[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r17268: {incognito} This is a massive (and well tested) commit for the hardened (in incognito/branches/hardened: . arch/x86 arch/x86/overlay/isolinux portage.config root_overlay/etc/init.d root_overlay/usr/kde/3.5/share/config/kdm root_overlay/usr/sbin root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default root_overlay/var/lib/thunderbird-config/rhy4kriw.default root_overlay/var/patches)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r17268: {incognito} This is a massive (and well tested) commit for the hardened (in incognito/branches/hardened: . arch/x86 arch/x86/overlay/isolinux portage.config root_overlay/etc/init.d root_overlay/usr/kde/3.5/share/config/kdm root_overlay/usr/sbin root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default root_overlay/var/lib/thunderbird-config/rhy4kriw.default root_overlay/var/patches)
- From: anonym@xxxxxxxx
- Date: Thu, 13 Nov 2008 20:33:05 -0500 (EST)
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-cvs-outgoing@xxxxxxxx
- Delivered-to: or-cvs@xxxxxxxx
- Delivery-date: Thu, 13 Nov 2008 20:33:13 -0500
- Reply-to: or-dev@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: anonym
Date: 2008-11-13 20:33:05 -0500 (Thu, 13 Nov 2008)
New Revision: 17268
Added:
incognito/branches/hardened/root_overlay/etc/init.d/vbox-guest
Modified:
incognito/branches/hardened/ChangeLog
incognito/branches/hardened/TODO
incognito/branches/hardened/arch/x86/kernel-2.6.25.config
incognito/branches/hardened/arch/x86/livecd-stage1.spec
incognito/branches/hardened/arch/x86/livecd-stage2.spec
incognito/branches/hardened/arch/x86/overlay/isolinux/isolinux.cfg
incognito/branches/hardened/arch/x86/stage1.spec
incognito/branches/hardened/arch/x86/stage2.spec
incognito/branches/hardened/arch/x86/stage3.spec
incognito/branches/hardened/fsscript.sh
incognito/branches/hardened/hacking.html
incognito/branches/hardened/portage.config/package.keywords
incognito/branches/hardened/portage.config/package.mask
incognito/branches/hardened/portage.config/package.unmask
incognito/branches/hardened/portage.config/package.use
incognito/branches/hardened/root_overlay/etc/init.d/external-locale
incognito/branches/hardened/root_overlay/usr/kde/3.5/share/config/kdm/kdmrc
incognito/branches/hardened/root_overlay/usr/sbin/create-homevol
incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/bookmarks.html
incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/prefs.js
incognito/branches/hardened/root_overlay/var/lib/thunderbird-config/rhy4kriw.default/prefs.js
incognito/branches/hardened/root_overlay/var/patches/xorg.conf.in.patch
Log:
This is a massive (and well tested) commit for the hardened branch, soon to be merged into trunk:
- a new portage snapshot
- merge with trunk (compatibility testing)
- support for VirtualBox, incl. additions
- various new software, e.g. koffice, twinkle
- various smaller, innocent tweaks
Modified: incognito/branches/hardened/ChangeLog
===================================================================
--- incognito/branches/hardened/ChangeLog 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/ChangeLog 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,3 +1,11 @@
+changes since 2008.1
+ - Incognito is now based on Hardened Gentoo, which should increase
+ resistence towards certain exploits.
+ - Added support for VirtualBox.
+ - Tor 0.2.0.31
+ - Firefox 2.0.0.17
+ - Vidalia 0.1.7
+
2008.1 changes since 2008.0 (i.e. 20080109.1)
- Added an Incognito Walkthrough which will launch upon start up.
- Added language support for Arabic, Greek, Hebrew, Russian and
Modified: incognito/branches/hardened/TODO
===================================================================
--- incognito/branches/hardened/TODO 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/TODO 2008-11-14 01:33:05 UTC (rev 17268)
@@ -82,6 +82,9 @@
A configuration program for Incognito specific things like creating USB, clearing persistent home, removing the lock file preventing persistent home to be used etc.
Or maybe the new category in K menu is enough?
+- DSL support ?
+http://kdslbroadband.sourceforge.net/ could be something, but it seems it's not maintained any longer.
+
- Handle ISP login requirement, possibly allow Tor to be bypassed ?
Public networks may require a login before allowing access to the outside. Generally this is done by a transparent proxy that redirects to the login screen whenever an http request is made. A solution to this may be to add the class C network to the iptables exclusion list so the redirect won't run through Tor. The user will need to access something on the local net first though since the redirect won't happen when running through Tor. Other suggestions are welcome.
Sometimes a direct Internet connection (i.e. bypass Tor completely) is needed, though. If we setup a new http(s) proxy that is excluded from the netfiler Tor forwarding, Torbutton could be used to have Firefox somehow access the network directly, which can be necessary when ISP require logins. For example, we could make an un-toggled Torbutton give Firefox direct Internet connection, although we really want a clear, annoying indicator that we are not anonymous any longer.
