From 91126707cbc7d11f21e0282f7e03145acc81ca82 Mon Sep 17 00:00:00 2001 From: Pascal Bouquet Date: Tue, 17 Feb 2026 18:32:11 +0100 Subject: [PATCH] fix: force proxy bypass for captive portal detection - Firefox ignored `no_proxy` environment variables when a manual proxy was configured in the user profile. - Switched to using a temporary profile with `--no-remote` to guarantee a clean state without proxy settings. - Added automatic cleanup for the temporary profile directory. - Updated user session detection to be more robust on LMDE 7 / Debian 13. --- 99-captive-portal | 103 ++++++++++++++-------------------------------- 1 file changed, 32 insertions(+), 71 deletions(-) diff --git a/99-captive-portal b/99-captive-portal index 2e22bbc..346df1d 100755 --- a/99-captive-portal +++ b/99-captive-portal @@ -4,7 +4,7 @@ # NetworkManager Captive Portal Auto-Detector # ============================================================================= # Erstellt von Pascal Bouquet am 16.09.2025 -# Aktualisiert am 18.09.2025 +# Aktualisiert am 17.02.2026 # # Dieses Skript ist freie Software: Es kann frei verwendet, bearbeitet und # verbreitet werden. Es wird keine Garantie für die Funktionsfähigekeit übernommen. @@ -14,10 +14,9 @@ # KONFIGURATION # ============================================================================= LOG_FILE="/var/log/nm-captive.log" -LOG_LEVEL="ERROR" # NONE, DEBUG, INFO, WARNING, ERROR +LOG_LEVEL="INFO" # NONE, DEBUG, INFO, WARNING, ERROR CHECK_INTERVAL=300 # 5 Minuten in Sekunden MAX_CHECKS=12 # Maximal 1 Stunde lang prüfen (12 * 5min) - # Test-URLs für Captive Portal Erkennung TEST_URLS=( "http://captive.apple.com/hotspot-detect.html" @@ -57,7 +56,6 @@ log() { ;; esac } - get_user_environment() { local user=$1 local user_id=$(id -u "$user") @@ -88,45 +86,17 @@ get_user_environment() { fi fi } - get_user_session() { - local user="" - local display="" - local session_type="" - - # Finde den aktuellen GUI-Benutzer - user=$(who | grep -E "(tty[0-9]|pts/)" | awk '{print $1}' | head -n1) - log "DEBUG" "who found user: $user" - - if [ -n "$user" ]; then - local user_id=$(id -u "$user") - - # Prüfe auf Wayland - if [ -S "/run/user/$user_id/wayland-0" ]; then - session_type="wayland" - display="wayland-0" - log "DEBUG" "Wayland socket detected" - elif [ -S "/tmp/.X11-unix/X0" ]; then - session_type="x11" - display=":0" - log "DEBUG" "X11 socket detected" - else - # Fallback basierend auf Prozessen - if pgrep -u "$user" kwin_wayland >/dev/null; then - session_type="wayland" - display="wayland-0" - log "DEBUG" "Wayland process detected" - else - session_type="x11" - display=":0" - log "DEBUG" "Assuming X11" - fi - fi + local user=$(loginctl list-users | grep -v "UID" | head -n1 | awk '{print $2}') + local user_id=$(id -u "$user") + local display=":0" + local session_type="x11" + if [ -S "/run/user/$user_id/wayland-0" ]; then + display="wayland-0" + session_type="wayland" fi - echo "$user $display $session_type" } - check_captive_portal() { local captive_detected=false @@ -167,41 +137,36 @@ check_captive_portal() { return 0 fi } - start_firefox() { local user=$1 local display=$2 - local session_type=$3 + local user_id=$(id -u "$user") - log "INFO" "Attempting to start Firefox for user: $user, display: $display, type: $session_type" + # Erstelle ein temporäres Verzeichnis für das Profil im RAM (tmpfs) + # Wir machen das als User, damit die Berechtigungen direkt stimmen + local temp_profile=$(sudo -u "$user" mktemp -d -p /tmp/ firefox-captive.XXXXXX) - # Holle die komplette Environment des Users - local user_env=$(get_user_environment "$user") - log "DEBUG" "User environment: $user_env" - - # Baue den sudo-Befehl mit der kompletten Environment - local env_vars="" - while IFS= read -r line; do - if [ -n "$line" ]; then - env_vars="$env_vars $line" - fi - done <<< "$user_env" - - # Starte Firefox mit der kompletten Environment - log "DEBUG" "Starting Firefox with full user environment" - sudo -u "$user" $env_vars firefox --new-window "http://detectportal.firefox.com/canonical.html" & + log "INFO" "Starting Firefox with clean temp profile: $temp_profile" + # Startbefehl + sudo -u "$user" env \ + DISPLAY="$display" \ + WAYLAND_DISPLAY="$display" \ + XDG_RUNTIME_DIR="/run/user/$user_id" \ + DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$user_id/bus" \ + /usr/bin/firefox \ + --no-remote \ + --profile "$temp_profile" \ + --private-window "http://detectportal.firefox.com/canonical.html" & local pid=$! - sleep 1 - if ps -p $pid >/dev/null 2>&1; then - log "INFO" "Firefox successfully started with PID: $pid" - return 0 - else - log "ERROR" "Firefox process died immediately after start" - return 1 - fi + + # Ein kleiner Hintergrund-Job, der das Temp-Verzeichnis nach Schließen von Firefox löscht + ( + while ps -p $pid > /dev/null; do sleep 5; done + rm -rf "$temp_profile" + log "DEBUG" "Cleaned up temp profile $temp_profile" + ) & } - start_periodic_checks() { local interface="$1" local user="$2" @@ -239,7 +204,6 @@ start_periodic_checks() { # ============================================================================= log "INFO" "=== Dispatch triggered: $1 $2 ===" - if [[ "$1" == wl* ]] && [ "$2" = "up" ]; then sleep 3 @@ -267,10 +231,7 @@ if [[ "$1" == wl* ]] && [ "$2" = "up" ]; then else log "INFO" "No captive portal detected on connection start" fi - elif [[ "$1" == wl* ]] && [ "$2" = "down" ]]; then log "INFO" "WLAN interface $1 disconnected" - fi - -log "INFO" "=== Completed ===" +log "INFO" "=== Completed ===" \ No newline at end of file