Tails

#1 Updated by intrigeri 2014-09-22 12:15:29

• Tracker changed from Bug to Feature
• Subject changed from Allow users to watch (nearly all) DVDs to Allow users to watch CSS protected DVDs
• Status changed from New to Confirmed
• Priority changed from Normal to Low

#5 Updated by intrigeri 2015-08-05 02:41:48

• Type of work changed from Debian to Discuss

Next step is to make a policy decision.

#7 Updated by intrigeri 2015-08-05 02:50:20

• Status changed from Confirmed to In Progress
• Assignee set to hybridwipe
• % Done changed from 0 to 10

#8 Updated by hybridwipe 2015-08-11 01:58:21

• File <del>missing: patch</del> added
• Category set to Hardware support
• Type of work changed from Discuss to Code

Initial patch attached. I haven’t figured out why libdvdcss keeps getting purged.

#9 Updated by intrigeri 2015-08-11 08:24:01

• Assignee changed from hybridwipe to intrigeri
• QA Check set to Ready for QA

#10 Updated by intrigeri 2015-08-11 08:33:32

• Assignee changed from intrigeri to hybridwipe
• Target version set to Tails_1.7
• QA Check changed from Ready for QA to Dev Needed

> Initial patch attached.

Thanks! Note that your patch contains unrelated changes, such as commenting ./build-wiki.

Here’s an initial review:

• First of all: great job, it looks clean and one can see that you’ve put quite some thinking into it. Congrats!
• Why install the package from sid, while it’s in testing?
• Why do we fetch and verify the tarball ourselves? Isn’t it precisely the purpose of libdvd-pkg?
• What’s the purpose of dpkg-reconfigure --force libdvd-pkg?
• The various http_proxy environment variables should already be exported in the environment at this point (e.g. they’re already used transparently by firmware-b43-installer), so I don’t think you need to get them from Acquire::http::Proxy.

> I haven’t figured out why libdvdcss keeps getting purged.

I’m not sure what you mean here exactly. Perhaps seeing the relevant parts of a build log would help me understand.

#11 Updated by hybridwipe 2015-08-11 12:22:14

• File <del>missing: tails-i386-devel-1.7-20150811.iso.buildlog</del> added

intrigeri wrote:
> > Initial patch attached.
>
> Thanks! Note that your patch contains unrelated changes, such as commenting ./build-wiki.
>
> Here’s an initial review:
>
> * First of all: great job, it looks clean and one can see that you’ve put quite some thinking into it. Congrats!
> * Why install the package from sid, while it’s in testing?

No strong reason, they ship the same version of the package, simple enough to change.

> * Why do we fetch and verify the tarball ourselves? Isn’t it precisely the purpose of libdvd-pkg?

I started by simply adding libdvd-pkg to config/chroot_local-packageslists/tails-common.list, but that doesn’t work. I later get a failure like:
libdvd-pkg: Downloading orig source…
I: libdvdcss_1.3.99
wget —tries=3 —timeout=40 —read-timeout=40 —continue -O libdvdcss_1.3.99.orig.tar.bz2 \
http://download.videolan.org/pub/libdvdcss/1.3.99/libdvdcss-1.3.99.tar.bz2 \
|| uscan —noconf —verbose —rename —destdir=/usr/src/libdvd-pkg —check-dirname-level=0 —force-download —download-current-version /usr/share/libdvd-pkg/debian
—2015-08-11 08:37:00— http://download.videolan.org/pub/libdvdcss/1.3.99/libdvdcss-1.3.99.tar.bz2
Resolving download.videolan.org (download.videolan.org)… [Aug 11 08:37:00] PERROR torsocks[16354]: socks5 libc connect: Connection refused (in socks5_connect() at socks5.c:185)
failed: Non-recoverable failure in name resolution.
wget: unable to resolve host address `download.videolan.org’
/bin/sh: 3: uscan: not found
make: * [get-orig-source] Error 127

> * What’s the purpose of dpkg-reconfigure --force libdvd-pkg?

It should attempt to build libdvdcss and install it (once the source package is in place), as those steps can’t run while dpkg is locked (e.g., when installing libdvd-pkg as a group of other packages).

> * The various http_proxy environment variables should already be exported in the environment at this point (e.g. they’re already used transparently by firmware-b43-installer), so I don’t think you need to get them from Acquire::http::Proxy.