Modified: incognito/branches/hardened/arch/x86/kernel-2.6.25.config
===================================================================
--- incognito/branches/hardened/arch/x86/kernel-2.6.25.config 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/kernel-2.6.25.config 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Linux kernel version: 2.6.25-hardened-r3
-# Thu Aug 7 04:08:45 2008
+# Linux kernel version: 2.6.25-hardened-r9
+# Wed Nov 12 14:21:18 2008
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
Modified: incognito/branches/hardened/arch/x86/livecd-stage1.spec
===================================================================
--- incognito/branches/hardened/arch/x86/livecd-stage1.spec 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/livecd-stage1.spec 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,12 +1,12 @@
-subarch: x86
-version_stamp: 20080807
+subarch: i686
+version_stamp: 20081109-hardened
target: livecd-stage1
rel_type: incognito
profile: hardened/linux/x86/2008.0
portage_overlay: /usr/src/incognito/portage.overlay
portage_confdir: /usr/src/incognito/portage.config
-snapshot: 20080807
-source_subpath: incognito/stage3-x86-20080807
+snapshot: 20081109
+source_subpath: incognito/stage3-i686-20081109-hardened
livecd/use:
-apm
-eds
@@ -81,11 +81,17 @@
app-crypt/gnupg
app-crypt/gpa
app-editors/vim
+ app-emulation/virtualbox-ose-additions
+ app-i18n/koffice-i18n
app-misc/livecd-tools
app-misc/pax-utils
app-misc/screen
app-misc/secure-delete
app-misc/vlock
+ app-office/kpresenter
+ app-office/krita
+ app-office/kspread
+ app-office/kword
app-portage/gentoolkit
dev-libs/libevent
kde-base/akregator
@@ -140,6 +146,7 @@
kde-base/kmilo
kde-base/kmix
kde-base/kmrml
+ kde-base/knetworkconf
kde-base/kode
kde-base/kolourpaint
kde-base/kommander
@@ -178,7 +185,9 @@
kde-misc/tork
mail-client/mozilla-thunderbird-bin
mail-mta/mixminion
+ media-gfx/exiv2
media-gfx/fbgrab
+ media-gfx/jhead
media-fonts/arphicfonts
media-fonts/font-misc-misc
media-fonts/kochi-substitute
@@ -199,6 +208,7 @@
net-dns/bind-tools
net-dns/pdnsd
net-im/pidgin
+ net-im/twinkle
net-irc/xchat
net-misc/dhcp
net-misc/iputils
@@ -232,7 +242,6 @@
net-wireless/zd1211-firmware
net-www/mplayerplug-in-bin
net-www/netscape-flash
- sys-apps/chpax
sys-apps/eject
sys-apps/ethtool
sys-apps/fxload
Modified: incognito/branches/hardened/arch/x86/livecd-stage2.spec
===================================================================
--- incognito/branches/hardened/arch/x86/livecd-stage2.spec 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/livecd-stage2.spec 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,10 +1,10 @@
-subarch: x86
+subarch: i686
version_stamp: __INCOGNITO_TYPE__
target: livecd-stage2
rel_type: incognito
profile: hardened/linux/x86/2008.0
-snapshot: 20080807
-source_subpath: incognito/livecd-stage1-x86-20080807
+snapshot: 20081109
+source_subpath: incognito/livecd-stage1-i686-20081109-hardened
portage_overlay: /usr/src/incognito/portage.overlay
portage_confdir: /usr/src/incognito/portage.config
@@ -25,7 +25,6 @@
livecd/rcadd:
acpid|boot
- chpax|default
consolefont|boot
cupsd|default
external-config-setup|boot
@@ -41,6 +40,7 @@
pdnsd|default
polipo|default
tor|default
+ vbox-guest|default
vmware-tools|default
xdm|default
@@ -177,6 +177,7 @@
app-admin/eselect-compiler
app-admin/pwgen
app-doc/xorg-docs
+ app-emulation/virtualbox-ose-additions
app-portage/gentoolkit
dev-lang/nasm
dev-libs/elfutils
@@ -237,7 +238,7 @@
/usr/lib/awk
/usr/lib/ccache
/usr/lib/gcc-config
- /usr/lib/gconv
+# /usr/lib/gconv
/usr/lib/nfs
# /usr/lib/perl5
/usr/lib/portage
Modified: incognito/branches/hardened/arch/x86/overlay/isolinux/isolinux.cfg
===================================================================
--- incognito/branches/hardened/arch/x86/overlay/isolinux/isolinux.cfg 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/overlay/isolinux/isolinux.cfg 2008-11-14 01:33:05 UTC (rev 17268)
@@ -27,7 +27,7 @@
label gentoo-zh
menu label Chinese
kernel gentoo
- append root=/dev/ram0 init=/linuxrc looptype=squashfs loop=/image.squashfs cdroot initrd=gentoo.igz vga=791 splash=silent,theme:incognito-2008.1 console=tty1 acpi=on dopcmcia quiet lang=zh dokeymap
+ append root=/dev/ram0 init=/linuxrc looptype=squashfs loop=/image.squashfs cdroot initrd=gentoo.igz vga=791 splash=silent,theme:incognito-2008.1 console=tty1 acpi=on dopcmcia quiet lang=zh keymap=us dokeymap
label gentoo-en
menu label English
Modified: incognito/branches/hardened/arch/x86/stage1.spec
===================================================================
--- incognito/branches/hardened/arch/x86/stage1.spec 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/stage1.spec 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,10 +1,10 @@
-subarch: x86
+subarch: i686
target: stage1
-version_stamp: 20080807
+version_stamp: 20081109-hardened
rel_type: incognito
profile: hardened/linux/x86/2008.0
portage_confdir: /usr/src/incognito/portage.config
-snapshot: 20080807
-source_subpath: default/stage3-x86-2008.0
-chost: i486-pc-linux-gnu
-cflags: -mtune=i486 -Os -pipe -fomit-frame-pointer -fforce-addr
+snapshot: 20081109
+source_subpath: default/stage3-i686-2008.0
+chost: i686-pc-linux-gnu
+cflags: -march=i686 -Os -pipe -fomit-frame-pointer -fforce-addr
Modified: incognito/branches/hardened/arch/x86/stage2.spec
===================================================================
--- incognito/branches/hardened/arch/x86/stage2.spec 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/stage2.spec 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,10 +1,10 @@
-subarch: x86
+subarch: i686
target: stage2
-version_stamp: 20080807
+version_stamp: 20081109-hardened
rel_type: incognito
profile: hardened/linux/x86/2008.0
portage_confdir: /usr/src/incognito/portage.config
-snapshot: 20080807
-source_subpath: incognito/stage1-x86-20080807
-chost: i486-pc-linux-gnu
-cflags: -mtune=i486 -Os -pipe -fomit-frame-pointer -fforce-addr
+snapshot: 20081109
+source_subpath: incognito/stage1-i686-20081109-hardened
+chost: i686-pc-linux-gnu
+cflags: -march=i686 -Os -pipe -fomit-frame-pointer -fforce-addr
Modified: incognito/branches/hardened/arch/x86/stage3.spec
===================================================================
--- incognito/branches/hardened/arch/x86/stage3.spec 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/arch/x86/stage3.spec 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,11 +1,10 @@
-subarch: x86
+subarch: i686
target: stage3
-version_stamp: 20080807
+version_stamp: 20081109-hardened
rel_type: incognito
profile: hardened/linux/x86/2008.0
portage_overlay: /usr/src/incognito/portage.overlay
portage_confdir: /usr/src/incognito/portage.config
-snapshot: 20080807
-source_subpath: incognito/stage2-x86-20080807
-chost: i486-pc-linux-gnu
-cflags: -mtune=i486 -Os -pipe -fomit-frame-pointer -fforce-addr
+snapshot: 20081109
+source_subpath: incognito/stage2-i686-20081109-hardened
+cflags: -march=i686 -Os -pipe -fomit-frame-pointer -fforce-addr
Modified: incognito/branches/hardened/fsscript.sh
===================================================================
--- incognito/branches/hardened/fsscript.sh 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/fsscript.sh 2008-11-14 01:33:05 UTC (rev 17268)
@@ -201,6 +201,30 @@
passwd -d "${USERNAME}"
done
+# Install VirtualBox guest additions (depends on virtualbox-ose-additions)
+# FIXME: would it be sane to do this in an ebuild instead?
