Project

General

Profile

Bug #11712

Have Icedove built from Stretch with our patchset applied in Tails 3.0

Added by intrigeri over 1 year ago. Updated 8 months ago.

Status:
Resolved
Priority:
Elevated
Assignee:
-
Category:
-
Target version:
Start date:
08/24/2016
Due date:
% Done:

100%

QA Check:
Pass
Feature Branch:
icedove:tails/stretch,tails:feature/11712-thunderbird
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Email Client

Description

Currently ISO images built from feature/stretch have Stretch's Icedove. Obviously we don't want to ship this in Tails 3.0. So at some point, if our patchset does not make it into Icedove before the freeze, we'll need to install our custom packages.


Related issues

Blocks Tails - Bug #11973: Confine Thunderbird with AppArmor In Progress 11/20/2016
Blocks Tails - Bug #11964: Discuss if Thunderbird AppArmor profile should prevent users from opening attachments In Progress 11/19/2016

Associated revisions

Revision e0b8ef9f (diff)
Added by anonym 8 months ago

Enable the feature-11712-thunderbird APT overlay.

This will install thunderbird 1:45.8.0-3+tails2 built for amd64 on
Debian Stretch. Naturally it is a first step for the Icedove →
Thunderbird migration as well. And this package contains an AppArmor
profile (unlike the Debian Jessie package).

Refs: #12242
Will-fix: #11712, #11973

These packages also has the patch from the following upstream ticket
applied:

https://bugzilla.mozilla.org/show_bug.cgi?id=1281959

We enable browser.download.forbid_open_with so the "Open with..."
option is hidden in the attachment download dialog, since
Thunderbird's AppArmor profile does not allow starting applications in
Tails.

Refs: #11964

Revision cc3b16ea (diff)
Added by intrigeri 8 months ago

Disable the Thunderbird AppArmor profile (refs: #11712, #12242, #11973, #11964).

The corresponding documentation is missing and I haven't seen this coordinated
with our tech writers:

I'd rather not break parts of the UX without a clear plan to explain
it to our users.

Revision bd903d7e
Added by intrigeri 8 months ago

Merge branch 'feature/11712-thunderbird' into feature/stretch (Fix-committed: #11712, #12242)

History

#1 Updated by anonym about 1 year ago

For now it seems we can install the same icedove packages that we build for Debian Jessie, but we have to install libhunspell-1.3-0 (in parallell to testing's libhunspell-1.4-0) which I have imported from Jessie into our custom APT repo.

#2 Updated by intrigeri 12 months ago

I propose that we switch to packages built for Stretch in April, when we release Tails 2.12 (and hopefully 3.0~beta3 or 3.0~rc1 more or less at the same time).

#3 Updated by anonym 12 months ago

intrigeri wrote:

I propose that we switch to packages built for Stretch in April, when we release Tails 2.12 (and hopefully 3.0~beta3 or 3.0~rc1 more or less at the same time).

I could easily build such a package next time, even for 3~beta2 or whatever.

#4 Updated by intrigeri 12 months ago

I could easily build such a package next time, even for 3~beta2 or whatever.

Yep. I just want to limit the additional workload on my shoulders (I'll need to update this package every time we release a new Tails).

#5 Updated by intrigeri 10 months ago

  • Priority changed from Normal to Elevated

#6 Updated by intrigeri 10 months ago

  • Subject changed from Have Icedove with our patchset on Stretch to Have Icedove built from Stretch with our patchset applied in Tails 3.0

#7 Updated by intrigeri 10 months ago

  • Blocks Bug #11973: Confine Thunderbird with AppArmor added

#8 Updated by intrigeri 10 months ago

  • Blocked by Bug #11964: Discuss if Thunderbird AppArmor profile should prevent users from opening attachments added

#9 Updated by intrigeri 10 months ago

Our plan was to have this in 3.0~beta4 (April 18), but it's currently blocked by #11964. Worst case, we can drop that blocking relationship by not shipping the AppArmor profile, so in any case we can rebuild icedove for 3.0~beta4 from the Stretch snapshot we currently use (I say frozen to avoid blocking on #12242, that I don't want to tackle for beta4; too bad, we won't get the security fixes brought by 45.8).

anonym, are you still up to taking care of this? If yes, then you can do it whenever you want between now and April 16 :)

#10 Updated by intrigeri 9 months ago

  • Target version changed from Tails_3.0 to Tails_3.0~rc1

The plan didn't work out so let's postpone.

#11 Updated by anonym 8 months ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from anonym to intrigeri
  • % Done changed from 0 to 50
  • QA Check set to Ready for QA
  • Feature Branch set to icedove:tails/stretch tails:feature/11712-thunderbird

#12 Updated by intrigeri 8 months ago

  • Feature Branch changed from icedove:tails/stretch tails:feature/11712-thunderbird to icedove:tails/stretch,tails:feature/11712-thunderbird

#13 Updated by intrigeri 8 months ago

  • Assignee changed from intrigeri to anonym
  • QA Check changed from Ready for QA to Info Needed

Same question as #12242#note-6.

#14 Updated by intrigeri 8 months ago

  • Blocked by deleted (Bug #11964: Discuss if Thunderbird AppArmor profile should prevent users from opening attachments)

#15 Updated by intrigeri 8 months ago

  • Blocks Bug #11964: Discuss if Thunderbird AppArmor profile should prevent users from opening attachments added

#16 Updated by intrigeri 8 months ago

  • QA Check changed from Info Needed to Ready for QA

#17 Updated by intrigeri 8 months ago

  • Assignee changed from anonym to intrigeri

#18 Updated by intrigeri 8 months ago

  • Assignee changed from intrigeri to anonym
  • QA Check changed from Ready for QA to Dev Needed

same as #12242

#19 Updated by intrigeri 8 months ago

  • Assignee changed from anonym to intrigeri
  • QA Check changed from Dev Needed to Ready for QA

#20 Updated by intrigeri 8 months ago

I'll merge this with the AppArmor profile disabled.

#21 Updated by intrigeri 8 months ago

  • Status changed from In Progress to Fix committed
  • % Done changed from 50 to 100

#22 Updated by intrigeri 8 months ago

  • Assignee deleted (intrigeri)
  • QA Check changed from Ready for QA to Pass

#23 Updated by intrigeri 8 months ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF