get_all_ethernet_nics call returned: [0, "", ""] And no network interfaces are enabled # features/step_definitions/mac_spoofing.rb:75 And the real MAC address was not leaked # features/step_definitions/mac_spoofing.rb:34 @product Feature: Metadata Anonymization Toolkit As a Tails user I want to be able to remove leaky metadata from documents and media files # In this feature we cannot restore from snapshots since it's # incompatible with filesystem shares. Scenario: MAT can clean a PDF file # features/mat.feature:9 Given a computer # features/step_definitions/common_steps.rb:122 And I setup a filesystem share containing a sample PDF # features/step_definitions/checks.rb:126 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: mkdir -p /tmp/shared_pdf_dir call returned: [0, "", ""] calling as root: mount -t 9p -o trans=virtio /tmp/shared_pdf_dir /tmp/shared_pdf_dir call returned: [0, "", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 225ms [profile] Finder.findAll START [profile] Finder.findAll END: 279ms [profile] Finder.findAll START [profile] Finder.findAll END: 238ms [profile] Finder.findAll START [profile] Finder.findAll END: 224ms [profile] Finder.findAll START [profile] Finder.findAll END: 223ms [profile] Finder.findAll START [profile] Finder.findAll END: 226ms [profile] Finder.findAll START [profile] Finder.findAll END: 226ms [profile] Finder.findAll START [profile] Finder.findAll END: 263ms [log] CLICK on (51,16) And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as amnesia: cp "/tmp/shared_pdf_dir/sample.pdf" "/home/amnesia/sample.pdf" call returned: [0, "", ""] calling as amnesia: mat --check '/home/amnesia/sample.pdf' call returned: [0, "[+] /home/amnesia/sample.pdf is not clean\n", ""] calling as amnesia: mat '/home/amnesia/sample.pdf' call returned: [0, "[*] Cleaning /home/amnesia/sample.pdf\n[+] /home/amnesia/sample.pdf cleaned!\n", ""] calling as amnesia: mat --check '/home/amnesia/sample.pdf' call returned: [0, "[+] /home/amnesia/sample.pdf is clean\n", ""] calling as root: rm '/home/amnesia/sample.pdf' call returned: [0, "", ""] Then MAT can clean some sample PDF file # features/step_definitions/checks.rb:141 @product Feature: Chatting anonymously using Pidgin As a Tails user when I chat using Pidgin I should be able to use OTR And I should be able to persist my Pidgin configuration And AppArmor should prevent Pidgin from doing dangerous things And all Internet traffic should flow only through Tor Scenario: Adding a certificate to Pidgin # features/pidgin.feature:74 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590182' call returned: [0, "Wed Jun 22 10:09:42 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.fROBT276D9\n", ""] calling as root: rm -f '/tmp/tmp.fROBT276D9' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.fROBT276D9' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.fROBT276D9' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.fROBT276D9_20160622-100947_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.fROBT276D9' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.msFGkNCn35\n", ""] calling as root: rm -f '/tmp/tmp.msFGkNCn35' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.msFGkNCn35' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.msFGkNCn35' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.msFGkNCn35_20160622-100951_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.msFGkNCn35' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.RGaagnFlXa\n", ""] calling as root: rm -f '/tmp/tmp.RGaagnFlXa' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Pidgin Internet Messenger'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.RGaagnFlXa' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.RGaagnFlXa' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.RGaagnFlXa_20160622-100954_debug ...\nClicking on [label | Pidgin Internet Messenger]\nMouse button 1 click at (343,292)\n", ""] calling as root: rm -f '/tmp/tmp.RGaagnFlXa' call returned: [0, "", ""] And I start Pidgin through the GNOME menu # features/step_definitions/pidgin.rb:291 And I see Pidgin's account manager window # features/step_definitions/pidgin.rb:301 And I close Pidgin's account manager window # features/step_definitions/pidgin.rb:305 [log] CLICK on (710,528) calling as amnesia: cp "/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt" "/home/amnesia/test.crt" call returned: [0, "", ""] calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync call returned: [0, "", ""] [log] CLICK on (318,186) [log] CLICK on (354,240) [log] CLICK on (644,273) [log] CLICK on (146,308) [log] CLICK on (122,134) [log] Alt+TYPE "l" [log] TYPE "/home/amnesia/test.crt " [log] TYPE "XXX test XXX " Then I can add a certificate from the "/home/amnesia" directory to Pidgin # features/step_definitions/pidgin.rb:457 Scenario: Failing to add a certificate to Pidgin # features/pidgin.feature:81 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590221' call returned: [0, "Wed Jun 22 10:10:21 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.rODI9sIw22\n", ""] calling as root: rm -f '/tmp/tmp.rODI9sIw22' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.rODI9sIw22' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.rODI9sIw22' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.rODI9sIw22_20160622-101026_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.rODI9sIw22' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.QYtJm5jC0Y\n", ""] calling as root: rm -f '/tmp/tmp.QYtJm5jC0Y' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.QYtJm5jC0Y' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.QYtJm5jC0Y' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.QYtJm5jC0Y_20160622-101030_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.QYtJm5jC0Y' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.mo6jxrSXMJ\n", ""] calling as root: rm -f '/tmp/tmp.mo6jxrSXMJ' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Pidgin Internet Messenger'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.mo6jxrSXMJ' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.mo6jxrSXMJ' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.mo6jxrSXMJ_20160622-101034_debug ...\nClicking on [label | Pidgin Internet Messenger]\nMouse button 1 click at (343,292)\n", ""] calling as root: rm -f '/tmp/tmp.mo6jxrSXMJ' call returned: [0, "", ""] When I start Pidgin through the GNOME menu # features/step_definitions/pidgin.rb:291 And I see Pidgin's account manager window # features/step_definitions/pidgin.rb:301 [log] CLICK on (710,528) And I close Pidgin's account manager window # features/step_definitions/pidgin.rb:305 calling as amnesia: cp "/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt" "/home/amnesia/.gnupg/test.crt" call returned: [0, "", ""] calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync call returned: [0, "", ""] [log] CLICK on (318,186) [log] CLICK on (354,240) [log] CLICK on (644,273) [log] CLICK on (146,308) [log] CLICK on (122,134) [log] Alt+TYPE "l" [log] TYPE "/home/amnesia/.gnupg/test.crt " Then I cannot add a certificate from the "/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:464 [log] TYPE "" When I close Pidgin's certificate import failure dialog # features/step_definitions/pidgin.rb:476 [log] TYPE "" And I close Pidgin's certificate manager # features/step_definitions/pidgin.rb:469 calling as amnesia: cp "/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt" "/lib/live/mount/overlay/home/amnesia/.gnupg/test.crt" call returned: [0, "", ""] calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync call returned: [0, "", ""] [log] CLICK on (318,186) [log] CLICK on (354,240) [log] CLICK on (644,273) [log] CLICK on (122,134) [log] Alt+TYPE "l" [log] TYPE "/lib/live/mount/overlay/home/amnesia/.gnupg/test.crt " Then I cannot add a certificate from the "/lib/live/mount/overlay/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:464 [log] TYPE "" When I close Pidgin's certificate import failure dialog # features/step_definitions/pidgin.rb:476 [log] TYPE "" And I close Pidgin's certificate manager # features/step_definitions/pidgin.rb:469 calling as amnesia: cp "/usr/share/ca-certificates/spi-inc.org/spi-cacert-2008.crt" "/live/overlay/home/amnesia/.gnupg/test.crt" call returned: [0, "", ""] calling as amnesia: xdotool search --name 'Buddy List' windowactivate --sync call returned: [0, "", ""] [log] CLICK on (318,186) [log] CLICK on (354,240) [log] CLICK on (644,273) [log] CLICK on (122,134) [log] Alt+TYPE "l" [log] TYPE "/live/overlay/home/amnesia/.gnupg/test.crt " Then I cannot add a certificate from the "/live/overlay/home/amnesia/.gnupg" directory to Pidgin # features/step_definitions/pidgin.rb:464 @source Feature: check PO files As a Tails developer, when I build Tails, I want to make sure the PO files in use are correct. @doc Scenario: check all PO files # features/po.feature:7 Given I am in the Git branch being tested # features/step_definitions/po.rb:1 Then all the PO files should be correct # features/step_definitions/po.rb:5 @product Feature: The Tor enforcement is effective As a Tails user I want all direct Internet connections I do by mistake or applications do by misconfiguration or buggy leaks to be blocked And as a Tails developer I want to ensure that the automated test suite detects firewall leaks reliably Scenario: Tails' Tor binary is configured to use the expected Tor authorities # features/tor_enforcement.feature:8 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590305' call returned: [0, "Wed Jun 22 10:11:45 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: strings /usr/bin/tor | grep -E 'orport=[0-9]+' call returned: [0, "moria1 orport=9101 v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31\ntor26 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D\ndizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755\nTonga orport=443 bridge 82.94.251.203:80 4A0C CD2D DC79 9508 3D73 F5D6 6710 0C8A 5831 F16D\ngabelmoo orport=443 v3ident=ED03BB616EB2F60BEC80151114BB25CEF515B226 131.188.40.189:80 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281\ndannenberg orport=443 v3ident=585769C78764D58426B8B52B6651A5A71137189A 193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123\nurras orport=80 v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C 208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417\nmaatuska orport=80 v3ident=49015F787433103580E3B66A1707A00E60F2D15B 171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810\nFaravahar orport=443 v3ident=EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 154.35.175.225:80 CF6D 0AAF B385 BE71 B8E1 11FC 5CFF 4B47 9237 33BC\nlongclaw orport=443 v3ident=23D15D965BC35114467363C165C4F724B64B4F66 199.254.238.52:80 74A9 1064 6BCE EFBC D2E8 74FC 1DC9 9743 0F96 8145\n", ""] Then the Tor binary is configured to use the expected Tor authorities # features/step_definitions/tor.rb:398 Scenario: The firewall configuration is very restrictive # features/tor_enforcement.feature:12 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590317' call returned: [0, "Wed Jun 22 10:11:57 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: iptables-save -c -t filter | iptables-xml call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 121\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 122\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 124\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

tcp

\n
\n \n 53\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 117\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 107\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n 116\n \n \n \n \n icmp-port-unreachable\n \n \n\n \n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] Then the firewall's policy is to DROP all IPv4 traffic # features/step_definitions/tor.rb:55 calling as root: id -u clearnet call returned: [0, "117\n", ""] calling as root: id -u debian-tor call returned: [0, "107\n", ""] calling as root: iptables-save -c -t filter | iptables-xml call returned: [0, "\n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n \n \n \n \n \n\n \n\n \n \n \n \n \n ESTABLISHED\n \n \n \n \n \n\n \n\n \n \n \n lo\n

icmp

\n
\n \n RELATED\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 13\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9050\n FIN,SYN,RST,ACK SYN\n \n \n 65534\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n FIN,SYN,RST,ACK SYN\n \n \n 9050,9061,9062,9150\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 118\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 121\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9062\n FIN,SYN,RST,ACK SYN\n \n \n 122\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 124\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9051\n \n \n 0\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9052\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 9040\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

udp

\n
\n \n 5353\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

udp

\n
\n \n 53\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.2/32\n lo\n

tcp

\n
\n \n 53\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 4101\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 631\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n lo\n

tcp

\n
\n \n 6136\n FIN,SYN,RST,ACK SYN\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

tcp

\n
\n \n 117\n \n
\n \n \n \n\n
\n\n \n \n \n lo\n

udp

\n
\n \n 117\n \n \n 53\n \n
\n \n \n \n\n
\n\n \n \n \n 10.0.0.0/8\n \n \n \n \n \n \n \n\n \n\n \n \n \n 172.16.0.0/12\n \n \n \n \n \n \n \n\n \n\n \n \n \n 192.168.0.0/16\n \n \n \n \n \n \n \n\n \n\n \n \n \n

tcp

\n
\n \n 107\n \n \n FIN,SYN,RST,ACK SYN\n \n \n NEW\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp-port-unreachable\n \n \n\n \n\n
\n \n \n \n \n

tcp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n

udp

\n
\n \n 53\n \n
\n \n \n icmp-port-unreachable\n \n \n\n
\n\n \n \n \n 116\n \n \n \n \n icmp-port-unreachable\n \n \n\n \n\n \n \n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the firewall is configured to only allow the clearnet and debian-tor users to connect directly to the Internet over IPv4 # features/step_definitions/tor.rb:65 calling as root: iptables-save -c -t nat | iptables-xml call returned: [0, "\n\n \n \n \n \n \n 127.192.0.0/10\n

tcp

\n
\n
\n \n \n 9040\n \n \n\n
\n\n \n \n \n 127.0.0.1/32\n

udp

\n
\n \n 53\n \n
\n \n \n 5353\n \n \n\n
\n\n
\n \n \n \n
\n\n
\n", ""] And the firewall's NAT rules only redirect traffic for Tor's TransPort and DNSPort # features/step_definitions/tor.rb:120 calling as root: ip6tables-save -c -t filter | iptables-xml call returned: [0, "\n\n \n \n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n
\n \n \n \n\n
\n\n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n ESTABLISHED\n \n
\n \n \n \n\n
\n\n
\n \n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n 1000\n \n
\n \n \n \n\n
\n\n \n \n \n ::1/128\n ::1/128\n lo\n

