almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-05-01 03:02:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
635 commits 51 branches 42 tags 54 MiB
Commit graph

302 commits

Author SHA1 Message Date
deeplow
345ac8a396
podman run with --userns=keep-id to mount volumes 
Moving to /dangerzone was failing with insuficient permissions:

    Invalid JSON returned from container: PermissionError: [Errno
    13] Permission denied: '/dangerzone/page-3.rgb'

A previous approach was removed in commit 805222. It started with
root at first in a wrapper script and then dropped these
priviledges which running the script.

`--userns=keep-id` solves the mountpoint issues as it maps the user
starting the container is mapped in the container [1].

[1]: https://www.redhat.com/sysadmin/user-flag-rootless-containers
 2022-08-22 08:44:00 +01:00
deeplow
21a9a6c98c
running dangerzone without root in container 
There was previously a user created in the container but it was not
used via the dockerfile RUN directive (as pointed out by
gmarmstrong[1]).

Fixes #169

[1]: https://github.com/freedomofpress/dangerzone/issues/169#issue-1268399245
 2022-08-22 08:43:58 +01:00
deeplow
2d4bad680e
drop all linux kernel capabilities from containers 
These are not needed in order to convert documents in the
dangerzone containers.
 2022-08-22 08:43:56 +01:00
deeplow
a02801cc2d
add again the --security-opt flag 
Had previously been added but removed in a refactor (see commit
488dca).
 2022-08-22 08:43:32 +01:00
deeplow
f2f2e6f143
in cli-mode banner should be printed instead 
Was calling color spillover to the adjacent text if the banner was
logged instead of printed. Since this is the CLI version, it could
make sense to have this printed.
 2022-08-18 12:20:26 +01:00
deeplow
67d91be81a
replace prints with logging 
fixes #144: printing non-ascii characters in a macOS application
opened directly from finder would sometimes lead to an error
message in /var/log/system.log similar to this:

  Failed to execute script 'dangerzone' due to unhandled exception:
  'ascii' codec can't encode character '\u201c' in position 1:
  ordinal not in range(128)
 2022-08-18 12:07:23 +01:00
deeplow
c2a140807f
simplify get_resource_path logic 
Simplifying the logic for obtaining resource paths by using pathlib
instead inspect.

