Hello, this needs to depend on ffmpeg4.4
. Tor Browser uses the system's ffmpeg (they do not provide their own currently), so it needs to depend on an ffmpeg. And the version of Firefox it uses currently doesn't support ffmpeg 5.0, so it can't depend on ffmpeg
right now, it needs to depend on ffmpeg4.4
for the time being.
Search Criteria
Package Details: tor-browser 11.0.14-1
Package Actions
Git Clone URL: | https://aur.archlinux.org/tor-browser.git (read-only, click to copy) |
---|---|
Package Base: | tor-browser |
Description: | Tor Browser Bundle: anonymous browsing using Firefox and Tor (international PKGBUILD) |
Upstream URL: | https://www.torproject.org/projects/torbrowser.html |
Keywords: | Anonymity Browser Internet Network Tor |
Licenses: | GPL |
Submitter: | grufo |
Maintainer: | grufo (jugs) |
Last Packager: | grufo |
Votes: | 1216 |
Popularity: | 10.83 |
First Submitted: | 2017-03-23 12:24 (UTC) |
Last Updated: | 2022-06-09 14:53 (UTC) |
Dependencies (19)
- alsa-lib (alsa-lib-git, alsa-lib-minimal-git, alsa-lib-x205ta)
- dbus-glib (dbus-glib-git)
- desktop-file-utils (desktop-file-utils-git)
- hicolor-icon-theme (hicolor-icon-theme-git)
- hunspell (hunspell-git)
- icu (icu-git-static, icu-git)
- libevent (libevent-fb, libevent-git)
- libvpx (libvpx-1.6, libvpx-full-git, libvpx-1.7, libvpx-git)
- libxt
- mime-types (mailcap-mime-types, mailcap)
- nss (nss-hg)
- sqlite (sqlite-replication, sqlite-minimal-git, sqlite-fts3-parenthesis, sqlite-fossil)
- startup-notification (startup-notification-git)
- gst-libav (gst-libav-git) (optional) – H.264 video
- gst-plugins-good (gst-plugins-good-git) (optional) – H.264 video
- kdialog (kdialog-git) (optional) – KDE dialog boxes
- libnotify (libnotify-gtk2, libnotify-id-git, libnotify-id, libnotify-git) (optional) – Gnome dialog boxes
- libpulse (libpulse-bluedio, pulseaudio-pali, pulseaudio-dummy, libpulse-nosystemd-git, libpulse-nosystemd, libpulse-nosystemd-minimal-git, libpulse-airplay, pulseaudio-git) (optional) – PulseAudio audio driver
- zenity (zenity-git, zenity-gtk2, qarma-git, zenity-light) (optional) – simple dialog boxes
Required by (0)
Sources (8)
- https://dist.torproject.org/torbrowser/11.0.14/tor-browser-linux32-11.0.14_en-US.tar.xz
- https://dist.torproject.org/torbrowser/11.0.14/tor-browser-linux32-11.0.14_en-US.tar.xz.asc
- https://dist.torproject.org/torbrowser/11.0.14/tor-browser-linux64-11.0.14_en-US.tar.xz
- https://dist.torproject.org/torbrowser/11.0.14/tor-browser-linux64-11.0.14_en-US.tar.xz.asc
- tor-browser.desktop.in
- tor-browser.in
- tor-browser.png
- tor-browser.svg
Latest Comments
AtticFinder65536 commented on 2022-06-18 23:30 (UTC)
Lutrim commented on 2022-05-27 08:45 (UTC)
@yar I don't see the point of the torbrowser-launcher
yar commented on 2022-05-26 16:43 (UTC)
@Lutrim there is https://archlinux.org/packages/community/any/torbrowser-launcher/
Lutrim commented on 2022-05-26 02:04 (UTC)
Why is he still at AUR? He belongs in the community repo!
intrlocutr commented on 2022-05-19 01:36 (UTC) (edited on 2022-05-19 01:44 (UTC) by intrlocutr)
I am unable to play H.264 video even after installing gst-libav and gst-plugins-good. html5test.com reports no H.264 support.
Edit: The solution was installing ffmpeg4.4
guglovich commented on 2022-04-04 20:18 (UTC)
curl: (35) OpenSSL SSL_connect: Connection broken by other party in connection to dist.torproject.org:443 ==> ERROR: Error loading 'https://dist.torproject.org/torbrowser/11.0.9/tor-browser-linux64-11.0.9_en-US.tar.xz' Interruption... -> build error: tor-browser
grufo commented on 2022-03-26 00:01 (UTC)
@whynothugo Alright. Done.
whynothugo commented on 2022-03-25 15:05 (UTC)
Can you modify the desktop file from Exec=/usr/bin/tor-browser %u
to Exec=tor-browser %u
?
This has no impact for most users, but allows using a wrapper in /usr/local/bin/tor-browser
for users who need this (e.g.: to run tor-browser with firejail).
pentamassiv commented on 2022-03-11 02:33 (UTC)
I think changing the install location broke my keepassxc connection to the Tor Browser. Today I finally looked into it and fixed it by going to the settings > Browser Integration > Advanced and activating the option "Use a custom browser configuration location" and pasting the following path:
~/.local/opt/tor-browser/app/Browser/TorBrowser/Data/Browser/.mozilla/native-messaging-hosts
Selecting the regular "Tor Browser" does not work and it can be deselected.
whynothugo commented on 2022-02-25 20:01 (UTC)
Is there a reason this package is not included in [community]?
I know a TU has to adopt it, has there been no interest, or is it excluded for some reason?
serxxx commented on 2022-02-11 15:25 (UTC)
@grufo, tor-browser -u also reports (trimmed):
$ tor-browser -u ~
Found new version (11.0.2 -> 11.0.6)...
==> Making package: tor-browser 11.0.6-1 (Fri 11 Feb 2022 09:17:39 AM CST)
...
tor-browser-linux64-11.0.6_en-US.tar.xz.asc ... Skipped
==> Verifying source file signatures with gpg...
tor-browser-linux64-11.0.6_en-US.tar.xz ... FAILED (unknown public key E53D989A9E2D47BF)
==> ERROR: One or more PGP signatures could not be verified!
grufo commented on 2022-02-10 12:22 (UTC)
@esmailelbob Sure thing. Done.
esmailelbob commented on 2022-01-19 10:49 (UTC)
Please, can you add
StartupWMClass=Tor Browser
in .desktop file of tor browser? because i pinned it in my taskbar and now i have 2 tor browser icons (one pinned from desktop file and one the application itself running)
berturion commented on 2022-01-14 21:46 (UTC) (edited on 2022-01-14 21:46 (UTC) by berturion)
Thank you @williX gpg --keyserver keys.openpgp.org --search-keys torbrowser@torproject.org
worked for me too before updating. gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
didn't work for me.
diogobaeder commented on 2022-01-09 01:20 (UTC)
After running the solution from the pinned comment (to auto-locate the key) and upgrade with yay it worked fine for me, thanks!
williX commented on 2021-12-30 18:59 (UTC) (edited on 2021-12-30 19:05 (UTC) by williX)
The pinned comment didn't work for me. I had to run
gpg --keyserver keys.openpgp.org --search-keys torbrowser@torproject.org
(from https://support.torproject.org/de/tbb/how-to-verify-signature/)
linux_dream commented on 2021-12-29 09:24 (UTC) (edited on 2021-12-29 09:26 (UTC) by linux_dream)
"tor-browser -u" doesn't work:
"==> Verifying source file signatures with gpg... tor-browser-linux64-11.0.3_en-US.tar.xz ... FAILED (unknown public key E53D989A9E2D47BF) ==> ERROR: One or more PGP signatures could not be verified! "
Thankfully "gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org " does.
whynothugo commented on 2021-12-26 22:45 (UTC)
Upstream has added another subkey to the same GPG key, so it needs to be pulled. The pinned command does this, and you need to run it even if you already have the key pulled locally (this is rather unintuitive, hence the clarification).
AUR helpers generally don't do this for you.
saintcore commented on 2021-12-24 20:03 (UTC)
@miku86 In case of Darkness yes, but as explained a bit below by @zethra there seems to be another problem which should affect most people updating with AUR helpers.
However you can manually update without the AUR helpers running "tor-browser -u" as normal user. See comment by @zethra for explanations.
miku86 commented on 2021-12-22 14:43 (UTC)
@Darkness
The solution is in the pinned comments.