tcp

\n
\n \n 4101\n \n \n ESTABLISHED\n \n
\n \n \n \n\n
\n\n \n \n \n "Dropped outbound packet: "\n 7\n \n \n \n\n \n\n \n \n \n icmp6-port-unreachable\n \n \n\n \n\n
\n \n
\n\n
\n", ""] And the firewall is configured to block all external IPv6 traffic # features/step_definitions/tor.rb:156 Scenario: Anti test: Detecting TCP leaks of DNS lookups with the firewall leak detector # features/tor_enforcement.feature:28 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590332' call returned: [0, "Wed Jun 22 10:12:12 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 calling as root: /usr/local/lib/do_not_ever_run_me call returned: [0, "", ""] calling as root: iptables -L -n -v call returned: [0, "Chain INPUT (policy ACCEPT 1 packets, 40 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 2 packets, 92 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 calling as amnesia: host -T torproject.org 208.67.222.222 call returned: [0, "Using domain server:\nName: 208.67.222.222\nAddress: 208.67.222.222#53\nAliases: \n\ntorproject.org has address 86.59.30.40\ntorproject.org has address 82.195.75.101\ntorproject.org has address 138.201.14.197\ntorproject.org has address 38.229.72.16\ntorproject.org has IPv6 address 2001:41b8:202:deb:213:21ff:fe20:1426\ntorproject.org has IPv6 address 2001:858:2:2:aabb:0:563b:1e28\ntorproject.org has IPv6 address 2620:0:6b0:b:1a1a:0:26e5:4810\ntorproject.org has IPv6 address 2a01:4f8:172:1b46:0:abba:5:1\ntorproject.org mail is handled by 10 eugeni.torproject.org.\n", ""] When I do a TCP DNS lookup of "torproject.org" # features/step_definitions/firewall_leaks.rb:19 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 Scenario: Anti test: Detecting UDP leaks of DNS lookups with the firewall leak detector # features/tor_enforcement.feature:35 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590344' call returned: [0, "Wed Jun 22 10:12:24 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 calling as root: /usr/local/lib/do_not_ever_run_me call returned: [0, "", ""] calling as root: iptables -L -n -v call returned: [0, "Chain INPUT (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 calling as amnesia: host torproject.org 208.67.222.222 call returned: [0, "Using domain server:\nName: 208.67.222.222\nAddress: 208.67.222.222#53\nAliases: \n\ntorproject.org has address 82.195.75.101\ntorproject.org has address 138.201.14.197\ntorproject.org has address 38.229.72.16\ntorproject.org has address 86.59.30.40\ntorproject.org has IPv6 address 2001:41b8:202:deb:213:21ff:fe20:1426\ntorproject.org has IPv6 address 2001:858:2:2:aabb:0:563b:1e28\ntorproject.org has IPv6 address 2620:0:6b0:b:1a1a:0:26e5:4810\ntorproject.org has IPv6 address 2a01:4f8:172:1b46:0:abba:5:1\ntorproject.org mail is handled by 10 eugeni.torproject.org.\n", ""] When I do a UDP DNS lookup of "torproject.org" # features/step_definitions/firewall_leaks.rb:24 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 Scenario: Anti test: Detecting ICMP leaks of ping with the firewall leak detector # features/tor_enforcement.feature:42 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590357' call returned: [0, "Wed Jun 22 10:12:37 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 And I capture all network traffic # features/step_definitions/common_steps.rb:171 calling as root: /usr/local/lib/do_not_ever_run_me call returned: [0, "", ""] calling as root: iptables -L -n -v call returned: [0, "Chain INPUT (policy ACCEPT 13 packets, 6131 bytes)\n pkts bytes target prot opt in out source destination \n\nChain FORWARD (policy ACCEPT 0 packets, 0 bytes)\n pkts bytes target prot opt in out source destination \n\nChain OUTPUT (policy ACCEPT 18 packets, 5413 bytes)\n pkts bytes target prot opt in out source destination \n", ""] And I disable Tails' firewall # features/step_definitions/firewall_leaks.rb:7 calling as root: ping -c 5 208.67.222.222 call returned: [0, "PING 208.67.222.222 (208.67.222.222) 56(84) bytes of data.\n64 bytes from 208.67.222.222: icmp_seq=1 ttl=60 time=0.651 ms\n64 bytes from 208.67.222.222: icmp_seq=2 ttl=60 time=1.31 ms\n64 bytes from 208.67.222.222: icmp_seq=3 ttl=60 time=0.650 ms\n64 bytes from 208.67.222.222: icmp_seq=4 ttl=60 time=0.685 ms\n64 bytes from 208.67.222.222: icmp_seq=5 ttl=60 time=0.578 ms\n\n--- 208.67.222.222 ping statistics ---\n5 packets transmitted, 5 received, 0% packet loss, time 4001ms\nrtt min/avg/max/mdev = 0.578/0.775/1.313/0.272 ms\n", ""] When I send some ICMP pings # features/step_definitions/firewall_leaks.rb:29 Then the firewall leak detector has detected leaks # features/step_definitions/firewall_leaks.rb:1 @check_tor_leaks Scenario: The Tor enforcement is effective at blocking untorified TCP connection attempts # features/tor_enforcement.feature:50 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590373' call returned: [0, "Wed Jun 22 10:12:53 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=TCP .* DPT=42 ' call returned: [1, "", ""] calling as amnesia: echo | netcat 1.2.3.4 42 call returned: [1, "", "(UNKNOWN) [1.2.3.4] 42 (nameserver) : Connection refused\n"] When I open an untorified TCP connections to 1.2.3.4 on port 42 that is expected to fail # features/step_definitions/tor.rb:187 Then the untorified connection fails # features/step_definitions/tor.rb:211 calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=TCP .* DPT=42 ' call returned: [0, "", ""] And the untorified connection is logged as dropped by the firewall # features/step_definitions/tor.rb:225 @check_tor_leaks Scenario: The Tor enforcement is effective at blocking untorified UDP connection attempts # features/tor_enforcement.feature:57 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590385' call returned: [0, "Wed Jun 22 10:13:05 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=UDP .* DPT=42 ' call returned: [1, "", ""] calling as amnesia: echo | netcat -u 1.2.3.4 42 call returned: [1, "", ""] When I open an untorified UDP connections to 1.2.3.4 on port 42 that is expected to fail # features/step_definitions/tor.rb:187 Then the untorified connection fails # features/step_definitions/tor.rb:211 calling as root: journalctl --dmesg --output=cat | grep -qP '^Dropped outbound packet: .* DST=1\.2\.3\.4 .* PROTO=UDP .* DPT=42 ' call returned: [0, "", ""] And the untorified connection is logged as dropped by the firewall # features/step_definitions/tor.rb:225 Scenario: The system DNS is always set up to use Tor's DNSPort # features/tor_enforcement.feature:70 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466590396' call returned: [0, "Wed Jun 22 10:13:16 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as root: cat /etc/resolv.conf call returned: [0, "nameserver 127.0.0.1\n", ""] And the system DNS is using the local DNS resolver # features/step_definitions/tor.rb:232 And the network is plugged # features/step_definitions/common_steps.rb:159 calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] calling as root: systemctl is-system-running call returned: [0, "running\n", ""] And Tor is ready # features/step_definitions/common_steps.rb:373 calling as root: cat /etc/resolv.conf call returned: [0, "nameserver 127.0.0.1\n", ""] Then the system DNS is still using the local DNS resolver # features/step_definitions/tor.rb:232 @product @check_tor_leaks Feature: Tor stream isolation is effective As a Tails user I want my Torified sessions to be sensibly isolated from each other to prevent identity correlation Background: # features/tor_stream_isolation.feature:6 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590418' call returned: [0, "Wed Jun 22 10:13:38 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 Scenario: tails-security-check is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:9 spawning as root: while true; do netstat -taupen | grep "\.\+/perl\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of tails-security-check # features/step_definitions/tor.rb:281 calling as amnesia: tails-security-check call returned: [0, "", ""] And I re-run tails-security-check # features/step_definitions/tor.rb:305 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 1000 41131 4470/perl \n", ""] Then I see that tails-security-check is properly stream isolated # features/step_definitions/tor.rb:290 Scenario: htpdate is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:14 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590431' call returned: [0, "Wed Jun 22 10:13:51 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] spawning as root: while true; do netstat -taupen | grep "/curl\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of htpdate # features/step_definitions/tor.rb:281 calling as root: service htpdate stop && rm -f /var/run/htpdate/* && systemctl --no-block start htpdate.service call returned: [0, "", ""] calling as root: test -e /var/run/tordate/done call returned: [0, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [1, "", ""] calling as root: test -e /var/run/htpdate/success call returned: [0, "", ""] And I re-run htpdate # features/step_definitions/tor.rb:309 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 118 42986 4624/curl \ntcp 65 0 127.0.0.1:58509 127.0.0.1:9062 ESTABLISHED 118 42993 4627/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 347 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \ntcp 0 0 127.0.0.1:58510 127.0.0.1:9062 ESTABLISHED 118 43000 4629/curl \n", ""] Then I see that htpdate is properly stream isolated # features/step_definitions/tor.rb:290 Scenario: tails-upgrade-frontend-wrapper is using the Tails-specific SocksPort # features/tor_stream_isolation.feature:19 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590447' call returned: [0, "Wed Jun 22 10:14:07 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] spawning as root: while true; do netstat -taupen | grep "\.\+/perl\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of tails-upgrade-frontend-wrapper # features/step_definitions/tor.rb:281 calling as amnesia: tails-upgrade-frontend-wrapper call returned: [0, "localuser:tails-upgrade-frontend being added to access control list\nThe system is up-to-date\nlocaluser:tails-upgrade-frontend being removed from access control list\n", "Prototype mismatch: sub Tails::MirrorPool::assert ($;$) vs none at /usr/share/perl5/Tails/MirrorPool.pm line 28.\nPrototype mismatch: sub Tails::IUK::Frontend::assert ($;$) vs none at /usr/share/perl5/Tails/IUK/Frontend.pm line 42.\n"] And I re-run tails-upgrade-frontend-wrapper # features/step_definitions/tor.rb:316 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:58508 127.0.0.1:9062 ESTABLISHED 122 45591 5355/perl \ntcp 0 0 127.0.0.1:58509 127.0.0.1:9062 ESTABLISHED 122 45608 5355/perl \ntcp 0 0 127.0.0.1:58509 127.0.0.1:9062 ESTABLISHED 122 45608 5355/perl \n", ""] Then I see that tails-upgrade-frontend-wrapper is properly stream isolated # features/step_definitions/tor.rb:290 Scenario: The Tor Browser is using the web browser-specific SocksPort # features/tor_stream_isolation.feature:24 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590493' call returned: [0, "Wed Jun 22 10:14:53 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] spawning as root: while true; do netstat -taupen | grep "/firefox\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of Tor Browser # features/step_definitions/tor.rb:281 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.g4BE198S8j\n", ""] calling as root: rm -f '/tmp/tmp.g4BE198S8j' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.g4BE198S8j' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.g4BE198S8j' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.g4BE198S8j_20160622-101500_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.g4BE198S8j' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.0fJX3Pypcq\n", ""] calling as root: rm -f '/tmp/tmp.0fJX3Pypcq' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.0fJX3Pypcq' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.0fJX3Pypcq' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.0fJX3Pypcq_20160622-101503_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.0fJX3Pypcq' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.OF87hA1vc1\n", ""] calling as root: rm -f '/tmp/tmp.OF87hA1vc1' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.OF87hA1vc1' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.OF87hA1vc1' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.OF87hA1vc1_20160622-101507_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.OF87hA1vc1' call returned: [0, "", ""] And I start the Tor Browser # features/step_definitions/common_steps.rb:558 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.PLA0EJkWEn\n", ""] calling as root: rm -f '/tmp/tmp.PLA0EJkWEn' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Tails - News - Tor Browser'"'"', roleName='"'"'frame'"'"')' >> '/tmp/tmp.PLA0EJkWEn' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.PLA0EJkWEn' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.PLA0EJkWEn' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.4Cxu1ewtNk\n", ""] calling as root: rm -f '/tmp/tmp.4Cxu1ewtNk' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Reload current page'"'"', roleName='"'"'push button'"'"')' >> '/tmp/tmp.4Cxu1ewtNk' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.4Cxu1ewtNk' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.4Cxu1ewtNk' call returned: [0, "", ""] And the Tor Browser has started and loaded the startup page # features/step_definitions/common_steps.rb:403 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40904 127.0.0.1:9150 ESTABLISHED 1000 47087 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 341 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 341 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 389 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 405 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40901 127.0.0.1:9150 ESTABLISHED 1000 46551 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \ntcp 0 0 127.0.0.1:40903 127.0.0.1:9150 ESTABLISHED 1000 47039 4981/firefox \ntcp 0 0 127.0.0.1:40902 127.0.0.1:9150 ESTABLISHED 1000 46788 4981/firefox \ntcp 0 0 127.0.0.1:40905 127.0.0.1:9150 ESTABLISHED 1000 47089 4981/firefox \n", ""] Then I see that Tor Browser is properly stream isolated # features/step_definitions/tor.rb:290 Scenario: SSH is using the default SocksPort # features/tor_stream_isolation.feature:37 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590541' call returned: [0, "Wed Jun 22 10:15:41 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] spawning as root: while true; do netstat -taupen | grep "/\(connect-proxy\|ssh\)\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of SSH # features/step_definitions/tor.rb:281 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.D9KxoICnIz\n", ""] calling as root: rm -f '/tmp/tmp.D9KxoICnIz' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.D9KxoICnIz' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.D9KxoICnIz' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.D9KxoICnIz_20160622-101548_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.D9KxoICnIz' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.suzXfsRFdF\n", ""] calling as root: rm -f '/tmp/tmp.suzXfsRFdF' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.suzXfsRFdF' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.suzXfsRFdF' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.suzXfsRFdF_20160622-101552_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.suzXfsRFdF' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.6dgfMLTJ7i\n", ""] calling as root: rm -f '/tmp/tmp.6dgfMLTJ7i' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.6dgfMLTJ7i' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.6dgfMLTJ7i' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.6dgfMLTJ7i_20160622-101556_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.6dgfMLTJ7i' call returned: [0, "", ""] [log] TYPE "ssh lizard.tails.boum.org " And I run "ssh lizard.tails.boum.org" in GNOME Terminal # features/step_definitions/common_steps.rb:619 And I see "SSHAuthVerification.png" after at most 60 seconds # features/step_definitions/common_steps.rb:459 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 46341 5156/connect-proxy\n", ""] Then I see that SSH is properly stream isolated # features/step_definitions/tor.rb:290 Scenario: whois lookups use the default SocksPort # features/tor_stream_isolation.feature:43 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590571' call returned: [0, "Wed Jun 22 10:16:11 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] spawning as root: while true; do netstat -taupen | grep "/whois\>"; sleep 0.1; done > /tmp/netstat.log When I monitor the network connections of whois # features/step_definitions/tor.rb:281 calling as amnesia: whois 'boum.org' call returned: [0, "Domain Name: BOUM.ORG\nDomain ID: D103677623-LROR\nWHOIS Server:\nReferral URL: http://www.gandi.net\nUpdated Date: 2011-11-21T00:31:40Z\nCreation Date: 2004-01-07T17:49:42Z\nRegistry Expiry Date: 2019-01-07T17:49:42Z\nSponsoring Registrar: Gandi SAS\nSponsoring Registrar IANA ID: 81\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistrant ID: O-811294-GANDI\nRegistrant Name: Ben voui\nRegistrant Organization: Ben voui\nRegistrant Street: 5 rue Orfila\nRegistrant City: Paris\nRegistrant State/Province:\nRegistrant Postal Code: 75020\nRegistrant Country: FR\nRegistrant Phone: +33.143664644\nRegistrant Phone Ext:\nRegistrant Fax:\nRegistrant Fax Ext:\nRegistrant Email: 600dcd01d46cf5fe42f3e8fd48edf086-599038@contact.gandi.net\nAdmin ID: BV222-GANDI\nAdmin Name: Ben voui\nAdmin Organization:\nAdmin Street: 5 rue Orfila\nAdmin City: Paris\nAdmin State/Province:\nAdmin Postal Code: 75020\nAdmin Country: FR\nAdmin Phone: +33.143664644\nAdmin Phone Ext:\nAdmin Fax:\nAdmin Fax Ext:\nAdmin Email: 60a04aeab747f1964c5ee769feac8cba-203074@contact.gandi.net\nTech ID: BV222-GANDI\nTech Name: Ben voui\nTech Organization:\nTech Street: 5 rue Orfila\nTech City: Paris\nTech State/Province:\nTech Postal Code: 75020\nTech Country: FR\nTech Phone: +33.143664644\nTech Phone Ext:\nTech Fax:\nTech Fax Ext:\nTech Email: 60a04aeab747f1964c5ee769feac8cba-203074@contact.gandi.net\nName Server: NS.BOUM.ORG\nName Server: NS2.BOUM.ORG\nDNSSEC: unsigned\n>>> Last update of WHOIS database: 2016-06-21T18:46:08Z <<<\n\nFor more information on Whois status codes, please visit https://icann.org/epp\n\nAccess to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.