+VBOX_DIST="$(mktemp -t -d incognitoXXXXXXXX)"
+VBOX_SRC="$(mktemp -t -d incognitoXXXXXXXX)"
+mount -o loop /usr/share/virtualbox-ose/VBoxGuestAdditions.iso ${VBOX_DIST}
+# just unpack sources, don't run the script
+linux32 ${VBOX_DIST}/VBoxLinuxAdditions-x86.run --noexec --target ${VBOX_SRC}
+# don't add the init scripts to a run level -- we use our own script
+sed -i 's/addrunlevel() {/addrunlevel() {\nreturn 0/' ${VBOX_SRC}/routines.sh
+# since it is the build system's kernel that is running, there are a number of
+# things related to modprobe, depmod and uname -r that needs to be fixed
+sed -i 's/build_test_module() {/build_test_module() {\nreturn 0/' ${VBOX_SRC}/install.sh
+KERNEL_REL="$(ls -l /tmp/kerncache/gentoo/usr/src/linux | sed "s/\(.*\) -> linux-\(.*\)/\2/")"
+for X in $(find ${VBOX_SRC} -type f); do
+ sed -i "s/\(\$(shell uname -r)\)\|\(\`uname -r\`\)/${KERNEL_REL}/" $X
+ sed -i "s/depmod\( -ae\)\?/& ${KERNEL_REL}/" $X
+done
+# run the modified script manually to compile and install the modules
+cd ${VBOX_SRC}
+linux32 ./install.sh all
+# cleanup
+umount ${VBOX_DIST}
+rm -Rf ${VBOX_SRC} ${VBOX_DIST}
+
# Remove root password and ensure home dir permissions
echo "Setting up super user"
passwd -d "root"
Modified: incognito/branches/hardened/hacking.html
===================================================================
--- incognito/branches/hardened/hacking.html 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/hacking.html 2008-11-14 01:33:05 UTC (rev 17268)
@@ -11,7 +11,7 @@
<h2>Pre-reqs</h2>
-<p>You must know something about the following technologies:</p>
+<p>First of all you'll need a Linux installation with Catalyst present which probably amounts to a Gentoo installation. If you run another Linux distribution, see below for instructions for setting up a Gentoo Linux chroot. Additionally, you probably should know something about the following technologies to be able to work with Incognito effectively:</p>
<ul>
<li>Linux - the base operating system</li>
<li>Portage - the Gentoo Linux package management system</li>
@@ -19,60 +19,76 @@
<li>Subversion - the source code management tool</li>
</ul>
-<p>
-Before submitting patches make sure you can build and test the CD. See building.html for build instructions. You can use an emulator/virtualizer such as Qemu, VMWare or Virtual PC to test it.
-</p>
+<p>Before submitting patches, please make sure you can build and run the resulting distribution. See building.html for build instructions. You can use an emulator/virtualizer such as Qemu, VMWare or Virtual PC to test it.</p>
<h2>TODO list</h2>
If you want to help out, check if there's anything interesting in the <a href="https://tor-svn.freehaven.net/svn/incognito/trunk/TODO">TODO list</a> to design or implement. It might be a good idea to send the developers an email first, checking if there already has been some unannounced progress made etc.
-<h2>Updating Packages</h2>
+<h2>Important files and directories</h2>
-<p>Updating packages happens in portage.overlay. The following steps with bump the version number. Anything more indepth you'll need to learn how ebuilds work.</p>
-<ol>
-<li>cd to portage.overlay/category/package</li>
-<li>svn mv package-version.ebuild package-newversion.ebuild</li>
-<li>svn rm files/digest-package-version</li>
-<li>ebuild package-newversion.ebuild manifest</li>
-</ol>
+<h3>arch/x86/stage{1,2,3}.spec</h3>
+<p>Specification for the stage 1-3 tarballs. Don't change these unless you really know what you are doing.</p>
-<p>
-<strong>NOTICE</strong>: No alpha or beta packages unless absolutely necessary! First, people are recording this to a CD or USB, they cannot easily update to the next alpha if something goes wrong. Second, people are counting on anonymity, the packages should be well tested.
-</p>
+<h3>arch/x86/livecd-stage1{,-tiny}.spec</h3>
+<p>Specification for the main CD build. This gives the packages and use flags that are desired. Do not add packages that depend on the kernel sources being installed, that goes in <code>livecd-stage2.spec</code>.</p>
-<h2>Important Files</h2>
+<h3>arch/x86/livecd-stage2{,-tiny}.spec</h3>
+<p>Specification for the final stage which produces the final ISO image. livecd-stage2 basically takes on from livecd-stage1, adds a boot loader, compiles the kernel and packages depending on the kernel, runs <code>fsscript.sh</code> (see below), removes unnecessary packages and files, etc. Most changes will have to do with livecd-stage2 and mostly you can rebuild this stage to test your changes.</p>
-<dl>
+<h3>arch/x86/isolinux-*-cdtar.tar.bz2</h3>
+<p>Files for the isolinux boorloader, includung the theme (<code>isolinux/splash.png</code>).</p>
-<dt>arch/x86/stage{1,2,3}.spec</dt>
-<dd>
-Specification for the stage 1-3 tarballs. Don't change these unless you really know what you are doing.
-</dd>
+<h3>arch/x86/overlay</h3>
+<p>As per standard Catalyst behaviour, this is the CD overlay. Everything in here will be copied to the root of the ISO image. Of particular interest here is the configuration file for the bootloader (<code>arch/x86/overlay/isolinux/isolinux.cfg</code>).</p>
-<dt>arch/x86/livecd-stage1{,-tiny}.spec</dt>
-<dd>
-Specification for the main CD build. This gives the packages and use flags that are desired. Do not add packages that depend on the kernel sources being installed, that goes in livecd-stage2.spec.
