I use ArchLinux that has support for a more modern version of Vagrant. I've
spent a bit of time hacking the source code of Tails to support the newer
version of Vagrant and I think I've maintained support for the older build
environment as well. I'd appreciate feedback (including someone running
this patch against the typical build environment). Note: I have never coded
Ruby before, so any feedback is more than welcome :).
Fyi, this should resolve this issue:
https://labs.riseup.net/code/issues/6221
Many thanks,
David
From d5778c420318ba9f707d0225dc9f3045512245c9 Mon Sep 17 00:00:00 2001
From: David Isaac Wolinsky <isaac.wolinsky@???>
Date: Mon, 9 Dec 2013 23:13:39 -0500
Subject: [PATCH] fixes for vagrant v2 (1.3.5) - Version tested via
vagrant_version: vagrant_old - Moved the box checksum as a define since the
newer vagrant doesn't pass the env to the downloader - Added the insertion
of the Debian keys because it was failing to build otherwise
---
Rakefile | 40 +++++++++++++++++++++-----------
vagrant/Vagrantfile | 34 ++++++++++++++++++++-------
vagrant/lib/tails_build_settings.rb | 3 +++
vagrant/lib/vagrant_verified_download.rb | 34 ++++++++++++++++-----------
vagrant/lib/vagrant_version.rb | 22 ++++++++++++++++++
vagrant/provision/setup-tails-builder | 6 +++++
6 files changed, 104 insertions(+), 35 deletions(-)
create mode 100644 vagrant/lib/vagrant_version.rb
diff --git a/Rakefile b/Rakefile
index ea3ef38..9ab1399 100644
--- a/Rakefile
+++ b/Rakefile
@@ -25,6 +25,7 @@ require 'uri'
$:.unshift File.expand_path('../vagrant/lib', __FILE__)
require 'tails_build_settings'
+require 'vagrant_version'
# Path to the directory which holds our Vagrantfile
VAGRANT_PATH = File.expand_path('../vagrant', __FILE__)
@@ -41,23 +42,33 @@ EXTERNAL_HTTP_PROXY = ENV['http_proxy']
# In-VM proxy URL
INTERNEL_HTTP_PROXY = "
http://#{VIRTUAL_MACHINE_HOSTNAME}:3142"
-def current_vm_memory
+def primary_vm
env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- uuid = env.primary_vm.uuid
- info = env.primary_vm.driver.execute 'showvminfo', uuid, '--machinereadable'
+ if vagrant_old
+ return env.primary_vm
+ else
+ name = env.primary_machine_name
+ return env.machine(name, env.default_provider)
+ end
+end
+
+def current_vm_memory
+ vm = primary_vm
+ uuid = vm.uuid
+ info = vm.driver.execute 'showvminfo', uuid, '--machinereadable'
$1.to_i if info =~ /^memory=(\d+)/
end
def current_vm_cpus
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- uuid = env.primary_vm.uuid
- info = env.primary_vm.driver.execute 'showvminfo', uuid, '--machinereadable'
+ vm = primary_vm
+ uuid = vm.uuid
+ info = vm.driver.execute 'showvminfo', uuid, '--machinereadable'
$1.to_i if info =~ /^cpus=(\d+)/
end
def vm_running?
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- env.primary_vm.state == :running
+ vm = primary_vm
+ vm.state == :running
end
def enough_free_memory?
@@ -197,9 +208,12 @@ desc 'Build Tails'
task :build => ['parse_build_options', 'ensure_clean_repository', 'validate_http_proxy', 'vm:up'] do
exported_env = EXPORTED_VARIABLES.select { |k| ENV[k] }.
collect { |k| "#{k}='#{ENV[k]}'" }.join(' ')
-
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH)
- status = env.primary_vm.channel.execute("#{exported_env} build-tails",
+ if vagrant_old
+ chan = primary_vm.channel
+ else
+ chan = primary_vm.communicate
+ end
+ status = chan.execute("#{exported_env} build-tails",
:error_check => false) do |fd, data|
(fd == :stdout ? $stdout : $stderr).write data
end
@@ -214,8 +228,7 @@ end
namespace :vm do
desc 'Start the build virtual machine'
task :up => ['parse_build_options', 'validate_http_proxy'] do
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- case env.primary_vm.state
+ case primary_vm.state
when :not_created
# Do not use non-existant in-VM proxy to download the basebox
if ENV['http_proxy'] == INTERNEL_HTTP_PROXY
@@ -268,6 +281,7 @@ namespace :vm do
abort 'The virtual machine needs to be reloaded to change the number of CPUs. Aborting.'