\n", ""] And I query the whois directory service for "boum.org" # features/step_definitions/torified_misc.rb:1 And the whois command is successful # features/step_definitions/torified_misc.rb:25 calling as root: cat /tmp/netstat.log call returned: [0, "tcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41524 127.0.0.1:9050 ESTABLISHED 1000 41559 4505/whois \ntcp 0 0 127.0.0.1:41525 127.0.0.1:9050 ESTABLISHED 1000 41918 4505/whois \n", ""] Then I see that whois is properly stream isolated # features/step_definitions/tor.rb:290 @product Feature: Browsing the web using the Tor Browser As a Tails user when I browse the web using the Tor Browser all Internet traffic should flow only through Tor Scenario: The Tor Browser cannot access the LAN # features/torified_browsing.feature:7 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590586' call returned: [0, "Wed Jun 22 10:16:26 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: curl http://10.2.1.1:8000 call returned: [7, "", " % Total % Received % Xferd Average Speed Time Time Time Current\n Dload Upload Total Spent Left Speed\n\r 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (7) Failed to connect to 10.2.1.1 port 8000: Connection refused\n"] calling as amnesia: curl http://10.2.1.1:8000 call returned: [0, "Welcome to the LAN web server!", " % Total % Received % Xferd Average Speed Time Time Time Current\n Dload Upload Total Spent Left Speed\n\r 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0\r100 30 100 30 0 0 1823 0 --:--:-- --:--:-- --:--:-- 1875\n"] And a web server is running on the LAN # features/step_definitions/common_steps.rb:798 And I capture all network traffic # features/step_definitions/common_steps.rb:171 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.mbmfxU71nE\n", ""] calling as root: rm -f '/tmp/tmp.mbmfxU71nE' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.mbmfxU71nE' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.mbmfxU71nE' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.mbmfxU71nE_20160622-101634_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.mbmfxU71nE' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.XBXgvXJaoW\n", ""] calling as root: rm -f '/tmp/tmp.XBXgvXJaoW' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.XBXgvXJaoW' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.XBXgvXJaoW' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.XBXgvXJaoW_20160622-101637_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.XBXgvXJaoW' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.aa8XNyxRhr\n", ""] calling as root: rm -f '/tmp/tmp.aa8XNyxRhr' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.aa8XNyxRhr' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.aa8XNyxRhr' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.aa8XNyxRhr_20160622-101641_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.aa8XNyxRhr' call returned: [0, "", ""] When I start the Tor Browser # features/step_definitions/common_steps.rb:558 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.fiMlHja907\n", ""] calling as root: rm -f '/tmp/tmp.fiMlHja907' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Tails - News - Tor Browser'"'"', roleName='"'"'frame'"'"')' >> '/tmp/tmp.fiMlHja907' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.fiMlHja907' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.fiMlHja907' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.zw2FXb3Rv0\n", ""] calling as root: rm -f '/tmp/tmp.zw2FXb3Rv0' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Reload current page'"'"', roleName='"'"'push button'"'"')' >> '/tmp/tmp.zw2FXb3Rv0' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.zw2FXb3Rv0' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.zw2FXb3Rv0' call returned: [0, "", ""] And the Tor Browser has started and loaded the startup page # features/step_definitions/common_steps.rb:403 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (243,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'http://10.2.1.1:8000' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " And I open a page on the LAN web server in the Tor Browser # features/step_definitions/common_steps.rb:847 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.UhXUgX3ftn\n", ""] calling as root: rm -f '/tmp/tmp.UhXUgX3ftn' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Problem loading page'"'"', roleName='"'"'document frame'"'"')' >> '/tmp/tmp.UhXUgX3ftn' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.UhXUgX3ftn' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.UhXUgX3ftn' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.ekzpcauXF9\n", ""] calling as root: rm -f '/tmp/tmp.ekzpcauXF9' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') from dogtail import predicate for n in application.child('"'"'Problem loading page'"'"', roleName='"'"'document frame'"'"').findChildren(predicate.GenericPredicate(roleName='"'"'heading'"'"')): print(n.path)' >> '/tmp/tmp.ekzpcauXF9' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.ekzpcauXF9' call returned: [0, "/org/a11y/atspi/accessible/1153\n", ""] calling as root: rm -f '/tmp/tmp.ekzpcauXF9' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.Tt01uHrgLp\n", ""] calling as root: rm -f '/tmp/tmp.Tt01uHrgLp' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') from dogtail import predicate node = None for n in application.child('"'"'Problem loading page'"'"', roleName='"'"'document frame'"'"').findChildren(predicate.GenericPredicate()): if str(n.path) == '"'"'/org/a11y/atspi/accessible/1153'"'"': node = n break assert(node) print(node.text)' >> '/tmp/tmp.Tt01uHrgLp' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.Tt01uHrgLp' call returned: [0, "Unable to connect\n", ""] calling as root: rm -f '/tmp/tmp.Tt01uHrgLp' call returned: [0, "", ""] Then the Tor Browser shows the "Unable to connect" error # features/step_definitions/browser.rb:223 And no traffic was sent to the web server on the LAN # features/step_definitions/torified_browsing.rb:1 @check_tor_leaks Scenario: The Tor Browser directory is usable # features/torified_browsing.feature:18 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590652' call returned: [0, "Wed Jun 22 10:17:32 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as root: test -d '/home/amnesia/Tor Browser' call returned: [0, "", ""] Then the amnesiac Tor Browser directory exists # features/step_definitions/common_steps.rb:690 [log] CLICK on (150,14) [log] TYPE "" And there is a GNOME bookmark for the amnesiac Tor Browser directory # features/step_definitions/common_steps.rb:700 calling as root: test -d '/home/amnesia/Persistent/Tor Browser' call returned: [1, "", ""] And the persistent Tor Browser directory does not exist # features/step_definitions/common_steps.rb:690 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.pksZi8rAaP\n", ""] calling as root: rm -f '/tmp/tmp.pksZi8rAaP' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.pksZi8rAaP' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.pksZi8rAaP' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.pksZi8rAaP_20160622-101740_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.pksZi8rAaP' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.dfRbitHplf\n", ""] calling as root: rm -f '/tmp/tmp.dfRbitHplf' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.dfRbitHplf' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.dfRbitHplf' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.dfRbitHplf_20160622-101743_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.dfRbitHplf' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.0iXtnUMDWW\n", ""] calling as root: rm -f '/tmp/tmp.0iXtnUMDWW' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.0iXtnUMDWW' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.0iXtnUMDWW' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.0iXtnUMDWW_20160622-101747_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.0iXtnUMDWW' call returned: [0, "", ""] When I start the Tor Browser # features/step_definitions/common_steps.rb:558 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.GCxogenUBC\n", ""] calling as root: rm -f '/tmp/tmp.GCxogenUBC' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Tails - News - Tor Browser'"'"', roleName='"'"'frame'"'"')' >> '/tmp/tmp.GCxogenUBC' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.GCxogenUBC' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.GCxogenUBC' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.GYw8ppCHhN\n", ""] calling as root: rm -f '/tmp/tmp.GYw8ppCHhN' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Reload current page'"'"', roleName='"'"'push button'"'"')' >> '/tmp/tmp.GYw8ppCHhN' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.GYw8ppCHhN' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.GYw8ppCHhN' call returned: [0, "", ""] And the Tor Browser has started and loaded the startup page # features/step_definitions/common_steps.rb:403 [log] Ctrl+TYPE "s" [log] TYPE "index" [log] TYPE " " calling as root: test -e '/home/amnesia/Tor Browser/index.html' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/index.html' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/index.html' call returned: [0, "", ""] Then I can save the current page as "index.html" to the default downloads directory # features/step_definitions/common_steps.rb:748 [log] Ctrl+TYPE "p" [log] CLICK on (273,240) [log] DOUBLE CLICK on (364,366) [log] TYPE "/home/amnesia/Tor Browser/output " calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [1, "", ""] calling as root: test -e '/home/amnesia/Tor Browser/output.pdf' call returned: [0, "", ""] And I can print the current page as "output.pdf" to the default downloads directory # features/step_definitions/common_steps.rb:778 Scenario: I can view a file stored in "~/Tor Browser" but not in ~/.gnupg # features/torified_browsing.feature:48 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590719' call returned: [0, "Wed Jun 22 10:18:39 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: cp "/usr/share/synaptic/html/index.html" "/home/amnesia/Tor Browser/synaptic.html" call returned: [0, "", ""] And I copy "/usr/share/synaptic/html/index.html" to "/home/amnesia/Tor Browser/synaptic.html" as user "amnesia" # features/step_definitions/common_steps.rb:650 calling as amnesia: cp "/usr/share/synaptic/html/index.html" "/home/amnesia/.gnupg/synaptic.html" call returned: [0, "", ""] And I copy "/usr/share/synaptic/html/index.html" to "/home/amnesia/.gnupg/synaptic.html" as user "amnesia" # features/step_definitions/common_steps.rb:650 calling as amnesia: cp "/usr/share/synaptic/html/index.html" "/tmp/synaptic.html" call returned: [0, "", ""] And I copy "/usr/share/synaptic/html/index.html" to "/tmp/synaptic.html" as user "amnesia" # features/step_definitions/common_steps.rb:650 calling as root: test -e '/home/amnesia/.gnupg/synaptic.html' call returned: [0, "", ""] Then the file "/home/amnesia/.gnupg/synaptic.html" exists # features/step_definitions/common_steps.rb:628 calling as root: test -e '/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html' call returned: [0, "", ""] And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" exists # features/step_definitions/common_steps.rb:628 calling as root: test -e '/live/overlay/home/amnesia/.gnupg/synaptic.html' call returned: [0, "", ""] And the file "/live/overlay/home/amnesia/.gnupg/synaptic.html" exists # features/step_definitions/common_steps.rb:628 calling as root: test -e '/tmp/synaptic.html' call returned: [0, "", ""] And the file "/tmp/synaptic.html" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:18:46\n", ""] Given I start monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox" # features/step_definitions/common_steps.rb:861 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.MsZ8YXHbGr\n", ""] calling as root: rm -f '/tmp/tmp.MsZ8YXHbGr' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.MsZ8YXHbGr' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.MsZ8YXHbGr' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.MsZ8YXHbGr_20160622-101847_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.MsZ8YXHbGr' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.nIC51mtz8F\n", ""] calling as root: rm -f '/tmp/tmp.nIC51mtz8F' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.nIC51mtz8F' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.nIC51mtz8F' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.nIC51mtz8F_20160622-101850_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.nIC51mtz8F' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.sFuGUPaAHU\n", ""] calling as root: rm -f '/tmp/tmp.sFuGUPaAHU' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.sFuGUPaAHU' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.sFuGUPaAHU' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.sFuGUPaAHU_20160622-101854_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.sFuGUPaAHU' call returned: [0, "", ""] When I start the Tor Browser # features/step_definitions/common_steps.rb:558 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.ANRCUkEv9e\n", ""] calling as root: rm -f '/tmp/tmp.ANRCUkEv9e' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Tails - News - Tor Browser'"'"', roleName='"'"'frame'"'"')' >> '/tmp/tmp.ANRCUkEv9e' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.ANRCUkEv9e' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.ANRCUkEv9e' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.5xxtURbHnQ\n", ""] calling as root: rm -f '/tmp/tmp.5xxtURbHnQ' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Reload current page'"'"', roleName='"'"'push button'"'"')' >> '/tmp/tmp.5xxtURbHnQ' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.5xxtURbHnQ' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.5xxtURbHnQ' call returned: [0, "", ""] And the Tor Browser has started and loaded the startup page # features/step_definitions/common_steps.rb:403 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (243,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'file:///home/amnesia/Tor Browser/synaptic.html' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " And I open the address "file:///home/amnesia/Tor Browser/synaptic.html" in the Tor Browser # features/step_definitions/browser.rb:88 Then I see "TorBrowserSynapticManual.png" after at most 5 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:18:46' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/local/lib/tor-browser/firefox" name="/home/amnesia/Tor Browser/synaptic.html"' call returned: [1, "", ""] And AppArmor has not denied "/usr/local/lib/tor-browser/firefox" from opening "/home/amnesia/Tor Browser/synaptic.html" # features/step_definitions/common_steps.rb:873 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:19:31\n", ""] Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox" # features/step_definitions/common_steps.rb:861 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (453,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'file:///home/amnesia/.gnupg/synaptic.html' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " When I open the address "file:///home/amnesia/.gnupg/synaptic.html" in the Tor Browser # features/step_definitions/browser.rb:88 Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:19:31' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/local/lib/tor-browser/firefox" name="/home/amnesia/.gnupg/synaptic.html"' call returned: [0, "Jun 22 10:19:39 amnesia kernel: audit: type=1400 audit(1466590779.900:32): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/local/lib/tor-browser/firefox\" name=\"/home/amnesia/.gnupg/synaptic.html\" pid=4937 comm=53747265616D5472616E73202333 requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/home/amnesia/.gnupg/synaptic.html" # features/step_definitions/common_steps.rb:873 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:19:46\n", ""] Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox" # features/step_definitions/common_steps.rb:861 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (663,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'file:///lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " When I open the address "file:///lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" in the Tor Browser # features/step_definitions/browser.rb:88 Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:19:46' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/local/lib/tor-browser/firefox" name="/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html"' call returned: [0, "Jun 22 10:19:55 amnesia kernel: audit: type=1400 audit(1466590795.404:33): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/local/lib/tor-browser/firefox\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html\" pid=4937 comm=53747265616D5472616E73202333 requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" # features/step_definitions/common_steps.rb:873 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:20:02\n", ""] Given I restart monitoring the AppArmor log of "/usr/local/lib/tor-browser/firefox" # features/step_definitions/common_steps.rb:861 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (873,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'file:///live/overlay/home/amnesia/.gnupg/synaptic.html' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " When I open the address "file:///live/overlay/home/amnesia/.gnupg/synaptic.html" in the Tor Browser # features/step_definitions/browser.rb:88 Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:20:02' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/local/lib/tor-browser/firefox" name="/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html"' call returned: [0, "Jun 22 10:20:10 amnesia kernel: audit: type=1400 audit(1466590810.772:34): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/local/lib/tor-browser/firefox\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html\" pid=4937 comm=53747265616D5472616E73202333 requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/local/lib/tor-browser/firefox" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/synaptic.html" # features/step_definitions/common_steps.rb:873 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (991,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'file:///tmp/synaptic.html' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " When I open the address "file:///tmp/synaptic.html" in the Tor Browser # features/step_definitions/browser.rb:88 Then I do not see "TorBrowserSynapticManual.png" after at most 5 seconds # features/step_definitions/common_steps.rb:459 @doc Scenario: The "Tails documentation" link on the Desktop works # features/torified_browsing.feature:87 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590837' call returned: [0, "Wed Jun 22 10:20:37 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 [log] DOUBLE CLICK on (87,282) When I double-click on the "Tails documentation" link on the Desktop # features/step_definitions/common_steps.rb:732 Then the Tor Browser has started # features/step_definitions/common_steps.rb:398 And I see "TailsOfflineDocHomepage.