-</dd>
+<h3>fsscript.sh</h3>
+<p>This script is run in the chroot environment of livecd-stage2. Look at it to see some things you might need to do.</p>
-<dt>arch/x86/livecd-stage2{,-tiny}.spec</dt>
-<dd>
-Specification for the final stage of the CD build. livecd-stage2 basically takes livecd-stage1 and modifies it for use on a live CD. The kernel is built, packages depending on the kernel are installed, package configuration is done, unnecessary packages and files removed, etc. Most changes will have to do with livecd-stage2 and mostly you can rebuild this stage to get your changes.
-</dd>
+<h3>build-stage.sh</h3>
+<p>This scripts is used to build stage{1,2,3}.spec and livecd-stage1.spec, making them directory independent (the spec files use absolute paths to determine the overlays etc.).</p>
-<dt>fsscript.sh</dt>
-<dd>
-This script is run in the chroot environment of livecd-stage2. Look at it to see some things you might need to do.
-</dd>
+<h3>livecd-stage2.sh</h3>
+<p>This script does pre-processing for livecd-stage2{,-tiny}.spec. If you need to generate files for the overlay programatically, this is the place to do it.</p>
-<dt>livecd-stage2.sh</dt>
-<dd>
-This script does pre-processing for livecd-stage2{,-tiny}.spec. If you need to generate files for the overlay programatically, this is the place to do it.
-</dd>
+<h3>portage.overlay</h3>
+<p>This will act like a normal Portage overlay.</p>
-</dl>
+<h3>portage.config</h3>
+<p>This will be copied into <code>/etc/portage</code>, so set package specifig keywords, {un}maskings and USE-flags here.</p>
+<h3>root_overlay</h3>
+<p>As per standard Catalyst behaviour, this is the root overlay. This directory structure will be copied into the filesystem root in livecd-stage2, which is very practical for putting custom configs in their right place. Below are described some special files and directories in the root overlay which are put there simply to be accessible for <code>fsscript.sh</code></p>
+
+<h4>root_overlay/etc/init.d/</h4>
+<p>There are some special init scripts here for setting up locale as chosen in the boot menu, creating/mounting a persistent home directory etc.</p>
+
+<h4>root_overlay/usr/{,s}bin</h4>
+<p>All incognito specific scripts are stored here.</p>
+
+<h4>root_overlay/var/patches</h4>
+<p>All patches (<code>*.patch</code>) in this directory are applied to the filesystem root. It is preferrable to use this approach to smaller changes or additions to scripts or configs compared to overlay them with a complete file using the root overlay since that will need constant attention when the responsible packages are updated.</p>
+
+<h4>root_overlay/var/lib/*-config and root_overlay/var/lib/kdesession</h4>
+<p>These are the users' application configs, e.g. <code>firefox-config</code> will be copied to<code>~/.mozilla</code>. The contents of <code>kdesession</code> will be copied into <code>~/kde/share/config</code>.</p>
+
+<h4>root_overlay/var/lib/incognito-menu</h4>
+<p>Used for the Incognito KDE menu.</p>
+
+<h2>Updating packages</h2>
+
+<p>Updating packages happens in <code>portage.overlay</code> (or by updating the portage snapshot, but that's restricted and coordinated by the main developers). The following steps with bump the version number. Anything more indepth you'll need to learn how ebuilds work.</p>
+<ol>
+<li>cd portage.overlay/category/package</li>
+<li>svn mv package-version.ebuild package-newversion.ebuild</li>
+<li>svn rm files/digest-package-version</li>
+<li>ebuild package-newversion.ebuild manifest</li>
+</ol>
+
+<p><strong>NOTICE</strong>: No alpha or beta packages unless absolutely necessary! First, people are recording this to a CD or USB, they cannot easily update to the next alpha if something goes wrong. Second, people are counting on anonymity, the packages should be well tested.</p>
+
+
<h2>Gentoo Linux chroot environment</h2>
-<p>If you run another Linux distribution than Gentoo Linux (or if you run Gentoo Linux on another arch than x86 or amd64) but want to build Incognito with catalyst, simply fetch a x86 stage-3 tarball from a <a href="http://www.gentoo.org/main/en/mirrors.xml">Gentoo Mirror</a> (preferably the latest release), extract and chroot into it. When inside the chroot, sync portage, update and install relevant applications:</p>
+<p>If you run another Linux distribution than Gentoo Linux but want to build Incognito with Catalyst, simply fetch a x86 stage-3 tarball from a <a href="http://www.gentoo.org/main/en/mirrors.xml">Gentoo Mirror</a> (preferably the latest release), extract and chroot into it. When inside the chroot, sync portage, update and install relevant applications:</p>
<p><code># get a stage3 tarball<br>
wget http://files1.cjb.net/incognito/stage3-i686-*.tar.bz2
<br>
@@ -88,11 +104,7 @@
emerge -auvDN world<br>
emerge -av catalyst # some more might be needed</code></p>
<p>Then use this chroot enivonment as you would use a regular Gentoo Linux installation for building Incognito.</p>
-<p>When using menuconfig for kernel configurations on a different arch than x86, use <code>linux32 make menuconfig</code> (linux32 can be found in the sys-apps/util-linux portage package) to make sure to get a sane kernel config.