I was confused by that not working as well, this solution was based on the tbb solution, as I would’ve expected just to add libdvd-pkg to tails-common.list along with a pinning override, but that didn’t work.

> > I haven’t figured out why libdvdcss keeps getting purged.
>
> I’m not sure what you mean here exactly. Perhaps seeing the relevant parts of a build log would help me understand.

Sure, I’ll attach the full log, but you can see here that libdvd-pkg/libdvdcss2 are installed:
Setting up libdvd-pkg (1.3.99-1-1) …
libdvd-pkg: dpkg database is locked. You may need to use command “sudo dpkg-reconfigure libdvd-pkg”.
libdvd-pkg: Building and installation of package(s) [libdvdcss2 libdvdcss-dev] postponed till after next APT operation.
+ dpkg-reconfigure —force libdvd-pkg
libdvd-pkg: Checking orig.tar integrity…
/usr/src/libdvd-pkg/libdvdcss_1.3.99.orig.tar.bz2: OK
libdvd-pkg: Unpacking and configuring…
libdvd-pkg: Building the package… (it may take a while)
libdvd-pkg: Build log will be saved to /usr/src/libdvd-pkg/libdvdcss2_1.3.99-1~local_i386.build
libdvd-pkg: Installing…
Selecting previously unselected package libdvdcss-dev:i386.
(Reading database … 159861 files and directories currently installed.)
Unpacking libdvdcss-dev:i386 (from …/libdvdcss-dev_1.3.99-1~local_i386.deb) …
Selecting previously unselected package libdvdcss2:i386.
Unpacking libdvdcss2:i386 (from …/libdvdcss2_1.3.99-1~local_i386.deb) …
Setting up libdvdcss2:i386 (1.3.99-1~local) …
Setting up libdvdcss-dev:i386 (1.3.99-1~local) …
+ apt-get —yes install libdvdcss2
Reading package lists…
Building dependency tree…
Reading state information…
libdvdcss2 is already the newest version.

shortly after that:
The following packages will be REMOVED:
build-essential* debhelper* dh-autoreconf* dkms* dpatch* dpkg-dev* equivs*
g* g–4.7* gcc* gcc-4.7* gcc-4.8* intltool-debian* libc6-dev* libdvd-pkg*
libdvdcss-dev* libdvdcss2* libstdc++6-4.7-dev* libtool*
linux-compiler-gcc-4.8-x86* linux-headers-3.16.0-4-586*
linux-headers-3.16.0-4-amd64* linux-headers-3.16.0-4-common*
linux-kbuild-3.16* linux-libc-dev* make* po-debconf* virtualbox-guest-dkms*
0 upgraded, 0 newly installed, 28 to remove and 0 not upgraded.

then looking at the final package list, no libdvd{cssdvd,-pkg}:
austin@debian-laptop:~/src/tails$ grep libdvd *packages
libdvdnav4 4.2.0+20120524-2
libdvdread4 4.2.0+20120521-2

#20 Updated by hybridwipe 2015-09-07 12:16:13

• Assignee deleted (hybridwipe)
• QA Check changed from Dev Needed to Ready for QA
• Feature Branch set to feature/7674-libdvdcss2

#22 Updated by intrigeri 2015-09-17 13:39:58

• Assignee set to hybridwipe
• QA Check changed from Ready for QA to Info Needed

hybridwipe wrote:
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797113
>
> The bug was closed as WONTFIX, with the suggestion that we configure a proxy that works for wget.

Sad, but well. I thought we already exported http_proxy into the build environment, don’t we?

#24 Updated by intrigeri 2015-10-23 07:49:19

• Feature Branch changed from feature/7674-libdvdcss2 to https://github.com/austin987/tails/tree/feature/7674-libdvdcss2

#25 Updated by intrigeri 2015-10-23 08:08:01

• QA Check changed from Info Needed to Dev Needed

We’ve missed the merge window for next major release, mainly because the ticket metadata was wrong (it’s still assigned to you so others won’t notice they should be acting on it — please read the contributors doc I’ve pointed you at) => this will have to wait for Tails 1.9 in three months => IMO we should ensure the Debian package is updated by then (ask the maintainer for an ETA, let them know that we’re waiting, maybe propose help) and be prepared to drop the PATH hack. Thanks for your contribution to Debian.