Darkness commented on 2021-12-22 14:30 (UTC)
==> Verifying source file signatures with gpg... tor-browser-linux64-11.0.3_en-US.tar.xz ... FAILED (unknown public key E53D989A9E2D47BF) ==> ERROR: One or more PGP signatures could not be verified! -> error making: tor-browser
akurei commented on 2021-12-22 13:50 (UTC)
$ makepkg -scf
==> Making package: tor-browser 11.0.3-1 (2021-12-22T14:46:30 CET)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found tor-browser.desktop.in
-> Found tor-browser.in
-> Found tor-browser.png
-> Found tor-browser.svg
-> Downloading tor-browser-linux64-11.0.3_en-US.tar.xz...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 82.2M 100 82.2M 0 0 7669k 0 0:00:10 0:00:10 --:--:-- 8467k
-> Downloading tor-browser-linux64-11.0.3_en-US.tar.xz.asc...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 819 100 819 0 0 1705 0 --:--:-- --:--:-- --:--:-- 1702
==> Validating source files with sha256sums...
tor-browser.desktop.in ... Passed
tor-browser.in ... Passed
tor-browser.png ... Passed
tor-browser.svg ... Passed
==> Validating source_x86_64 files with sha256sums...
tor-browser-linux64-11.0.3_en-US.tar.xz ... Passed
tor-browser-linux64-11.0.3_en-US.tar.xz.asc ... Skipped
==> Verifying source file signatures with gpg...
tor-browser-linux64-11.0.3_en-US.tar.xz ... FAILED (unknown public key E53D989A9E2D47BF)
==> ERROR: One or more PGP signatures could not be verified!
but
$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
pub rsa4096/0x4E2C6E8793298290 2014-12-15 [C] [expires: 2025-07-21]
Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
uid [ full ] Tor Browser Developers (signing key) <torbrowser@torproject.org>
whynothugo commented on 2021-12-14 10:16 (UTC)
The .SRCINFO
file has invalid checksums, and AUR helpers (paru
in my case) complain about this:
source_i686 = https://dist.torproject.org/torbrowser/11.0.2/tor-browser-linux32-11.0.2_en-US.tar.xz
source_i686 = https://dist.torproject.org/torbrowser/11.0.2/tor-browser-linux32-11.0.2_en-US.tar.xz.asc
sha256sums_i686 =
sha256sums_i686 = SKIP
source_x86_64 = https://dist.torproject.org/torbrowser/11.0.2/tor-browser-linux64-11.0.2_en-US.tar.xz
source_x86_64 = https://dist.torproject.org/torbrowser/11.0.2/tor-browser-linux64-11.0.2_en-US.tar.xz.asc
sha256sums_x86_64 =
sha256sums_x86_64 = SKIP
An empty string is not a valid value.
Running mksrcinfo
fixes this.
zethra commented on 2021-12-08 19:02 (UTC)
Lines 42 and 46 of .SRCINFO are causing issues when trying to install with paru because they have a key with no value. I'm not sure why they're there. When I run makepkg --printsrcinfo those lines aren't present. Those lines where added in the most recent commit FYI.
whynothugo commented on 2021-11-26 14:19 (UTC)
Can you change the desktop file from
Exec=/usr/bin/tor-browser %u
To:
Exec=tor-browser %u
This makes using wrapper scripts or things like firejail a bit smoother, but won't change anything for the usual use-case.
grufo commented on 2021-09-10 18:32 (UTC)
@aminvakil Fair point.
aminvakil commented on 2021-09-10 11:36 (UTC)
bash
is part of base
. Mentioning it explicitly in depends is unnecessary imho.
whynothugo commented on 2021-09-09 09:17 (UTC)
~/.local/opt/tor-browser
is fine by me.
It's not completely standard, but I've also seen it around, and is basically a "per-user /opt".
Using .cache
is also valid IMHO, and this case is slightly outside of what any spec or standard has explicitly considered.
A downside of ~/.local/opt
is that there's no way to override it, whereas .cache
is actually $XDG_CACHE_HOME
.
.config
is a bad choice though; that's a directory that'll frequently get backed up (or even versioned by many), and dumping all of the browser's runtime in there sounds problematic.
grufo commented on 2021-09-08 18:07 (UTC)
@class101
I don’t think it was a great idea to create opt/ inside .local since it is not a standard location
This is the old debate about the ~/.local
directory...
Is ~/.local/bin
standard? The XDG mentions it ("User-specific executable files may be stored in $HOME/.local/bin
").
What about ~/.local/lib
? The XDG does not mention it, but it is the natural result of installing a library instead of a program locally via ./configure --prefix="$HOME/.local" && make && make install
– the same command that would install a program under the ~/.local/bin
path mentioned by the XDG.
For me this package's natural path is ~/.local/opt
: it satisfies the requirements for opt
(it is completely self-contained in one single directory) and it satisfies the requirements for ~/.local
(it is a user installation).
But given the huge user base of this package, I would say that the debate has just started.
Application creates their folders in
.local .config .cache
Technically we do create our folder under .local
.
class101 commented on 2021-09-08 17:47 (UTC)
I don’t think it was a great idea to create opt/ inside .local since it is not a standard location, only you will use the redondant opt folder
In my opinion it is not necessary to reinvent the wheel as Steam does so badly.
Application creates their folders in
.local .config .cache
grufo commented on 2021-09-08 17:39 (UTC)
@whynothugo
That is a very good idea. I moved the user copy of Tor Browser from ~/.tor-browser
to ~/.local/opt/tor-browser
.
whynothugo commented on 2021-09-08 10:19 (UTC)
Is it possible to use some other directory instead of ~/.tor-browser
?
I'd like to move this out of the way to somewhere like ~/.cache/tor-browser
.
whynothugo commented on 2021-08-19 22:15 (UTC)
any
is not correct for this package, as that implies that the same package runs on all architecture. That’s not the case for this, as it includes native binaries.
tallero commented on 2021-08-19 21:10 (UTC)
Can you switch arch
to any
(or add pentium4)?
eora commented on 2021-08-17 18:04 (UTC) (edited on 2021-08-17 18:56 (UTC) by eora)
Any ideas why does yay
freezes after :: (1/1) Parsing SRCINFO: tor-browser
? makepkg
freezes w/o any log.
UPD: It happens if TOR is banned in your country. If you experience the same issue use VPN.
valkmit commented on 2021-06-30 19:10 (UTC)
@henkm the pinned comment is still correct as of today.
LaughingMan commented on 2021-06-18 11:07 (UTC)
@henkm: Still works for me.
henkm commented on 2021-06-18 05:04 (UTC) (edited on 2021-06-18 05:05 (UTC) by henkm)
Regarding the pinned comment: is that still correct or is there a server problem? I get
gpg: error retrieving 'torbrowser@torproject.org' via WKD: Server indicated a failure
gpg: error reading key: Server indicated a failure
grufo commented on 2021-06-09 11:48 (UTC)
@LChris314 Very good catch, thank you! My bad while updating the old /usr/share/pixmaps
to the more modern /usr/share/icons
. Fixed now.
LChris314 commented on 2021-06-09 05:59 (UTC)
Looks like tor-browser.png
and tor-browser.svg
had their install location swapped.
class101 commented on 2021-06-07 13:46 (UTC) (edited on 2021-06-07 13:47 (UTC) by class101)
@FabioLolix
Not sure this rule applies to all packages, if tor-browser existed in the official repo, yes, but yet tor-browser does not exists in the official repo so one has to build it, maybe one day this package will be in the official repo and having it named -bin in here means nothing. The majority of peoples just want to download tor-browser, they don't really wonder if -bin or -git or whatever.
FabioLolix commented on 2021-05-16 19:17 (UTC)
This pkgbuild lacks -bin suffix as is not build from source
grufo commented on 2021-04-21 01:21 (UTC)
I have increased the $pkgrel
variable.
--grufo
autumnontape commented on 2021-04-20 04:58 (UTC)
The package can be rebuilt without re-downloading the sources if you've built it before. I just did it by deleting the old tor-browser-10.0.15-1-x86_64.pkg.tar.zst
and running makepkg -si
, and it only takes a few seconds. makepkg
and all AUR helpers I know of do this by default, so I don't think updating the pkgrel
would be placing much of a burden on anyone.
Not being able to remove mozilla-common
from your system when it's been removed from the repositories won't keep you from using the software, but it is a bit of a problem in itself.
grufo commented on 2021-04-19 15:45 (UTC)
I am not sure any change to pkgrel
or epoch
is necessary in this case. If a user has tor-browser
already installed then they have no problems. If instead they were unable to install tor-browser
earlier, now they will be able to install it. But if I increase pkgrel
or epoch
I will force an update on all the users for which tor-browser
works just fine. It is a heavy package, I am not sure that would be the right thing to do.
--grufo
Marcel_K commented on 2021-04-18 13:01 (UTC) (edited on 2021-04-18 13:02 (UTC) by Marcel_K)
@Spixmaster That's wrong: that's what pkgrel
is meant for. epoch
should only been used when pacman thinks the version number is decreased (e.g., because of the use of alphabetical characters), but where the version actually is increased.