+<p>When using menuconfig for kernel configurations on a different arch than x86, use <code>linux32 make menuconfig</code> (linux32 can be found in the sys-apps/util-linux portage package) to make sure to get a sane kernel config.</p>
-<h2>Misc</h2>
-
-<p>The arch/*.pyo files are generated by catalyst, I don't know why. Ignore them.</p>
-
</body>
</html>
Modified: incognito/branches/hardened/portage.config/package.keywords
===================================================================
--- incognito/branches/hardened/portage.config/package.keywords 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/portage.config/package.keywords 2008-11-14 01:33:05 UTC (rev 17268)
@@ -34,7 +34,7 @@
=app-misc/hal-info-20071011 ~*
# Hardware
-=app-emulation/open-vm-tools-0.0.20080701.102166 ~*
+app-emulation/open-vm-tools ~*
net-dialup/isdn-firmware ~*
net-dialup/globespan-adsl ~*
net-wireless/at76c503a ~*
@@ -63,15 +63,18 @@
net-dialup/intel-536ep ~*
net-dialup/ltmodem ~*
net-dialup/slmodem ~*
-=x11-drivers/xf86-input-virtualbox-1.5.6 ~*
-=x11-drivers/xf86-video-virtualbox-1.5.6 ~*
+=x11-drivers/xf86-input-virtualbox-2.0.4 ~*
+=x11-drivers/xf86-input-vmmouse-12.4.3 ~*
+=x11-drivers/xf86-video-virtualbox-2.0.4 ~*
-# Misc (mainly to get stuff to build and work properly)
+# Misc (e.g. fixes for portage breakages)
app-admin/keepassx ~*
+=app-emulation/virtualbox-ose-additions-2.0.4 ~*
app-misc/livecd-tools ~*
dev-java/java-config ~*
dev-java/java-config-wrapper ~*
dev-java/sun-jre-bin ~*
+=dev-util/kbuild-0.1.4 ~*
=dev-util/livecd-kconfigs-2006.1 ~*
=dev-util/livecd-specs-2006.1 ~*
kde-misc/kdmtheme ~*
@@ -81,6 +84,6 @@
=sys-boot/syslinux-3.70 ~*
sys-devel/prelink ~*
<sys-kernel/genkernel-9999 ~*
+=x11-drivers/xf86-video-sis-0.9.4 ~*
x11-libs/libsynaptics ~*
x11-misc/xdialog ~*
-=x11-drivers/xf86-video-sis-0.9.4 ~*
Modified: incognito/branches/hardened/portage.config/package.mask
===================================================================
--- incognito/branches/hardened/portage.config/package.mask 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/portage.config/package.mask 2008-11-14 01:33:05 UTC (rev 17268)
@@ -2,8 +2,8 @@
kde-base/kdebase
# We don't want other kernels sneaking in, the config may not be compatible
->sys-kernel/hardened-sources-2.6.25-r3
-<sys-kernel/hardened-sources-2.6.25-r3
+>sys-kernel/hardened-sources-2.6.25-r9
+<sys-kernel/hardened-sources-2.6.25-r9
# we want to make sure to have the same version as
# arch/x86/isolinux-*-cdtar.tar.bz2 so when changing this, update it. also, a
Modified: incognito/branches/hardened/portage.config/package.unmask
===================================================================
--- incognito/branches/hardened/portage.config/package.unmask 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/portage.config/package.unmask 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,3 +1,4 @@
+app-crypt/truecrypt
app-misc/livecd-tools
+sys-apps/hwsetup
x11-misc/mkxf86config
-sys-apps/hwsetup
Modified: incognito/branches/hardened/portage.config/package.use
===================================================================
--- incognito/branches/hardened/portage.config/package.use 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/portage.config/package.use 2008-11-14 01:33:05 UTC (rev 17268)
@@ -9,6 +9,7 @@
app-crypt/truecrypt X
x11-libs/wxGTK X
net-irc/xchat tcl
+net-im/twinkle zrtp speex ilbc
net-analyzer/nmap -gtk
# When pidgin uses gadu, libgadu must be compiled with -ssl unfortunately
Modified: incognito/branches/hardened/root_overlay/etc/init.d/external-locale
===================================================================
--- incognito/branches/hardened/root_overlay/etc/init.d/external-locale 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/etc/init.d/external-locale 2008-11-14 01:33:05 UTC (rev 17268)
@@ -32,6 +32,7 @@
echo "user_pref(\"general.useragent.locale\", \"${LANGUAGE}\");" >> "${PREFS}"
echo "user_pref(\"spellchecker.dictionary\", \"${LANGUAGE}\");" >> "${PREFS}"
done
+ sed -i "s@\(https://check.torproject.org/?lang=\)\(.*\)\(&small=1\)@\1${LANGUAGE}\3@" /home/__INCOGNITO_USER__/.mozilla/firefox/*/bookmarks.html
# Set keyboard layout in KDE
case "${LANGUAGE}" in
@@ -68,8 +69,11 @@
local CFONT=""
local CTRANS=""
case "${LANGUAGE}" in
- "us")
+ "zh")
KEYMAP="us"
+ ;;
+ "us")
+ KEYMAP="us"
CFONT="default8x16"
;;
"fr")
@@ -115,7 +119,7 @@
CFONT="lat0-16"
;;
*)
- # For the others (like Chinese) it seems we can do nothing.
+ # For the others we can do nothing.
;;
esac
Added: incognito/branches/hardened/root_overlay/etc/init.d/vbox-guest
===================================================================
--- incognito/branches/hardened/root_overlay/etc/init.d/vbox-guest (rev 0)
+++ incognito/branches/hardened/root_overlay/etc/init.d/vbox-guest 2008-11-14 01:33:05 UTC (rev 17268)
@@ -0,0 +1,55 @@
+#!/sbin/runscript
+
+depend() {
+ after autoconfig
+ before xdm
+}
+
+# This is a hack to determine whether we run inside VirtualBox or not
+vm_check() {
+ return $(lspci | grep -q "InnoTek")
+}
+
+# autoconfig doesn't detect the drivers so we set them manually
+# FIXME: this is temporary, should be fixed in hwsetup instead
+xorg_hack() {
+ sed -i "s/^\([ \t]*Driver[ \t]\+\)\"fbdev\"/\1\"vboxvideo\"/" /etc/X11/xorg.conf
+ sed -i "s/^\([ \t]*Driver[ \t]\+\)\"mouse\"/\1\"vboxmouse\"/" /etc/X11/xorg.conf
+}
+
+start() {
+ if ! vm_check; then
+ ewarn "VirtualBox Additions does nothing when running outside of VirtualBox"
+ return 0
+ fi
+
+ xorg_hack
+
+ /etc/init.d/vboxadd start
+ /etc/init.d/vboxadd-timesync start
+
+ # Some init files are modified during init before the time is set, so
+ # we touch them to assure that they are not modified in the future,
+ # otherwise we'll get loads of (admittedly harmless) warnings
+ touch /etc/{conf.d,init.d}/* &> /dev/null
+ # touch doesn't work for symlinks, so we re-link them
+ for X in $(find /etc/{conf.d,init.d} -type l); do
+ FROM=$(ls -l $X | sed 's/.* \([^ ]*\) -> \([^ ]*\)/\1/')
+ TO=$(ls -l $X | sed 's/.* \([^ ]*\) -> \([^ ]*\)/\2/')
+ ln -sf ${TO} ${FROM}
+ done
+
+ /etc/init.d/vboxvfs start
+}
+
+restart() {
+ /etc/init.d/vboxadd restart
+ /etc/init.d/vboxadd-timesync restart
+ /etc/init.d/vboxvfs restart
+}
+
+stop() {
+ /etc/init.d/vboxadd stop
+ /etc/init.d/vboxadd-timesync stop
+ /etc/init.d/vboxvfs stop
+}
Property changes on: incognito/branches/hardened/root_overlay/etc/init.d/vbox-guest
___________________________________________________________________
Name: svn:executable
+ *
Modified: incognito/branches/hardened/root_overlay/usr/kde/3.5/share/config/kdm/kdmrc
===================================================================
--- incognito/branches/hardened/root_overlay/usr/kde/3.5/share/config/kdm/kdmrc 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/usr/kde/3.5/share/config/kdm/kdmrc 2008-11-14 01:33:05 UTC (rev 17268)
