djedi/privacy-toolkit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
privacy-toolkit/tools/dangerzone/install.sh
rpriven 319efece5f
Initial commit
2025-12-31 19:44:07 -07:00

138 lines
4 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -euo pipefail
# ==============================================================================
# Dangerzone Installation Script
# ==============================================================================
# Installs Dangerzone - PDF/Office document sanitizer using container isolation
#
# Threat Model:
# - Malicious PDF/Office documents with embedded exploits
# - Opening untrusted documents can compromise your system
# - Dangerzone converts documents in isolated containers, then re-renders
# them safely, removing any potential malware
#
# Source: Freedom of the Press Foundation
# Official Docs: https://dangerzone.rocks/
# ==============================================================================
# Colors
readonly RED='\033[0;31m'
readonly GREEN='\033[0;32m'
readonly YELLOW='\033[1;33m'
readonly NC='\033[0m'
log() { echo -e "${GREEN}[INFO]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
error() { echo -e "${RED}[ERROR]${NC} $*"; exit 1; }
# Detect distro
detect_distro() {
if [ -f /etc/os-release ]; then
. /etc/os-release
echo "$ID"
else
error "Cannot detect distribution"
fi
}
# Install for Debian/Ubuntu
install_debian() {
log "Installing Dangerzone for Debian/Ubuntu..."
# Install prerequisites
log "Installing prerequisites..."
sudo apt-get update
sudo apt-get install -y gpg ca-certificates
# Create keyrings directory
sudo mkdir -p /etc/apt/keyrings
# Download and add GPG key
log "Adding Freedom of the Press Foundation GPG key..."
sudo gpg --keyserver hkps://keys.openpgp.org \
--no-default-keyring --no-permission-warning --homedir $(mktemp -d) \
--keyring gnupg-ring:/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg \
--recv-keys DE28AB241FA48260FAC9B8BAA7C9B38522604281
# FIX: Make keyring world-readable so APT can verify signatures
log "Fixing keyring permissions..."
sudo chmod 644 /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg
# Add repository
log "Adding Dangerzone repository..."
. /etc/os-release
echo "deb [signed-by=/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg] \
https://packages.freedom.press/apt-tools-prod ${VERSION_CODENAME?} main" \
| sudo tee /etc/apt/sources.list.d/fpf-apt-tools.list
# Install Dangerzone
log "Installing Dangerzone..."
sudo apt update
sudo apt install -y dangerzone
log "✅ Dangerzone installed successfully!"
}
# Install for Fedora
install_fedora() {
warn "Fedora installation not yet implemented"
error "Please install manually: https://dangerzone.rocks/"
}
# Verify installation
verify_installation() {
log "Verifying installation..."
if command -v dangerzone >/dev/null 2>&1; then
log "✅ Dangerzone command found"
dangerzone --version || true
else
error "Dangerzone not found in PATH"
fi
# Check if container runtime is available
if command -v podman >/dev/null 2>&1; then
log "✅ Podman available (container runtime)"
elif command -v docker >/dev/null 2>&1; then
log "✅ Docker available (container runtime)"
else
warn "No container runtime found - Dangerzone may not work"
fi
}
# Main
main() {
echo "=== Dangerzone Installation ==="
echo ""
DISTRO=$(detect_distro)
log "Detected distribution: $DISTRO"
case "$DISTRO" in
debian|ubuntu)
install_debian
;;
fedora)
install_fedora
;;
*)
error "Unsupported distribution: $DISTRO"
;;
esac
echo ""
verify_installation
echo ""
echo "=== Installation Complete ==="
echo ""
echo "Usage:"
echo " 1. Launch from application menu: 'Dangerzone'"
echo " 2. Or right-click any PDF → 'Open with Dangerzone'"
echo " 3. Or from terminal: dangerzone /path/to/document.pdf"
echo ""
echo "📖 Documentation: https://dangerzone.rocks/"
}
main "$@"
Reference in a new issue View git blame Copy permalink