- Oct 18, 2017
-
-
Georg Koppen authored
Changelog update and version bumps
-
Added flags: -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Werror=format -Werror=format-security
-
-
- Oct 17, 2017
-
-
boklm authored
-
- Oct 04, 2017
-
-
boklm authored
Some distributions are packaging runc version 1.0.0~rc2, which seems to be half between runc 0.1.1 and runc 1.0.0. This version requires the same command line parameters as version 1.0.0, however it requires a config.json in the same format as 0.1.1. The output from `runc --version` on 1.0.0~rc2 is: runc version spec: 1.0.0-rc2-dev So we add a var/runc_spec100 function which is true when the runc version spec is exactly 1.0.0 (as returned by runc stable 1.0.x releases), and use it in projects/common/runc-config.json.
-
- Oct 03, 2017
-
-
Georg Koppen authored
-
- Oct 02, 2017
- Sep 29, 2017
-
-
Georg Koppen authored
This is mainly for shipping a new version right after release as our alpha release broke 0.0.13 (see: #23692).
-
By default NoScript attempts to find URLs in "javascript:.*" strings found in <a> element href atributes and in <option> element value attributes. When such links (or options) are clicked/selected, NoScript attempts to navigate the page to said URL. These navigations are treated as intternal requests, and get pacced onto the catch-all circuit. This behaviour can be turned off by disabling the 'noscript.fixLinks' flag, so we do so for each Tor Browser build target's extension-overrides.js.
-
- Sep 28, 2017
-
-
boklm authored
-
- Sep 26, 2017
-
-
-
Georg Koppen authored
-
boklm authored
-
- Sep 22, 2017
-
-
boklm authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
This reverts commit b6b18835.
-
boklm authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
Versions bump and Changelog update
-
Georg Koppen authored
-
- Sep 21, 2017
-
-
Georg Koppen authored
-
boklm authored
-
Georg Koppen authored
-
Georg Koppen authored
-
boklm authored
-
Georg Koppen authored
We update the location to get the .dll as well taking Mike out of the browser loop.
-
Georg Koppen authored
-
- Sep 19, 2017
-
-
boklm authored
In the previous patch, we wrongly assumed that all runc 0.1.1 versions exited with 0 when given an unknown command, and used that to detect the version. It seems it is not true on all systems. We are now using the 'runc --version' command to find the version of runc. We don't support versions older than 0.1.1.
-
- Sep 15, 2017
-
-
boklm authored
The var_p/runc100 option is used to detect the version of runc we are using. The format of the output of `runc --version` is different in both versions, so it is not easy to parse. However I noticed that runc 0.1.1 does not exit with an error when we try to use a command that does not exist while runc >= 1.0.0 does, so we use that to detect the runc version we are using. When using runc >= 1.0.0, we use `runc run` instead of `runc start': https://github.com/opencontainers/runc/commit/c669b8d1568633c68bd915561ceb2e5ecc1bfc6a In the runc config.json file, the format of the capabilities has been changed. Instead of having one list of capabilities, there are now separate lists for bounding, effective, inheritable, permitted and ambient capabilities (and we use the same list for all of them): https://github.com/opencontainers/runtime-spec/commit/eb114f057094dd2314682d55f8cb9c189915ac86 We also add /proc/timer_list and /sys/firmware to the "maskedPaths", as those paths are now listed by default in the config.json file generated by `runc spec` with runc 1.0.0.
-
Georg Koppen authored
-
- Sep 11, 2017
-
-
boklm authored
In #23425 we redirected the output from runc start to /dev/null to avoid annoying messages saying "stdin: is not a tty". However this also removes stderr from build logs. The command producing the `stdin: is not a tty` message is the `chown -R` command from runc/remote_put, so we now only hide stderr from that part while keeping it for the runc command running the build script.
-
- Sep 08, 2017
-
-
boklm authored
With #23403 we started using the tor-browser-build/tmp directory for the builds.
-
- Sep 07, 2017
-
-
boklm authored
Set process.terminal to false when building, but keep it to true when we open a debugging shell. https://github.com/opencontainers/runtime-spec/blob/master/config.md#process To do that we update the runc config.json in runc/remote_exec rather than only once in runc/remote_start. We also redirect runc stderr to /dev/null to avoid some messages saying "stdin: is not a tty" during the build.
-
boklm authored
-
boklm authored
-