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 Scenario: The Tor Browser uses TBB's shared libraries # features/torified_browsing.feature:93 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590865' call returned: [0, "Wed Jun 22 10:21:05 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.YeMEfiaPBh\n", ""] calling as root: rm -f '/tmp/tmp.YeMEfiaPBh' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.YeMEfiaPBh' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.YeMEfiaPBh' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.YeMEfiaPBh_20160622-102110_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.YeMEfiaPBh' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.QwgG2X6EWL\n", ""] calling as root: rm -f '/tmp/tmp.QwgG2X6EWL' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.QwgG2X6EWL' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.QwgG2X6EWL' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.QwgG2X6EWL_20160622-102113_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.QwgG2X6EWL' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.9MVp49uI9H\n", ""] calling as root: rm -f '/tmp/tmp.9MVp49uI9H' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.9MVp49uI9H' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.9MVp49uI9H' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.9MVp49uI9H_20160622-102117_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.9MVp49uI9H' call returned: [0, "", ""] When I start the Tor Browser # features/step_definitions/common_steps.rb:558 And the Tor Browser has started # features/step_definitions/common_steps.rb:398 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] calling as root: pgrep --uid amnesia --full --exact '/usr/local/lib/tor-browser/firefox .* -profile /home/amnesia/.tor-browser/profile.default' call returned: [0, "4699\n", ""] calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && ls -1 ${TBB_INSTALL}/*.so call returned: [0, "/usr/local/lib/tor-browser/libfreebl3.so\n/usr/local/lib/tor-browser/liblgpllibs.so\n/usr/local/lib/tor-browser/libmozsqlite3.so\n/usr/local/lib/tor-browser/libnspr4.so\n/usr/local/lib/tor-browser/libnss3.so\n/usr/local/lib/tor-browser/libnssckbi.so\n/usr/local/lib/tor-browser/libnssdbm3.so\n/usr/local/lib/tor-browser/libnssutil3.so\n/usr/local/lib/tor-browser/libplc4.so\n/usr/local/lib/tor-browser/libplds4.so\n/usr/local/lib/tor-browser/libsmime3.so\n/usr/local/lib/tor-browser/libsoftokn3.so\n/usr/local/lib/tor-browser/libssl3.so\n/usr/local/lib/tor-browser/libxul.so\n", ""] calling as root: pmap --show-path 4699 call returned: [0, "4699: /usr/local/lib/tor-browser/firefox -allow-remote --class Tor Browser -profile /home/amnesia/.tor-browser/profile.default\nd6a00000 2048K rw--- [ anon ]\nd6c00000 4K ----- [ anon ]\nd6c01000 8188K rwx-- [ anon ]\nd7400000 1024K rw--- [ anon ]\nd7500000 4K ----- [ anon ]\nd7501000 8188K rwx-- [ anon ]\nd7d00000 4K ----- [ anon ]\nd7d01000 8188K rwx-- [ anon ]\nd8500000 1024K rw--- [ anon ]\nd86c8000 1248K r---- /usr/local/share/tor-browser-extensions/torbutton@torproject.org.xpi\nd8800000 4096K rw--- [ anon ]\nd8c36000 4K ----- [ anon ]\nd8c37000 252K rwx-- [ anon ]\nd8c76000 552K r---- /usr/local/share/tor-browser-extensions/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\nd8d00000 4K ----- [ anon ]\nd8d01000 8188K rwx-- [ anon ]\nd9500000 3072K rw--- [ anon ]\nd9832000 128K rwx-- [ anon ]\nd9852000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\nd98e0000 128K rwx-- [ anon ]\nd9900000 9216K rw--- [ anon ]\nda200000 4K ----- [ anon ]\nda201000 8188K rwx-- [ anon ]\ndaa00000 4K ----- [ anon ]\ndaa01000 8188K rwx-- [ anon ]\ndb200000 4K ----- [ anon ]\ndb201000 8188K rwx-- [ anon ]\ndba00000 4K ----- [ anon ]\ndba01000 8188K rwx-- [ anon ]\ndc200000 8192K rw--- [ anon ]\ndca00000 4K ----- [ anon ]\ndca01000 8188K rwx-- [ anon ]\ndd200000 5120K rw--- [ anon ]\ndd702000 448K rwx-- [ anon ]\ndd772000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\ndd800000 2048K rw--- [ anon ]\ndda01000 512K rwx-- [ anon ]\ndda81000 4K ----- [ anon ]\ndda82000 1084K rwx-- [ anon ]\nddb91000 4K ----- [ anon ]\nddb92000 8188K rwx-- [ anon ]\nde391000 4K ----- [ anon ]\nde392000 8188K rwx-- [ anon ]\ndeb91000 1468K r---- /usr/lib/locale/C.UTF-8/LC_COLLATE\nded00000 4K ----- [ anon ]\nded01000 8188K rwx-- [ anon ]\ndf500000 4K ----- [ anon ]\ndf501000 8188K rwx-- [ anon ]\ndfd00000 47104K rw--- [ anon ]\ne2b04000 64K rwx-- [ anon ]\ne2b14000 384K rw-s- [ shmid=0x90004 ]\ne2b74000 120K r--s- /usr/share/mime/mime.cache\ne2b92000 208K r-x-- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2bc6000 4K r---- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2bc7000 4K rw--- /usr/lib/i386-linux-gnu/libgconf-2.so.4.1.5\ne2be0000 128K rwx-- [ anon ]\ne2c00000 14336K rw--- [ anon ]\ne3a00000 4K ----- [ anon ]\ne3a01000 8188K rwx-- [ anon ]\ne4200000 1024K rw--- [ anon ]\ne4304000 32K rw-s- /home/amnesia/.tor-browser/profile.default/places.sqlite-shm\ne430c000 152K r---- /usr/lib/locale/C.UTF-8/LC_CTYPE\ne4332000 192K rwx-- [ anon ]\ne4364000 32K rw-s- /home/amnesia/.tor-browser/profile.default/webappsstore.sqlite-shm\ne436c000 512K rwx-- [ anon ]\ne43ec000 4K ----- [ anon ]\ne43ed000 1020K rwx-- [ anon ]\ne44ec000 4K ----- [ anon ]\ne44ed000 8188K rwx-- [ anon ]\ne4cf0000 64K rwx-- [ anon ]\ne4d00000 3072K rw--- [ anon ]\ne5004000 832K rwx-- [ anon ]\ne50d4000 4K ----- [ anon ]\ne50d5000 8188K rwx-- [ anon ]\ne58d4000 4K ----- [ anon ]\ne58d5000 8188K rwx-- [ anon ]\ne60d4000 396K r-x-- /usr/local/lib/tor-browser/libnssckbi.so\ne6137000 48K r---- /usr/local/lib/tor-browser/libnssckbi.so\ne6143000 24K rw--- /usr/local/lib/tor-browser/libnssckbi.so\ne6149000 420K r-x-- /usr/local/lib/tor-browser/libfreebl3.so\ne61b2000 4K ----- /usr/local/lib/tor-browser/libfreebl3.so\ne61b3000 4K r---- /usr/local/lib/tor-browser/libfreebl3.so\ne61b4000 4K rw--- /usr/local/lib/tor-browser/libfreebl3.so\ne61b5000 16K rw--- [ anon ]\ne61b9000 212K r-x-- /usr/local/lib/tor-browser/libsoftokn3.so\ne61ee000 4K r---- /usr/local/lib/tor-browser/libsoftokn3.so\ne61ef000 4K rw--- /usr/local/lib/tor-browser/libsoftokn3.so\ne61f0000 64K rwx-- [ anon ]\ne6200000 1024K rw--- [ anon ]\ne6300000 4K ----- [ anon ]\ne6301000 8188K rwx-- [ anon ]\ne6b00000 1024K rw--- [ anon ]\ne6c00000 20K r-x-- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\ne6c05000 4K r---- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\ne6c06000 4K rw--- /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-png.so\ne6c07000 4K ----- [ anon ]\ne6c08000 124K rwx-- [ anon ]\ne6c27000 172K r-x-- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne6c52000 4K r---- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne6c53000 4K rw--- /usr/lib/i386-linux-gnu/libvorbis.so.0.4.7\ne6c54000 28K r-x-- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\ne6c5b000 4K r---- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\ne6c5c000 4K rw--- /usr/lib/i386-linux-gnu/libogg.so.0.8.2\ne6c5d000 72K r-x-- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne6c6f000 4K r---- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne6c70000 4K rw--- /lib/i386-linux-gnu/libgpg-error.so.0.13.0\ne6c71000 496K r-x-- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne6ced000 72K r---- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne6cff000 4K rw--- /usr/lib/i386-linux-gnu/libvorbisenc.so.2.0.10\ne6d00000 4K ----- [ anon ]\ne6d01000 8188K rwx-- [ anon ]\ne7500000 4K ----- [ anon ]\ne7501000 8188K rwx-- [ anon ]\ne7d00000 4K ----- [ anon ]\ne7d01000 8188K rwx-- [ anon ]\ne8500000 8192K rw--- [ anon ]\ne8d00000 4K ----- [ anon ]\ne8d01000 8188K rwx-- [ anon ]\ne9500000 5120K rw--- [ anon ]\ne9a02000 8K r-x-- /usr/lib/i386-linux-gnu/libXss.so.1.0.0\ne9a04000 4K rw--- /usr/lib/i386-linux-gnu/libXss.so.1.0.0\ne9a05000 4K r---- /usr/lib/locale/C.UTF-8/LC_NUMERIC\ne9a06000 212K r-x-- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9a3b000 4K r---- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9a3c000 4K rw--- /usr/lib/i386-linux-gnu/libFLAC.so.8.3.0\ne9a3d000 84K r-x-- /lib/i386-linux-gnu/libnsl-2.19.so\ne9a52000 4K r---- /lib/i386-linux-gnu/libnsl-2.19.so\ne9a53000 4K rw--- /lib/i386-linux-gnu/libnsl-2.19.so\ne9a54000 8K rw--- [ anon ]\ne9a56000 692K r-x-- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9b03000 4K r---- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9b04000 12K rw--- /lib/i386-linux-gnu/libgcrypt.so.20.0.3\ne9b07000 16K r-x-- /lib/i386-linux-gnu/libattr.so.1.1.0\ne9b0b000 4K r---- /lib/i386-linux-gnu/libattr.so.1.1.0\ne9b0c000 4K rw--- /lib/i386-linux-gnu/libattr.so.1.1.0\ne9b0d000 456K r-x-- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9b7f000 8K r---- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9b81000 4K rw--- /usr/lib/i386-linux-gnu/libsndfile.so.1.0.25\ne9b82000 16K rw--- [ anon ]\ne9b86000 32K r-x-- /lib/i386-linux-gnu/libwrap.so.0.7.6\ne9b8e000 4K r---- /lib/i386-linux-gnu/libwrap.so.0.7.6\ne9b8f000 4K rw--- /lib/i386-linux-gnu/libwrap.so.0.7.6\ne9b90000 156K r-x-- /lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9bb7000 4K r---- /lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9bb8000 4K rw--- /lib/i386-linux-gnu/libsystemd.so.0.3.1\ne9bb9000 24K r-x-- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\ne9bbf000 4K r---- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\ne9bc0000 4K rw--- /usr/lib/i386-linux-gnu/libXtst.so.6.1.0\ne9bc1000 512K r-x-- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9c41000 4K r---- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9c42000 4K rw--- /usr/lib/i386-linux-gnu/pulseaudio/libpulsecommon-5.0.so\ne9c43000 40K r-x-- /lib/i386-linux-gnu/libjson-c.so.2.0.0\ne9c4d000 4K r---- /lib/i386-linux-gnu/libjson-c.so.2.0.0\ne9c4e000 4K rw--- /lib/i386-linux-gnu/libjson-c.so.2.0.0\ne9c4f000 344K r-x-- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\ne9ca5000 4K r---- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\ne9ca6000 4K rw--- /usr/lib/i386-linux-gnu/libpulse.so.0.17.3\ne9ca7000 152K r-x-- /lib/i386-linux-gnu/liblzma.so.5.0.0\ne9ccd000 8K r---- /lib/i386-linux-gnu/liblzma.so.5.0.0\ne9ccf000 4K rw--- /lib/i386-linux-gnu/liblzma.so.5.0.0\ne9cd0000 1516K r-x-- /usr/lib/i386-linux-gnu/libxml2.so.2.9.1\ne9e4b000 20K r---- /usr/lib/i386-linux-gnu/libxml2.so.2.9.1\ne9e50000 4K rw--- /usr/lib/i386-linux-gnu/libxml2.so.2.9.1\ne9e51000 4K rw--- [ anon ]\ne9e52000 288K r-x-- /usr/lib/i386-linux-gnu/libbluray.so.1.6.2\ne9e9a000 4K r---- /usr/lib/i386-linux-gnu/libbluray.so.1.6.2\ne9e9b000 4K rw--- /usr/lib/i386-linux-gnu/libbluray.so.1.6.2\ne9e9c000 388K r-x-- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\ne9efd000 8K r---- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\ne9eff000 4K rw--- /usr/lib/i386-linux-gnu/libibus-1.0.so.5.0.509\ne9f00000 1024K rw--- [ anon ]\nea000000 4K ----- [ anon ]\nea001000 8188K rwx-- [ anon ]\nea800000 3072K rw--- [ anon ]\neab00000 4K ----- [ anon ]\neab01000 8188K rwx-- [ anon ]\neb300000 16384K rw--- [ anon ]\nec300000 4K ----- [ anon ]\nec301000 2044K rwx-- [ anon ]\nec500000 4K ----- [ anon ]\nec501000 2044K rwx-- [ anon ]\nec700000 4K ----- [ anon ]\nec701000 2044K rwx-- [ anon ]\nec900000 4K ----- [ anon ]\nec901000 2044K rwx-- [ anon ]\necb00000 4K ----- [ anon ]\necb01000 2044K rwx-- [ anon ]\necd00000 1024K rw--- [ anon ]\nece00000 20K r-x-- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nece05000 4K r---- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nece06000 4K rw--- /usr/lib/i386-linux-gnu/libasyncns.so.0.3.1\nece07000 4K r-x-- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nece08000 4K r---- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nece09000 4K rw--- /usr/lib/i386-linux-gnu/libX11-xcb.so.1.0.0\nece0a000 224K r-x-- /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so\nece42000 8K r---- /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so\nece44000 4K rw--- /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so\nece45000 568K r---- /usr/local/lib/tor-browser/fonts/Arimo-Regular.ttf\neced3000 4K ----- [ anon ]\neced4000 8188K rwx-- [ anon ]\ned6d3000 4K ----- [ anon ]\ned6d4000 8188K rwx-- [ anon ]\neded3000 12136K r---- /usr/local/lib/tor-browser/browser/omni.ja\neeaad000 9548K r---- /usr/local/lib/tor-browser/omni.ja\nef400000 1024K rw--- [ anon ]\nef500000 4K r---- /usr/lib/locale/C.UTF-8/LC_TIME\nef501000 16K r-x-- /lib/i386-linux-gnu/libcap.so.2.24\nef505000 4K r---- /lib/i386-linux-gnu/libcap.so.2.24\nef506000 4K rw--- /lib/i386-linux-gnu/libcap.so.2.24\nef507000 64K r-x-- /lib/i386-linux-gnu/libudev.so.1.5.0\nef517000 4K r---- /lib/i386-linux-gnu/libudev.so.1.5.0\nef518000 4K rw--- /lib/i386-linux-gnu/libudev.so.1.5.0\nef519000 4K r---- /usr/lib/locale/C.UTF-8/LC_MONETARY\nef51a000 4K r---- /usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES\nef51b000 4K r---- /usr/lib/locale/C.UTF-8/LC_PAPER\nef51c000 4K r---- /usr/lib/locale/C.UTF-8/LC_NAME\nef51d000 4K r---- /usr/lib/locale/C.UTF-8/LC_ADDRESS\nef51e000 4K r---- /usr/lib/locale/C.UTF-8/LC_TELEPHONE\nef51f000 4K r---- /usr/lib/locale/C.UTF-8/LC_MEASUREMENT\nef520000 64K rwx-- [ anon ]\nef530000 220K r-x-- /usr/lib/i386-linux-gnu/gio/modules/libgvfsdbus.so\nef567000 4K r---- /usr/lib/i386-linux-gnu/gio/modules/libgvfsdbus.so\nef568000 4K rw--- /usr/lib/i386-linux-gnu/gio/modules/libgvfsdbus.so\nef569000 64K rwx-- [ anon ]\nef579000 128K r-x-- /usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef599000 4K ----- /usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef59a000 4K r---- /usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef59b000 4K rw--- /usr/local/lib/tor-browser/browser/components/libbrowsercomps.so\nef59c000 196K r-x-- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef5cd000 4K r---- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef5ce000 4K rw--- /usr/lib/i386-linux-gnu/libatk-bridge-2.0.so.0.0.0\nef5cf000 4K rw--- [ anon ]\nef5d0000 188K r-x-- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef5ff000 12K r---- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef602000 4K rw--- /usr/lib/i386-linux-gnu/libatspi.so.0.0.1\nef603000 32K r-x-- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef60b000 4K r---- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef60c000 4K rw--- /usr/lib/i386-linux-gnu/libgailutil.so.18.0.1\nef60d000 4K r---- /usr/lib/locale/C.UTF-8/LC_IDENTIFICATION\nef60e000 8K r-x-- /lib/i386-linux-gnu/libutil-2.19.so\nef610000 4K r---- /lib/i386-linux-gnu/libutil-2.19.so\nef611000 4K rw--- /lib/i386-linux-gnu/libutil-2.19.so\nef612000 28K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef619000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef61a000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so\nef61b000 4K ----- [ anon ]\nef61c000 28K rwx-- [ anon ]\nef623000 4K ----- [ anon ]\nef624000 360K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef67e000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef67f000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libgail.so\nef680000 40K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef68a000 8K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef68c000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libpixmap.so\nef68d000 1216K r---- /usr/lib/locale/zu_ZA.utf8/LC_COLLATE\nef7bd000 4K ----- [ anon ]\nef7be000 8188K rwx-- [ anon ]\neffbd000 252K r---- /usr/lib/locale/zu_ZA.utf8/LC_CTYPE\nefffc000 16K r-x-- /lib/i386-linux-gnu/libuuid.so.1.3.0\nf0000000 4K r---- /lib/i386-linux-gnu/libuuid.so.1.3.0\nf0001000 4K rw--- /lib/i386-linux-gnu/libuuid.so.1.3.0\nf0002000 20K r-x-- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\nf0007000 4K rw--- /usr/lib/i386-linux-gnu/libXdmcp.so.6.0.0\nf0008000 8K r-x-- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf000a000 4K r---- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf000b000 4K rw--- /usr/lib/i386-linux-gnu/libXau.so.6.0.0\nf000c000 28K r-x-- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf0013000 