Co-authored-by: Guthrie McAfee Armstrong <git@gmarmstrong.dev>
Based on commit bbce13d
 2022-08-16 17:06:43 +01:00
Micah Lee
d8adb2e9cc
Properly cleanup after conversion 2021-12-14 12:29:55 -08:00
Micah Lee
ccb5d85afa
Fix "open with" Dangerzone in macOS 2021-12-14 10:21:42 -08:00
Micah Lee
c312420aba
Ignore exceptions when there's an error deleting an old container image 2021-12-13 11:37:19 -08:00
Micah Lee
d90097e7af
In GUI only use OCR if the OCR box is checked 2021-12-13 11:32:41 -08:00
Micah Lee
a81b2043cf
Use shutil.move instead of os.rename in case files are on different disks 2021-12-13 10:55:55 -08:00
Micah Lee
369ffe6cea
Allow opening external links in the WaitingWidget label 2021-11-30 14:59:05 -08:00
Micah Lee
89cf07d2b1
Remove obsolete status bar action 2021-11-30 09:59:05 -08:00
Micah Lee
8757ff8296
Only add --platform linux/amd64 in docker, not in podman 2021-11-29 16:44:30 -08:00
Micah Lee
1d08e12f5e
When running containers, explictly use path to python3 and .py file, and --force when deleting the obsolete image 2021-11-29 16:33:55 -08:00
Micah Lee
7e74371edd
Exit cli with -1 on failure 2021-11-29 16:22:22 -08:00
Micah Lee
8052220034
Get rid of wrapper scripts in the container 2021-11-29 15:39:24 -08:00
Micah Lee
2de2b6dca5
Rename dangerzone-converter to container 2021-11-29 15:30:21 -08:00
Micah Lee
8d40555bf5
Prevent background windows from popping up for subprocess calls in Windows 2021-11-29 14:55:31 -08:00
Micah Lee
ee04570048
Specify linux/amd64 platform when running docker run 2021-11-24 17:00:33 -08:00
Micah Lee
e6d90a5729
Show more details on failure 2021-11-24 12:35:43 -08:00
Micah Lee
e5da385eef
In Windows, suppress extra window from popping up in subprocess 2021-11-24 12:25:45 -08:00
Micah Lee
cbdb741f7b
Need to keep the rename step 2021-11-23 16:28:26 -08:00
Micah Lee
7c4f35e0f8
Delete old function in global_common, and remove useless stuff from container.convert 2021-11-23 16:20:51 -08:00
Micah Lee
edbd3aa88a
Set the path in macOS, so it can find /usr/local/bin/docker 2021-11-23 16:16:55 -08:00
Micah Lee
9acfd2764e
Make the new code work in linux 2021-11-22 18:51:47 -05:00
Micah Lee
a7e0c3994d
Finish Docker Desktop flow 2021-11-22 15:02:29 -08:00
Micah Lee
a54e19fe11
Get WaitingWidget to properly check for and install the image 2021-11-22 14:37:53 -08:00
Micah Lee
83759d1a33
Delete vm-builder folder, and make build-image.sh build the dangerzone image 2021-11-22 14:23:17 -08:00
Micah Lee
42ce884419
Work on changing the WaitingWidget to check for Docker 2021-11-22 14:06:31 -08:00
Micah Lee
d1c33bfcf5
Begin ripping out VM logic, go back to Docker Desktop for Mac 2021-11-22 13:36:21 -08:00
Micah Lee
112291f82a
Remove unused dependencies 2021-11-22 11:37:05 -08:00
Micah Lee
47d6eb0d8b
Build vpnkit and hyperkit from source, remove Docker Desktop dependency to build, and add --allow-vm-login flag 2021-11-18 11:47:51 -08:00
Micah Lee
46681bc771 Start making Windows VM work with virtualbox 2021-08-09 14:05:07 -07:00
Micah Lee
173f31ff41 Start porting VM to Windows 2021-08-09 12:04:17 -07:00
Micah Lee
b82ffa2cac
Make it so windows remember if waiting has finished 2021-08-06 13:10:56 -07:00
Micah Lee
7d361955f8
Create all the dirs needed when using VM 2021-08-06 13:10:32 -07:00
Micah Lee
ea47a2e92c
Fix error message user interface 2021-08-06 12:58:02 -07:00
Micah Lee
7c756c194e
Add progress bar 2021-08-05 15:36:09 -07:00
Micah Lee
2c9787ff99
Rename TasksWidget to ConvertWidget 2021-08-05 15:08:51 -07:00
Micah Lee
5545252ca5
Refactor container to output JSON status updates, and make CLI work with it 2021-08-05 15:00:18 -07:00
Micah Lee
450320de6f
Make GUI use the new container too 2021-08-04 16:41:47 -07:00
Micah Lee
7f93c1e752
Pass the stdout from the container a line at a time back to the app 2021-08-04 16:33:15 -07:00
Micah Lee
c9c01f6e79
Remove separate dangerzone-container entry point, make CLI work with it, and refactor container code to be more DRY 2021-08-04 16:21:00 -07:00