@@ -540,7 +540,7 @@
AutoLoginAgain=true
# The delay in seconds before automatic login kicks in.
# Default is 0
-AutoLoginDelay=10
+AutoLoginDelay=0
# The user to log in automatically. NEVER specify root!
# Default is ""
AutoLoginUser=__INCOGNITO_USER__
Modified: incognito/branches/hardened/root_overlay/usr/sbin/create-homevol
===================================================================
--- incognito/branches/hardened/root_overlay/usr/sbin/create-homevol 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/usr/sbin/create-homevol 2008-11-14 01:33:05 UTC (rev 17268)
@@ -105,7 +105,7 @@
if [[ $? -eq 0 ]]; then
# Ask if a hidden volume should be used
- dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --yesno "${QUESTION_HIDDEN_VOLUME}" ${DIM}
+ dialog --ascii-lines --title "${TITLE}" --backtitle "${BACKTITLE}" --yesno --defaultno "${QUESTION_HIDDEN_VOLUME}" ${DIM}
if [[ $? -eq 0 ]]; then
USE_HIDDEN_VOLUME="yes"
PASSWORD_RECOMMENDATION="${PASSWORD_NORMAL_VS_HIDDEN}"
Modified: incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/bookmarks.html
===================================================================
--- incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/bookmarks.html 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/bookmarks.html 2008-11-14 01:33:05 UTC (rev 17268)
@@ -18,6 +18,7 @@
<DT><A HREF="http://en-US.www.mozilla.com/en-US/firefox/community/" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAHWSURBVHjaYvz//z8DJQAggJiQOe/fv2fv7Oz8rays/N+VkfG/iYnJfyD/1+rVq7ffu3dPFpsBAAHEAHIBCJ85c8bN2Nj4vwsDw/8zQLwKiO8CcRoQu0DxqlWrdsHUwzBAAIGJmTNnPgYa9j8UqhFElwPxf2MIDeIrKSn9FwSJoRkAEEAM0DD4DzMAyPi/G+QKY4hh5WAXGf8PDQ0FGwJ22d27CjADAAIIrLmjo+MXA9R2kAHvGBA2wwx6B8W7od6CeQcggKCmCEL8bgwxYCbUIGTDVkHDBia+CuotgACCueD3TDQN75D4xmAvCoK9ARMHBzAw0AECiBHkAlC0Mdy7x9ABNA3obAZXIAa6iKEcGlMVQHwWyjYuL2d4v2cPg8vZswx7gHyAAAK7AOif7SAbOqCmn4Ha3AHFsIDtgPq/vLz8P4MSkJ2W9h8ggBjevXvHDo4FQUQg/kdypqCg4H8lUIACnQ/SOBMYI8bAsAJFPcj1AAEEjwVQqLpAbXmH5BJjqI0gi9DTAAgDBBCcAVLkgmQ7yKCZxpCQxqUZhAECCJ4XgMl493ug21ZD+aDAXH0WLM4A9MZPXJkJIIAwTAR5pQMalaCABQUULttBGCCAGCnNzgABBgAMJ5THwGvJLAAAAABJRU5ErkJggg==" ID="rdf:#$42iCK1">Get Involved</A>
<DT><A HREF="http://en-US.www.mozilla.com/en-US/firefox/about/" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAHWSURBVHjaYvz//z8DJQAggJiQOe/fv2fv7Oz8rays/N+VkfG/iYnJfyD/1+rVq7ffu3dPFpsBAAHEAHIBCJ85c8bN2Nj4vwsDw/8zQLwKiO8CcRoQu0DxqlWrdsHUwzBAAIGJmTNnPgYa9j8UqhFElwPxf2MIDeIrKSn9FwSJoRkAEEAM0DD4DzMAyPi/G+QKY4hh5WAXGf8PDQ0FGwJ22d27CjADAAIIrLmjo+MXA9R2kAHvGBA2wwx6B8W7od6CeQcggKCmCEL8bgwxYCbUIGTDVkHDBia+CuotgACCueD3TDQN75D4xmAvCoK9ARMHBzAw0AECiBHkAlC0Mdy7x9ABNA3obAZXIAa6iKEcGlMVQHwWyjYuL2d4v2cPg8vZswx7gHyAAAK7AOif7SAbOqCmn4Ha3AHFsIDtgPq/vLz8P4MSkJ2W9h8ggBjevXvHDo4FQUQg/kdypqCg4H8lUIACnQ/SOBMYI8bAsAJFPcj1AAEEjwVQqLpAbXmH5BJjqI0gi9DTAAgDBBCcAVLkgmQ7yKCZxpCQxqUZhAECCJ4XgMl493ug21ZD+aDAXH0WLM4A9MZPXJkJIIAwTAR5pQMalaCABQUULttBGCCAGCnNzgABBgAMJ5THwGvJLAAAAABJRU5ErkJggg==" ID="rdf:#$52iCK1">About Us</A>
</DL><p>
+ <DT><A HREF="https://check.torproject.org/?lang=en&small=1" ADD_DATE="1221124393" LAST_MODIFIED="1221124393" ICON_URI="https://check.torproject.org/favicon.ico" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAACHklEQVQ4jZWSTUjTAQDFH+g2/27/JHSWUdvcV1tqs/ze2Gpr7SM0x2xTyUnUyFAbZUXZHBmpFRQMIUIQiqhIO0R5raBDRmmXPpAOEesQQUEp3py8bl2cNd/993g8fkAWuUXkjX5E7cBL6AYnociG+ZuhN9hy+hEudD3ERO8TXI5PoTZrmERO5BoeNCWkC4fv4mb3Y+izho9iTHI26Ry2dsoZuIKJwWcbe9c0vQCO0vZgmG2xBsbuIxqahLCmAhFVRS2NHdy3O0wp6s1rgoGQNA8lI/49Htp2uuhztRIoVQNVkixgj1yG/LG+2El+S00z6PMzYI/Qaw3T6wwP/wduEATIbty7M87l5SW+ez3Fq/3HaLd4mQgladE4KEJjWm12Tj6Ut4cvxplOL3Hh1zyvnxji8VALq0w2djsv0WfupN3STAC5GQrqNgebWvjzR4qLvxd5vj3B0XMjbHV4WKarZKvlFCM74twkVlCAMZNMlZV+t48L89/5/tUcgzWHOPv8KZ0mJ8sN27lX1cUD+jNUCbUUYGxbgcugNZYZLEx9+cSvn1Ps3NXLty+m2VQXoKbEQHvhEbqVPVQpqllf3hzLdILgrG9kf98A0+k052Y/MOKIUFOsoVldwWr5QW5ADU0q62ofAAroiqMdPbRW2+l37+fWUjNNWj2VEhMLsI0VahelKPy3VEWwiSL0UQXWj+VCnJFg3Ywc2qQIYxRYqfMf1qfVncnmUUQAAAAASUVORK5CYII=" LAST_CHARSET="UTF-8">Are you using Tor?</A>