Spixmaster commented on 2021-04-18 12:52 (UTC)
@class101 @grufo For circumstances in which an Update is necessary withouth changing the version itself, epoch= should be used.
class101 commented on 2021-04-16 10:51 (UTC) (edited on 2021-04-16 15:15 (UTC) by class101)
Edit: Looks like 10.0.15-1 has been fixed without bumping pkgrel (bad practice imo), If you installed the buggy 10.0.15-1, to fix, unininstall tor-browser, manually delete the directory tor-browser from the cache of your favorite aur helper, (.cache/yay/ .cache/paru/ etc...) and reinstall tor-browser
Yeah running fine is one thing but not all.
But I think indeed it is no more used (or part of an optional feature in tor maybe?), technically, mozilla-common
is really tiny, it is just exporting the following variable MOZ_PLUGIN_PATH
export MOZ_PLUGIN_PATH="/usr/lib/mozilla/plugins"
And on my system, /usr/lib/mozilla/plugins does not exists with tor-browser installed.
whynothugo commented on 2021-04-16 10:46 (UTC) (edited on 2021-04-16 10:46 (UTC) by whynothugo)
I doesn't seem to be necessary any more. I removed mozilla-common
from the PKGBUILD depends, and it builds and runs fine.
class101 commented on 2021-04-16 10:42 (UTC) (edited on 2021-04-16 10:46 (UTC) by class101)
To fix extra/mozilla-common
deleted from the extra
repository
pacman -U https://archive.archlinux.org/packages/m/mozilla-common/mozilla-common-1.4-6-any.pkg.tar.zst
Unfortunately, pushing mozilla-common 1.4-6 at aur/mozilla-common
is currently rejected :
remote: error: package already provided by [extra]: mozilla-common
remote: error: hook declined to update refs/heads/master
Maybe the package is no more necessary ? I haven't checked, a workaround would be to create it under a different name like aur/mozilla-common-aur but this would be ugly, because every dependent app will still break until patched.
Anyway, a backup of the sources of the deleted extra/mozilla-common is available here
https://github.com/archlinux/svntogit-packages/tree/packages/mozilla-common/trunk
morganmay commented on 2021-04-15 23:15 (UTC)
Build of 10.0.15-1 fails due to missing dependency mozilla-common
. It's not in official repositories or AUR.
mackilanu commented on 2021-03-31 11:47 (UTC)
@randomguy343 That is an issue with your AUR helper and not this package.
randomguy343 commented on 2021-03-31 10:47 (UTC) (edited on 2021-03-31 10:48 (UTC) by randomguy343)
I can't update tor-browser using a AUR helper, I get the following error.
error fetching tor-browser: fatal: No Git-Repository (or any parent directory to the mount point /)
Stopping at filesystem boundaries (GIT_DISCOVERY_ACROSS_FILESYSTEM not specified).
But I can simply clone the git repository and build and install the package from there.
zoltanszabo commented on 2021-03-04 20:54 (UTC)
@jugs: Thank you for the quick action; with Tor 10.0.13 ProtonMail starts again nicely.
jugs commented on 2021-03-04 11:48 (UTC) (edited on 2021-03-04 11:48 (UTC) by jugs)
tor-browser 10.0.13 should fix the glibc issue
AntiComposite commented on 2021-02-24 03:37 (UTC)
That's caused by the same glibc problem. You can downgrade glibc, use an alpha version of tor-browser, or wait for the fix.
adoa commented on 2021-02-24 03:02 (UTC)
tor-browser refuses to play h264 videos for me. I checked html5test.com and they say that my tor-browser does not support the h264 codec. Optional dependency gst-plugins-good is still installed, tho.
It used to work fine, but stopped working a week or two ago. Did some other software update break, or does tor-browser not locate the gstreamer plugins? how do I troubleshoot this?
jugs commented on 2021-02-23 21:21 (UTC)
Thanks for the updates folks, we are tracking the issue on the tor-browser gitlab.
The easiest workaround at the moment is to downgrade to the last 2.32(-5) glibc.
Once a real solution is posted we'll ensure it lands here as well.
Thelolas commented on 2021-02-11 05:13 (UTC)
An update to this, looks like this is an issue affecting Arch users who have upgraded glibc.
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40328
Some workarounds:
"rany has confirmed a glibc downgrade to 2.32 fixes the issue.
Another user on an arch-based distro (Manjaro 20.2.1 Nibia, Kernel: x86_64 Linux 5.10.15-1-MANJARO) reports the same issue and reports that the alpha TB fixes it."
kkk commented on 2021-02-10 06:32 (UTC)
I'd like to report a fault, same as previous two users, except on a broader scale. I can no longer view videos and even github pages are formatted and displayed incorrectly.
Thelolas commented on 2021-02-08 22:41 (UTC)
@zoltanszabo, I'm running into the exact same thing, including when I download Tor Browser from the Tor Project's website. In addition to your experience, when you navigate to beta.protonmail.com I just get a white screen. It never loads.
zoltanszabo commented on 2021-02-08 19:16 (UTC)
The latest update (2021-02-04) seems to break / be incompatible with the ProtonMail login (https://mail.protonmail.com/login): the process stays at the "Loading ProtonMail..." animation. It has been working like a charm for years. Any ideas? Thanks in advance.
nosada commented on 2021-02-06 16:39 (UTC) (edited on 2021-02-06 16:40 (UTC) by nosada)
It seems /usr/bin/tor-browser
sometimes lacks read permission for users not in the file's group i.e. 0751 in chmod.
Here's patch to fix it: https://gist.github.com/nosada/12b272b659cb1c2ddc4130d0bd2d003a
tthgrndr commented on 2020-10-06 02:39 (UTC)
Installed from AUR; error at verifying PGP key.
Used @grufo's command, worked straight away.
craeckie commented on 2020-09-25 11:08 (UTC)
@grufo you are right, that's easier.
For those who don't want to copy links: Create the file ~/.local/share/applications/tor-browser.desktop with this content:
[Desktop Entry] Version=1.0 Type=Application Name=Tor Browser (en-US) Exec=/usr/bin/tor-browser --allow-remote %u Icon=tor-browser Categories=Network; Comment=Anonymous browsing using Firefox and Tor
This overwrites the existing desktop-file and persists through updates.
Cerdicipe commented on 2020-09-23 20:18 (UTC) (edited on 2020-09-23 20:20 (UTC) by Cerdicipe)
Found it. I forgot my ~/bin/tor-browser script containing:
/usr/bin/tor-browser --allow-remote "$@"
Without --allow-remote
, it works now.
je-vv commented on 2020-09-23 20:09 (UTC)
@MrG0z, that doesn't happen to me, if that helps...
Cerdicipe commented on 2020-09-23 20:04 (UTC)
It's weird. Since the update to 10.0-1, starting "tor-browser" starts my usual Firefox version.
grufo commented on 2020-09-22 03:52 (UTC)
@craeckie
If --allow-remote
is disabled by default there is a reason… Btw, you don't need to add --allow-remote
to the script, you can pass any argument to it and they will be redirected to the browser.
--grufo
ragouel commented on 2020-08-22 22:17 (UTC)
PKGBUILD is broken
craeckie commented on 2020-07-20 16:51 (UTC)
@WhyNotHugo It's true, that opening links is a liability. But copy-pasting link doesn't change that even a bit. In the case of accidentially opening a link, most users will likely just use a normal browser, if "Tor doesn't work". In that case the actual IP is revealed, which imo is a much bigger liability.
Are there any other effects of enabling --allow-remote
?
whynothugo commented on 2020-07-01 16:32 (UTC)
That patch seems a bit of a security liability. If I click on a link on some desktop app (say, an IM client), it could trigger Tor to open that link.
That allows crossing my non-tor IP with my in-tor session.
I'd rather link had to by copy-pasted into Tor explicitly, TBH.
craeckie commented on 2020-07-01 14:24 (UTC)
Hi, currently it's not possible for me to open links in the browser. After adding %u
to the desktop file and --allow-remote
to tor-browser.sh, it works.
Here's the patch:
diff --git a/PKGBUILD b/PKGBUILD
index 74a0f29..4ba6b34 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -87,9 +87,9 @@ source=("${pkgname}.desktop"
# No need for `makepkg -g`: the following sha256sums¸don't need to be updated #
# with each release, everything is done automatically! Leave them like this! #
###############################################################################
-sha256sums=('9ee0a4672e2d0835ffb94bcf26e17b56432030496a9cdf019b70c96083c24340'
+sha256sums=('d88d35a3ff1a431a927869be503b6a32f2767b87206d7de254e358a00975e97e'
'f25ccf68b47f5eb14c6fec0664c74f30ea9c6c58d42fc6abac3b64670aaa3152'
- '89118837e6db1d7b089e0067a6430e9a1a8602a64e00b7ea94382abfb0d3e502')
+ 'cabfaf0485cd44dfb216dcf9aa10f98beac46064a908f02c3414c3650bc73628')
sha256sums_i686=($(_dist_checksum "${_tag_i686}")
'SKIP')
sha256sums_x86_64=($(_dist_checksum "${_tag_x86_64}")
diff --git a/tor-browser.desktop b/tor-browser.desktop
index aca8d11..b6a81a4 100644
--- a/tor-browser.desktop
+++ b/tor-browser.desktop
@@ -2,7 +2,7 @@
Version=1.0
Type=Application
Name=Tor Browser (__REPL_LANGUAGE__)
-Exec=/usr/bin/tor-browser
+Exec=/usr/bin/tor-browser %u
Icon=tor-browser
Categories=Network;
Comment=Anonymous browsing using Firefox and Tor
diff --git a/tor-browser.sh b/tor-browser.sh
index 2ca37f2..7b11862 100755
--- a/tor-browser.sh
+++ b/tor-browser.sh
@@ -192,5 +192,5 @@ else
fi
# start tor-browser
-"${_TB_APP_DIR_}/Browser/start-tor-browser" "${args[@]}"
+"${_TB_APP_DIR_}/Browser/start-tor-browser" --allow-remote "${args[@]}"
grufo commented on 2020-06-18 11:57 (UTC)
@ragouel
tor-browser
does not depend on the tor
package.