Micah Lee
4a2c92e911
Move just the single task into its own ConvertThread object 2021-08-04 15:20:38 -07:00
Micah Lee
0b1a5b2c2a
Show waiting widget when installing the containre in Linux too 2021-08-04 15:13:48 -07:00
Micah Lee
4a4deeb64f
Add support for non-VM containers again 2021-08-04 15:02:49 -07:00
Micah Lee
588206a9e8
Start implementing built-in container in Linux, without a VM 2021-08-04 14:42:46 -07:00
Micah Lee
ee5acf64b2
Make converter handle failure properly 2021-07-30 13:01:54 -07:00
Micah Lee
5cf97b9c73
Properly close window 2021-07-27 11:23:03 -07:00
Micah Lee
acaa7a9cd1
Work with dark theme 2021-07-27 11:14:41 -07:00
Micah Lee
7fcd10e404
Move main window content into widget, and either show content or the waiting widget, but never both 2021-07-27 11:06:20 -07:00
Micah Lee
9fcb304545
Lockdown ssh, and also temporarily comment out deleting containers on ISO build 2021-07-27 10:54:17 -07:00
Micah Lee
2c2f87593c
Keep ssh tunnel open with autossh, and give root user ssh keys so unprivileged user cant access the host 2021-07-14 11:36:13 -07:00
Micah Lee
3f76211459
Fix open in Preview for macOS 2021-07-02 13:48:20 -07:00
Micah Lee
488dca4a71
Totally refactor how tasks work and how dangerzone-container works so that there is a single --convert task 2021-07-02 13:32:23 -07:00
Micah Lee
fe63689320
Remove restart from systray and replace it with new window 2021-07-02 10:17:46 -07:00
Micah Lee
0b1d8f6a3e
Skip file open events in dev mode 2021-07-02 10:10:01 -07:00
Micah Lee
ed4586a051
Suppress output from all the VM subprocesses, and make the waiting for VM output nicer 2021-07-02 10:09:34 -07:00
Micah Lee
5493292ba2
Provide the VM with the correct container name 2021-07-01 17:34:53 -07:00
Micah Lee
a7f3eb9b43
Make container mount and unmount dirs from the host 2021-07-01 17:14:48 -07:00
Micah Lee
2904d44aad
Start making it possible to execute podman inside the VM 2021-07-01 16:45:25 -07:00
Micah Lee
c7bd8a317a
Move the MainWindow widgets into the same file, and move the vm object into global_common 2021-07-01 16:06:36 -07:00
Micah Lee
e81e6ccc6c
Remove everything related to updating the container image 2021-07-01 15:56:12 -07:00
Micah Lee
1f1bb2b353
Successfully wait for VM to start, and then move on in the UI 2021-07-01 15:52:19 -07:00
Micah Lee
29a148d211
Successfully set up reverse ssh forward system, allowing the host to run commands on the guest over ssh 2021-07-01 15:32:07 -07:00
Micah Lee
1c39895206
Refactor how VM image is created to split it into different files, and write ssh-to-host.py script 2021-07-01 11:02:08 -07:00
Micah Lee
da75559e3a
Start working on ssh reverse tunnel stuff 2021-06-30 16:21:40 -07:00
Micah Lee
9158d02669
Successfully boot VM 2021-06-30 14:27:26 -07:00
Micah Lee
d9d352a680
Fix removing PDF viewer search in Mac, and make the waiting widget look better 2021-06-30 12:31:33 -07:00
Micah Lee
2dd509f980
To allow the Apple sandbox, disable finding PDF viewers on Mac 2021-06-30 12:02:45 -07:00
Micah Lee
d7cd8584f2
Split Vm class from SysTray, and make it launch hyperkit 2021-06-30 10:45:38 -07:00
Micah Lee
e8f7d96f90
Fix building VM ISO, and start implementing start_vm 2021-06-29 17:37:00 -07:00
Micah Lee
7b2211fc1f
Rename rip_docker to install/vm-builder, and start making a build script that uses it 2021-06-29 17:01:47 -07:00
Micah Lee
cf28d47ffc
Merge branch 'master' into 118_rip_docker_desktop 2021-06-29 16:52:25 -07:00
Micah Lee
f4739e749a
Start adding systray 2021-06-29 16:52:10 -07:00
Micah Lee
e3dc7988e9
Make strip-ansi Mac-only 2021-06-22 13:40:08 -07:00
Micah Lee
d3d417ee84 Strip ANSI colors from Mac GUI output to preventing crashing, and fix Mac docker path 2021-06-22 13:34:15 -07:00
Micah Lee
f8381749c3
Improve terminal colors on light-colored terminal backgrounds 2021-06-22 10:49:51 -07:00
Micah Lee
14fe8add58