4K r---- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf0014000 4K rw--- /usr/lib/i386-linux-gnu/libdatrie.so.1.3.1\nf0015000 148K r-x-- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf003a000 8K r---- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf003c000 4K rw--- /usr/lib/i386-linux-gnu/libgraphite2.so.3.0.1\nf003d000 100K r-x-- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf0056000 4K r---- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf0057000 4K rw--- /usr/lib/i386-linux-gnu/libICE.so.6.3.0\nf0058000 8K rw--- [ anon ]\nf005a000 32K r-x-- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf0062000 4K r---- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf0063000 4K rw--- /usr/lib/i386-linux-gnu/libSM.so.6.0.1\nf0064000 144K r-x-- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf0088000 4K r---- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf0089000 4K rw--- /usr/lib/i386-linux-gnu/libxcb.so.1.1.0\nf008a000 36K r-x-- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0093000 4K r---- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0094000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-render.so.0.0.0\nf0095000 8K r-x-- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0097000 4K r---- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0098000 4K rw--- /usr/lib/i386-linux-gnu/libxcb-shm.so.0.0.0\nf0099000 712K r-x-- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf014b000 24K r---- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf0151000 4K rw--- /usr/lib/i386-linux-gnu/libpixman-1.so.0.32.6\nf0152000 32K r-x-- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf015a000 4K r---- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf015b000 4K rw--- /usr/lib/i386-linux-gnu/libthai.so.0.2.0\nf015c000 40K r-x-- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf0166000 4K r---- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf0167000 4K rw--- /usr/lib/i386-linux-gnu/libXcursor.so.1.0.2\nf0168000 40K r-x-- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0172000 4K r---- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0173000 4K rw--- /usr/lib/i386-linux-gnu/libXrandr.so.2.2.0\nf0174000 68K r-x-- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0185000 4K r---- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0186000 4K rw--- /usr/lib/i386-linux-gnu/libXi.so.6.1.0\nf0187000 8K r-x-- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf0189000 4K r---- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf018a000 4K rw--- /usr/lib/i386-linux-gnu/libXinerama.so.1.0.0\nf018b000 364K r-x-- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf01e6000 4K r---- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf01e7000 4K rw--- /usr/lib/i386-linux-gnu/libharfbuzz.so.0.935.0\nf01e8000 76K r-x-- /lib/i386-linux-gnu/libresolv-2.19.so\nf01fb000 8K r---- /lib/i386-linux-gnu/libresolv-2.19.so\nf01fd000 4K rw--- /lib/i386-linux-gnu/libresolv-2.19.so\nf01fe000 8K rw--- [ anon ]\nf0200000 148K r-x-- /lib/i386-linux-gnu/libselinux.so.1\nf0225000 4K r---- /lib/i386-linux-gnu/libselinux.so.1\nf0226000 4K rw--- /lib/i386-linux-gnu/libselinux.so.1\nf0227000 4K rw--- [ anon ]\nf0228000 20K r-x-- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf022d000 4K r---- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf022e000 4K rw--- /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0\nf022f000 8K r-x-- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf0231000 4K r---- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf0232000 4K rw--- /usr/lib/i386-linux-gnu/libXdamage.so.1.1.0\nf0233000 8K r-x-- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf0235000 4K r---- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf0236000 4K rw--- /usr/lib/i386-linux-gnu/libXcomposite.so.1.0.0\nf0237000 448K r-x-- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf02a7000 8K r---- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf02a9000 4K rw--- /lib/i386-linux-gnu/libpcre.so.3.13.1\nf02aa000 24K r-x-- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf02b0000 4K r---- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf02b1000 4K rw--- /usr/lib/i386-linux-gnu/libffi.so.6.0.2\nf02b2000 152K r-x-- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf02d8000 8K r---- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf02da000 4K rw--- /lib/i386-linux-gnu/libexpat.so.1.6.0\nf02db000 172K r-x-- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0306000 4K r---- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0307000 4K rw--- /lib/i386-linux-gnu/libpng12.so.0.50.0\nf0308000 104K r-x-- /lib/i386-linux-gnu/libz.so.1.2.8\nf0322000 8K r---- /lib/i386-linux-gnu/libz.so.1.2.8\nf0324000 4K rw--- /lib/i386-linux-gnu/libz.so.1.2.8\nf0325000 392K r-x-- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf0387000 4K r---- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf0388000 12K rw--- /usr/lib/i386-linux-gnu/libXt.so.6.0.0\nf038b000 4K rw--- [ anon ]\nf038c000 76K r-x-- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf039f000 4K r---- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf03a0000 4K rw--- /usr/lib/i386-linux-gnu/libXext.so.6.4.0\nf03a1000 1332K r-x-- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf04ee000 8K r---- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf04f0000 12K rw--- /usr/lib/i386-linux-gnu/libX11.so.6.3.0\nf04f3000 1300K r-x-- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf0638000 8K r---- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf063a000 4K rw--- /usr/lib/i386-linux-gnu/libcairo.so.2.11400.0\nf063b000 4K rw--- [ anon ]\nf063c000 320K r-x-- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf068c000 4K r---- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf068d000 4K rw--- /usr/lib/i386-linux-gnu/libpango-1.0.so.0.3600.8\nf068e000 156K r-x-- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf06b5000 4K r---- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf06b6000 4K rw--- /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.3100.1\nf06b7000 48K r-x-- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf06c3000 4K r---- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf06c4000 4K rw--- /usr/lib/i386-linux-gnu/libpangocairo-1.0.so.0.3600.8\nf06c5000 756K r-x-- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf0782000 12K r---- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf0785000 4K rw--- /usr/lib/i386-linux-gnu/libgdk-x11-2.0.so.0.2400.25\nf0786000 88K r-x-- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf079c000 4K r---- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf079d000 4K rw--- /usr/lib/i386-linux-gnu/libpangoft2-1.0.so.0.3600.8\nf079e000 1732K r-x-- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf094f000 12K r---- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf0952000 4K rw--- /usr/lib/i386-linux-gnu/libgio-2.0.so.0.4200.1\nf0953000 4K rw--- [ anon ]\nf0954000 148K r-x-- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf0979000 8K r---- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf097b000 4K rw--- /usr/lib/i386-linux-gnu/libatk-1.0.so.0.21409.1\nf097c000 5056K r-x-- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0e6c000 16K r---- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0e70000 8K rw--- /usr/lib/i386-linux-gnu/libgtk-x11-2.0.so.0.2400.25\nf0e72000 8K rw--- [ anon ]\nf0e74000 1176K r-x-- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f9a000 4K r---- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f9b000 4K rw--- /lib/i386-linux-gnu/libglib-2.0.so.0.4200.1\nf0f9c000 368K r-x-- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0ff8000 4K r---- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0ff9000 4K rw--- /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.4200.1\nf0ffa000 336K r-x-- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf104e000 8K r---- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf1050000 4K rw--- /lib/i386-linux-gnu/libdbus-1.so.3.8.13\nf1051000 148K r-x-- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1076000 4K r---- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1077000 4K rw--- /usr/lib/i386-linux-gnu/libdbus-glib-1.so.2.2.2\nf1078000 1036K r-x-- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf117b000 16K r---- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf117f000 4K rw--- /usr/lib/i386-linux-gnu/libasound.so.2.0.0\nf1180000 256K r-x-- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf11c0000 4K r---- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf11c1000 4K rw--- /usr/lib/i386-linux-gnu/libfontconfig.so.1.8.0\nf11c2000 692K r-x-- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf126f000 16K r---- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf1273000 4K rw--- /usr/lib/i386-linux-gnu/libfreetype.so.6.11.1\nf1274000 4K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1275000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1276000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/modules/libatk-bridge.so\nf1277000 8K r-x-- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf1279000 4K r---- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf127a000 4K rw--- /usr/lib/i386-linux-gnu/gtk-2.0/2.10.0/engines/libadwaita.so\nf127b000 4K r---- /usr/lib/locale/zu_ZA.utf8/LC_NUMERIC\nf127c000 4K r---- /usr/lib/locale/en_US.utf8/LC_TIME\nf127d000 4K r---- /usr/lib/locale/en_US.utf8/LC_MONETARY\nf127e000 4K r---- /usr/lib/locale/ug_CN/LC_MESSAGES/SYS_LC_MESSAGES\nf127f000 12K r-x-- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf1282000 4K r---- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf1283000 4K rw--- /usr/lib/i386-linux-gnu/gconv/UTF-16.so\nf1284000 28K r--s- /usr/lib/i386-linux-gnu/gconv/gconv-modules.cache\nf128b000 91548K r-x-- /usr/local/lib/tor-browser/libxul.so\nf6bf2000 2612K r---- /usr/local/lib/tor-browser/libxul.so\nf6e7f000 348K rw--- /usr/local/lib/tor-browser/libxul.so\nf6ed6000 196K rw--- [ anon ]\nf6f07000 748K r-x-- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6fc2000 8K r---- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6fc4000 8K rw--- /usr/local/lib/tor-browser/libmozsqlite3.so\nf6fc6000 204K r-x-- /usr/local/lib/tor-browser/libssl3.so\nf6ff9000 4K ----- /usr/local/lib/tor-browser/libssl3.so\nf6ffa000 8K r---- /usr/local/lib/tor-browser/libssl3.so\nf6ffc000 4K rw--- /usr/local/lib/tor-browser/libssl3.so\nf6ffd000 116K r-x-- /usr/local/lib/tor-browser/libsmime3.so\nf701a000 4K ----- /usr/local/lib/tor-browser/libsmime3.so\nf701b000 8K r---- /usr/local/lib/tor-browser/libsmime3.so\nf701d000 4K rw--- /usr/local/lib/tor-browser/libsmime3.so\nf701e000 880K r-x-- /usr/local/lib/tor-browser/libnss3.so\nf70fa000 4K ----- /usr/local/lib/tor-browser/libnss3.so\nf70fb000 12K r---- /usr/local/lib/tor-browser/libnss3.so\nf70fe000 4K rw--- /usr/local/lib/tor-browser/libnss3.so\nf70ff000 2052K rw--- [ anon ]\nf7300000 4K r---- /usr/lib/locale/yi_US.utf8/LC_PAPER\nf7301000 4K r---- /usr/lib/locale/yi_US.utf8/LC_NAME\nf7302000 4K r---- /usr/lib/locale/en_US.utf8/LC_ADDRESS\nf7303000 40K r-x-- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf730d000 4K r---- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf730e000 4K rw--- /usr/lib/i386-linux-gnu/libXrender.so.1.3.0\nf730f000 40K r-x-- /usr/local/lib/tor-browser/liblgpllibs.so\nf7319000 4K r---- /usr/local/lib/tor-browser/liblgpllibs.so\nf731a000 4K rw--- /usr/local/lib/tor-browser/liblgpllibs.so\nf731b000 120K r-x-- /usr/local/lib/tor-browser/libnssutil3.so\nf7339000 4K ----- /usr/local/lib/tor-browser/libnssutil3.so\nf733a000 12K r---- /usr/local/lib/tor-browser/libnssutil3.so\nf733d000 4K rw--- /usr/local/lib/tor-browser/libnssutil3.so\nf733e000 304K r-x-- /usr/local/lib/tor-browser/libnspr4.so\nf738a000 4K ----- /usr/local/lib/tor-browser/libnspr4.so\nf738b000 4K r---- /usr/local/lib/tor-browser/libnspr4.so\nf738c000 4K rw--- /usr/local/lib/tor-browser/libnspr4.so\nf738d000 20K rw--- [ anon ]\nf7392000 1464K r-x-- /lib/i386-linux-gnu/libc-2.19.so\nf7500000 8K r---- /lib/i386-linux-gnu/libc-2.19.so\nf7502000 4K rw--- /lib/i386-linux-gnu/libc-2.19.so\nf7503000 12K rw--- [ anon ]\nf7506000 112K r-x-- /lib/i386-linux-gnu/libgcc_s.so.1\nf7522000 4K rw--- /lib/i386-linux-gnu/libgcc_s.so.1\nf7523000 268K r-x-- /lib/i386-linux-gnu/libm-2.19.so\nf7566000 4K r---- /lib/i386-linux-gnu/libm-2.19.so\nf7567000 4K rw--- /lib/i386-linux-gnu/libm-2.19.so\nf7568000 1600K r-x-- /usr/local/lib/tor-browser/libstdc++.so.6\nf76f8000 24K r---- /usr/local/lib/tor-browser/libstdc++.so.6\nf76fe000 4K rw--- /usr/local/lib/tor-browser/libstdc++.so.6\nf76ff000 8K rw--- [ anon ]\nf7701000 28K r-x-- /lib/i386-linux-gnu/librt-2.19.so\nf7708000 4K r---- /lib/i386-linux-gnu/librt-2.19.so\nf7709000 4K rw--- /lib/i386-linux-gnu/librt-2.19.so\nf770a000 12K r-x-- /lib/i386-linux-gnu/libdl-2.19.so\nf770d000 4K r---- /lib/i386-linux-gnu/libdl-2.19.so\nf770e000 4K rw--- /lib/i386-linux-gnu/libdl-2.19.so\nf770f000 92K r-x-- /lib/i386-linux-gnu/libpthread-2.19.so\nf7726000 4K r---- /lib/i386-linux-gnu/libpthread-2.19.so\nf7727000 4K rw--- /lib/i386-linux-gnu/libpthread-2.19.so\nf7728000 8K rw--- [ anon ]\nf772a000 4K r---- /usr/lib/locale/yi_US.utf8/LC_TELEPHONE\nf772b000 4K r---- /usr/lib/locale/yi_US.utf8/LC_MEASUREMENT\nf772c000 12K r-x-- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf772f000 4K r---- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf7730000 4K rw--- /usr/lib/i386-linux-gnu/libgmodule-2.0.so.0.4200.1\nf7731000 4K r-x-- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf7732000 4K r---- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf7733000 4K rw--- /usr/lib/i386-linux-gnu/libgthread-2.0.so.0.4200.1\nf7734000 12K r-x-- /usr/local/lib/tor-browser/libplds4.so\nf7737000 4K r---- /usr/local/lib/tor-browser/libplds4.so\nf7738000 4K rw--- /usr/local/lib/tor-browser/libplds4.so\nf7739000 20K r-x-- /usr/local/lib/tor-browser/libplc4.so\nf773e000 4K r---- /usr/local/lib/tor-browser/libplc4.so\nf773f000 4K rw--- /usr/local/lib/tor-browser/libplc4.so\nf7740000 4K r---- /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION\nf7741000 8K rw--- [ anon ]\nf7743000 4K r-x-- [ anon ]\nf7744000 8K r---- [ anon ]\nf7746000 124K r-x-- /lib/i386-linux-gnu/ld-2.19.so\nf7765000 4K r---- /lib/i386-linux-gnu/ld-2.19.so\nf7766000 4K rw--- /lib/i386-linux-gnu/ld-2.19.so\nf7767000 148K r-x-- /usr/local/lib/tor-browser/firefox\nf778c000 4K rw--- [ anon ]\nf778d000 4K r---- /usr/local/lib/tor-browser/firefox\nf778e000 4K rw--- /usr/local/lib/tor-browser/firefox\nffa17000 128K rwx-- [ stack ]\nffa37000 4K rw--- [ anon ]\n total 536900K\n", ""] calling as root: find /usr/lib /lib -name "libfreebl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libfreebl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libfreebl3.so\n", ""] calling as root: find /usr/lib /lib -name "liblgpllibs.so" call returned: [0, "/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/liblgpllibs.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/liblgpllibs.so\n", ""] calling as root: find /usr/lib /lib -name "libmozsqlite3.so" call returned: [0, "/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libmozsqlite3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libmozsqlite3.so\n", ""] calling as root: find /usr/lib /lib -name "libnspr4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnspr4.so\n/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnspr4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnspr4.so\n", ""] calling as root: find /usr/lib /lib -name "libnss3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnss3.so\n/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnss3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnss3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssckbi.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssckbi.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssckbi.so\n", ""] calling as root: find /usr/lib /lib -name "libnssdbm3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssdbm3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssdbm3.so\n", ""] calling as root: find /usr/lib /lib -name "libnssutil3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libnssutil3.so\n/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libnssutil3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libnssutil3.so\n", ""] calling as root: find /usr/lib /lib -name "libplc4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplc4.so\n/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplc4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplc4.so\n", ""] calling as root: find /usr/lib /lib -name "libplds4.so" call returned: [0, "/usr/lib/i386-linux-gnu/libplds4.so\n/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libplds4.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libplds4.so\n", ""] calling as root: find /usr/lib /lib -name "libsmime3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libsmime3.so\n/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsmime3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsmime3.so\n", ""] calling as root: find /usr/lib /lib -name "libsoftokn3.so" call returned: [0, "/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/nss/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libsoftokn3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libsoftokn3.so\n", ""] calling as root: find /usr/lib /lib -name "libssl3.so" call returned: [0, "/usr/lib/i386-linux-gnu/libssl3.so\n/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/i386-linux-gnu/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libssl3.