<DT><A HREF="http://www.anonymityanywhere.com/" ADD_DATE="1215537552" LAST_VISIT="1215537593" LAST_MODIFIED="1215537566" ICON="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAC90lEQVQ4jaWQTWhcVRSAz73vvbnTl2mnb5FAotmGbFxJXYxSQugQBg3RRUHE0LoRDYWQRcVt6DJ7V7a2LgpthUAFEdEaYvzpQmuiaYdMmkVimamZyXvzfu//cWOCaZceOHA48H3nhyAi/J+gzzZqtZqz1Wq91e9Hd5Ik+T1O4t+6B70bze2tc0tLS+Q5AyIe5buzFyrtdvuu1galksgFx7TIMMxS3O127R+trVvXP79e+S9zVExOTtJHza2bXEjMiwLTNMYwDrET9XC7G+Kf7b9xe28PN9YffPXehVn3kDs6ofH69MsjL7z4tpAahJQgJAcucsiLHKQSQNEAaAEnHNI4Pz09+9wPzpx55Q2lDRFSg5QakjTTvz54eO/h5uOb/adPN0uaA5EcjOAAxPlwamqKHhMgkGElJWhRgJESet3wiV+p/rD63beXKPVuy7zIBZcQJQVwiy+tra1VAQDcQ0GWxl0rOFjFAY0G3yEBnqycvvj+B1OOQ8tZb9+J+ylEUQpRVnha6/KxDVZXVu5pnqHlMVCTwMkT9lTgqXeolZfyOL4YxSkL4xSSrIAwjHqMseSY4Nq1T9eazUc/ESPAoRI8psFjZNACvqoQhpU2oKQCrRV0Ou2vFxcXs2OC/f19/snVz+Y6veiJtQSMpWCoC6ZUBvRKAJSA0grC8KDz5d3lKwsLC3gk2NjYgPn5eRqGB5sfX1l68/769s9JSrAQBBRXoHgBkgv4a2+3+cWdW+c/unz58eFg0mg0nFar5SRJ4gohXKVUSSkV1GqvnT07MTHhV04NR2GY3//lx/XVle+/cV13lzEWDw4OZnNzc4qMj4+X+v2+8y/saa2ZtZYhIrPWlgDAAwAHAAgAKEpp5jhO7Pt+Ojo6KtyRkRFjjAFCCFBKkVJqjDHSWpsjooOIFACAEIKEEO26rmKMySAIVL1e187Ozg4GQWC11sZ1XeN5nmaMqXK5LHzf577vFwMDA0W1Ws2HhoaKsbExPjMzI5eXl029Xod/ABcZ4sLboYZnAAAAAElFTkSuQmCC" LAST_CHARSET="ISO-8859-1" ID="rdf:#$Ya1Ar1">anonymityanywhere.com</A>
<DT><A HREF="http://eqt5g4fuenphqinx.onion/" ADD_DATE="1215537458" ICON="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///8A////AP///wD///8AOwAUDSQAD2QRAA2ZDQAFyw4ABssjAAuQKAAPZAAcAAn///8A////AP///wD///8A////AP///wD///8AIwAMFmtcZP89NDr/TkRJ/ykhJ/8kIij/KAUV/yoAD/9CHy3/EwAMKf///wD///8A////AP///wD///8AHAAACUw4Qf98cnn//Pz8/9TM1/9dPl3/IBYg/y0fKf9bCzT/NQAX/zoeKP8AAAAE////AP///wD///8A////ACgADSYvJSv/2d/h/+Hd4v9sP17/xsHN/1A3Tf8lGSD/YxM9/2sVRP80DB7/Ty44bv///wD///8A////AP///wAwAAUwSERJ/+jx8v/Xx9P/YDVS/7y+zP9BKEH/LiUs/2ceRf91JFT/Ngke/yYACVj///8A////AP///wD///8ANwAJHFNNUv/h6+z/9PD0/31Zev+GeJL/Rj5X/zAjK/9zL1f/ezFd/y0NGv8mAA42////AP///wD///8A////AFUAAAMVAAqge4GF//v8/P/x7/L/hHCN/1NVbf87KDP/g0Fq/14pSP9PLz3/AAAABP///wD///8A////AP///wD///8AOQAcCQcACpWcoqX/+/39/7PJ0v9oeYn/Ry89/5BVff8+IC//IAANKP///wD///8A////AP///wD///8A////AP///wBGABcLCgAHmXFucv/G4eb/SUhS/109UP9WOkf/WEJIhf///wD///8A////AP///wD///8A////AP///wD///8A////AFUAKgYZAAiGRkNJ/0IyO/9XQkj/KQAIHzMAAAX///8A////AP///wD///8A////AP///wD///8A////AP///wD///8AMwANFFxMU/9WQEr/PgAMKf///wD///8A////AP///wD///8A////AP///wD///8A////AP///wD///8A////AD4AFyFWUln/OW5Y/wCobmQAqnEJ////AP///wD///8A////AP///wD///8A////AP///wD///8A////AP///wCZAGYFQpF3hQteOv8AiVGpGb2BbP///wD///8A////AP///wD///8A////AP///wD///8A////AP///wD///8A////AAD//wMAjF2oB35N8gClYpcAuHEk////AP///wD///8A////AP///wD///8A////AP///wD///8A////AP///wD///8AANOEHQCvdn8ArGipALJshwC4ezb///8A////AP///wD///8A////AP///wD///8A////AP///wD///8A////AP///wAA/78IANmXNgDFgyMAv4AM////AP///wD///8A//8AAPAPAADgBwAA4AcAAOAHAADgBwAA8AcAAPgPAAD8HwAA/j8AAP5/AAD+fwAA/38AAP//AAD//wAA//8AAA==" LAST_CHARSET="UTF-8" ID="rdf:#$Wa1Ar1">core.onion</A>
<DT><A HREF="http://www.browseanonymouslyanywhere.com/incognito/" ADD_DATE="1196094716" LAST_CHARSET="UTF-8" ID="rdf:#$BIRUh">Incognito</A>
Modified: incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/prefs.js
===================================================================
--- incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/prefs.js 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/var/lib/firefox-config/firefox/o2e6y2eh.default/prefs.js 2008-11-14 01:33:05 UTC (rev 17268)
@@ -41,6 +41,9 @@
/* Don't use google's safe browsing. */
user_pref("browser.safebrowsing.enabled", false);
+/* Disable the session manager */
+user_pref("browser.sessionstore.enabled", false);
+
/* Fonts */