Use the dangerzone cache dir for temporary files in all OSes, not just Linux 2021-06-22 09:43:32 -07:00
Micah Lee
51bee645ed
Explicitly set the container_tech to either "docker" or "podman" 2021-06-21 12:39:53 -07:00
Micah Lee
9ed3bac2b5
If Tails is detected, tell the container runtime to pull images over Tor 2021-06-21 12:35:23 -07:00
Micah Lee
d24d593094
Rip out everything required to make dangerzone-container run with root privs 2021-06-17 14:16:27 -07:00
Micah Lee
da6c3c253e
Make linux container runtime be podman, remove pkexec 2021-06-17 14:13:43 -07:00
Micah Lee
3c0dc74407 Change subprocess bullet character in one more places 2021-06-17 12:16:02 -07:00
Micah Lee
51414f2c96 Syntax error 2021-06-17 11:47:36 -07:00
Micah Lee
13adda0af5 Change subprocess bullet character to ">" to remove all the headaches 2021-06-17 11:40:38 -07:00
Micah Lee
77ac8e7d54 Switch subprocess bullet in GUI too 2021-06-17 11:22:41 -07:00
Micah Lee
9c645beaef Switch subprocess bullet character 2021-06-17 11:18:13 -07:00
Micah Lee
04dcf72313 Don't display ANSI art banner in GUI mode because it prevents the app from opening in macOS from Finder 2021-06-17 11:17:55 -07:00
Micah Lee
d125a5004b Find docker.exe in the path, in case Docker Desktop changes its location in the future 2021-06-17 10:31:07 -07:00
Micah Lee
3105a2c229 Change a bunch of stuff so Windows will work again 2021-06-16 16:55:25 -07:00
Micah Lee
9278848adf
Add --security-opt=no-new-privileges:true to docker call 2021-06-15 16:37:42 -07:00
Micah Lee
05f00ca53f
Fix bugs with testing if docker is ready 2021-06-10 14:46:31 -07:00
Micah Lee
a711ec1ded
Make the temp directories world-readable so that docker containers can access them regardless of which user created them 2021-06-10 14:41:26 -07:00
Micah Lee
429d1e3f08
Display banner and pretty terminal output in GUI mode too 2021-06-10 12:03:24 -07:00
Micah Lee
38ea24393a
Beautiful CLI colors and formatting 2021-06-10 11:39:26 -07:00
Micah Lee
46c73329a5
Switch from termcolor to colorama 2021-06-10 10:24:28 -07:00
Micah Lee
429f5dcf43
Set one more part of the banner to have a black background 2021-06-09 17:36:09 -07:00
Micah Lee
05b5d0bb3e
Set black background for banner 2021-06-09 17:35:00 -07:00
Micah Lee
918e5fa306
Display banner 2021-06-09 17:31:06 -07:00
Micah Lee
1144fd9f87
Make the CLI fully functional 2021-06-09 17:00:39 -07:00
Micah Lee
73d412501c
Move the ConvertToPixels task validation into global_common so the CLI and GUI can share it 2021-06-09 16:32:06 -07:00
Micah Lee
8aaf7ebcf1
Start implementing CLI args, and start with validating custom containers and pulling the latest container 2021-06-09 16:15:19 -07:00
Micah Lee
6ff68f88ea
Refactor dangerzone to move GUI code into its own module 2021-06-09 15:24:03 -07:00
Micah Lee
36c4e290a2
Find PDF viewers again 2021-06-09 13:28:56 -07:00
Micah Lee
b8e8c74161
Make an ApplicationWrapper to avoid inheriting from QApplication 2021-06-09 13:25:22 -07:00
Micah Lee
791723db20
GlobalCommon does not need temp dirs, and fix bug with finding Mac PFD viewers 2021-06-09 11:52:49 -07:00
Micah Lee
803844e832
Remove temporary directory output 2021-06-08 15:29:34 -07:00
Micah Lee
2f97f344a9
Fix typo with using a custom container 2021-06-08 15:29:14 -07:00
Micah Lee
cdc29ee8dd
Fix --custom-container option 2021-04-15 13:35:18 -07:00
Micah Lee
4450146028
Version bump to 0.1.5 and update changelog 2021-01-04 15:31:12 -08:00
Micah Lee
78e23a1e8b
Set QT_MAC_WANTS_LAYER env variable to work in Big Sur 2020-12-30 10:40:28 -08:00
Micah Lee
87be2bbc7d
Fix detecting if dangerzone or dangerzone-container is running in Windows, update docker.exe path, fix Windows build scripts to include to docker-container.exe symlink 2020-10-29 10:43:23 -07:00
Micah Lee
ac36006d0d
Merge branch 'master' into version-0.1.4 2020-10-28 16:52:45 -07:00
Micah Lee
1116c9a029
Make Windows docker link clickable, and make Windows installer add a start menu shortcut 2020-10-28 16:48:16 -07:00
