#!/bin/bash set -euo pipefail # ============================================================================== # Dangerzone Installation Script # ============================================================================== # Installs Dangerzone - PDF/Office document sanitizer using container isolation # # Threat Model: # - Malicious PDF/Office documents with embedded exploits # - Opening untrusted documents can compromise your system # - Dangerzone converts documents in isolated containers, then re-renders # them safely, removing any potential malware # # Source: Freedom of the Press Foundation # Official Docs: https://dangerzone.rocks/ # ============================================================================== # Colors readonly RED='\033[0;31m' readonly GREEN='\033[0;32m' readonly YELLOW='\033[1;33m' readonly NC='\033[0m' log() { echo -e "${GREEN}[INFO]${NC} $*"; } warn() { echo -e "${YELLOW}[WARN]${NC} $*"; } error() { echo -e "${RED}[ERROR]${NC} $*"; exit 1; } # Detect distro detect_distro() { if [ -f /etc/os-release ]; then . /etc/os-release echo "$ID" else error "Cannot detect distribution" fi } # Install for Debian/Ubuntu install_debian() { log "Installing Dangerzone for Debian/Ubuntu..." # Install prerequisites log "Installing prerequisites..." sudo apt-get update sudo apt-get install -y gpg ca-certificates # Create keyrings directory sudo mkdir -p /etc/apt/keyrings # Download and add GPG key log "Adding Freedom of the Press Foundation GPG key..." sudo gpg --keyserver hkps://keys.openpgp.org \ --no-default-keyring --no-permission-warning --homedir $(mktemp -d) \ --keyring gnupg-ring:/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg \ --recv-keys DE28AB241FA48260FAC9B8BAA7C9B38522604281 # FIX: Make keyring world-readable so APT can verify signatures log "Fixing keyring permissions..." sudo chmod 644 /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg # Add repository log "Adding Dangerzone repository..." . /etc/os-release echo "deb [signed-by=/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg] \ https://packages.freedom.press/apt-tools-prod ${VERSION_CODENAME?} main" \ | sudo tee /etc/apt/sources.list.d/fpf-apt-tools.list # Install Dangerzone log "Installing Dangerzone..." sudo apt update sudo apt install -y dangerzone log "✅ Dangerzone installed successfully!" } # Install for Fedora install_fedora() { warn "Fedora installation not yet implemented" error "Please install manually: https://dangerzone.rocks/" } # Verify installation verify_installation() { log "Verifying installation..." if command -v dangerzone >/dev/null 2>&1; then log "✅ Dangerzone command found" dangerzone --version || true else error "Dangerzone not found in PATH" fi # Check if container runtime is available if command -v podman >/dev/null 2>&1; then log "✅ Podman available (container runtime)" elif command -v docker >/dev/null 2>&1; then log "✅ Docker available (container runtime)" else warn "No container runtime found - Dangerzone may not work" fi } # Main main() { echo "=== Dangerzone Installation ===" echo "" DISTRO=$(detect_distro) log "Detected distribution: $DISTRO" case "$DISTRO" in debian|ubuntu) install_debian ;; fedora) install_fedora ;; *) error "Unsupported distribution: $DISTRO" ;; esac echo "" verify_installation echo "" echo "=== Installation Complete ===" echo "" echo "Usage:" echo " 1. Launch from application menu: 'Dangerzone'" echo " 2. Or right-click any PDF → 'Open with Dangerzone'" echo " 3. Or from terminal: dangerzone /path/to/document.pdf" echo "" echo "📖 Documentation: https://dangerzone.rocks/" } main "$@"