Feature #12635
Install Tor Browser 7.0 final
100%
History
#1 Updated by anonym 2017-06-04 00:18:28
- Status changed from Confirmed to In Progress
Applied in changeset commit:78e746137c15b003953cfb14decc51d1f6f9a997.
#2 Updated by intrigeri 2017-06-04 07:59:11
- Feature Branch set to feature/12635-tor-browser-7.0
#3 Updated by anonym 2017-06-05 17:43:55
- Assignee changed from anonym to intrigeri
- Priority changed from Normal to Elevated
- % Done changed from 0 to 50
- QA Check set to Ready for QA
Jenkins test runs #2 and #3 are for the last commit (commit:f7b5d54f923552b8e1c698da11a1be985a3b42a9) both failed only for unrelated senarios, so I think we should merge this ASAP. And we get e10s (Feature #12569)! :)
#4 Updated by intrigeri 2017-06-05 18:00:43
Amazing! Will look into it when I’m back to work on Wednesday (triaging my own tickets and drawing my plans for the next 6 months doesn’t count as work, obviously ;)
Meanwhile, it would help if you told me which fragile tests you’re run by hand, if any.
#5 Updated by anonym 2017-06-06 12:52:43
intrigeri wrote:
> Meanwhile, it would help if you told me which fragile tests you’re run by hand, if any.
These:
features/documentation.feature:4
features/localization.feature
features/tor_enforcement.feature:15
features/tor_stream_isolation.feature:26
features/torified_browsing.feature
features/unsafe_browser.feature
#6 Updated by intrigeri 2017-06-07 12:29:22
I’m reviewing this (and will hopefully merge it :) but there are newer files there: https://people.torproject.org/~gk/builds/7.0/.
#7 Updated by intrigeri 2017-06-07 12:37:52
- % Done changed from 50 to 60
Code review passes modulo:
- typo is “with acces to the”
- the design doc needs updating (e.g. it still references
config/chroot_local-hooks/13-override-tbb-branding
) - can we now re-enable e10s for the Unsafe Browser?
If my testing passes I’ll merge this anyway and will reassign to anonym so he can polish these + look into the possibly newer 7.0 tarballs I’ve linked above.
#8 Updated by intrigeri 2017-06-07 13:10:07
Also, what’s the status of upstreaming commit:f11ebadf6f5911d17a0ec0ffb7e78bd987689b60 ?
#9 Updated by anonym 2017-06-07 15:46:21
intrigeri wrote:
> Code review passes modulo:
Cheers!
> * typo is “with acces to the”
commit:8730fae20f
> * the design doc needs updating (e.g. it still references config/chroot_local-hooks/13-override-tbb-branding
)
commit:4e9e5a62b5
> * can we now re-enable e10s for the Unsafe Browser?
The problem with Tor Browser was AppArmor-related, so it doesn’t affect chroot browsers. So: no. :/
> If my testing passes I’ll merge this anyway and will reassign to anonym so he can polish these>
Let’s see!
> + look into the possibly newer 7.0 tarballs I’ve linked above.
So I saw the rebuild but thought we could skip it since there will be a 7.0.1 (or yet another rebuild of 7.0 if they don’t release it today, as planned) before 3.0 any way that we’ll have to deal with before 3.0. While I suppose the single change it makes compared to what we have now could affect us (AFAICT it reverts a patch back to a state of 7.0a4, ie. what we shipped in Tails 3.0~rc1), I think we better take the risk of not testing it, and instead spend our time on our other priorities for 3.0. If there is a problem I have time to deal with it during the weekend.
> Also, what’s the status of upstreaming f11ebadf6f5911d17a0ec0ffb7e78bd987689b60 ?
My plan was to notify upstream in one go about all the changes we have done when 3.0 is out. This branch might not introduce the last change needed to that profile before 3.0, after all. Any way, it is indeed past time to create a ticket tracking this: Feature #12653
#10 Updated by intrigeri 2017-06-07 16:33:45
I see that:
juin 07 16:26:41 amnesia audit[10878]: AVC apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/TorBrowser/UpdateInfo/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia audit[10878]: AVC apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/update.test/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia kernel: audit: type=1400 audit(1496852801.976:43): apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/TorBrowser/UpdateInfo/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
juin 07 16:26:41 amnesia kernel: audit: type=1400 audit(1496852801.976:44): apparmor="DENIED" operation="mkdir" profile="/usr/local/lib/tor-browser/firefox" name="/usr/local/lib/tor-browser/update.test/" pid=10878 comm="firefox" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Might it be that we don’t have updates disabled anymore?
#11 Updated by intrigeri 2017-06-07 16:40:46
>> * the design doc needs updating (e.g. it still references config/chroot_local-hooks/13-override-tbb-branding
)
> commit:4e9e5a62b5
Typo in “with out own”.
`[mozilla.cfg](https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment)`
doesn’t do what you think. I think you want [`mozilla.cfg`](https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment)
. Please build locally before submitting this again for review :)
>> If my testing passes I’ll merge this anyway and will reassign to anonym so he can polish these>
> Let’s see!
Merged.
>> + look into the possibly newer 7.0 tarballs I’ve linked above.
> So I saw the rebuild but thought we could skip it since there will be a 7.0.1 (or yet another rebuild of 7.0 if they don’t release it today, as planned) before 3.0 any way that we’ll have to deal with before 3.0. While I suppose the single change it makes compared to what we have now could affect us (AFAICT it reverts a patch back to a state of 7.0a4, ie. what we shipped in Tails 3.0~rc1), I think we better take the risk of not testing it, and instead spend our time on our other priorities for 3.0.
OK, good plan.
> If there is a problem I have time to deal with it during the weekend.
OK. Note “2017-06-10: Build and upload the Tails 3.0 tentative ISO image” though.
#12 Updated by intrigeri 2017-06-07 16:41:42
- Assignee changed from intrigeri to anonym
- QA Check changed from Ready for QA to Dev Needed
#13 Updated by intrigeri 2017-06-09 07:34:57
- Assignee changed from anonym to intrigeri
I’ve fixed the two design doc issues reported above straight on the testing branch. Left to do:
- upgrade to TB 7.0.1 (
tor-browser-52.2.0esr-7.0-1-build1
was just tagged) - look into “Might it be that we don’t have updates disabled anymore?”
I’ll file subtasks for both.
#14 Updated by intrigeri 2017-06-10 14:45:40
- Status changed from In Progress to Fix committed
- Assignee deleted (
intrigeri) - QA Check deleted (
Dev Needed)
#15 Updated by intrigeri 2017-06-12 16:11:35
- Status changed from Fix committed to Resolved