@je-vv
Of course!
ragouel commented on 2020-06-18 04:05 (UTC)
Please add tor
to depends() array.
je-vv commented on 2020-06-11 06:24 (UTC)
@cschmid, I've seen duplicated packages in AUR before, without that been a problems, but yours is a very good question.
There are subtles differences, with AUR you get to upgrade the tor-browser binary on every AUR upgrade you do. On the torbrowser launcher on the other hand, you whether automatically upgrade the binary when launching I'd guess (whenever that happens), or you do it manually, if you know when, through the torbrowser-settings launcher. Also, the torbrowser launcher from community installs a separate gnupg directory under ~/.local/share/torbrowser, which has also pro and cons (con is having yet another gnupg dir, pro would be isolating your own from the tor one, but that doesn't matter anymore if you have your own, since tor is not the only one polluted around there).
One would say that it'd be good torbrowser-launcher it's from Arch repos, but that's not exactly true, since it downloads the torbrowser binary any ways as well, not that it's built from an Arch maintainer. I personally prefer the AUR approach, since that keeps the upgrade as I regularly upgrade stuff, with aursync or the AUR helper of your choice, when I do a system upgrade. And I do use gnupg, :)
Less subtle differences are on the dependencies, I see the community package depending on several python packages, which the AUR one doesn't, while on the other hand the AUR package depends on mozilla-common plus several others whereas the community package doesn't. Some of those deal with gpg and launching BTW. In that regard I like the AUR choice better. Finally I don't see the apparmor optional dependency on the AUR package, but definitely not a must, and can be added to the AUR package as well.
All that applies as long as @grufo keeps maintaining tor-browser.
@grufo, are you still maintaining tor-browser, even though the community package exists? In my case at least, I'd rather stick with the AUR package. Thanks !
C_Schmidpeter commented on 2020-05-25 08:36 (UTC)
Having torbrowser-launcher in extra, does this package still have use cases / features that are not in torbrowser-launcher yet?
aminvakil commented on 2020-04-26 12:59 (UTC) (edited on 2020-04-26 13:06 (UTC) by aminvakil)
@pnuker
I don't know why is that but the best thing that comes to my mind is to try changing your mirror in /etc/pacman.d/mirrorlist .
Installing a package via pacman should not be a problem for an Arch User, if you have a problem with that it's fine, just go through the manual, if you couldn't make it work reading from manual it's fine too, read it again, you should be familiar with reading manuals if you're going to use Arch Linux, if you think manual is not correct or doesn't fit your needs, ask it in newbie forum in bbs.archlinux.org.
navelwritten commented on 2020-04-26 12:47 (UTC)
@aminvakil I get an error trying to install from pacman: error: target not found: torbrowser-launcher
aminvakil commented on 2020-03-12 11:06 (UTC) (edited on 2020-03-12 11:07 (UTC) by aminvakil)
@bkb
It's in community
repo which is one of official repositories in Arch Linux.
https://wiki.archlinux.org/index.php/Official_repositories#community
You can install it via pacman -Suy torbrowser-launcher
.
bkb commented on 2020-03-12 09:17 (UTC) (edited on 2020-03-12 09:19 (UTC) by bkb)
Okay but what about the second question
And I can click on your link but I don't find torbrowser-launcher
neither on pamac
or yay
commented on 2020-03-12 08:55 (UTC)
bkb commented on 2020-03-12 08:53 (UTC)
Why the browser is only on AUR ? It's definitively not an amateur project
And more important, why is there plenty of them and not only one ?
ZorinArch commented on 2020-01-09 10:45 (UTC)
Please update Tor new logo. Thanks
Pablo-Camara commented on 2019-12-17 14:49 (UTC) (edited on 2019-12-17 14:49 (UTC) by Pablo-Camara)
I was trying to install tor-browser using Manjaro pamac-manager, and it would get stuck "Checking for dependencies", then I followed @grufo 's comment which is pinned and recommends to run:
gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
After that I was able to install tor-browser normally through pamac-manager of Manjaro.
Thanks @grufo .
wknapik commented on 2019-12-11 18:32 (UTC)
@grufo ah, I forgot I had TORBROWSER_PKGLANG in my ~/.zshrc. The value en_US used to work. Changing it to en-US sorted it out. Maybe replacing "_" with "-" in that variable would also make sense. Thanks.
grufo commented on 2019-12-10 19:49 (UTC)
@wknapik
All the PKGBUILD
does is launching:
locale | grep LANG | cut -d= -f2 | cut -d. -f1 | sed s/_/\-/
If that results in a unexisting language it will download by default the en-US
version (with a hyphen).
However, if you specify manually a TORBROWSER_PKGLANG
environment variable, the PKGBUILD
trusts you and skips all checks. That means that the only case where makepkg
can complain about an unexisting en_US
package (with an underscore) happens when you pass a TORBROWSER_PKGLANG=en_US
environment variable to it (instead of TORBROWSER_PKGLANG=en-US
).
--grufo
wknapik commented on 2019-12-10 17:46 (UTC)
curl: (22) The requested URL returned error: 404 Not Found
==> ERROR: Failure while downloading https://dist.torproject.org/torbrowser/9.0.2/tor-browser-linux64-9.0.2_en_US.tar.xz
The correct url contains en-US
, rather than en_US
:
https://dist.torproject.org/torbrowser/9.0.2/tor-browser-linux64-9.0.2_en-US.tar.xz
aminvakil commented on 2019-11-07 11:56 (UTC) (edited on 2019-11-07 11:56 (UTC) by aminvakil)
@Ucak I have this problem too, so I decided to create an AUR package which uses tor service to download sources, you just have to make sure tor service is up and working.
Please give me feedback on this package, Thanks.
Ucak commented on 2019-11-03 17:02 (UTC) (edited on 2019-11-03 17:02 (UTC) by Ucak)
There are countries which internet is ~broken~ censored, so they (including me) can not use that upstream link (https://www.torproject.org/projects/torbrowser.html). There was a github link for downloading it, a mirror. I think it was this https://github.com/TheTorProject/gettorbrowser but i am not sure. It may be a good idea to use the github link for this or creating a new aur package.
TJM commented on 2019-10-31 07:55 (UTC) (edited on 2019-10-31 07:56 (UTC) by TJM)
Also, I'm getting the following error from the error log of tor-browser:
10/31/19, 07:42:58.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/31/19, 07:43:09.390 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/31/19, 07:43:09.390 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/31/19, 07:43:09.390 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
10/31/19, 07:43:09.390 [NOTICE] Opening Socks listener on 127.0.0.1:9050
10/31/19, 07:43:09.391 [WARN] Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running?
10/31/19, 07:43:09.391 [WARN] Controller gave us config lines that didn't validate: Failed to bind one of the listener ports.
I have no idea why it tries to bind 9050 ¯_(ツ)_/¯
okasha commented on 2019-10-30 12:16 (UTC)
can someone help?!
I get:
==> ERROR: Integrity checks (sha256) differ in size from the source array.
how i can solve this
zeofig commented on 2019-10-30 07:53 (UTC)
Should gtk3 be a dependency? I was left mildly confused when tor-browser failed silently on a fresh install, until I tried --debug.
