Merge branch 'next' of github.com:Start9Labs/start-os into rebase/integration/refactors

build/lib/depends

@@ -9,6 +9,7 @@ cifs-utils
 containerd.io
 cryptsetup
 curl
+dmidecode
 docker-ce
 docker-ce-cli
 docker-compose-plugin
@@ -16,7 +17,10 @@ dosfstools
 e2fsprogs
 ecryptfs-utils
 exfatprogs
+flashrom
+gdb
 grub-common
+heaptrack
 htop
 httpdirfs
 iotop
@@ -24,6 +28,7 @@ iw
 jq
 libavahi-client3
 libyajl2
+linux-cpupower
 lm-sensors
 lshw
 lvm2

build/lib/scripts/chroot-and-upgrade

@@ -5,9 +5,10 @@ if [ "$UID" -ne 0 ]; then
     exit 1
 fi
 
-echo 'Syncing...'
-
-rsync -a --delete --force --info=progress2 /media/embassy/embassyfs/current/ /media/embassy/next
+if [ -z "$NO_SYNC" ]; then
+    echo 'Syncing...'
+    rsync -a --delete --force --info=progress2 /media/embassy/embassyfs/current/ /media/embassy/next
+fi
 
 mkdir -p /media/embassy/next/run
 mkdir -p /media/embassy/next/dev

build/lib/scripts/enable-kiosk

@@ -6,35 +6,79 @@ set -e
 /usr/bin/apt update
 /usr/bin/apt install --no-install-recommends -y xserver-xorg x11-xserver-utils xinit firefox-esr matchbox-window-manager libnss3-tools
 
+#Change a default preference set by stock debian firefox-esr
+sed -i 's|^pref("extensions.update.enabled", true);$|pref("extensions.update.enabled", false);|' /etc/firefox-esr/firefox-esr.js
+
+if ! id kiosk; then
+    # create kiosk user
+    useradd -s /bin/bash --create-home kiosk
+fi
+
 # create kiosk script
-cat > /home/start9/kiosk.sh << 'EOF'
+cat > /home/kiosk/kiosk.sh << 'EOF'
 #!/bin/sh
 PROFILE=$(mktemp -d)
 if [ -f /usr/local/share/ca-certificates/startos-root-ca.crt ]; then
     certutil -A -n "StartOS Local Root CA" -t "TCu,Cuw,Tuw" -i /usr/local/share/ca-certificates/startos-root-ca.crt -d $PROFILE
 fi
 cat >> $PROFILE/prefs.js << EOT
-user_pref("network.proxy.autoconfig_url", "file:///usr/lib/embassy/proxy.pac");
-user_pref("network.proxy.socks_remote_dns", true);
-user_pref("network.proxy.type", 2);
-user_pref("dom.securecontext.allowlist_onions", true);
-user_pref("dom.securecontext.whitelist_onions", true);
-user_pref("signon.rememberSignons", false);
-user_pref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org");
-user_pref("browser.theme.content-theme", 0);
-user_pref("browser.theme.toolbar-theme", 0);
-user_pref("datareporting.policy.firstRunURL", "");
+user_pref("app.normandy.api_url", "");
+user_pref("app.normandy.enabled", false);
+user_pref("app.shield.optoutstudies.enabled", false);
+user_pref("app.update.enabled", false);
+user_pref("browser.aboutHomeSnippets.updateUrl", "");
+user_pref("browser.bookmarks.addedImportButton", false);
+user_pref("browser.casting.enabled", false);
+user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
+user_pref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false);
+user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
+user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
+user_pref("browser.onboarding.enabled", false);
+user_pref("browser.ping-centre.telemetry", false);
+user_pref("browser.pocket.enabled",	false);
+user_pref("browser.safebrowsing.blockedURIs.enabled", false);
 user_pref("browser.safebrowsing.malware.enabled", false);
 user_pref("browser.safebrowsing.phishing.enabled", false);
+user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
+user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
+user_pref("browser.safebrowsing.downloads.remote.enabled", false);
+user_pref("browser.search.geoip.url", "");
+user_pref("browser.search.update", false);
+user_pref("browser.search.suggest.enabled",	false);
+user_pref("browser.startup.homepage_override.mstone", "ignore");
+user_pref("browser.theme.content-theme", 0);
+user_pref("browser.theme.toolbar-theme", 0);
+user_pref("browser.urlbar.groupLabels.enabled", false);
+user_pref("browser.urlbar.suggest.searches" false);
+user_pref("datareporting.policy.firstRunURL", "");
 user_pref("datareporting.healthreport.service.enabled", false);
 user_pref("datareporting.healthreport.uploadEnabled", false);
 user_pref("datareporting.policy.dataSubmissionEnabled", false);
-user_pref("datareporting.policy.dataSubmissionEnabled", false);
-user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
-user_pref("browser.ping-centre.telemetry", false);
-user_pref("browser.onboarding.enabled", false);
+user_pref("dom.securecontext.allowlist_onions", true);
+user_pref("dom.securecontext.whitelist_onions", true);
+user_pref("experiments.enabled", false);
+user_pref("experiments.activeExperiment", false);
+user_pref("experiments.supported", false);
+user_pref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org");
+user_pref("extensions.blocklist.enabled", false);
+user_pref("extensions.getAddons.cache.enabled", false);
+user_pref("extensions.pocket.enabled", false);
+user_pref("extensions.update.enabled", false);
+user_pref("extensions.shield-recipe-client.enabled", false);
+user_pref("extensions.shield-recipe-client.user_id", "");
+user_pref("extensions.shield-recipe-client.api_url", "");
+user_pref("media.gmp-gmpopenh264.enabled", false);
+user_pref("messaging-system.rsexperimentloader.enabled", false);
+user_pref("network.allow-experiments", false);
+user_pref("network.captive-portal-service.enabled", false);
+user_pref("network.connectivity-service.enabled", false);
+user_pref("network.proxy.autoconfig_url", "file:///usr/lib/embassy/proxy.pac");
+user_pref("network.proxy.socks_remote_dns", true);
+user_pref("network.proxy.type", 2);
+user_pref("signon.rememberSignons", false);
 user_pref("toolkit.telemetry.archive.enabled", false);
 user_pref("toolkit.telemetry.bhrPing.enabled", false);
+user_pref("toolkit.telemetry.coverage.opt-out", true);
 user_pref("toolkit.telemetry.enabled", false);
 user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
 user_pref("toolkit.telemetry.newProfilePing.enabled", false);
@@ -43,16 +87,6 @@ user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
 user_pref("toolkit.telemetry.unified", false);
 user_pref("toolkit.telemetry.updatePing.enabled", false);
 user_pref("toolkit.telemetry.cachedClientID", "");
-user_pref("experiments.enabled", false);
-user_pref("experiments.activeExperiment", false);
-user_pref("experiments.supported", false);
-user_pref("network.allow-experiments", false);
-user_pref("extensions.shield-recipe-client.enabled", false);
-user_pref("extensions.shield-recipe-client.user_id", "");
-user_pref("extensions.shield-recipe-client.api_url", "");
-user_pref("app.normandy.enabled", false);
-user_pref("app.normandy.api_url", "");
-user_pref("app.shield.optoutstudies.enabled", true);
 EOT
 while ! curl "http://localhost" > /dev/null; do
     sleep 1
@@ -70,11 +104,11 @@ matchbox-window-manager -use_titlebar no &
 firefox-esr http://localhost --profile $PROFILE
 rm -rf $PROFILE
 EOF
-chmod +x /home/start9/kiosk.sh
+chmod +x /home/kiosk/kiosk.sh
 
