From 5bd5e095eeadcafa960c467de2f209f649193f0a Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Tue, 29 Apr 2025 06:43:46 -0400
Subject: [PATCH 1/6] silence firefox security nag - develop

---
 src/ubuntu/install/firefox/install_firefox.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index 80c9594..932ffd4 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -176,6 +176,10 @@ else
   firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
 fi
 
+# Silence Firefox security nag "Some of Firefox's features may offer less protection on your current operating system"
+echo 'user_pref("security.sandbox.warn_unprivileged_namespaces", false);' > $HOME/.mozilla/firefox/kasm/user.js
+chown 1000:1000 $HOME/.mozilla/firefox/kasm/user.js
+
 if [[ "${DISTRO}" == @(oracle8|rockylinux9|rockylinux8|oracle9|rhel9|almalinux9|almalinux8|opensuse|fedora39|fedora40) ]]; then
   set_desktop_icon
 fi

From e0b88073ed1ad135472817a7ee895409ef5530e0 Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Wed, 30 Apr 2025 02:06:20 -0400
Subject: [PATCH 2/6] set default firefox profile in kali

---
 src/ubuntu/install/firefox/install_firefox.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index 932ffd4..b071d00 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -187,8 +187,13 @@ fi
 # Starting with version 67, Firefox creates a unique profile mapping per installation which is hash generated
 #   based off the installation path. Because that path will be static for our deployments we can assume the hash
 #   and thus assign our profile to the default for the installation
-
-if [[ "${DISTRO}" != @(oracle8|rockylinux9|rockylinux8|oracle9|rhel9|almalinux9|almalinux8|opensuse|fedora39|fedora40) ]]; then
+if grep -q "ID=kali" /etc/os-release; then
+cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
+[Install3B6073811A6ABF12]
+Default=kasm
+Locked=1
+EOL
+elif [[ "${DISTRO}" != @(oracle8|rockylinux9|rockylinux8|oracle9|rhel9|almalinux9|almalinux8|opensuse|fedora39|fedora40) ]]; then
 cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 [Install4F96D1932A9F858E]
 Default=kasm

From 0f2b2dde2aaf33c5362ef2050470251c99dae2f7 Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Wed, 30 Apr 2025 03:19:51 -0400
Subject: [PATCH 3/6] silence firefox security nag on apline 3.20 and higher

---
 src/alpine/install/firefox/install_firefox.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/alpine/install/firefox/install_firefox.sh b/src/alpine/install/firefox/install_firefox.sh
index 1b33ba1..a25c92b 100644
--- a/src/alpine/install/firefox/install_firefox.sh
+++ b/src/alpine/install/firefox/install_firefox.sh
@@ -20,6 +20,14 @@ done
 
 # Creating a default profile
 firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
+
+# For alpine 3.20 and later, firefox version shows a security nag. Silence it.
+if [ "$(printf '%s\n' 3.20 $(cat /etc/alpine-release) | sort -V | head -n 1)" = "3.20" ]; then
+  echo 'user_pref("security.sandbox.warn_unprivileged_namespaces", false);' > $HOME/.mozilla/firefox/kasm/user.js
+  chown 1000:1000 $HOME/.mozilla/firefox/kasm/user.js
+fi
+
+
 # Generate a certdb to be detected on squid start
 HOME=/root firefox --headless &
 mkdir -p /root/.mozilla

From fe05784d870fd2e650ef2def32a0eef86ca80dad Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Wed, 30 Apr 2025 05:16:36 -0400
Subject: [PATCH 4/6] set default firefox profile in debian and parrot on arm

---
 src/ubuntu/install/firefox/install_firefox.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index b071d00..12eaa07 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -193,6 +193,14 @@ cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 Default=kasm
 Locked=1
 EOL
+elif grep -q "ID=debian" /etc/os-release || grep -q "ID=parrot" /etc/os-release; then
+  if [ "${ARCH}" != "amd64" ]; then
+    cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
+[Install3B6073811A6ABF12]
+Default=kasm
+Locked=1
+EOL
+fi
 elif [[ "${DISTRO}" != @(oracle8|rockylinux9|rockylinux8|oracle9|rhel9|almalinux9|almalinux8|opensuse|fedora39|fedora40) ]]; then
 cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 [Install4F96D1932A9F858E]

From 6e49ce48ad3a11875bdf074ba1d1b20875bd9b6b Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Wed, 30 Apr 2025 07:18:53 -0400
Subject: [PATCH 5/6] correct debian firefox profiles on amd64

---
 src/ubuntu/install/firefox/install_firefox.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index 12eaa07..414d3c7 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -200,7 +200,13 @@ elif grep -q "ID=debian" /etc/os-release || grep -q "ID=parrot" /etc/os-release;
 Default=kasm
 Locked=1
 EOL
-fi
+  else
+    cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
+  [Install4F96D1932A9F858E]
+  Default=kasm
+  Locked=1
+EOL
+  fi
 elif [[ "${DISTRO}" != @(oracle8|rockylinux9|rockylinux8|oracle9|rhel9|almalinux9|almalinux8|opensuse|fedora39|fedora40) ]]; then
 cat >>$HOME/.mozilla/firefox/profiles.ini <<EOL
 [Install4F96D1932A9F858E]

From f1fe0f95397dad23a16ce74c3069b42730205001 Mon Sep 17 00:00:00 2001
From: Teja Swaroop Pothala <tejaswaroop.pothala@kasmweb.com>
Date: Sun, 4 May 2025 06:07:15 +0000
Subject: [PATCH 6/6] trigger pipeline to build all imgs

---
 src/alpine/install/firefox/install_firefox.sh | 2 +-
 src/ubuntu/install/firefox/install_firefox.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/alpine/install/firefox/install_firefox.sh b/src/alpine/install/firefox/install_firefox.sh
index a25c92b..7d58c90 100644
--- a/src/alpine/install/firefox/install_firefox.sh
+++ b/src/alpine/install/firefox/install_firefox.sh
@@ -21,7 +21,7 @@ done
 # Creating a default profile
 firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
 
-# For alpine 3.20 and later, firefox version shows a security nag. Silence it.
+# For alpine 3.20 and later, firefox version shows a security nag. Silence it..
 if [ "$(printf '%s\n' 3.20 $(cat /etc/alpine-release) | sort -V | head -n 1)" = "3.20" ]; then
   echo 'user_pref("security.sandbox.warn_unprivileged_namespaces", false);' > $HOME/.mozilla/firefox/kasm/user.js
   chown 1000:1000 $HOME/.mozilla/firefox/kasm/user.js
diff --git a/src/ubuntu/install/firefox/install_firefox.sh b/src/ubuntu/install/firefox/install_firefox.sh
index 414d3c7..665e3e6 100644
--- a/src/ubuntu/install/firefox/install_firefox.sh
+++ b/src/ubuntu/install/firefox/install_firefox.sh
@@ -176,7 +176,7 @@ else
   firefox -headless -CreateProfile "kasm $HOME/.mozilla/firefox/kasm"
 fi
 
-# Silence Firefox security nag "Some of Firefox's features may offer less protection on your current operating system"
+# Silence Firefox security nag "Some of Firefox's features may offer less protection on your current operating system".
 echo 'user_pref("security.sandbox.warn_unprivileged_namespaces", false);' > $HOME/.mozilla/firefox/kasm/user.js
 chown 1000:1000 $HOME/.mozilla/firefox/kasm/user.js