TJM commented on 2019-10-27 21:19 (UTC) (edited on 2019-10-27 21:22 (UTC) by TJM)
@aminvakil I stopped tor and launched tor-browser. However, it seems that the latest tor-browser has started a tor instance which occupies 127.0.0.1:9050
[tjm@ArchPad ~]$ ss -tnpl | grep 9050
LISTEN 0 128 127.0.0.1:9050 0.0.0.0:* users:(("tor",pid=57285,fd=6))
[tjm@ArchPad ~]$ ps -alxq 57285
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 1000 57285 57229 20 0 43828 32916 - S ? 0:00 /home/tjm/.tor-browser/app/Browser/TorBrowser/Tor/tor --default
[tjm@ArchPad ~]$ ps -alxq 57229
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
4 1000 57229 57218 20 0 2837732 211840 - Sl ? 0:04 ./firefox.real --class Tor Browser -profile TorBrowser/Data/Bro
[tjm@ArchPad ~]$ ps -alxq 57218
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 1000 57218 57217 20 0 19856 3208 - S ? 0:00 bash /home/tjm/.tor-browser/app/Browser/start-tor-browser
[tjm@ArchPad ~]$ ps -alxq 57217
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 1000 57217 57214 20 0 19856 3424 - S ? 0:00 bash /usr/bin/tor-browser
[tjm@ArchPad ~]$ ps -alxq 57214
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 1000 57214 1 20 0 19724 2568 - S ? 0:00 /bin/bash
[tjm@ArchPad ~]$
gancho commented on 2019-10-26 17:29 (UTC)
@grufo, thank you for all the effort packaging the browser!
grufo commented on 2019-10-25 21:34 (UTC)
@gancho Good catch! Fixed.
--grufo
gancho commented on 2019-10-25 19:56 (UTC)
@grufo Unfortunately using the --dir argument this way is not working - there is an error at line 167 that the directory is not existing.
The variables TB_APP_DIR, TB_LOG_FILE and TB_VER_FILE must be set after the for loop, because there the value of TB_HOME_DIR is modified to use provided --dir argument. Later at line 166 the TB_APP_DIR directory is created
grufo commented on 2019-10-25 01:18 (UTC)
@gancho
Yes, it is possible. But the question is: Why?
You can always do:
tor-browser --dir=/tmp/tb
--grufo
okasha commented on 2019-10-24 22:47 (UTC) (edited on 2019-10-30 12:15 (UTC) by okasha)
I get:
==> ERROR: Integrity checks (sha256) differ in size from the source array.
how i can solve this
aminvakil commented on 2019-10-24 13:16 (UTC)
@TJM I'm using the latest tor version (Tor version 0.4.1.6.) and latest tor-browser from this AUR and it's ok, tor-browser using 9150 port and tor service using 9050 port.
I suggest you stop tor serivce using sudo systemctl stop tor
, open tor-browser and try these commands:
telnet 127.0.0.1 9050
telnet 127.0.0.1 9150
To make sure if tor-browser is malfunctioning.
TJM commented on 2019-10-23 21:29 (UTC)
For somehow it starts trying to listen on 9050 rather than 9150, which conflicts the system tor, after the recent upgrade. I went through the UI of the tor-browser. However, I didn't find anything that can configure the binding port or disable the build-in tor relay of the latest tor-browser. Any ideas?
gancho commented on 2019-10-23 20:06 (UTC) (edited on 2019-10-23 20:07 (UTC) by gancho)
@grufo Is it possible to modify tor-browser.sh to allow starting the browser in a directory like /tmp/tb for instance?
All you need to do is:
-
move the "other constants and variables" block down after the "for arg; do" loop
-
move the line TB_HOME_DIR=~/".${TB_PKGNAME}" just before the for loop
grufo commented on 2019-10-22 22:30 (UTC)
@Serial
Fixed! Thanks!
@jugs
I had left this note in the PKGBUILD
:
# No need for `makepkg -g`: the following sha256sums¸don't need to be updated
# with each release, everything is done automatically! Leave them like this!
Serial commented on 2019-10-22 21:53 (UTC)
Note: I could only update through the update provided by the browser, according to the image link below:
Serial commented on 2019-10-22 21:28 (UTC)
Today's update has the following error message below:
Building tor-browser ... ==> Creating the package: tor-browser 9.0-1 (Tue 22 Oct 2019 18:24:44 -03) ==> Checking runtime dependencies ... ==> Checking build time dependencies ... ==> Getting fonts ... -> Found tor-browser.desktop -> Found tor-browser.png -> Found tor-browser.sh -> Found tor-browser-linux64-9.0_en.tar.xz -> Found tor-browser-linux64-9.0_en.tar.xz.asc ==> Validating source files with sha256sums ... tor-browser.desktop ... passed tor-browser.png ... Passed tor-browser.sh ... passed ==> Validating source_x86_64 files with sha256sums ... tor-browser-linux64-9.0_en.tar.xz ... FAILED tor-browser-linux64-9.0_en.tar.xz.asc ... ignored ==> ERROR: One or more files failed the validity check!
grufo commented on 2019-09-04 05:05 (UTC)
@BrLi Good catch! Merged :)
BrLi commented on 2019-09-04 03:54 (UTC)
if you really want checksums to work, please consider use this: https://pastebin.com/qRAZdkrn
d_fajardo commented on 2019-09-01 06:33 (UTC)
I am unable to install the package. The suggested gpg is not working and I just get timed out.
grufo commented on 2019-08-21 21:25 (UTC)
@makeworld
If you mean adding the gpg
command to the PKGBUILD
, then the answer is no. A signature is something that must be added only once, and the user must be able to control it manually.
--grufo
makeworld commented on 2019-08-20 21:48 (UTC)
@grufo could that line be added to the PKGBUILD in lieu of the key attempting to be added now?
grufo commented on 2019-08-15 02:27 (UTC)
@DDoSolitary Done! Thank you!
grufo commented on 2019-08-15 02:22 (UTC)
Before running makepkg
, you must do this (as normal user):
$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:
$ tor-browser -u
DDoSolitary commented on 2019-08-13 06:49 (UTC)
The release signing key has been poisoned on the SKS key servers, so the recommended way of fetching the key is gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
, according to https://support.torproject.org/#how-to-verify-signature.
@grufo Please update your pinned comment accordingly.
je-vv commented on 2019-07-21 22:20 (UTC) (edited on 2019-07-21 22:21 (UTC) by je-vv)
An alternative gpg public key will be required (with corresponding signature files as well). Not sure if any of the other keys for tor-browser devs:
https://2019.www.torproject.org/docs/signing-keys.html.en
Can be used, with new asc files... I also had to get rid of another old key from Tor and another one from Enigmail...
account commented on 2019-07-10 14:11 (UTC) (edited on 2019-07-10 14:11 (UTC) by account)
My gpg --list-keys
is still sub-second.
Should we delete the Tor browser cert
pub rsa4096 2014-12-15 [C] [expires: 2020-08-24]
EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
uid [ unknown] Tor Browser Developers (signing key) <torbrowser@torproject.org>
sub rsa4096 2018-05-26 [S] [expires: 2020-09-12]
?
l0b0 commented on 2019-07-10 09:21 (UTC)
The Tor browser key seems to have been spammed (https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f) - there were 121,244 signatures on it before I deleted it from pubkeys and saved 10 MB! Considering gpg --list-keys
went from a few minutes to about a single second after deleting it's likely that this key will cause massive slow-down for people trying to validate the installation.
grufo commented on 2019-07-05 00:04 (UTC)
@barkley128 There is nothing to fix, the PKGBUILD
does not contain any information about PGP servers. These you have to provide yourself, and if a server does not work, all you have to do is to search for another server.
-- grufo
barkley128 commented on 2019-07-04 08:32 (UTC) (edited on 2019-07-04 09:41 (UTC) by barkley128)
Can't you fix some key issue? Tried the latest methods in comments. The pgp.mit.edu site doesn't work. The full key import doesn't work. Please fix the package, or reupload the key to some working key server. Found one! This one imported nicely: gpg --keyserver pgp.surfnet.nl --recv-keys 0x4E2C6E8793298290
grufo commented on 2019-06-22 15:37 (UTC)
@abdulhakeem
Yes, apparently someone has requested the merging of all the tor-browser-*
packages with tor-browser
. However I have just made jugs
from tor-browser-en
co-maintainer of this package.
--grufo
account commented on 2019-06-22 13:24 (UTC) (edited on 2019-06-22 13:27 (UTC) by account)
Same problem. I've done
gpg --recv-keys EB774491D9FF06E2
with output:
gpg: key 4E2C6E8793298290: 2 duplicate signatures removed
gpg: key 4E2C6E8793298290: 306 signatures not checked due to missing keys
gpg: key 4E2C6E8793298290: 2 signatures reordered
gpg: key 4E2C6E8793298290: "Tor Browser Developers (signing key) <torbrowser@torproject.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys 0x4E2C6E8793298290
with output:
gpg: key 4E2C6E8793298290: 2 duplicate signatures removed
gpg: key 4E2C6E8793298290: 292 signatures not checked due to missing keys
gpg: key 4E2C6E8793298290: 2 signatures reordered
gpg: key 4E2C6E8793298290: "Tor Browser Developers (signing key) <torbrowser@torproject.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
and still get the bad sig error:
==> Verifying source file signatures with gpg...
tor-browser-linux64-8.5.2_en-US.tar.xz ... FAILED (bad signature from public key EB774491D9FF06E2)
==> ERROR: One or more PGP signatures could not be verified!