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libssl3.so\n", ""] calling as root: find /usr/lib /lib -name "libxul.so" call returned: [0, "/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/lib/icedove/libxul.so\n/lib/live/mount/rootfs/filesystem.squashfs/usr/local/lib/tor-browser/libxul.so\n", ""] Then the Tor Browser uses all expected TBB shared libraries # features/step_definitions/browser.rb:162 Scenario: The Tor Browser should not have any plugins enabled # features/torified_browsing.feature:110 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590925' call returned: [0, "Wed Jun 22 10:22:05 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.tP07Di6nxS\n", ""] calling as root: rm -f '/tmp/tmp.tP07Di6nxS' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.tP07Di6nxS' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.tP07Di6nxS' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.tP07Di6nxS_20160622-102211_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.tP07Di6nxS' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.rh4yM69h6F\n", ""] calling as root: rm -f '/tmp/tmp.rh4yM69h6F' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.rh4yM69h6F' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.rh4yM69h6F' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.rh4yM69h6F_20160622-102214_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.rh4yM69h6F' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.nYONASpRVZ\n", ""] calling as root: rm -f '/tmp/tmp.nYONASpRVZ' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Tor Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.nYONASpRVZ' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.nYONASpRVZ' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.nYONASpRVZ_20160622-102218_debug ...\nClicking on [label | Tor Browser]\nMouse button 1 click at (297,336)\n", ""] calling as root: rm -f '/tmp/tmp.nYONASpRVZ' call returned: [0, "", ""] When I start the Tor Browser # features/step_definitions/common_steps.rb:558 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.0cF8f3JxA4\n", ""] calling as root: rm -f '/tmp/tmp.0cF8f3JxA4' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Tails - News - Tor Browser'"'"', roleName='"'"'frame'"'"')' >> '/tmp/tmp.0cF8f3JxA4' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.0cF8f3JxA4' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.0cF8f3JxA4' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.UmQ057dByj\n", ""] calling as root: rm -f '/tmp/tmp.UmQ057dByj' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'Firefox'"'"') application.child('"'"'Reload current page'"'"', roleName='"'"'push button'"'"')' >> '/tmp/tmp.UmQ057dByj' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.UmQ057dByj' call returned: [0, "", ""] calling as root: rm -f '/tmp/tmp.UmQ057dByj' call returned: [0, "", ""] And the Tor Browser has started and loaded the startup page # features/step_definitions/common_steps.rb:403 calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (243,83) calling as root: . /usr/local/lib/tails-shell-library/tor-browser.sh && echo ${TBB_INSTALL}/firefox call returned: [0, "/usr/local/lib/tor-browser/firefox\n", ""] [log] CLICK on (238,117) calling as amnesia: echo -n 'about:plugins' | xsel --input --clipboard call returned: [0, "", ""] [log] Ctrl+TYPE "v" [log] TYPE " " Then the Tor Browser has no plugins installed # features/step_definitions/browser.rb:129 @product @check_tor_leaks Feature: Keyserver interaction with GnuPG As a Tails user when I interact with keyservers using various GnuPG tools the configured keyserver must be used and all Internet traffic should flow only through Tor. Background: # features/torified_gnupg.feature:8 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590977' call returned: [0, "Wed Jun 22 10:22:57 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] And the "10CC5BC7" OpenPGP key is not in the live user's public keyring # features/step_definitions/torified_gnupg.rb:40 Scenario: Seahorse is configured to use the correct keyserver # features/torified_gnupg.feature:12 calling as amnesia: gsettings get org.gnome.crypto.pgp keyservers call returned: [0, "['hkp://pool.sks-keyservers.net']\n", ""] Then Seahorse is configured to use the correct keyserver # features/step_definitions/torified_gnupg.rb:201 Scenario: Fetching OpenPGP keys using GnuPG should work and be done over Tor. # features/torified_gnupg.feature:15 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466590988' call returned: [0, "Wed Jun 22 10:23:08 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: timeout 120 gpg --batch --recv-key '10CC5BC7' call returned: [0, "", "gpg: requesting key 0x10CC5BC7 from hkps server hkps.pool.sks-keyservers.net\ngpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1 (RSA: 1)\n"] When I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI # features/step_definitions/torified_gnupg.rb:46 Then GnuPG uses the configured keyserver # features/step_definitions/torified_gnupg.rb:77 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:67 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] And the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:82 Scenario: Fetching OpenPGP keys using Seahorse should work and be done over Tor. # features/torified_gnupg.feature:21 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591013' call returned: [0, "Wed Jun 22 10:23:33 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.KshgOwvtsZ\n", ""] calling as root: rm -f '/tmp/tmp.KshgOwvtsZ' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.KshgOwvtsZ' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.KshgOwvtsZ' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.KshgOwvtsZ_20160622-102340_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.KshgOwvtsZ' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.yBvtTKoIbg\n", ""] calling as root: rm -f '/tmp/tmp.yBvtTKoIbg' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.yBvtTKoIbg' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.yBvtTKoIbg' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.yBvtTKoIbg_20160622-102343_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.yBvtTKoIbg' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.tAHWlkeHJs\n", ""] calling as root: rm -f '/tmp/tmp.tAHWlkeHJs' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Passwords and Keys'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.tAHWlkeHJs' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.tAHWlkeHJs' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.tAHWlkeHJs_20160622-102347_debug ...\nClicking on [label | Passwords and Keys]\nMouse button 1 click at (324,292)\n", ""] calling as root: rm -f '/tmp/tmp.tAHWlkeHJs' call returned: [0, "", ""] [log] CLICK on (283,16) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4732\n", ""] [log] CLICK on (304,145) [log] CLICK on (361,176) [log] TYPE "10CC5BC7 " [log] CLICK on (281,50) [log] CLICK on (19,165) calling as amnesia: gpg --batch --list-keys '10CC5BC7' [log] CLICK on (51,118) call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] When I fetch the "10CC5BC7" OpenPGP key using Seahorse # features/step_definitions/torified_gnupg.rb:154 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4732\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:72 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] Then the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:82 Scenario: Fetching OpenPGP keys using Seahorse via the OpenPGP Applet should work and be done over Tor. # features/torified_gnupg.feature:26 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591057' call returned: [0, "Wed Jun 22 10:24:17 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] [log] CLICK on (663,11) [log] CLICK on (729,81) [log] CLICK on (511,113) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4476\n", ""] [log] CLICK on (304,145) [log] CLICK on (361,176) [log] TYPE "10CC5BC7 " [log] CLICK on (281,50) [log] CLICK on (19,165) [log] CLICK on (51,118) calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] When I fetch the "10CC5BC7" OpenPGP key using Seahorse via the OpenPGP Applet # features/step_definitions/torified_gnupg.rb:154 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4476\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:72 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] Then the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:82 Scenario: Syncing OpenPGP keys using Seahorse should work and be done over Tor. # features/torified_gnupg.feature:31 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591096' call returned: [0, "Wed Jun 22 10:24:56 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: timeout 120 gpg --batch --keyserver-options import-clean --recv-key '10CC5BC7' call returned: [0, "", "gpg: requesting key 0x10CC5BC7 from hkps server hkps.pool.sks-keyservers.net\ngpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1 (RSA: 1)\n"] Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures # features/step_definitions/torified_gnupg.rb:46 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:67 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] And the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:82 calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] But the key "10CC5BC7" has only 2 signatures # features/step_definitions/torified_gnupg.rb:28 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.Qe5hff5hLS\n", ""] calling as root: rm -f '/tmp/tmp.Qe5hff5hLS' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.Qe5hff5hLS' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.Qe5hff5hLS' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.Qe5hff5hLS_20160622-102505_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.Qe5hff5hLS' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.XtZuhLFWRb\n", ""] calling as root: rm -f '/tmp/tmp.XtZuhLFWRb' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.XtZuhLFWRb' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.XtZuhLFWRb' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.XtZuhLFWRb_20160622-102508_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.XtZuhLFWRb' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.QabaNyTXPL\n", ""] calling as root: rm -f '/tmp/tmp.QabaNyTXPL' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Passwords and Keys'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.QabaNyTXPL' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.QabaNyTXPL' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.QabaNyTXPL_20160622-102512_debug ...\nClicking on [label | Passwords and Keys]\nMouse button 1 click at (324,292)\n", ""] calling as root: rm -f '/tmp/tmp.QabaNyTXPL' call returned: [0, "", ""] When I start Seahorse # features/step_definitions/torified_gnupg.rb:90 Then Seahorse has opened # features/step_definitions/torified_gnupg.rb:95 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4784\n", ""] [log] CLICK on (283,16) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4784\n", ""] [log] CLICK on (250,145) [log] CLICK on (294,270) [log] Alt+TYPE "p" [log] TYPE "" And I enable key synchronization in Seahorse # features/step_definitions/torified_gnupg.rb:99 [log] Alt+TYPE "c" [log] CLICK on (511,113) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4784\n", ""] [log] CLICK on (304,145) [log] CLICK on (375,205) [log] Alt+TYPE "s" calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4784\n", ""] calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [1, "", ""] Tor operation failed (Try 1 of 10) with: OpenPGPKeyserverCommunicationError: Seahorse crashed with a segfault. Forcing new Tor circuit... calling as root: . /usr/local/lib/tails-shell-library/tor.sh && tor_control_send "signal NEWNYM" call returned: [0, "250 OK\n250 OK\n250 closing connection\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [1, "", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [1, "", ""] Restarting Seahorse. calling as amnesia: mktemp call returned: [0, "/tmp/tmp.tHQ3YqFd3l\n", ""] calling as root: rm -f '/tmp/tmp.tHQ3YqFd3l' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.tHQ3YqFd3l' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.tHQ3YqFd3l' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.tHQ3YqFd3l_20160622-102544_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.tHQ3YqFd3l' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.cZlrExmChF\n", ""] calling as root: rm -f '/tmp/tmp.cZlrExmChF' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.cZlrExmChF' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.cZlrExmChF' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.cZlrExmChF_20160622-102547_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.cZlrExmChF' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.fJNU0KjtE7\n", ""] calling as root: rm -f '/tmp/tmp.fJNU0KjtE7' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Passwords and Keys'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.fJNU0KjtE7' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.fJNU0KjtE7' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.fJNU0KjtE7_20160622-102551_debug ...\nClicking on [label | Passwords and Keys]\nMouse button 1 click at (324,292)\n", ""] calling as root: rm -f '/tmp/tmp.fJNU0KjtE7' call returned: [0, "", ""] [log] CLICK on (511,113) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "5363\n", ""] [log] CLICK on (816,415) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "5363\n", ""] [log] CLICK on (609,447) [log] CLICK on (680,507) calling as amnesia: gpg --batch --list-sigs 10CC5BC7 [log] Alt+TYPE "s" call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "5363\n", ""] calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "5363\n", ""] And I synchronize keys in Seahorse # features/step_definitions/torified_gnupg.rb:109 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "5363\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:72 calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] Then the key "10CC5BC7" has more than 2 signatures # features/step_definitions/torified_gnupg.rb:28 Scenario: Syncing OpenPGP keys using Seahorse started from the OpenPGP Applet should work and be done over Tor. # features/torified_gnupg.feature:43 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591195' call returned: [0, "Wed Jun 22 10:26:35 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [2, "", "gpg: error reading key: public key not found\n"] calling as amnesia: timeout 120 gpg --batch --keyserver-options import-clean --recv-key '10CC5BC7' call returned: [0, "", "gpg: requesting key 0x10CC5BC7 from hkps server hkps.pool.sks-keyservers.net\ngpg: key 0x1D84CCF010CC5BC7: public key \"anonym \" imported\ngpg: no ultimately trusted keys found\ngpg: Total number processed: 1\ngpg: imported: 1 (RSA: 1)\n"] Given I fetch the "10CC5BC7" OpenPGP key using the GnuPG CLI without any signatures # features/step_definitions/torified_gnupg.rb:46 And the GnuPG fetch is successful # features/step_definitions/torified_gnupg.rb:67 calling as amnesia: gpg --batch --list-keys '10CC5BC7' call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\n\n", ""] And the "10CC5BC7" key is in the live user's public keyring # features/step_definitions/torified_gnupg.rb:82 calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] But the key "10CC5BC7" has only 2 signatures # features/step_definitions/torified_gnupg.rb:28 [log] CLICK on (663,11) [log] CLICK on (729,81) When I start Seahorse via the OpenPGP Applet # features/step_definitions/torified_gnupg.rb:90 Then Seahorse has opened # features/step_definitions/torified_gnupg.rb:95 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] [log] CLICK on (511,113) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] [log] CLICK on (250,145) [log] CLICK on (294,270) [log] Alt+TYPE "p" [log] TYPE "" And I enable key synchronization in Seahorse # features/step_definitions/torified_gnupg.rb:99 [log] Alt+TYPE "c" [log] CLICK on (511,113) calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] [log] CLICK on (304,145) [log] CLICK on (375,205) [log] Alt+TYPE "s" calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] And I synchronize keys in Seahorse # features/step_definitions/torified_gnupg.rb:109 calling as root: pidof -x -o '%PPID' seahorse call returned: [0, "4528\n", ""] And the Seahorse operation is successful # features/step_definitions/torified_gnupg.rb:72 calling as amnesia: gpg --batch --list-sigs 10CC5BC7 call returned: [0, "pub 4096R/0x1D84CCF010CC5BC7 2012-08-21 [expires: 2016-08-24]\n Key fingerprint = 52B6 9F10 A3B0 785A D05A FB47 1D84 CCF0 10CC 5BC7\nuid [ unknown] anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-25 anonym \nsig 0x03CF4A0AB3C79A63 2014-07-09 [User ID not found]\nsig 0xB14BB0C38D861CF1 2014-08-17 [User ID not found]\nsig 0x23CF2E3D254514F7 2015-02-05 [User ID not found]\nsig 0xC218525819F78451 2014-07-12 [User ID not found]\nsig 0xBACE15D2A57498FF 2013-08-07 [User ID not found]\nsig 0x9768FD3CC48815F2 2014-07-06 [User ID not found]\nsig 3 0x1D84CCF010CC5BC7 2013-08-07 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-01-14 anonym \nsig 3 0x1D84CCF010CC5BC7 2015-08-09 anonym \nsig 0xAECEF546EC8B0260 2014-07-06 [User ID not found]\nsub 4096R/0x839D3BF32EA80502 2012-08-21 [expires: 2016-08-24]\nsig 0x1D84CCF010CC5BC7 2015-08-25 anonym \n\n", ""] Then the key "10CC5BC7" has more than 2 signatures # features/step_definitions/torified_gnupg.rb:28 @product @check_tor_leaks Feature: Various checks for torified software Background: # features/torified_misc.feature:4 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591239' call returned: [0, "Wed Jun 22 10:27:19 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] Given I have started Tails from DVD and logged in and the network is connected # features/step_definitions/snapshots.rb:199 Scenario: wget(1) should work for HTTP and go through Tor. # features/torified_misc.feature:7 calling as amnesia: wget -O - 'http://example.com/' call returned: [0, "\n\n\n Example Domain\n\n \n \n \n \n\n\n\n
\n

