New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integrate SubGraph's "Tor Status" Gnome extension #1758

Open
bnvk opened this Issue Feb 18, 2016 · 9 comments

Comments

Projects
None yet
6 participants
@bnvk

bnvk commented Feb 18, 2016

SubGraph has made a nice Gnome extension that notifies users of Tor activity and integrates with Gnome's network widgets, the code is packaged at gnome-shell-extension-torstatus. Since we're moving to Gnome, it only makes sense to look at integrating this into Qubes!

@adrelanos I know you were working on something similar that I gave you UX feedback on at 32c3. I'm not sure how different / far along with that you are, but it seems worth exploring / discussing this extension!

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Feb 21, 2016

Member

Did not look into subgraph yet, but there are some blockers.

We don't have any java script coders. [that I know that have can make up
time to work on this]

We don't yet have added [such kind of] third party packages if they are
not installable from official Debian repositories.

( https://www.whonix.org/wiki/Dev/Default_Application_Policy )

Member

adrelanos commented Feb 21, 2016

Did not look into subgraph yet, but there are some blockers.

We don't have any java script coders. [that I know that have can make up
time to work on this]

We don't yet have added [such kind of] third party packages if they are
not installable from official Debian repositories.

( https://www.whonix.org/wiki/Dev/Default_Application_Policy )

@bnvk

This comment has been minimized.

Show comment
Hide comment
@bnvk

bnvk Feb 23, 2016

@adrelanos i'm a javascript developer :) i'm sure this will be in the official Debian packages, just unsure of timeline. My reasoning for this:

  • This already works and is shipped with SubGraph
  • Providing nice GUI functionality + UI feeedback for Tor is utmost importance
  • Using a Gnome extension is the correct way to do it in Gnome.

As per collaborative efforts between secure desktop projects- this seems like a waste of effort to duplicate this work, no?

bnvk commented Feb 23, 2016

@adrelanos i'm a javascript developer :) i'm sure this will be in the official Debian packages, just unsure of timeline. My reasoning for this:

  • This already works and is shipped with SubGraph
  • Providing nice GUI functionality + UI feeedback for Tor is utmost importance
  • Using a Gnome extension is the correct way to do it in Gnome.

As per collaborative efforts between secure desktop projects- this seems like a waste of effort to duplicate this work, no?

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Feb 25, 2016

Member

Okay. Sounds great!

It already has Debian packaging files in its Debian git branch. And
instructions to build a package in its readme. Next proposes steps.

Can you...

  • install it on Whonix-Gateway and see how it goes? Then we'll see if
    there are any rough edges.
  • submit it to Debian as ITP (intent to package) ticket and get it
    uploaded (through sponsorship) to Debian? Thereby you becoming the
    Debian maintainer?

-- Alternatively post a Debian RFP (request to package) ticket.
Hopefully - possibly - the Debian privacy tools packaging team would
take over maintenance in Debian. (
https://wiki.debian.org/Teams/PkgPrivacyMaintainers )

?

Member

adrelanos commented Feb 25, 2016

Okay. Sounds great!

It already has Debian packaging files in its Debian git branch. And
instructions to build a package in its readme. Next proposes steps.

Can you...

  • install it on Whonix-Gateway and see how it goes? Then we'll see if
    there are any rough edges.
  • submit it to Debian as ITP (intent to package) ticket and get it
    uploaded (through sponsorship) to Debian? Thereby you becoming the
    Debian maintainer?

-- Alternatively post a Debian RFP (request to package) ticket.
Hopefully - possibly - the Debian privacy tools packaging team would
take over maintenance in Debian. (
https://wiki.debian.org/Teams/PkgPrivacyMaintainers )

?

@bnvk

This comment has been minimized.

Show comment
Hide comment
@bnvk

bnvk Feb 25, 2016

  • install it on Whonix-Gateway and see how it goes? Then we'll see if there are any rough edges.

Yep, will do so and report back!

  • submit it to Debian as ITP (intent to package) ticket and get it uploaded (through sponsorship) to Debian? Thereby you becoming the Debian maintainer?

I have never done such a thing, but would be good to understand better the process. Curious, doesn't it make more sense the project creator to do this?

bnvk commented Feb 25, 2016

  • install it on Whonix-Gateway and see how it goes? Then we'll see if there are any rough edges.

Yep, will do so and report back!

  • submit it to Debian as ITP (intent to package) ticket and get it uploaded (through sponsorship) to Debian? Thereby you becoming the Debian maintainer?

I have never done such a thing, but would be good to understand better the process. Curious, doesn't it make more sense the project creator to do this?

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Feb 25, 2016

Member

Brennan Novak:

I have never done such a thing, but would be good to understand better the process. Curious, doesn't it make more sense the project creator to do this?

It's nice if that happens to be the creator, but that's not at all a
requirement. Anyone can post ITP or RFP.

Member

adrelanos commented Feb 25, 2016

Brennan Novak:

I have never done such a thing, but would be good to understand better the process. Curious, doesn't it make more sense the project creator to do this?