 # use kiosk if tty (not pts)
-if ! grep -q 'kiosk' /home/start9/.profile; then
-cat >> /home/start9/.profile << 'EOF'
+if ! grep -q 'kiosk' /home/kiosk/.profile; then
+cat >> /home/kiosk/.profile << 'EOF'
 # Use kiosk for TTY
 if [[ "$(tty)" =~ ^/dev/tty ]]; then
     exec startx "$HOME/kiosk.sh"
@@ -87,7 +121,7 @@ mkdir -p /etc/systemd/system/getty@tty1.service.d
 cat > /etc/systemd/system/getty@tty1.service.d/autologin.conf << 'EOF'
 [Service]
 ExecStart=
-ExecStart=-/sbin/agetty --autologin start9 --noclear %I $TERM
+ExecStart=-/sbin/agetty --autologin kiosk --noclear %I $TERM
 EOF
 ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
 

build/lib/scripts/postinst

@@ -76,6 +76,7 @@ sed -i '/\(^\|#\)Storage=/c\Storage=persistent' /etc/systemd/journald.conf
 sed -i '/\(^\|#\)Compress=/c\Compress=yes' /etc/systemd/journald.conf
 sed -i '/\(^\|#\)SystemMaxUse=/c\SystemMaxUse=1G' /etc/systemd/journald.conf
 sed -i '/\(^\|#\)ForwardToSyslog=/c\ForwardToSyslog=no' /etc/systemd/journald.conf
+sed -i '/^\s*#\?\s*issue_discards\s*=\s*/c\issue_discards = 1' /etc/lvm/lvm.conf
 mkdir -p /etc/docker
 cat > /etc/docker/daemon.json << EOF
 {