I had a look at the branch and it’s getting much better!

It would be good to do the work in a temporary directory. See other hooks that use equivs for inspiration :)

We’re lucky that Stretch’s libdvdnav4 and libdvdread4 work as-is on Wheezy. Isn’t the version from wheezy-backports good enough?

I would remove libdvdcss-dev in the same hook that installs it, so that it’s a bit more self-contained.

Lastly, the replacement of Totem with VLC has nothing to do in this branch, please revert it (I would normally add “and start the discussion somewhere relevant” but it’s been asked so often that it looking for answers should be easy). I think the “Totem can’t play DVDs” issues is probably caused by AppArmor. Can you please check and report a dedicated bug if this is confirmed?

#26 Updated by hybridwipe 2015-10-29 17:12:31

• File <del>missing: add-libdvdcss2-to-tails.patch</del> added

intrigeri wrote:
> We’ve missed the merge window for next major release, mainly because the ticket metadata was wrong (it’s still assigned to you so others won’t notice they should be acting on it — please read the contributors doc I’ve pointed you at) => this will have to wait for Tails 1.9 in three months => IMO we should ensure the Debian package is updated by then (ask the maintainer for an ETA, let them know that we’re waiting, maybe propose help) and be prepared to drop the PATH hack. Thanks for your contribution to Debian.

Actually, now that b9fd6312435d55dd0bc0b6abdb7994da4d66e2b2 is in, the PATH hack is no longer needed (nor is the updated package needed either).

> I had a look at the branch and it’s getting much better!
>
> It would be good to do the work in a temporary directory. See other hooks that use equivs for inspiration :)

Actually, I had looked at others which is where I got that from ;) (see 50-virtualbox, I may send a patch for that soonish). Anyway, fixed in this revision.

> We’re lucky that Stretch’s libdvdnav4 and libdvdread4 work as-is on Wheezy. Isn’t the version from wheezy-backports good enough?

I’m not sure if it was in wheezy-backports when I first looked at this, but yes, this version works as well.

> I would remove libdvdcss-dev in the same hook that installs it, so that it’s a bit more self-contained.

Sure, good idea.

> Lastly, the replacement of Totem with VLC has nothing to do in this branch, please revert it (I would normally add “and start the discussion somewhere relevant” but it’s been asked so often that it looking for answers should be easy). I think the “Totem can’t play DVDs” issues is probably caused by AppArmor. Can you please check and report a dedicated bug if this is confirmed?

Thanks for the suggestion, AppArmor is indeed the cause. sudo /etc/init.d/apparmor teardown lets Totem play the DVD. I filed Bug #10455 for that.

#27 Updated by hybridwipe 2015-10-29 17:13:03

• Assignee changed from hybridwipe to intrigeri

#28 Updated by intrigeri 2015-10-31 08:19:18

• blocked by Bug #10455: Totem cannot access DVD readers added

#29 Updated by intrigeri 2015-10-31 08:24:29

• Target version changed from Tails_1.7 to 246

It would be nice to either update the Git branch (best), or empty the “feature branch” field (why not, but really, attached patches are OK’ish for easy changes that one gets right at first try, but we’re not at it anymore here).

Also, please read https://tails.boum.org/contribute/merge_policy/#submit :)

#30 Updated by intrigeri 2015-10-31 08:26:38

• Assignee deleted (intrigeri)
• QA Check changed from Dev Needed to Ready for QA

(anonym: don’t blindly trust the feature branch field.)

#31 Updated by hybridwipe 2015-11-01 19:45:01

• Feature Branch deleted (https://github.com/austin987/tails/tree/feature/7674-libdvdcss2)

#32 Updated by sajolida 2015-11-27 04:46:30

• Target version changed from 246 to Tails_2.0

#33 Updated by intrigeri 2015-11-30 02:51:03

• Assignee set to anonym

(A month after submission of the latest patch, explicitly putting on the RM’s plate.)

#34 Updated by hybridwipe 2015-12-13 20:41:59

• File <del>missing: 0633-feature-7674-add-libdvdcss-support-to-tails-allows-w.patch</del> added

I rediffed my patch against the current feature/jessie branch (at 237e8ef06e5b78fbb4cff5ef44dd3a07d272ff04).

