Merge branch 'master' into pyinstaller

2025-01-28 07:17:15 -05:00 · 2017-02-21 17:13:06 -08:00 · 2017-02-21 17:13:06 -08:00 · 05319f7344
commit 05319f7344
parent d5af08c1c4 7b068fee35
4 changed files with 17 additions and 17 deletions
--- a/apparmor/abstractions/onionshare
+++ b/apparmor/abstractions/onionshare
@ -1,5 +1,6 @@
 #include <abstractions/base>
 #include <abstractions/nameservice>
 #include <abstractions/private-files-strict>
 #include <abstractions/python>
 # Why are these not in abstractions/python?
@ -16,16 +17,13 @@
 /sbin/ldconfig rix,
 /sbin/ldconfig.real rix,
 /bin/uname rix,
-/{,lib/live/mount/rootfs/filesystem.squashfs/}etc/mime.types r,
+/etc/mime.types r,
-/{,lib/live/mount/rootfs/filesystem.squashfs/}usr/share/onionshare/ r,
+/usr/share/onionshare/ r,
-/{,lib/live/mount/rootfs/filesystem.squashfs/}usr/share/onionshare/** r,
+/usr/share/onionshare/** r,
 /tmp/ rw,
 /tmp/** rw,
-# Allow all user data except .gnupg, .ssh and other potential
+# Allow read on almost anything in @{HOME}. Lenient, but
-# places for critically sensitive application data.
+# private-files-strict is in effect.
-audit deny @{HOME}/.* mrwkl,
+owner @{HOME}/         r,
-audit deny @{HOME}/.*/ mrwkl,
+owner @{HOME}/[^.]**   r,
 audit deny @{HOME}/.*/** mrwkl,
 owner @{HOME}/ r,
 owner @{HOME}/** r,
--- a/apparmor/usr.bin.onionshare
+++ b/apparmor/usr.bin.onionshare
@ -1,6 +1,6 @@
 #include <tunables/global>
-/usr/bin/onionshare flags=(complain) {
+/usr/bin/onionshare {
  #include <abstractions/onionshare>
  /usr/bin/ r,
--- a/apparmor/usr.bin.onionshare-gui
+++ b/apparmor/usr.bin.onionshare-gui
@ -1,6 +1,6 @@
 #include <tunables/global>
-/usr/bin/onionshare-gui flags=(complain) {
+/usr/bin/onionshare-gui {
  #include <abstractions/gnome>
  #include <abstractions/ibus>
  #include <abstractions/onionshare>
@ -8,14 +8,16 @@
  /usr/bin/ r,
  /usr/bin/onionshare-gui r,
  /proc/*/cmdline r,
-  /usr/share/icons/Adwaita/index.theme r,
+
  # The freedesktop.org abstraction doesn't allow `k`
  /usr/share/icons/*/index.theme k,
  # Why do these still emit audit journal entries?
  owner @{HOME}/.config/ibus/bus/ rw,
  owner @{HOME}/.config/ibus/bus/* rw,
  deny @{HOME}/.ICEauthority r,
-  deny /{,lib/live/mount/rootfs/filesystem.squashfs/}etc/machine-id r,
+  deny /etc/machine-id r,
  deny /var/lib/dbus/machine-id.* rw,
  # Accessibility support
--- a/share/locale/en.json
+++ b/share/locale/en.json
@ -11,7 +11,7 @@
    "not_a_file": "{0:s} is not a file.",
    "download_page_loaded": "Download page loaded",
    "other_page_loaded": "URL loaded",
-    "close_on_finish": "Stop sharing automatically",
+    "close_on_finish": "Stop After First Download",
    "closing_automatically": "Closing automatically because download finished",
    "large_filesize": "Warning: Sending large files could take hours",
    "error_tails_invalid_port": "Invalid value, port must be an integer",
@ -53,8 +53,8 @@
    "error_rate_limit": "An attacker might be trying to guess your URL. To prevent this, OnionShare has automatically stopped the server. To share the files you must start it again and share the new URL.",
    "zip_progress_bar_format": "Crunching files: %p%",
    "error_stealth_not_supported": "To create stealth onion services, you need at least Tor 0.2.9.1-alpha (or Tor Browser 6.5) and at least python3-stem 1.5.0.",
-    "gui_advanced_options": "Advanced options",
+    "gui_advanced_options": "Advanced Options",
-    "gui_create_stealth": "Create stealth onion service",
+    "gui_create_stealth": "Create Stealth Onion Service",
    "gui_menu_file_menu": "&File",
    "gui_menu_settings_action": "&Settings",
    "gui_menu_quit_action": "&Quit",