user_pref("font.name.monospace.x-western", "Bitstream Vera Sans Mono");
user_pref("font.name.sans-serif.x-western", "Bitstream Vera Sans");
@@ -53,8 +56,8 @@
user_pref("browser.search.useDBForOrder", true);
/* Update the following two versions when upgrading Firefox */
-user_pref("extensions.lastAppVersion", "2.0.0.16");
-user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.16");
+user_pref("extensions.lastAppVersion", "2.0.0.17");
+user_pref("browser.startup.homepage_override.mstone", "rv:1.8.1.17");
/* Suppress Firefox update checking. */
user_pref("app.update.enabled", false);
Modified: incognito/branches/hardened/root_overlay/var/lib/thunderbird-config/rhy4kriw.default/prefs.js
===================================================================
--- incognito/branches/hardened/root_overlay/var/lib/thunderbird-config/rhy4kriw.default/prefs.js 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/var/lib/thunderbird-config/rhy4kriw.default/prefs.js 2008-11-14 01:33:05 UTC (rev 17268)
@@ -35,6 +35,7 @@
user_pref("extensions.enigmail.composeHtmlAlertCount", 5);
user_pref("extensions.enigmail.confirmBeforeSend", true);
user_pref("extensions.enigmail.wrapHtmlBeforeSend",true);
+user_pref("extensions.enigmail.useDefaultComment", true);
# Torbutton settings (always enabled as it scrapes IP address/host from
# the HELO/EHLO message -- is there any other way for doing this?)
Modified: incognito/branches/hardened/root_overlay/var/patches/xorg.conf.in.patch
===================================================================
--- incognito/branches/hardened/root_overlay/var/patches/xorg.conf.in.patch 2008-11-14 01:21:20 UTC (rev 17267)
+++ incognito/branches/hardened/root_overlay/var/patches/xorg.conf.in.patch 2008-11-14 01:33:05 UTC (rev 17268)
@@ -1,6 +1,6 @@
---- etc/X11/xorg.conf.in.orig 2008-07-31 14:42:24.000000000 +0200
-+++ etc/X11/xorg.conf.in 2008-07-31 14:42:53.000000000 +0200
-@@ -1,6 +1,7 @@
+--- etc/X11/xorg.conf.in.orig 2008-10-02 17:31:33.000000000 +0200
++++ etc/X11/xorg.conf.in 2008-10-02 17:39:54.000000000 +0200
+@@ -1,11 +1,13 @@
Section "ServerLayout"
- Identifier "X.Org Configured"
+ Identifier "Automatically Configured"
@@ -9,7 +9,59 @@
InputDevice "Keyboard0" "CoreKeyboard"
InputDevice "PS/2 Mouse" "AlwaysCore"
# InputDevice "Serial Mouse" "AlwaysCore"
-@@ -164,6 +165,11 @@
+ InputDevice "USB Mouse" "AlwaysCore"
+ InputDevice "Synaptics" "AlwaysCore"
++ InputDevice "VMWareClickFix"
+ EndSection
+
+ Section "ServerFlags"
+@@ -94,6 +96,7 @@
+ Section "InputDevice"
+ Identifier "Serial Mouse"
+ Driver "mouse"
++ Option "CorePointer"
+ Option "Protocol" "Microsoft"
+ Option "Device" "/dev/ttyS0"
+ Option "Emulate3Buttons" "true"
+@@ -104,6 +107,7 @@
+ Section "InputDevice"
+ Identifier "PS/2 Mouse"
+ Driver "mouse"
++ Option "CorePointer"
+ Option "Protocol" "IMPS/2"
+ Option "Device" "/dev/misc/psaux"
+ Option "Emulate3Buttons" "true"
+@@ -115,6 +119,7 @@
+ Section "InputDevice"
+ Identifier "USB Mouse"
+ Driver "mouse"
++ Option "CorePointer"
+ Option "Device" "/dev/input/mice"
+ Option "SendCoreEvents" "true"
+ Option "Protocol" "IMPS/2"
+@@ -125,6 +130,7 @@
+ Section "InputDevice"
+ Identifier "Synaptics"
+ Driver "synaptics"
++ Option "CorePointer"
+ Option "Protocol" "event"
+ Option "Device" "@@SYNDEV@@"
+ Option "LeftEdge" "1900"
+@@ -142,6 +148,13 @@
+ Option "SHMConfig" "on"
+ EndSection
+
++# It seems this device is necessary (and that all other pointer devices have
++# Option "CorePointer") for fixing the VMWare double-click issue.
++Section "InputDevice"
++ Identifier "VMWareClickFix"
++ Driver "void"
++EndSection
++
+ # Auto-generated by mkxf86config
+ @@MONITOR@@
+
+@@ -164,6 +177,11 @@
# BusID "PCI:1:0:0"
EndSection
@@ -21,7 +73,7 @@
Section "Screen"
Identifier "Screen0"
Device "Card0"
-@@ -199,6 +205,41 @@
+@@ -199,6 +217,41 @@
EndSubSection
EndSection