Now that Bug #10455 is fixed, this patch is all that is needed for Tails to play DVDs in Totem. Currently watching one now ;)

#35 Updated by intrigeri 2015-12-14 07:29:44

• Target version changed from Tails_2.0 to Tails_2.2

Yay!

(The feature freeze for Tails 2.0 was a few days ago.)

#37 Updated by anonym 2016-02-09 11:00:57

• Assignee changed from anonym to hybridwipe
• QA Check changed from Ready for QA to Dev Needed

hybridwipe wrote:
> FWIW the wget > /usr/bin/wget fix is now fixed upstream in Debian:
> https://tracker.debian.org/news/738022
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797113
>
> that’s libdvd-pkg-1.4.0-1-1. We aren’t affected anymore now that we’ve removed the /usr/local/bin/wget wrapper.
>
>
> @anonym, have you had any time to look at this?

Sorry, I apparently didn’t. :(

I do not know why, but the attached file is missing from Redmine (clicking the link => 404). Could you please upload the patch again? This time I promise to look at it ASAP.

BTW, you may want to consider hosting your Git repo somewhere (Git labs, Bitbucket, whatever) so you can send pull requests that way. It just fits the reviewers’ workflow better, and works a lot better for conributions of >1 commits. Just a thought, but this is of course not a requirement, so if you feel it would hinder you in any way, definitely do not bother for this patch at least. :)

#38 Updated by hybridwipe 2016-02-11 21:27:34

• File 0001-add-libdvdcss2-to-tails.patch added
• Feature Branch set to https://git-tails.immerda.ch/hybridwipe/tails/?h=feature/7674-libdvdcss2

Rebased patch for jessie. I’m unable to test, build fails with vagrant issues for me:
austin@debian-laptop:~/src/tails$ rake build
rake aborted!
LoadError: cannot load such file — vagrant
/home/austin/src/tails/Rakefile:23:in `<top (required)>’
(See full trace by running task with —trace)

Also pushed here:
https://git-tails.immerda.ch/hybridwipe/tails/?h=feature/7674-libdvdcss2

#39 Updated by hybridwipe 2016-02-11 21:27:47

• File deleted (0633-feature-7674-add-libdvdcss-support-to-tails-allows-w.patch)

#40 Updated by hybridwipe 2016-02-11 21:27:57

• File deleted (tails-i386-devel-1.7-20150811.iso.buildlog)

#41 Updated by hybridwipe 2016-02-11 21:28:03

• File deleted (patch)

#42 Updated by hybridwipe 2016-02-11 21:28:12

• File deleted (add-libdvdcss2-to-tails.patch)

#43 Updated by anonym 2016-02-12 02:59:47

• % Done changed from 10 to 40

Thanks for your contribution! Here’s a review:

> —- a/config/chroot_apt/preferences
> + b/config/chroot_apt/preferences
> …

Do we actually need these pinnings any more? By default we already pin packages from Jessie higher than any other dist.

> + b/config/chroot_local-hooks/59-libdvd-pkg
> …
> +set -x

While useful for debugging, let’s not put set -x into production.

> +local tmp

You cannot use local in the global scope, only inside functions. This currently causes a fatal error.

> # Create and install fake libdvd-pkg package

Please expand add an explanation why we need to do this. If I understand it correctly it’s so we later can remove build-essential, which libdvd-pkg depends on, while still providing for libdvdcss2. That’s not so obvious when just reading this script, and surprised me. :)

> +Package: libdvd-pkg-${LIBDVD_PKG_VERSION}

So we create a package with the version included in the name. If we really want that we’d have to sanitize it, cause versions can include characters not allowed in package names, which currently is the case and causes a fatal error. I think I’d prefer something like:

LIBDVD_PKG_VERSION="$(dpkg-query -s libdvd-pkg | grep Version | cut -d ' ' -f2)+fake1"
...
Package: libdvd-pkg
Version: ${LIBDVD_PKG_VERSION}
...
dpkg -i "${tmp}/libdvd-pkg_${LIBDVD_PKG_VERSION}_all.deb"
...

Then you can also drop the Provides field.

