From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: Re: Tor Browser Date: Sat, 06 Aug 2016 11:14:10 +0000 Message-ID: <87mvkqxi7x.fsf@we.make.ritual.n0.is> References: <20160623104107.GA2505@shadowwalker> <20160623132347.GA9193@shadowwalker> <87a8ia7pq4.fsf@gnu.org> <20160624134357.GA30727@shadowwalker> <87por637vi.fsf_-_@gnu.org> <20160624174913.GA19633@shadowwalker> <87r3bkmfja.fsf@gnu.org> <87bn2kxirt.fsf@we.make.ritual.n0.is> <87mvm355r3.fsf@gnu.org> <87fuqjmj7z.fsf@we.make.ritual.n0.is> <87shuisfst.fsf@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:50659) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bVzYW-0007wD-KJ for guix-devel@gnu.org; Sat, 06 Aug 2016 07:14:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bVzYV-0001ob-21 for guix-devel@gnu.org; Sat, 06 Aug 2016 07:14:16 -0400 Received: from mithlond.libertad.in-berlin.de ([2001:67c:1400:2490::1]:36339 helo=beleriand.n0.is) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bVzYU-0001oO-Ji for guix-devel@gnu.org; Sat, 06 Aug 2016 07:14:14 -0400 Received: by beleriand.n0.is (OpenSMTPD) with ESMTPSA id 732fc2a9 TLS version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO for ; Sat, 6 Aug 2016 11:14:12 +0000 (UTC) In-Reply-To: <87shuisfst.fsf@gmail.com> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Hi, in the following reply I assume that you did not read all of the original thread[0]. If I am wrong, correct me. Alex Vong writes: > ng0 writes: > >> Ludovic Courtès writes: >> >>> ng0@we.make.ritual.n0.is skribis: >>> >>>> Ludovic Courtès writes: >>> >>> [...] >>> >>>>> I suppose TB contains a script that does all that, right? Would it work >>>>> to simply run it? If it invokes wget/curl, then this needs to be >>>>> replaced, but the rest should be fine. >>>> >>>> It's not that easy I'm afraid. >>>> Currently they use a gitian build, as described in this README[0], >>>> which the person maintaining the torbrowser ebuild for Gentoo out >>>> of portage replicates and follows in parts. >>>> It can't be followed completely, as `builders/tor-browser-bundle' >>>> requires a checkout of gitian of the torproject.org >>>> >>>> So we have to look at what they do and recreate this build >>>> procedure, there's no individual Makefile, the releases are >>>> created in VMs. >>>> >>>> Dependencies are kept up to date here[1]. >>>> >>>> This[2] is the script connecting/using gitian for gnu-linux releases. >>>> >>>> The Makefile just runs the corresponding scripts. >>> >>> Gitian is about building binaries. There must be some script somewhere >>> to apply the relevant patches to the source first, before one builds it, >>> no? >>> >>>>> It’s unfortunate that there’s no ready-to-build TB tarball, that would >>>>> simplify things for us. >>>> >>>> Yes.. But I think icecat suffers from the same problem, only that >>>> icecat tarballs/binaries are built using a bash script applying >>>> all that's needed to the firefox sources again. >>> >>> IceCat publishes source tarballs that, AIUI, are produced essentially by >>> running a script that patches Firefox’s code base (same approach for >>> Linux-libre.) >>> >>> Thanks, >>> Ludo’. >> >> There are the .mar files, which I suppose are the built source of >> torbrowser, but I can't tell for sure since i can't find an upstream for >> mar-tools. I guess it is Mozilla, but where is it available? >> >> https://dist.torproject.org/torbrowser/6.0.3/ > > Hi, I am a tor browser and torsocks user (since a few months ago). Last > time I tried building tor browser from source (and failed), gitian will > have to download some non-free xcode stuff to build for the os x > platform. Is it possible to only build for gnu/linux without building > for windows and os x? Will the resulting binary still be byte-to-byte > identical with the tor project official build? Was this a build with a guix package? Can you share the code if it is? > Also, it seems tor browser needs virtualenv and virtualbox to > build. Last time I checked virtualbox, it was on the contrib area of > debian since it requires a non-free[1] compiler to build the bios[2]. > I hope we can find way around these issues since tor browser is IMHO an > essential tool nowadays. You might want to re-read the full thread this message is part of. I already wrote that with the builds I use for torbrowser in Gentoo, that at least virtualbox is not needed and Ludovic said that the gitian build is not what we should be looking into. It is mostly poncho's work on Gentoo, but the overlay I contribute to mirrors their work. There we don't use gitian but a combination of torbrowser source + firefox source and distro specific patches. We could also address tor with this when we succeed, as they have an interest in NixOS or they are looking into it, specifically hydra for builds: https://trac.torproject.org/projects/tor/ticket/12520 > Finally, I agree that icecat could switch to tor browser as its upstream. Maybe you want to help me out with writing the email / post to torproject: https://lists.gnu.org/archive/html/guix-devel/2016-08/msg00326.html On second note, maybe this is message should be addressed to both torproject and icecat developer(s). What do you think? I have no fixed plan in mind for this. [0]: https://lists.gnu.org/archive/cgi-bin/namazu.cgi?query=torbrowser&submit=Search&idxname=guix-devel > > [1]: https://en.wikipedia.org/wiki/Sybase_Open_Watcom_Public_License > [2]: https://wiki.debian.org/VirtualBox -- ♥Ⓐ ng0 Current Keys: https://we.make.ritual.n0.is/ng0.txt For non-prism friendly talk find me on http://www.psyced.org