end
end
+ env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
result = env.cli('up')
abort "'vagrant up' failed" unless result
diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile
index 3fea818..3f097e8 100644
--- a/vagrant/Vagrantfile
+++ b/vagrant/Vagrantfile
@@ -19,6 +19,7 @@
# Monkey-patched Vagrant!
$:.unshift File.expand_path('../lib', __FILE__)
+require 'vagrant_version'
require 'vagrant_verified_download'
require 'tails_build_settings'
@@ -30,16 +31,31 @@ end
cpus = ENV['TAILS_BUILD_CPUS']
-Vagrant::Config.run do |config|
- config.vm.box = 'tails'
-
- config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'
- config.vm.box_checksum = 'ffb3f68f55a3458e007b9abed3eac057f71c518713fcdf982b78f8b59e28318e'
+if vagrant_old
+ Vagrant::Config.run do |config|
+ config.vm.box = 'tails'
+ config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'
+
+ config.vm.provision :shell, :inline => "http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"
+
+ config.vm.share_folder 'amnesia', '/amnesia.git', '../.git'
+
+ config.vm.customize ['modifyvm', :id, '--memory', mem_size]
+ config.vm.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+ end
+else
+ Vagrant.configure("2") do |config|
+ config.vm.box = 'tails'
+ config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'
- config.vm.provision :shell, :inline => "http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"
+ config.vm.provision "shell",
+ inline: "sudo http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"
- config.vm.share_folder 'amnesia', '/amnesia.git', '../.git'
+ config.vm.synced_folder '../.git', '/amnesia.git'
- config.vm.customize ['modifyvm', :id, '--memory', mem_size]
- config.vm.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+ config.vm.provider :virtualbox do |vb|
+ vb.customize ['modifyvm', :id, '--memory', mem_size]
+ vb.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+ end
+ end
end
diff --git a/vagrant/lib/tails_build_settings.rb b/vagrant/lib/tails_build_settings.rb
index e2e48ea..8e88030 100644
--- a/vagrant/lib/tails_build_settings.rb
+++ b/vagrant/lib/tails_build_settings.rb
@@ -26,3 +26,6 @@ VM_MEMORY_FOR_RAM_BUILDS = 6 * 1024 + 512 # 6.5 GB
# Virtual machine memory size for on-disk builds
VM_MEMORY_FOR_DISK_BUILDS = 1024 # 1 GB
+
+# Checksum for BOX
+BOX_CHECKSUM = 'ffb3f68f55a3458e007b9abed3eac057f71c518713fcdf982b78f8b59e28318e'
diff --git a/vagrant/lib/vagrant_verified_download.rb b/vagrant/lib/vagrant_verified_download.rb
index 976aa47..994142a 100644
--- a/vagrant/lib/vagrant_verified_download.rb
+++ b/vagrant/lib/vagrant_verified_download.rb
@@ -15,22 +15,30 @@
# along with this program. If not, see <
http://www.gnu.org/licenses/>.
require 'digest'
+require 'vagrant/util/downloader'
-# The following will monkeypatch Vagrant (successfuly tested against Vagrant
-# 1.0.2) in order to verify the checksum of a downloaded box.
-module Vagrant
- class Config::VMConfig
- attr_accessor :box_checksum
+def check(path)
+ checksum = Digest::SHA256.new.file(path).hexdigest
+ if checksum != BOX_CHECKSUM
+ raise Errors::BoxVerificationFailed.new
end
+end
- class Action::Box::Download
- alias :unverified_download :download
- def download
- unverified_download
-
- checksum = Digest::SHA256.new.file(@temp_path).hexdigest
- if checksum != @env['global_config'].vm.box_checksum
- raise Errors::BoxVerificationFailed.new
+module Vagrant
+ if vagrant_old
+ class Action::Box::Download
+ alias :unverified_download :download
+ def download
+ unverified_download
+ check(@temp_path)
+ end
+ end
+ else
+ class Util::Downloader
+ alias :unverified_download! :download!
+ def download!
+ unverified_download!
+ check(@destination)
end
end
end
diff --git a/vagrant/lib/vagrant_version.rb b/vagrant/lib/vagrant_version.rb
new file mode 100644
index 0000000..655e309
--- /dev/null
+++ b/vagrant/lib/vagrant_version.rb
@@ -0,0 +1,22 @@
+# Tails: The Amnesic Incognito Live System
+# Copyright © 2012 Tails developers <tails@???>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+require 'vagrant/version'
+
+def vagrant_old
+ version = Vagrant::VERSION.split(".")
+ return version[1].to_i < 3
+end
diff --git a/vagrant/provision/setup-tails-builder b/vagrant/provision/setup-tails-builder
index cd84925..8404668 100755
--- a/vagrant/provision/setup-tails-builder
+++ b/vagrant/provision/setup-tails-builder
@@ -30,6 +30,12 @@ sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/ikiwiki <<EOF
Pin-Priority: 500
EOF
+for num in 5 6 7; do
+ wget
http://ftp-master.debian.org/keys/archive-key-"$num".0.asc
+ apt-key add archive-key-"$num".0.asc
+ rm archive-key-"$num".0.asc
+done
+
apt-get update
apt-get -y install apt-cacher-ng
--
1.8.5.1