Example Domain

\n

This domain is established to be used for illustrative examples in documents. You may use this\n domain in examples without prior coordination or asking for permission.

\n

More information...

\n
\n\n\n", "--2016-06-22 10:27:25-- http://example.com/\nResolving example.com (example.com)... 93.184.216.34\nConnecting to example.com (example.com)|93.184.216.34|:80... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1270 (1.2K) [text/html]\nSaving to: \u2018STDOUT\u2019\n\n 0K . 100% 210M=0s\n\n2016-06-22 10:27:25 (210 MB/s) - written to stdout [1270/1270]\n\n"] When I wget "http://example.com/" to stdout # features/step_definitions/torified_misc.rb:12 Then the wget command is successful # features/step_definitions/torified_misc.rb:25 And the wget standard output contains "Example Domain" # features/step_definitions/torified_misc.rb:34 Scenario: wget(1) should work for HTTPS and go through Tor. # features/torified_misc.feature:12 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591251' call returned: [0, "Wed Jun 22 10:27:31 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: wget -O - 'https://example.com/' call returned: [0, "\n\n\n Example Domain\n\n \n \n \n \n\n\n\n
\n

Example Domain

\n

This domain is established to be used for illustrative examples in documents. You may use this\n domain in examples without prior coordination or asking for permission.

\n

More information...