Micah Lee
269cf5b431
Add Windows changes 2020-10-27 11:55:21 -07:00
Micah Lee
50044a05fa
Remove QVariant, to finish porting from PyQt5 to PySide2 2020-10-26 15:12:17 -07:00
Micah Lee
92b19fe1b3
Allow docker installed from snap package 2020-10-26 15:11:41 -07:00
Micah Lee
31b63e5471
Start switching from PyQt5 to PySide2 2020-10-26 14:52:45 -07:00
Micah Lee
9c0f61488a
Update changelog and version bump, and update CircleCI to support Ubuntu 20.10 and Fedora 32 2020-10-26 14:07:14 -07:00
Micah Lee
13285cd024
Suppress stderr from GUI output and display it in the terminal in dark; add a dangerzone poetry entrypoint; and update dependencies 2020-10-14 09:41:23 -07:00
Micah Lee
753134dc3f
Version bump to 0.1.3 and update changelog 2020-09-25 13:43:22 -07:00
Giacomo Rossetto
3d456f8f5a
Check if CFBundleName exit 2020-04-10 14:09:21 +02:00
Micah Lee
e798da9a99
Version bump to 0.1.2 and update changelog 2020-04-09 16:23:15 -07:00
Micah Lee
9c90a0fa33
Rename dangerzone-container commands to remove hiphens and underscores, because old and new versions of click treat them differently 2020-04-09 13:58:22 -07:00
Micah Lee
2674f1457a
Version bump to 0.1.1 2020-03-17 11:11:47 -07:00
Micah Lee
4eba0087e7
Version bump to 0.1.1.dev1 2020-03-16 17:07:43 -07:00
Micah Lee
3a1b6d457f
All dangerzone-container subprocesses get called from global_commons, and if the user cancels or fails the authentication dialog, handle gracefully 2020-03-16 14:26:07 -07:00
Micah Lee
cf367adcfa
This creates a separate script dangerzone-container which is a wrapper for running the container. This lets us run dangerzone as unprivileged, but dangerzone-container as privileged, to avoid adding the user to the dangerzone group. 2020-03-13 16:49:53 -07:00
Micah Lee
0b1cd9e9ef
If docker service is not running, try to start it 2020-03-12 16:00:30 -07:00
Micah Lee
2c0f0acbdf
When finding PDF viewers, skip apps that do not have Info.plist files (as is the case with com.apple.system-library) 2020-03-12 15:21:09 -07:00
Eike Rathke
46c741a634 Fix filter ODF extension .ods 
application/vnd.oasis.opendocument.spreadsheet  ods
 2020-03-11 22:43:26 +01:00
Micah Lee
d519303150
Add --custom-container option, to run a container built locally instead of requiring download from dockerhub 2020-03-06 18:08:15 +05:30
Micah Lee
8845ac6440
Allow opening docm files 2020-03-03 19:23:46 +05:30
Micah Lee
469680565b
Merge branch 'master' of github.com:firstlookmedia/dangerzone 2020-03-02 21:12:08 -08:00
Micah Lee
322416eee8
Fix icon path 2020-03-02 21:11:54 -08:00
Micah Lee
271ac9641b
Version bump to 0.1 2020-02-28 17:38:49 -08:00
Micah Lee
ed6dc43276
When you activate dangerzone in macOS and no windows are open, open a blank window 2020-02-28 17:35:11 -08:00
Micah Lee
2f77159e3f
Version bump to 0.0.3 2020-02-27 15:45:02 -08:00
Micah Lee
dd6c336b85
Force updating the container if flmcode/dangerzone image is not there, and show slightly more output when pulling the image 2020-02-27 15:44:13 -08:00
Micah Lee
389f9db421
Use container from dockerhub instead of building it 2020-02-27 15:18:19 -08:00
Micah Lee
fc2fcf6bd3
Version bump to 0.0.2 2020-02-27 09:56:03 -08:00
Micah Lee
52cbbca7c6
Update container 2020-02-26 17:26:18 -08:00
Micah Lee
4c9bbfe217
Refactor Common into GlobalCommon (for the whole app) and Common (for a window), and allow multiple dangerzone windows at once in macOS 2020-02-26 15:46:23 -08:00
Micah Lee
cb38473573
Allow multiple windows to be open at once 2020-02-26 14:32:57 -08:00
Micah Lee
e18a898497
Make docker installer work the same way for Windows too 2020-02-26 14:01:43 -08:00
Micah Lee
2d4ca86985
Simplify docker installer, make it inform the user to install docker and run it, instead of trying to do that on behalf of the user 2020-02-26 13:39:44 -08:00
Micah Lee
163f482fd1
change version to 0.0.1 to test packaging 2020-02-21 16:29:00 -08:00