Re: [Tails-dev] Modifying Tails-greeter to work outside of T…

このメッセージを削除

このメッセージに返信
著者: intrigeri
日付:  
To: adrian15
CC: tails-dev
題目: Re: [Tails-dev] Modifying Tails-greeter to work outside of Tails
Hi adrian15!

adrian15:
> So, what I have been trying to do is to tweak minimally tails-greeter so that it
> meets my needs. The final purpose of these tweaks is to convince you that some of
> them are useful for tails-greeter so that you include into its
> upstream code.


OK, great. It would be nice if we could share one single codebase
indeed. Of course, for it to not be cause problems to us this must be
done in a super nice way, that does not make the code harder to
maintain on our side (e.g. using polymorphism and specialized classes
when doable rather than if/then conditionals, etc., the usual design
patterns to achieve such results).

> My tweaks are not perfect and thus there are some doubts which I need to clarify
> with you. Let's start.


I'm sorry it took me so long to reply. I was trying to find time to do
it as well as I wanted, and obviously I won't have enough time soon,
so I'll at least answer whatever I can quickly.

> 1. tails-greeter Rescatux branch


> The branch can be found here:


> https://github.com/rescatux/tails-greeter/tree/rescatux_0.40b8


First of all: as told IRL last time we met, we have a WIP branch for
a totally revamped greeter, that rewrites most of the code and totally
changes the GUI. I think you'd better base your work on that one.

I'm not sure which one is the most up-to-date, I'll let you check
freshness of:

feature/5464-revamp-ui
feature/7550-revamp-phase1-prototype
feature/revamp_phase1
feature/revamp_phase1_user_strings

> 2. Configuration files for enabling / disabling features. (Python)


> When I talked to Intrigeri he pointed me to:
> https://git-tails.immerda.ch/whisperback/tree/whisperBack/whisperback.py?h=feature/jessie
> which used in turn config.py which was loaded from different places.


> As I have noticed that tails-greeter now has config.py I have just modified it as you
> can see in:
> https://github.com/rescatux/tails-greeter/commit/863b13b7378b21af70783d36b61d5a8254a74675
> .


I think the "if not" construction is OK for now as a tracer bullet
approach, but at some point that'll need to be refactored IMO.

> So I have added these boolean variables:


> * tails_persistence_support
> * tails_show_welcome_message


> which are self explanatory.


> 2.1. Are those names correct or do you prefer them to be written in another way?
> Or with another name?


Sounds good enough and easy to rename later while refactoring if needed.

> 2.2. I guess I should add more Tails specific features such as the one about
> physical security.


Your call obviously.

> 2.3. I personally only use the Keyboard feature. Do you think there are other options
> which could be useful for Debian by default?


No idea (but thanks for asking :)

Perhaps the "administration password" one? Also see the ones added or
planned in our new/future Greeter, such as local time & timezone.

> 3. user user instead of amnesia user .


> https://github.com/rescatux/tails-greeter/commit/f04280192440db280d53414e7cde99bc3017e52d
> Debian Live default user is 'user', not 'amnesia'.
> So that's a clear setting that should be set by Tails.


I certainly don't mind changing the default, as long as our own use
case is still supported. And we want to switch to "user" anyway:
https://labs.riseup.net/code/issues/5655 :)

> 4. Configuration files for enabling / disabling features. (Bash)


> 4.1. One important part of tails-greeter is the PostLogin script from gdm3 which it's
> written in bash.



> 4.2. So as I was advised by intrigeri I rewrote the different tasks into functions.
> I modified the code so that these functions were run conditioned to some
> boolean variables.


Cool. These functions need a verb in their name, given their main
responsibility implies having side-effects.

Looks like inter-dependencies between tasks are not handled, e.g.
some bits require GATHER_GENERAL_CONFIGURATION_ENABLED=yes to work.

> 4.4. I guess you would want another bash file to be sourced if someone wants to
> config / modify it to suit their needs. But which filename path exactly?


Maybe /etc/tails-greeter/PostLogin.conf or similar?

> 5. Apart from the tails-greeter branch with my changes, the fact that tails-greeter
> was changed from (Jessie - 1) to Jessie I also had to modify some files from the
> Debian Live project itself.


> 5.1.
> https://github.com/rescatux/rescatux/commit/f073ad5cd60fa6e85fe71d7f75f4c494c8dd8c68


I guess we should really include this in the tails-greeter package.
I don't know why we don't. Any clue?

> 5.2. And add some new packages:


> https://github.com/rescatux/rescatux/commit/e38cc70fa8cd3ddf7701137d1e4c5f28d971b928


> which increase the CD size by 60 or 70 MB.


> (This is more a Rescatux question than focusing to try to 'port' tails-greeter into
> Debian)


> Do you know by any chance if there are any specific packages asked by tails-greeter
> dependencies which might not be needed if you only want localisation support ?


> 5.3. You seem to define metacity as compulsory. Why do we need a window manager if
> there are no windows involved?
> move them.


Unless I'm very mistaken, windows _are_ involved and I'd rather not
handle window management in Tails Greeter itself.

> Maybe what I am trying to ask you is:


> Can I use another window manager such as the default one that comes in Rescatux /
> LXDE instead of metacity? Or is there anything specific on gdm3 or tails-greeter that
> needs that specific metacity window manager ?


Wrt. gdm3: well, as a matter of fact Tails Greeter is very deeply
bound to GDM.

Wrt. WM: I guess that whatever simplistic WM should work just as well as
a gnome-flashback session works on that WM. Feel free to edit
gdm-tails.session to add support for your preferred WM :)

But FYI the revamped branch works in a GNOME Shell session, which is
useful e.g. for accessibility support. I don't know how much it'll be
bound to GNOME Shell technologies, nor whether it'll be doable to
easily switch the WM.

Cheers!
--
intrigeri