\n
\n\n\n", "--2016-06-22 10:27:37-- https://example.com/\nResolving example.com (example.com)... 93.184.216.34\nConnecting to example.com (example.com)|93.184.216.34|:443... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1270 (1.2K) [text/html]\nSaving to: \u2018STDOUT\u2019\n\n 0K . 100% 29.0K=0.04s\n\n2016-06-22 10:27:37 (29.0 KB/s) - written to stdout [1270/1270]\n\n"] When I wget "https://example.com/" to stdout # features/step_definitions/torified_misc.rb:12 Then the wget command is successful # features/step_definitions/torified_misc.rb:25 And the wget standard output contains "Example Domain" # features/step_definitions/torified_misc.rb:34 Scenario: wget(1) with tricky options should work for HTTP and go through Tor. # features/torified_misc.feature:17 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591263' call returned: [0, "Wed Jun 22 10:27:43 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: wget --spider --header="Host: dl.amnesia.boum.org" -O - 'http://195.154.14.189/tails/stable/' call returned: [0, "", "Spider mode enabled. Check if remote file exists.\n--2016-06-22 10:27:48-- http://195.154.14.189/tails/stable/\nConnecting to 195.154.14.189:80... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: unspecified [text/html]\nRemote file exists and could contain further links,\nbut recursion is disabled -- not retrieving.\n\n"] When I wget "http://195.154.14.189/tails/stable/" to stdout with the '--spider --header="Host: dl.amnesia.boum.org"' options # features/step_definitions/torified_misc.rb:12 Then the wget command is successful # features/step_definitions/torified_misc.rb:25 Scenario: whois(1) should work and go through Tor. # features/torified_misc.feature:21 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' [log] CLICK on (1024,384) call returned: [0, "", ""] calling as root: systemctl --quiet is-active tor@default.service call returned: [0, "", ""] calling as root: systemctl stop tor@default.service call returned: [0, "", ""] calling as root: rm -f /var/log/tor/log call returned: [0, "", ""] calling as root: systemctl --no-block restart tails-tor-has-bootstrapped.target call returned: [0, "", ""] calling as root: date -s '@1466591274' call returned: [0, "Wed Jun 22 10:27:54 UTC 2016\n", ""] spawning as root: restart-tor calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [1, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [3, "", ""] calling as root: /usr/local/sbin/tor-has-bootstrapped call returned: [0, "", ""] calling as root: cat /proc/cmdline call returned: [0, "BOOT_IMAGE=/live/vmlinuz2 initrd=/live/initrd2.img boot=live config live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails slab_nomerge slub_debug=FZ mce=0 vsyscall=none quiet autotest_never_use_this_option blacklist=psmouse \n", ""] calling as amnesia: whois 'torproject.org' call returned: [0, "Domain Name: TORPROJECT.ORG\nDomain ID: D130971538-LROR\nWHOIS Server:\nReferral URL: http://www.joker.com\nUpdated Date: 2016-06-11T13:08:57Z\nCreation Date: 2006-10-17T22:02:50Z\nRegistry Expiry Date: 2018-10-17T22:02:50Z\nSponsoring Registrar: CSL Computer Service Langenbach GmbH d/b/a joker.com a German GmbH\nSponsoring Registrar IANA ID: 113\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistrant ID: CORG-167587\nRegistrant Name: - -\nRegistrant Organization: The Tor Project, Inc\nRegistrant Street: 217 1st Ave S #4903\nRegistrant City: Seattle\nRegistrant State/Province: WA\nRegistrant Postal Code: 98194\nRegistrant Country: US\nRegistrant Phone: +1.2064203471\nRegistrant Phone Ext:\nRegistrant Fax:\nRegistrant Fax Ext:\nRegistrant Email: hostmaster@torproject.org\nAdmin ID: CORG-288059\nAdmin Name: The Tor Project\nAdmin Organization: The Tor Project\nAdmin Street: 217 1st Ave S #4903\nAdmin City: Seattle\nAdmin State/Province: WA\nAdmin Postal Code: 98194\nAdmin Country: US\nAdmin Phone: +1.2064203471\nAdmin Phone Ext:\nAdmin Fax:\nAdmin Fax Ext:\nAdmin Email: hostmaster@torproject.org\nTech ID: CORG-288059\nTech Name: The Tor Project\nTech Organization: The Tor Project\nTech Street: 217 1st Ave S #4903\nTech City: Seattle\nTech State/Province: WA\nTech Postal Code: 98194\nTech Country: US\nTech Phone: +1.2064203471\nTech Phone Ext:\nTech Fax:\nTech Fax Ext:\nTech Email: hostmaster@torproject.org\nName Server: NS1.TORPROJECT.ORG\nName Server: NS3.TORPROJECT.ORG\nName Server: NS2.TORPROJECT.ORG\nName Server: NS4.TORPROJECT.ORG\nName Server: NS5.TORPROJECT.ORG\nDNSSEC: signedDelegation\n>>> Last update of WHOIS database: 2016-06-21T17:42:59Z <<<\n\nFor more information on Whois status codes, please visit https://icann.org/epp\n\nAccess to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.\n", ""] When I query the whois directory service for "torproject.org" # features/step_definitions/torified_misc.rb:1 Then the whois command is successful # features/step_definitions/torified_misc.rb:25 Then the whois standard output contains "The Tor Project" # features/step_definitions/torified_misc.rb:34 @product Feature: Using Totem As a Tails user I want to watch local and remote videos in Totem And AppArmor should prevent Totem from doing dangerous things And all Internet traffic should flow only through Tor Background: # features/totem.feature:8 Given I create sample videos # features/step_definitions/totem.rb:1 Scenario: Watching a MP4 video stored on the non-persistent filesystem # features/totem.feature:11 Given a computer # features/step_definitions/common_steps.rb:122 And I setup a filesystem share containing sample videos # features/step_definitions/totem.rb:13 [log] CLICK on (1024,384) [log] TYPE " " [log] TYPE " autotest_never_use_this_option blacklist=psmouse " calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] calling as root: mkdir -p /tmp/shared_video_dir call returned: [0, "", ""] calling as root: mount -t 9p -o trans=virtio /tmp/shared_video_dir /tmp/shared_video_dir call returned: [0, "", ""] calling as root: service tor status call returned: [3, "\u25cf tor.service - Anonymizing overlay network for TCP (multi-instance-master)\n Loaded: loaded (/lib/systemd/system/tor.service; disabled)\n Active: inactive (dead)\n", ""] calling as root: echo 'TestingTorNetwork 1 AssumeReachable 1 PathsNeededToBuildCircuits 0.25 TestingBridgeDownloadSchedule 0, 5 TestingClientConsensusDownloadSchedule 0, 5 TestingClientDownloadSchedule 0, 5 TestingDirAuthVoteExit * TestingDirAuthVoteGuard * TestingDirAuthVoteHSDir * TestingMinExitFlagThreshold 0 V3AuthNIntervalsValid 2 ClientRejectInternalAddresses 1 AlternateDirAuthority test000auth orport=5000 no-v2 hs v3ident=990C576F05327812F6BFD34CD0C0BCAF9D6E8123 10.2.1.1:7000 EA15C044C5A6E8F2F80A5B419C97DFC24D21006D AlternateDirAuthority test001auth orport=5001 no-v2 hs v3ident=210767288B2A114C86C3483FCE5247B3EB436C6E 10.2.1.1:7001 F05FE5F516394856D663F4B5D05E66D24986CD61 AlternateDirAuthority test002auth orport=5002 no-v2 hs v3ident=1CC379DF1BFEB07BE7B0FFEDE641B29D6850C318 10.2.1.1:7002 D4A3C49DA628D4A7861D4FFF82B4BCA75F299FB4 AlternateDirAuthority test003auth orport=5003 no-v2 hs v3ident=B18350FFFC045DE08098133A28562706EA8D0B56 10.2.1.1:7003 C5398C2D3D6B5A6787044AB5DB0ACB31F7E30961 AlternateBridgeAuthority test004brauth orport=5004 no-v2 bridge 10.2.1.1:7004 0A941D646E5C02346F507341B8C1041A916AE73B ' >> '/etc/tor/torrc' call returned: [0, "", ""] [log] CLICK on (642,449) calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [1, "", ""] calling as root: test -e '/etc/sudoers.d/tails-greeter' -o -e '/etc/sudoers.d/tails-greeter-no-password-lecture' call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.session idle-delay 0 call returned: [0, "", ""] calling as amnesia: gsettings set org.gnome.desktop.interface toolkit-accessibility true call returned: [0, "", ""] calling as amnesia: xdotool search --all --onlyvisible --maxdepth 1 --classname 'Florence' call returned: [1, "", ""] [log] CLICK on (1007,762) [profile] Finder.findAll START [profile] Finder.findAll END: 225ms [profile] Finder.findAll START [profile] Finder.findAll END: 271ms [profile] Finder.findAll START [profile] Finder.findAll END: 228ms [profile] Finder.findAll START [profile] Finder.findAll END: 231ms [profile] Finder.findAll START [profile] Finder.findAll END: 281ms [profile] Finder.findAll START [profile] Finder.findAll END: 240ms [profile] Finder.findAll START [profile] Finder.findAll END: 229ms [log] CLICK on (51,16) And I start Tails from DVD with network unplugged and I login # features/step_definitions/common_steps.rb:191 calling as amnesia: cp "/tmp/shared_video_dir/video.mp4" "/home/amnesia/video.mp4" call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia" as user "amnesia" # features/step_definitions/totem.rb:17 calling as root: test -e '/home/amnesia/video.mp4' call returned: [0, "", ""] And the file "/home/amnesia/video.mp4" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:30:20\n", ""] Given I start monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [1, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.dkD3wGjIRr\n", ""] calling as root: rm -f '/tmp/tmp.dkD3wGjIRr' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.dkD3wGjIRr' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.dkD3wGjIRr' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.dkD3wGjIRr_20160622-103022_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.dkD3wGjIRr' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.t7jf09x365\n", ""] calling as root: rm -f '/tmp/tmp.t7jf09x365' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Utilities'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.t7jf09x365' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.t7jf09x365' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.t7jf09x365_20160622-103025_debug ...\nClicking on [label | Utilities]\nMouse button 1 click at (58,430)\n", ""] calling as root: rm -f '/tmp/tmp.t7jf09x365' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.2sd1nZ9N9j\n", ""] calling as root: rm -f '/tmp/tmp.2sd1nZ9N9j' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Terminal'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.2sd1nZ9N9j' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.2sd1nZ9N9j' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.2sd1nZ9N9j_20160622-103029_debug ...\nClicking on [label | Terminal]\nMouse button 1 click at (286,468)\n", ""] calling as root: rm -f '/tmp/tmp.2sd1nZ9N9j' call returned: [0, "", ""] [log] TYPE "totem /home/amnesia/video.mp4 " When I open "/home/amnesia/video.mp4" with Totem # features/step_definitions/totem.rb:26 Then I see "SampleLocalMp4VideoFrame.png" after at most 20 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:30:20' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/video.mp4"' call returned: [1, "", ""] And AppArmor has not denied "/usr/bin/totem" from opening "/home/amnesia/video.mp4" # features/step_definitions/common_steps.rb:873 calling as root: killall totem call returned: [0, "", ""] calling as root: pidof -x -o '%PPID' totem call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:30 calling as amnesia: cp "/tmp/shared_video_dir/video.mp4" "/home/amnesia/.gnupg/video.mp4" call returned: [0, "", ""] And I copy the sample videos to "/home/amnesia/.gnupg" as user "amnesia" # features/step_definitions/totem.rb:17 calling as root: test -e '/home/amnesia/.gnupg/video.mp4' call returned: [0, "", ""] And the file "/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:30:43\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "3109\n", ""] [log] CLICK on (226,173) [log] TYPE "totem /home/amnesia/.gnupg/video.mp4 " When I try to open "/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:26 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:30:43' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/home/amnesia/.gnupg/video.mp4"' call returned: [0, "Jun 22 10:30:47 amnesia kernel: audit: type=1400 audit(1466591447.632:28): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=3403 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:47 amnesia kernel: audit: type=1400 audit(1466591447.688:29): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=3391 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:47 amnesia kernel: audit: type=1400 audit(1466591447.688:30): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=3391 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:47 amnesia kernel: audit: type=1400 audit(1466591447.688:31): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/home/amnesia/.gnupg/video.mp4\" pid=3391 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:873 calling as root: killall totem call returned: [0, "", ""] calling as root: pidof -x -o '%PPID' totem call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:30 calling as root: test -e '/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4' call returned: [0, "", ""] And the file "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:30:52\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "3109\n", ""] [log] CLICK on (226,317) [log] TYPE "totem /lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4 " When I try to open "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:26 Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:30:52' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"' call returned: [0, "Jun 22 10:30:56 amnesia kernel: audit: type=1400 audit(1466591456.984:33): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3600 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:57 amnesia kernel: audit: type=1400 audit(1466591457.044:34): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3588 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:57 amnesia kernel: audit: type=1400 audit(1466591457.044:35): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3588 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:30:57 amnesia kernel: audit: type=1400 audit(1466591457.044:36): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3588 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:873 calling as root: killall totem call returned: [0, "", ""] calling as root: pidof -x -o '%PPID' totem call returned: [1, "", ""] Given I close Totem # features/step_definitions/totem.rb:30 calling as root: test -e '/live/overlay/home/amnesia/.gnupg/video.mp4' call returned: [0, "", ""] And the file "/live/overlay/home/amnesia/.gnupg/video.mp4" exists # features/step_definitions/common_steps.rb:628 calling as root: sysctl -w kernel.printk_ratelimit=0 call returned: [0, "kernel.printk_ratelimit = 0\n", ""] calling as root: date +"%Y-%m-%d %H:%M:%S" call returned: [0, "2016-06-22 10:31:01\n", ""] And I restart monitoring the AppArmor log of "/usr/bin/totem" # features/step_definitions/common_steps.rb:861 calling as root: pidof -x -o '%PPID' gnome-terminal-server call returned: [0, "3109\n", ""] [log] CLICK on (226,443) When I try to open "/live/overlay/home/amnesia/.gnupg/video.mp4" with Totem # features/step_definitions/totem.rb:26 [log] TYPE "totem /live/overlay/home/amnesia/.gnupg/video.mp4 " Then I see "TotemUnableToOpen.png" after at most 10 seconds # features/step_definitions/common_steps.rb:459 calling as root: journalctl --full --no-pager --since='2016-06-22 10:31:01' SYSLOG_IDENTIFIER=kernel | grep -w 'apparmor="DENIED" operation="open" profile="/usr/bin/totem" name="/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4"' call returned: [0, "Jun 22 10:31:05 amnesia kernel: audit: type=1400 audit(1466591465.604:38): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3803 comm=\"pool\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:31:05 amnesia kernel: audit: type=1400 audit(1466591465.664:39): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3791 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:31:05 amnesia kernel: audit: type=1400 audit(1466591465.664:40): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3791 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\nJun 22 10:31:05 amnesia kernel: audit: type=1400 audit(1466591465.664:41): apparmor=\"DENIED\" operation=\"open\" profile=\"/usr/bin/totem\" name=\"/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4\" pid=3791 comm=\"totem\" requested_mask=\"r\" denied_mask=\"r\" fsuid=1000 ouid=1000\n", ""] And AppArmor has denied "/usr/bin/totem" from opening "/lib/live/mount/overlay/home/amnesia/.gnupg/video.mp4" # features/step_definitions/common_steps.rb:873 @product Feature: Browsing the web using the Unsafe Browser As a Tails user when I browse the web using the Unsafe Browser I should have direct access to the web Scenario: Starting the Unsafe Browser without a network connection results in a complaint about no DNS server being configured # features/unsafe_browser.feature:68 calling as root: echo 'hello?' call returned: [0, "hello?\n", ""] [log] CLICK on (1024,384) calling as root: /sbin/ifconfig eth0 | grep -q 'inet addr' call returned: [1, "", ""] calling as root: date -s '@1466591472' call returned: [0, "Wed Jun 22 10:31:12 UTC 2016\n", ""] Given I have started Tails from DVD without network and logged in # features/step_definitions/snapshots.rb:199 calling as amnesia: mktemp call returned: [0, "/tmp/tmp.4KgoxhjVov\n", ""] calling as root: rm -f '/tmp/tmp.4KgoxhjVov' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Applications'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.4KgoxhjVov' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.4KgoxhjVov' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.4KgoxhjVov_20160622-103113_debug ...\nClicking on [label | Applications]\nMouse button 1 click at (47,13)\n", ""] calling as root: rm -f '/tmp/tmp.4KgoxhjVov' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.48JVuVNoOH\n", ""] calling as root: rm -f '/tmp/tmp.48JVuVNoOH' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Internet'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.48JVuVNoOH' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.48JVuVNoOH' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.48JVuVNoOH_20160622-103116_debug ...\nClicking on [label | Internet]\nMouse button 1 click at (59,166)\n", ""] calling as root: rm -f '/tmp/tmp.48JVuVNoOH' call returned: [0, "", ""] calling as amnesia: mktemp call returned: [0, "/tmp/tmp.hrcURrc68z\n", ""] calling as root: rm -f '/tmp/tmp.hrcURrc68z' call returned: [0, "", ""] calling as amnesia: echo '#!/usr/bin/python from dogtail import tree from dogtail.config import config config.searchShowingOnly = True application = tree.root.application('"'"'gnome-shell'"'"') application.child('"'"'Unsafe Browser'"'"', roleName='"'"'label'"'"').click()' >> '/tmp/tmp.hrcURrc68z' call returned: [0, "", ""] calling as amnesia: /usr/bin/python '/tmp/tmp.hrcURrc68z' call returned: [0, "Creating logfile at /tmp/dogtail-amnesia/logs/tmp.hrcURrc68z_20160622-103120_debug ...\nClicking on [label | Unsafe Browser]\nMouse button 1 click at (309,380)\n", ""] calling as root: rm -f '/tmp/tmp.hrcURrc68z' call returned: [0, "", ""] When I start the Unsafe Browser # features/step_definitions/browser.rb:14 Then the Unsafe Browser complains that no DNS server is configured # features/step_definitions/unsafe_browser.rb:169 Artifacts directory: /tmp/TailsToaster/run-2016-06-22_08:50:15_+0000-git_dadd01c-GSFjFS Failing Scenarios: cucumber features/time_syncing.feature:13 # Scenario: Clock with host's time in bridge mode 129 scenarios (1 failed, 128 passed) 886 steps (1 failed, 1 skipped, 884 passed) 101m5.620s