LA-MJ commented on 2019-06-21 20:37 (UTC) (edited on 2019-06-21 20:38 (UTC) by LA-MJ)
just running gpg --recv-key EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
should be enough
P.S. Do not ever use short key IDs
yurikoles commented on 2019-06-21 07:46 (UTC)
@flash872, please also include output of gpg
flash872 commented on 2019-06-21 00:28 (UTC) (edited on 2019-06-21 16:30 (UTC) by flash872)
Notwithstanding the pinned gpg --keyserver instructions (which I've run exactly as instructed, but got a "no keyserver available" error), I'm still getting the following errors:
tor-browser-linux64-8.5.2_en-US.tar.xz ... FAILED (bad signature from public key EB774491D9FF06E2) ==> ERROR: One or more PGP signatures could not be verified!
I've also run gpg --recv-keys EB774491D9FF06E2 and gpg --keyserver --recv-keys 0x4E2C6E8793298290
@yurikoles, here is the output of gpg:
gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys 0x4E2C6E8793298290 gpg: key 4E2C6E8793298290: 2 duplicate signatures removed gpg: key 4E2C6E8793298290: 292 signatures not checked due to missing keys gpg: key 4E2C6E8793298290: 2 signatures reordered gpg: key 4E2C6E8793298290: "Tor Browser Developers (signing key) torbrowser@torproject.org" not changed gpg: Total number processed: 1 gpg: unchanged: 1
gpg --recv-keys EB774491D9FF06E2 gpg: key 4E2C6E8793298290: 2 duplicate signatures removed gpg: key 4E2C6E8793298290: 306 signatures not checked due to missing keys gpg: key 4E2C6E8793298290: 2 signatures reordered gpg: key 4E2C6E8793298290: "Tor Browser Developers (signing key) torbrowser@torproject.org" not changed gpg: Total number processed: 1 gpg: unchanged: 1
gpg --recv-keys 0x4E2C6E8793298290 gpg: key 4E2C6E8793298290: 2 duplicate signatures removed gpg: key 4E2C6E8793298290: 306 signatures not checked due to missing keys gpg: key 4E2C6E8793298290: 2 signatures reordered gpg: key 4E2C6E8793298290: "Tor Browser Developers (signing key) torbrowser@torproject.org" not changed gpg: Total number processed: 1 gpg: unchanged: 1
What am I doing wrong? TIA for any assistance.
abdulhakeem commented on 2019-06-20 03:18 (UTC) (edited on 2019-06-20 03:18 (UTC) by abdulhakeem)
Nice so now there's just this one package instead of separate ones for each language? ie no more tor-browser-en
z3ntu commented on 2019-05-30 10:02 (UTC)
@yar @jugs: Could you replace the gtk2 dependency on the package with gtk3 as @r381581 has written before?
bholu9837 commented on 2019-05-29 00:54 (UTC)
If you are getting makepkg error, run this first. gpg --keyserver pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290
yurikoles commented on 2019-05-22 16:22 (UTC)
@grufo icon is outdated
aluizioneto commented on 2019-05-08 13:11 (UTC)
How do I verify PGP signatures for this package?
When running makepkg -si:
==> Verifying source file signatures with gpg... tor-browser-linux64-8.0.8_en-US.tar.xz ... FAILED (unknown public key EB774491D9FF06E2) ==> ERROR: One or more PGP signatures could not be verified!
hexvalid commented on 2019-05-06 08:22 (UTC)
I aggree @ahmed_master23
We can't get file from dist.torproject.org at tor blocked countries. Can you add alternative URL like GitHub?
Tharbad commented on 2019-04-22 16:26 (UTC)
Firedox is also a dependency. Or maybe just some of its dependencies.
yar commented on 2019-03-22 21:10 (UTC)
@rodneyck I'm not able to reproduce this error. Please try in a chroot.
rodneyck commented on 2019-03-21 15:29 (UTC)
Getting validation errors on the latest update...
==> Validating source files with md5sums... tor-browser-linux64-8.0.7_en-US.tar.xz ... FAILED tor-browser-linux64-8.0.7_en-US.tar.xz.asc ... Skipped tor-browser-en.desktop ... Passed tor-browser-en.png ... Passed tor-browser-en.sh ... Passed ==> ERROR: One or more files did not pass the validity check!
ahmed_master23 commented on 2019-02-17 15:35 (UTC)
could you add other sources like github for people that have tor blocked and another one for people that have github blocked if there was a timeout error like https://github.com/TheTorProject/gettorbrowser/releases/download/v8.0.2/tor-browser-linux64-8.0.2_en-US.tar.xz
Plexcon commented on 2019-02-14 15:53 (UTC)
gpg --keyserver keys.mozilla.org --recv-keys 0x4E2C6E8793298290 gpg --recv-keys 2E1AC68ED40814E0 gpg --recv-keys D1483FA6C3C07136 && yaourt -S tor-browser-es gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys 0x4E2C6E8793298290 gpg: recepción del servidor de claves fallida: No hay ningún servidor de claves disponible
==> Verificando las firmas de las fuentes con gpg... tor-browser-linux64-8.0.6_es-ES.tar.xz ... HA FALLADO (Firma viciada en relación con la clave pública EB774491D9FF06E2) ==> ERROR: ¡No se ha podido verificar alguna de las firmas PGP!
iyanmv commented on 2019-02-04 17:10 (UTC)
@yar @jugs: It would be nice if you could answer to @caleb and @nTia89 questions. I also don't understand the reason to use three different hashes so iff there is one, I'd love to know it. Otherwise, just delete the extra hashes.
commented on 2019-01-31 16:27 (UTC)
https://aur.archlinux.org/tor-browser-de.git
404 - Seite nicht gefunden
Die angeforderte Seite existiert leider nicht.
r381581 commented on 2019-01-29 10:36 (UTC)
tor-browser 8 is based on firefox60, which uses the Photon UI and is gtk3+ only. For me, tor-browser works fine without gtk2 installed. So, the gtk2
dependency should be removed and a gtk3
dependency added.
karhu commented on 2018-12-18 09:07 (UTC)
Thanks @atnanasi,
It works after to get the keys with the second one command. The first one doesn't work.
rokoucha commented on 2018-12-15 12:20 (UTC) (edited on 2018-12-15 12:21 (UTC) by rokoucha)
@karhu I have not signed to this package but this tarball has signed by The Tor Project.
If you don't have The Tor Project's PGP key, you need to receive keys.
gpg --recv-keys '8738A680B84B3031A630F2DB416F061063FEE659'
gpg --recv-keys 'EF6E286DDA85EA2A4BA7DE684E2C6E8793298290'
karhu commented on 2018-12-15 09:57 (UTC) (edited on 2018-12-15 09:59 (UTC) by karhu)
New version 8.0.3 same thing with the key.
And always :
gpg --search-keys ys2000pro@gmail.com gpg: data source: https://[2001:67c:26b4::98:0]:443 gpg: error searching keyserver: Pas de données gpg: échec de recherche au sein du serveur de clefs : Pas de données
Please @atnanasi, could you answer ?
yar commented on 2018-11-17 18:30 (UTC)
@l0b0 it's a git repo, so just mirror it somewhere and ask me to pull from it :)
l0b0 commented on 2018-11-16 08:40 (UTC)
I'd like to fix some shellcheck issues in tor-browser-en.sh. How do I submit a patch to a file which is not part of upstream?
erkin commented on 2018-10-27 03:12 (UTC)
Turkish ISPs block torproject.org, meaning it's not possible to build the package.
kevung commented on 2018-10-26 14:53 (UTC)
Hello everybody, I have the same issue as "zilvervos commented on 2018-03-19 16:02" when I try yaourt -S tor-browser:
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (51) SSL: no alternative certificate subject name matches target host name 'dist.torproject.org' ==> ERREUR : Erreur lors du téléchargement de https://dist.torproject.org/torbrowser/8.0.3/tor-browser-linux64-8.0.3_en-US.tar.xz Abandon… ==> ERREUR : Makepkg n'a pas pu construire tor-browser. ==> Relancer la compilation de tor-browser ? [o/N] ==> ----------------------------------------------
I tried to replace 8.0.3 into 8.0.3.1 in PKGBUILD without success. I did also gpg --keyserver pool.sks-keyservers.net --recv-keys EB774491D9FF06E2 as adviced by yar.
Does anybody encounter the same issue? Take care
karhu commented on 2018-10-13 08:18 (UTC) (edited on 2018-10-13 08:18 (UTC) by karhu)
Nouvelle version : 8.0.2-1 du 3/10/2018 est toujours le même problème de clé. New version : 8.0.2-1 2018/10/03 and always the same problem with the key.
dakataca commented on 2018-10-11 21:09 (UTC) (edited on 2018-10-11 23:51 (UTC) by dakataca)
unalinea
otralinea
gsi commented on 2018-10-05 05:12 (UTC)
Apparently gtk3 is required.