> +cd “${tmp}”
> …
> +cd -

IMHO a better pattern is to do the change of directory and the operations needing it in a sub-shell:

(
    cd "${tmp}"
    ... stuff to be done inside ${tmp} ...
)

This is safe as long as we don’t need to modify the original shell (e.g. store something in a variable) which we do not in this case.

Sorry for the less than optimal state of Vagrant. :/ I’ll email you about this and perhaps we can solve it. I realize that it’ll be hard to test your changes without being able to build Tails but hopefully we can

#45 Updated by intrigeri 2016-02-12 12:22:08

• Assignee changed from hybridwipe to anonym
• QA Check changed from Dev Needed to Ready for QA

#46 Updated by anonym 2016-02-23 20:43:49

• Assignee changed from anonym to intrigeri
• % Done changed from 40 to 50
• Feature Branch changed from https://git-tails.immerda.ch/hybridwipe/tails/?h=feature/7674-libdvdcss2 to feature/7674-libdvdcss2

Thanks again, hybridwipe!

I tried your branch, and it didn’t build, so I pushed two fixes (one for something I already mentioned, the local declaration; one thing that was fixed in the code examples I provided above) for that and some style fixes, see the new feature branch. Now that you have a working build system (right?) I hope you can test your changes in the future! :)

Despite my fixes, there are still issues:

1. When I try to play a DVD in Totem I get no sound. If run in a terminal I can see this error:

** Message: Missing plugin: gstreamer|1.0|totem|DVD AC-3 (ATSC A/52) decoder|decoder-audio/x-private1-ac3 (DVD AC-3 (ATSC A/52) decoder)
** Message: Automatic missing codec installation not supported (helper script missing)

Installing gstreamer1.0-plugins-ugly removes the error message and enables sound. Note that we are installing the gstreamer0.1 variant of this package. Hmm. Perhaps we actually should switch to 1.0, or do we explicitly depend on the 0.1 packages still?

2. While installing that package I noticed this in the apt-get install output:

N: Ignoring '88libdvdcss-pkg' in directory '/etc/apt/apt.conf.d/' as it is not a regular file

and indeed,

$ ls -l /etc/apt/apt.conf.d/88libdvdcss-pkg
lrwxrwxrwx 1 root root 35 Feb 23 14:29 /etc/apt/apt.conf.d/88libdvdcss-pkg -> /usr/lib/libdvd-pkg/88libdvdcss-pkg

$ ls -l /usr/lib/libdvd-pkg/88libdvdcss-pkg
ls: cannot access /usr/lib/libdvd-pkg/88libdvdcss-pkg: No such file or directory

I guess that symlink should be removed. In any case, we do not want the out-of-APT automated update crap it provides.

So, I actually do not think this branch is completely ready for inclusion in Tails 2.2 but I do not want to discourage you by having to wait another 3 months, until the next major Tails release, so I’ll give this a try any will merge it for the 2.2 RC any way with even more fixes (yes, I changed my mind about this while writing this comment). :) Worst case, we revert the merge for the final release of 2.2, but let’s make that not happen!

intrigeri, can you please review (probably after 2.2~rc1, but before 2.2 final) my commits:

6cb3565 Remove illegal 'local' in shell script.
0fe243c Reformat comment.
316b414 Lessen scope of subshell invocation.
0226644 Drop unnecessary 'cd' (due to subshell).
2b04e17 Fix paths and cleanup in subshell invocation.
87a0014 Remove dangling symlink left by the libdvd-pkg package.
39dd882 Install gstreamer1.0-plugins-ugly for audio during DVD playback.

#47 Updated by anonym 2016-02-24 14:18:08

• % Done changed from 50 to 80

Merged! Let’s hope there are no remaining issues.

#49 Updated by intrigeri 2016-02-25 22:30:44

• Assignee changed from intrigeri to anonym

> intrigeri, can you please review (probably after 2.2~rc1, but before 2.2 final) my commits:

I’ll try, but my plate is already seriously too full wrt. “what I have to do before 2.2 final”, so I would appreciate if you asked other people.

#50 Updated by anonym 2016-03-08 18:38:14

• Status changed from In Progress to Resolved
• Assignee deleted (anonym)
• % Done changed from 80 to 100
• QA Check changed from Ready for QA to Pass

Now it’s in Tails 2.2, so no reason to keep it open any longer. Yay!