README 8.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243
  1. Tor Browser Build
  2. =================
  3. Installing build dependencies
  4. -----------------------------
  5. To build Tor Browser, you need a recent Linux distribution with support
  6. for user_namespaces(7) (such as Debian Buster, Ubuntu 16.04, Fedora 30,
  7. etc ...). You will need to install the uidmap package, providing the
  8. newuidmap and newgidmap commands.
  9. The sources of most components are downloaded using git, which needs to
  10. be installed.
  11. You also need a few perl modules installed:
  12. - YAML::XS
  13. - File::Basename
  14. - Getopt::Long
  15. - Template
  16. - IO::Handle
  17. - IO::CaptureOutput
  18. - JSON
  19. - File::Temp
  20. - Path::Tiny
  21. - File::Path
  22. - File::Slurp
  23. - File::Copy::Recursive
  24. - String::ShellQuote
  25. - Sort::Versions
  26. - Digest::SHA
  27. - Data::UUID
  28. - Data::Dump
  29. - DateTime
  30. If you are running Debian or Ubuntu, you can install them with:
  31. # apt-get install libyaml-libyaml-perl libtemplate-perl libdatetime-perl \
  32. libio-handle-util-perl libio-all-perl \
  33. libio-captureoutput-perl libjson-perl libpath-tiny-perl \
  34. libstring-shellquote-perl libsort-versions-perl \
  35. libdigest-sha-perl libdata-uuid-perl libdata-dump-perl \
  36. libfile-copy-recursive-perl libfile-slurp-perl git \
  37. uidmap
  38. The build system is based on rbm, which is included as a git submodule
  39. in the rbm/ directory. You can fetch the rbm git submodule by running
  40. 'make submodule-update'.
  41. The build uses user_namespaces(7), which are disabled by default on Debian.
  42. To enable them you can use the following command as root:
  43. # sysctl -w kernel.unprivileged_userns_clone=1
  44. You can enable them permanently by adding the setting to /etc/sysctl.d/
  45. The user you use to build needs to have a range of subordinate uids and
  46. gids in /etc/subuid and /etc/subgid. Most of the time they are added by
  47. default when the user is created. If it was not the case, you can use
  48. usermod(8) with the --add-subuids and --add-subgids options. See also
  49. the subuid(5) and subgid(5) man pages.
  50. Starting a build
  51. ----------------
  52. To start a build, run one of the following commands, depending on the
  53. channel you want to build:
  54. $ make torbrowser-release
  55. $ make torbrowser-alpha
  56. $ make torbrowser-nightly
  57. You can find the build result in the directory release/unsigned/$version
  58. or alpha/unsigned/$version for release or alpha builds. The result of
  59. nightly can be found in the nightly/$version directory.
  60. If you want to build for a specific platform only, append the platform
  61. name to the makefile target:
  62. $ make torbrowser-nightly-linux-x86_64
  63. $ make torbrowser-nightly-linux-i686
  64. $ make torbrowser-nightly-linux-arm
  65. $ make torbrowser-nightly-windows-i686
  66. $ make torbrowser-nightly-windows-x86_64
  67. $ make torbrowser-nightly-osx-x86_64
  68. $ make torbrowser-nightly-android-armv7
  69. $ make torbrowser-nightly-android-aarch64
  70. $ make torbrowser-nightly-android-x86
  71. $ make torbrowser-nightly-android-x86_64
  72. When you want to quickly do a build to test a change, you can use the
  73. testbuild makefile target, and find the build in the testbuild directory.
  74. The build will be the same as regular alpha builds, except that in order
  75. to make the build faster, only the en-US locale will be built, and no
  76. mar file will be created. If you want to base your testbuild on the latest
  77. nightly code insted, rename rbm.local.conf.example to rbm.local.conf
  78. and adapt the torbrowser-testbuild option accordingly.
  79. Similar makefile targets exist for building Base Browser instead of
  80. Tor Browser. To build Base Browser, replace `torbrowser` by `basebrowser`
  81. in the target name.
  82. Updating git sources
  83. --------------------
  84. You can run `make fetch` to fetch the latest sources from git for all
  85. components included in Tor Browser. You should run this if you want to
  86. make a nightly build with the latest commits, and you disabled automatic
  87. fetching of new commits for nightly builds in rbm.local.conf.
  88. Number of make processes
  89. ------------------------
  90. By default `nproc` is used to determine the number of processes to run
  91. simultaneously (with make -jN where N is the number returned by `nproc`).