If it is not installed, tor-browser just doesn't start. The command exits with code 255 with no further output given. If the provided "firefox" executable is run directly, we get:
XPCOMGlueLoad error for file /home/gsi/.tor-browser/app/Browser/libmozgtk.so:
libgtk-3.so.0: cannot open shared object file: No such file or directory
Couldn't load XPCOM.
teke commented on 2018-09-30 10:34 (UTC)
@karhu Bonjour, même problème que toi. Pourtant la clé est bien dans le trousseau de pacman-key... je ne comprends pas.
icemodding commented on 2018-09-25 18:32 (UTC)
guys, the fix it's simple!
==> Verificando las firmas de las fuentes con gpg... tor-browser-linux64-8.0.1_en-US.tar.xz ... HA FALLADO (clave pública desconocida EB774491D9FF06E2) ==> ERROR: ¡No se ha podido verificar alguna de las firmas PGP!
$ gpg --recv-keys EB774491D9FF06E2
fixed! :-)
grufo commented on 2018-09-23 00:02 (UTC)
@jadenPete
Good point. Fixed. Thanks!
beardedlinuxgeek commented on 2018-09-22 18:08 (UTC)
Just use keyserver.ubuntu.com if pgp.mit.edu is down
karhu commented on 2018-09-21 17:49 (UTC)
==> Vérification des signatures des fichiers sources grâce à gpg… tor-browser-linux64-8.0_fr.tar.xz ... ÉCHEC (Clé publique inconnue EB774491D9FF06E2) ==> ERREUR : Une ou plusieurs signatures PGP n’ont pas pu être vérifiées. ==> ERREUR : Makepkg n'a pas pu construire tor-browser-fr.
jadenPete commented on 2018-09-18 04:18 (UTC)
Icon should be just tor-browser, not the full path. Otherwise, icon themes will not work.
eguillot commented on 2018-09-17 09:54 (UTC)
[newbie comment] add the key as simple user, not for the root user (no sudo...) The command that finally worked for me: $ gpg --recv-keys EB774491D9FF06E2 (no need to specify the key server)
Vrakfall commented on 2018-09-14 11:25 (UTC) (edited on 2018-09-14 11:26 (UTC) by Vrakfall)
Trying to get the new gpg key always returns gpg: keyserver receive failed: No data
for me...
Yondan commented on 2018-09-14 10:45 (UTC)
La mise à jour 8.0.1 plante : Mise à jour de tor-browser-fr (7.5.5-1 -> 8.0-1)... Erreur: tor-browser-fr: l’extraction de /opt/tor-browser-fr/tor-browser-linux64-8.0_fr.tar.xz a échoué (Lzma library error: Corrupted input data) Erreur: tor-browser-fr: des erreurs sont survenues pendant la mise à jour de tor-browser-fr
migrev commented on 2018-09-13 11:58 (UTC)
Where are merging this package into tor-browser-es-es. Should happen anytime now.
glagola commented on 2018-09-12 08:06 (UTC)
Error during update: tor-browser-linux64-8.0_ru.tar.xz ... FAILED (unknown public key EB774491D9FF06E2)
cml commented on 2018-09-10 18:21 (UTC)
I had the same problem as mcnesium but on Arch, so it's not specific to derivatives.
francesco_dem commented on 2018-09-07 10:24 (UTC)
Ciao Alessio, stesso problema delle firme GPG. gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0 non risolve il problema.
Pryka commented on 2018-09-06 19:49 (UTC)
@LaughingMan
No I didn't. Still don't understand why people using Arch derivatives ask for help here intend on their own IRC/Forums etc.
yar commented on 2018-09-06 16:57 (UTC) (edited on 2018-09-06 16:58 (UTC) by yar)
An updated history of relevant keys for my own benefit (and maybe others):
1) 8738A680B84B3031A630F2DB:416F0610:63FEE659 Erinn Clark's personal key - 4.0.3 [2015-01-14] and earlier were signed by this
2) EF6E286DDA85EA2A4BA7DE68:4E2C6E87:93298290 A master key created on 2014-12-15 for the purpose of signing other Tor Browser Developer keys
3) BA1EE421BBB45263180E1FC7:2E1AC68E:D40814E0 signed by #2, 4.0.4 [2015-02-25] through 6.0.8 [2016-12-13] were signed by this
4) A4300A6BC93C0877A4451486:D1483FA6:C3C07136 signed by #2, 6.5 [2017-01-24] through 7.5.6 [2018-06-26] were signed by this
5) 110775B5D101FB36BC6C911B:EB774491:D9FF06E2 signed by #2, 8.0 [2018-09-05] is signed by this
LaughingMan commented on 2018-09-06 08:49 (UTC)
@mcnesium: This package preserves your profile across updates. Deleting/renaming ~/.tor-browser and starting from a clean slate fixed the problem for me.
@Pryka: Looks like you missed your stated goal...
Pryka commented on 2018-09-06 08:11 (UTC)
@mcnesium I don't want to sound like prick but... AUR - ARCH user repository. Why anyone here should care about Manjaro issues?
mcnesium commented on 2018-09-06 08:07 (UTC) (edited on 2018-09-06 08:52 (UTC) by mcnesium)
After upgrading to 8.0-1 on Manjaro Linux, Tor Browser is no longer able to connect. The Tor Network Settings window will not appear on startup, neither it shows up on selecting it shows up on selecting the entry in the Torbutton menu. Nor does any other menu entry do anything… :(
/edit: deleting ~/.tor-browser
fixed this. Thx @LaughingMan
jugs commented on 2018-09-05 17:41 (UTC) (edited on 2018-09-05 17:46 (UTC) by jugs)
New signing key for 8.0+:
gpg --keyserver pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290
See the torproject blog post regarding the 8.0 release for key info.
Joel commented on 2018-09-02 14:21 (UTC)
curl: (22) The requested URL returned error: 404 Not Found
sipo commented on 2018-09-01 09:48 (UTC) (edited on 2018-09-01 10:17 (UTC) by sipo)
@arlion-dev : bonjour, la version est pour l'instant "périmé". Version actuelle 7.5.6 : https://dist.torproject.org/torbrowser/7.5.6/tor-browser-linux64-7.5.6_fr.tar.xz
arlion-dev commented on 2018-08-23 15:03 (UTC)
L'adresse du téléchargement semble être un lien mort, j'ai l'erreur suivante :
curl: (22) The requested URL returned error: 404 Not Found ==> ERREUR : Erreur lors du téléchargement de https://dist.torproject.org/torbrowser/7.5.5/tor-browser-linux64-7.5.5_fr.tar.xz
nRoof commented on 2018-07-07 16:50 (UTC) (edited on 2018-07-07 20:56 (UTC) by nRoof)
- Does anybody have H.264 video working? I tried to install both optional dependencies from the PKGBUILD (gst-libav and gst-plugins-good), but no luck. This can be checked in multiple ways, for example: https://www.quirksmode.org/html5/tests/video.html (H.264 clip cannot be played); https://www.youtube.com/html5 (H.264 and MSE & H.264 are listed as not supported); about:support in address bar -> Graphics shows "Hardware H264 Decoding: No; Failed to create H264 decoder". When I unpack the same binary distribution, that PKGBUILD downloads, in latest Debian, the same videos work fine. Update: never mind, was able to fix it by installing ffmpeg-compat-57 from AUR.
- Isn't it more correct to name this package "tor-browser-bin"? This has been already mentioned in the very first comment from @TrialnError. Or, instead, is it planned to build it from source any time soon?
alerque commented on 2018-07-07 11:00 (UTC)
I seriously came here to ask the same thing as @nTia89 — what is the deal with using three hash functions? This is just silly antics that make it harder to manage manually, clutter the diff history, and all without providing any benefit. One of the SHA mechanisms is sufficient, if that doesn't completely solve the problem adding another one is not going to solve the problem, much less adding MD5. Please revert 5df1ca8a986e
and use just GPG signature validation plus one set of SHA512 checksums.
nTia89 commented on 2018-06-24 10:26 (UTC)
@yar Why do you use three hash functions (md5sums, sha256sums and sha512sums)?
wchouser3 commented on 2018-06-23 22:41 (UTC)
@grufo and @capncrisco..thank you. I see it's written in the pkgbuild now (unless I missed it before)
capncrisco commented on 2018-05-09 11:53 (UTC)
Before running makepkg, you must do this:
gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136
crypt.ix commented on 2018-05-07 08:31 (UTC)
gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
This worked for me. @grufo's comment did not.
ZJaume commented on 2018-05-03 18:25 (UTC)
When /home is mounted with 'noexec' option tor browser fails to execute, I think it's because the executable is placed in /home. Would it be a way to install on '/'? I don't know if installing tor-browser at '/' could open a new security flaw
anniezpw commented on 2018-05-02 21:23 (UTC)
@pirxel
run it without "--keyserver hkp://pgp.mit.edu:11371" as that address:port is currently unreachable.
pirxel commented on 2018-04-30 10:49 (UTC)
$ gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys D1483FA6C3C07136 gpg: keyserver receive failed: No data
sorry guys but this is not helping, any idea what to do with this?
zilvervos commented on 2018-03-19 16:02 (UTC) (edited on 2018-03-21 10:21 (UTC) by zilvervos)
I cannot build tor-browser-en
Downloading the source files fails:
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dist.torproject.org:443 ==> ERROR: Failure while downloading https://dist.torproject.org/torbrowser/7.5.2/tor-browser-linux64-7.5.2_en-US.tar.xz Aborting...