It's nice if that happens to be the creator, but that's not at all a
requirement. Anyone can post ITP or RFP.

@h01ger

This comment has been minimized.

Show comment
Hide comment
@h01ger

h01ger May 10, 2016

Sometimes (and maybe, mostly) it's even better if the package maintainer is not the person being the upstream author. Conflict of interests and all that. (The subgraph os people writing gnome-shell-extension-torstatus might have different interests than the Debian maintainers which have different interests than the Fedora maintainers. And even if the different interests are mostly just: "I want it work everywhere" - "I only care about Debian" - "I only care about Fedora".

That's said, it's totally ok if upstream authors are Debian or Fedora maintainers too.

The easiest way to file a Debian ITP or RFP bug is: sudo apt install reportbug ; reportbug wnpp

This will guide you through filing such a bug.

If someone is going to do the packaging for this (look at other package gnome-shell extensions…) I'd be happy to review the packaging and sponsor the upload to Debian.

h01ger commented May 10, 2016

Sometimes (and maybe, mostly) it's even better if the package maintainer is not the person being the upstream author. Conflict of interests and all that. (The subgraph os people writing gnome-shell-extension-torstatus might have different interests than the Debian maintainers which have different interests than the Fedora maintainers. And even if the different interests are mostly just: "I want it work everywhere" - "I only care about Debian" - "I only care about Fedora".

That's said, it's totally ok if upstream authors are Debian or Fedora maintainers too.

The easiest way to file a Debian ITP or RFP bug is: sudo apt install reportbug ; reportbug wnpp

This will guide you through filing such a bug.

If someone is going to do the packaging for this (look at other package gnome-shell extensions…) I'd be happy to review the packaging and sponsor the upload to Debian.

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos May 17, 2016

Member

This ticket is being blocked by Add support for GNOME in dom0/GUI domain (#1806), right?


There is a binary package of gnome-shell-extension-torstatus. This is how you can obtain it:

Add to /etc/apt/sources.list.

deb https://devrepo.subgraph.com/subgraph aaron main
apt-get download gnome-shell-extension-torstatus

(Maybe gnome-shell-extension-ozshell is also related.)


I failed to find the subgraph os Debian source packages. Asked subgraph os developers about it:
https://secure-os.org/pipermail/desktops/2016-May/000118.html


When I look at https://pbs.twimg.com/media/CbB0R2VWIAEI2iY.png I think implementing this is more difficult. Because shutdown is up to dom0, Tor status up to sys-whonix, wifi settings up to sys-net.

Screenshots:



Member

adrelanos commented May 17, 2016

This ticket is being blocked by Add support for GNOME in dom0/GUI domain (#1806), right?


There is a binary package of gnome-shell-extension-torstatus. This is how you can obtain it:

Add to /etc/apt/sources.list.

deb https://devrepo.subgraph.com/subgraph aaron main
apt-get download gnome-shell-extension-torstatus

(Maybe gnome-shell-extension-ozshell is also related.)


I failed to find the subgraph os Debian source packages. Asked subgraph os developers about it:
https://secure-os.org/pipermail/desktops/2016-May/000118.html


When I look at https://pbs.twimg.com/media/CbB0R2VWIAEI2iY.png I think implementing this is more difficult. Because shutdown is up to dom0, Tor status up to sys-whonix, wifi settings up to sys-net.

Screenshots:



@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek May 17, 2016

Member

When I look at https://pbs.twimg.com/media/CbB0R2VWIAEI2iY.png I think implementing this is more difficult. Because shutdown is up to dom0, Tor status up to sys-whonix, wifi settings up to sys-net.

We've talked about this with @bnvk and there is a way: provide a very simple "proxy" to NetworkManager in sys-net. Something that will look in dom0 as NetworkManager (export its dbus interface) and provide basic information about network connection. All advanced stuff (configuration etc) would still happen inside sys-net of course.
One needs to be very careful when implementing such thing to to expose dom0 to much, but it is doable.
Anyway, as you've said, this is blocked on #1806

Member

marmarek commented May 17, 2016

When I look at https://pbs.twimg.com/media/CbB0R2VWIAEI2iY.png I think implementing this is more difficult. Because shutdown is up to dom0, Tor status up to sys-whonix, wifi settings up to sys-net.

We've talked about this with @bnvk and there is a way: provide a very simple "proxy" to NetworkManager in sys-net. Something that will look in dom0 as NetworkManager (export its dbus interface) and provide basic information about network connection. All advanced stuff (configuration etc) would still happen inside sys-net of course.
One needs to be very careful when implementing such thing to to expose dom0 to much, but it is doable.
Anyway, as you've said, this is blocked on #1806

@marmarek marmarek modified the milestone: Far in the future Jun 21, 2016

@rootkovska rootkovska removed the C: label Jun 30, 2016

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 1, 2016

Member

Related to #2135

Member

marmarek commented Jul 1, 2016

Related to #2135

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment