forked from freedomofpress/securedrop-client
-
Notifications
You must be signed in to change notification settings - Fork 0
/
run.sh
executable file
·70 lines (55 loc) · 1.5 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/usr/bin/env bash
set -eo pipefail
umask 077
while [ -n "$1" ]; do
param="$1"
value="$2"
case $param in
--sdc-home)
SDC_HOME="$value"
shift
;;
*)
break
esac
shift
done
if [[ $OSTYPE == 'darwin'* ]]; then
# Override tempfile behavior in OS X as /var symlink conflicts with path traversal checks
TMP_BASE=$HOME/.sdc_tmp
[ -d $TMP_BASE ] && rm -rf $TMP_BASE
mkdir $TMP_BASE
export TMPDIR=$TMP_BASE
SDC_HOME=${SDC_HOME:-$(mktemp -d $TMP_BASE/sd_client.XXXX)}
else
SDC_HOME=${SDC_HOME:-$(mktemp -d)}
fi
export SDC_HOME
GNUPGHOME="$SDC_HOME/gpg"
export GNUPGHOME
mkdir -p "$GNUPGHOME"
chmod 0700 "$SDC_HOME" "$GNUPGHOME"
function cleanup {
gpgconf --kill gpg-agent
}
trap cleanup EXIT
echo "Running app with home directory: $SDC_HOME"
echo ""
cleanup
gpg --allow-secret-key-import --import tests/files/securedrop.gpg.asc &
# create the database and config for local testing
./create_dev_data.py "$SDC_HOME" &
# check whether current env is qubes
is_qubes="$(printenv | grep ^QUBES_)" || true
if [[ -n "$is_qubes" ]]; then
echo "Detected QubesOS, enabling DispVMs for submission handling..."
qubes_flag=""
# Ensure desktop files are read from local dir
export XDG_CONFIG_HOME="$PWD/files"
else
echo "Current OS is *not* Qubes, disabling DispVM support..."
qubes_flag="--no-qubes"
fi
wait
echo "Starting client, log available at: $SDC_HOME/logs/client.log"
python -m securedrop_client --sdc-home "$SDC_HOME" --no-proxy "$qubes_flag" "$@"