  92. If you want to change the number of processes used, you can set the
  93. RBM_NUM_PROCS environment variable:
  94. $ export RBM_NUM_PROCS=8
  95. You can also set the num_procs option in rbm.local.conf.
  96. Automated builds
  97. ----------------
  98. If the build fails, a shell will automatically open in the build
  99. container to help you debug the problem. You probably want to disable
  100. this if you want to do automated builds. To disable this, set
  101. the RBM_NO_DEBUG environment variable to 1:
  102. export RBM_NO_DEBUG=1
  103. Or set the debug option to 0 in the rbm.local.conf file.
  104. If you want to select the output directory, you can use rbm's --output-dir
  105. option. You can look at the Makefile to find the rbm command for what
  106. you want to build, and add the --output-dir option. For example, if you
  107. want to build Tor Browser nightly for linux-x86_64:
  108. ./rbm/rbm build release --output-dir=/var/builds/nightly/2020-05-23 \
  109. --target nightly --target torbrowser-linux-x86_64
  110. The files will be put in the directory selected by --output-dir in a
  111. subdirectory named as the version number (or current date for nightly).
  112. To remove this version subdirectory, add the noversiondir target:
  113. ./rbm/rbm build release --output-dir=/var/builds/nightly/2020-05-23 \
  114. --target nightly --target torbrowser-linux-x86_64 \
  115. --target noversiondir
  116. Automated builds using tbb-testsuite
  117. ------------------------------------
  118. The Tor Browser testsuite scripts can also be used to do nightly builds
  119. and publish the build logs. The recommended way to do that is to use
  120. the ansible roles from the tools/ansible directory. See next section
  121. for details.
  122. Using ansible to set up a nightly build machine
  123. -----------------------------------------------
  124. The directory tools/ansible contains some ansible roles to set up a
  125. nightly build machine. You can look at the playbook defined in
  126. boklm-tbb-nightly-build.yml and variables in group_vars/boklm-tbb-nightly/
  127. for an example of how it can be used.
  128. Signing builds
  129. --------------
  130. If the environment variable RBM_SIGN_BUILD is set to 1, the
  131. sha256sums-unsigned-build.txt and sha256sums-unsigned-build.incrementals.txt
  132. files will be signed with gpg. You can use the RBM_GPG_OPTS environment
  133. variable to add some options to the gpg command used to sign the file.
  134. You can also set the var/sign_build and var/sign_build_gpg_opts options
  135. in the rbm.local.conf file.
  136. Cleaning obsolete files and containers images
  137. ---------------------------------------------
  138. You can run `make clean` to clean old build files and containers that
  139. are no longer used in current builds. Before doing that, you need to
  140. configure the branches and build targets you are using in the
  141. rbm.local.conf file. The cleaning script will check out all the configured
  142. branches to create a list of used build files, and delete the files
  143. from the 'out' directory that are not used. If you want to see the list
  144. of files and containers that would be removed without doing it, you can
  145. use `make clean-dry-run`.
  146. Building without containers (Android builds only)
  147. -------------------------------------------------
  148. By default the build is done inside containers. Adding the no_containers
  149. target will disable the use of containers. The following commands can
  150. be used to build the alpha version for e.g. android-armv7:
  151. ./rbm/rbm build release --target no_containers --target testbuild \
  152. --target torbrowser-android-armv7
  153. Note: the logs will still show the use and creation of a container image
  154. called "containers_disabled". This is due to the way we disable the use
  155. of containers: the container-image project is still called, but it will
  156. just create an empty file instead of a real container image.
  157. The build without containers is currently only supported for the Android
  158. builds, and will require that you run Debian Buster and install build
  159. dependencies for all the components that are built. This can be done
  160. with the following command:
  161. # apt-get install build-essential python automake libtool zip unzip \
  162. autoconf2.13 openjdk-8-jdk gettext-base autotools-dev \
  163. automake autoconf libtool autopoint libssl-dev \
  164. pkg-config zlib1g-dev libparallel-forkmanager-perl \
  165. libfile-slurp-perl bzip2 xz-utils apksigner yasm
  166. Common Build Errors
  167. -------------------
  168. You can look at the file doc/BUILD_ERRORS.txt for a list of common build
  169. errors and their solutions.
  170. Hacking on the Tor Browser build
  171. --------------------------------
  172. The file doc/HACKING.txt tries to list the main things to know when
  173. making changes to the Tor Browser build.
  174. Description of makefile rules
  175. -----------------------------
  176. You can find a description of the Makefile rules in the file doc/MAKEFILE.txt.