[update 21-03] Problem seems to have solved itself.
wchouser3 commented on 2018-03-17 19:42 (UTC)
what is the pgp key? the package won't install
comeandtakeit commented on 2018-03-16 04:06 (UTC)
Pinned keyserver seems to be down. Try this:
gpg --keyserver hkp://pgp.mit.edu:11371 --recv-keys D1483FA6C3C07136
rokoucha commented on 2018-03-15 01:23 (UTC)
Thanks for comment.I fixed checksum.
Neros commented on 2018-03-14 16:50 (UTC)
I can't update it, the signature is wrong. It should be:
sha256sums_x86_64=('a2487b8154b54d6f8cd8a64fad3573a2f5763bcf43fde8473b8e27633645a524' 'SKIP')
instead (I don't know about i686).
papa6 commented on 2018-02-22 13:28 (UTC) (edited on 2018-02-22 13:49 (UTC) by papa6)
Bonjour, De grosses difficultés rencontrées avec gpg --keyserver pgp.mit.edu --recv-keys D1483FA6C3C07136 qui ne marchait pas, ni avec des alternatives.
La solution complète trouvée : pacman-key -r D1483FA6C3C07136
pacman-key --edit-key D1483FA6C3C07136
là, on arrive sous gpg : gpg> lsign
gpg> trust
(niveau de confiance : 3)
gpg> save
Source : https://wiki.archlinux.fr/Pacman-key#Installation_manuelle
RidingLuck commented on 2018-02-19 16:38 (UTC) (edited on 2018-02-19 16:39 (UTC) by RidingLuck)
update key
gpg --recv-keys D1483FA6C3C07136 && yaourt -S tor-browser-es
<hr>Llave Actualizada
gpg --recv-keys D1483FA6C3C07136 && yaourt -S tor-browser-es
ratcheer commented on 2018-01-25 15:32 (UTC)
I downloaded, updated the keys, and ran "makepkg -sri" on this package. I cannot find the updated browser on my system.
If I run "./tor-browser/tor-browser_en-US/Browser/start-tor-browser", it runs version 6.0.8. If I run "./.tor-browser-en/INSTALL/Browser/start-tor-browser", it runs version 6.5.1.
Where is version 7.5 supposed to be? The find command finds no other instances of file start-tor-browser. Thank you.
TiborB commented on 2017-12-17 21:13 (UTC)
Hi, when trying to fetch gpg keys I am getting an unclear error:
$gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136 gpg: keyserver receive failed: Invalid argument
What should I do?
freeboson commented on 2017-12-11 04:00 (UTC) (edited on 2017-12-11 04:01 (UTC) by freeboson)
Hi,
In tor-browser-en.sh, please change the order in which the TB* vars are set and the args are parsed. You should only set TB_HOME_DIR and TB_REFRESH defaults before parsing args.
Edit: sorry, don't know how to escape italicizing _'s.
andrew-wja commented on 2017-11-10 20:32 (UTC)
grufo commented on 2017-11-03 14:01 (UTC)
fennectech commented on 2017-10-28 23:40 (UTC)
grufo commented on 2017-10-21 02:15 (UTC)
Marcel_K commented on 2017-10-20 23:47 (UTC) (edited on 2017-10-20 23:48 (UTC) by Marcel_K)
Marcel_K commented on 2017-10-20 23:43 (UTC)
grufo commented on 2017-10-20 23:25 (UTC)
Marcel_K commented on 2017-10-20 23:15 (UTC)
grufo commented on 2017-10-20 22:20 (UTC)
Marcel_K commented on 2017-10-20 22:01 (UTC)
LaughingMan commented on 2017-10-20 17:09 (UTC) (edited on 2017-10-20 17:10 (UTC) by LaughingMan)
grufo commented on 2017-09-29 21:29 (UTC)
acidicX commented on 2017-09-29 20:21 (UTC)
Denton-L commented on 2017-09-29 05:37 (UTC)
grufo commented on 2017-09-24 21:24 (UTC)
grufo commented on 2017-09-18 18:53 (UTC)
acidicX commented on 2017-09-18 15:53 (UTC) (edited on 2017-09-18 15:53 (UTC) by acidicX)
smatts commented on 2017-09-11 00:41 (UTC)
alogim commented on 2017-09-03 13:59 (UTC) (edited on 2017-09-03 14:00 (UTC) by alogim)
yar commented on 2017-08-26 00:27 (UTC)
gancho commented on 2017-08-14 19:52 (UTC)
admicos commented on 2017-08-13 16:57 (UTC)
FabioLolix commented on 2017-08-11 10:03 (UTC)
ExoNarcis commented on 2017-08-11 08:05 (UTC)
Det commented on 2017-08-10 04:03 (UTC)
grufo commented on 2017-08-08 19:37 (UTC)
migrev commented on 2017-08-08 10:51 (UTC)
grufo commented on 2017-08-08 10:13 (UTC)
Plexcon commented on 2017-08-08 07:43 (UTC)
Plexcon commented on 2017-08-08 07:29 (UTC)
cocoche007 commented on 2017-07-22 23:57 (UTC)
Omar007 commented on 2017-06-13 14:05 (UTC)
FabioLolix commented on 2017-06-11 19:07 (UTC)
gbr commented on 2017-06-08 18:12 (UTC)
grufo commented on 2017-05-23 18:04 (UTC)
brando56894 commented on 2017-05-23 14:18 (UTC)
sabe commented on 2017-05-13 15:08 (UTC)
rokoucha commented on 2017-05-09 13:03 (UTC)
xingxuanma commented on 2017-05-08 03:53 (UTC)
Mark1 commented on 2017-05-07 14:31 (UTC)
dml commented on 2017-05-05 06:25 (UTC)
grufo commented on 2017-05-01 05:46 (UTC)
TrialnError commented on 2017-04-30 02:48 (UTC)
grufo commented on 2017-04-30 02:06 (UTC)
TrialnError commented on 2017-04-29 19:35 (UTC)
Plexcon commented on 2017-04-26 12:11 (UTC)
migrev commented on 2017-04-26 12:04 (UTC)
Plexcon commented on 2017-04-26 09:15 (UTC)
grufo commented on 2017-04-24 23:57 (UTC)
TrialnError commented on 2017-04-24 17:36 (UTC)
grufo commented on 2017-04-23 21:55 (UTC)
TrialnError commented on 2017-04-10 22:50 (UTC)
grufo commented on 2017-04-10 19:36 (UTC)
TrialnError commented on 2017-04-10 00:56 (UTC) (edited on 2017-04-10 01:26 (UTC) by TrialnError)
Plexcon commented on 2017-04-02 15:52 (UTC)
migrev commented on 2017-03-20 11:13 (UTC)
ant commented on 2017-02-22 11:46 (UTC)
Plexcon commented on 2017-02-13 18:58 (UTC)
kuklofon commented on 2017-02-08 13:35 (UTC)
liljaylj commented on 2017-02-06 12:31 (UTC)
teke commented on 2017-02-02 16:35 (UTC)
smonff commented on 2017-02-02 11:39 (UTC)
teke commented on 2017-01-30 16:44 (UTC)
Mark1 commented on 2017-01-29 17:32 (UTC)
Mark1 commented on 2017-01-29 17:31 (UTC)
now-im commented on 2017-01-29 17:01 (UTC) (edited on 2017-01-29 18:24 (UTC) by now-im)
xuiqzy commented on 2017-01-27 15:23 (UTC)
kyak commented on 2017-01-27 05:05 (UTC)
kerberizer commented on 2017-01-26 16:00 (UTC)
kyak commented on 2017-01-26 15:35 (UTC)
kerberizer commented on 2017-01-26 13:16 (UTC)
tscs37 commented on 2017-01-26 07:22 (UTC)
kyak commented on 2017-01-25 18:55 (UTC)
kyak commented on 2017-01-25 18:14 (UTC)
yar commented on 2017-01-25 17:25 (UTC)
z3ntu commented on 2017-01-25 11:43 (UTC)
slav commented on 2017-01-25 10:15 (UTC)
yar commented on 2017-01-25 09:14 (UTC) (edited on 2018-09-06 16:52 (UTC) by yar)
Before running makepkg, you must do this:
gpg --keyserver pool.sks-keyservers.net --recv-keys EB774491D9FF06E2
See below for details.
Pinned Comments
grufo commented on 2019-08-15 02:22 (UTC)
Before running
makepkg
, you must do this (as normal user):$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:
$ tor-browser -u