Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Installs (or updates) PPAPI Flash, so that it can be used by Chromium-based browsers

Usage

If you use Ubuntu or a derivative distro, issue the following to install an appropriate version of Flash:

sudo add-apt-repository "deb http://archive.canonical.com/ubuntu `lsb_release -cs` partner" 
sudo apt update
sudo apt install adobe-flashplugin

If your distro does not provide a copy of Pepper Flash that works with Vivaldi, this script will download and install it for you. To use, click on the "Download ZIP" button listed on the GitHub Gist page and then unpack the .zip archive locally. You should now have a directory containing the file "latest-pepper-flash.sh".

Open a terminal within that directory and run the script like so:

sh latest-pepper-flash.sh

The script will fetch and install the latest Pepper Flash. From time to time (perhaps once a month) you should re-run this script and if there is a newer Flash it will upgrade your installed copy, otherwise it will just confirm that you have the latest version.

#!/bin/sh
available () {
command -v $1 >/dev/null 2>&1
}
# Make sure we have wget or curl
if available wget; then
SILENT_DL="wget -qO-"
LOUD_DL="wget"
elif available curl; then
SILENT_DL="curl -sL"
LOUD_DL="curl -O"
else
echo "Install wget or curl" >&2
exit 1
fi
# Set Output dir
PPAPI_FLASH_INSTALL_DIR=${PPAPI_FLASH_INSTALL_DIR:-/opt/google/chrome/PepperFlash}
# Set temp dir
TMP=${TMP:-/tmp}
# Set staging dir
STAGINGDIR=$TMP/pepper-flash-staging
# Setup Arch
case $(uname -m) in
x86_64) ARCH=x86_64 ;;
i?86) ARCH=i386 ;;
esac
# Work out the VERSION
VERSION=$($SILENT_DL http://www.adobe.com/software/flash/about/ | grep -FA2 'Chromium-based browsers - PPAPI' | grep -Eo '([0-9]+\.){3}[0-9]+' | tail -n1)
# Error out if $VERISON is unset, e.g. because previous command failed
if [ -z "$VERSION" ]; then
echo "Could not work out the latest version; exiting" >&2
exit 1
fi
# Don't start repackaging if the same version is already installed
if [ -r "$PPAPI_FLASH_INSTALL_DIR/manifest.json" ] ; then
CUR_VER=$(grep -Eo '"version" *: *"([0-9]+\.){3}[0-9]+",' "$PPAPI_FLASH_INSTALL_DIR/manifest.json" | cut -d'"' -f 4)
if [ "$CUR_VER" = "$VERSION" ]; then
echo "The latest Flash ($VERSION) is already installed"
exit 0
fi
fi
# Now we could screw things up so exit on first error
set -e
# If the staging directory is already present from the past, clear it down
# and re-create it.
if [ -d "$STAGINGDIR" ]; then
rm -fr "$STAGINGDIR"
fi
mkdir -p "$STAGINGDIR$PPAPI_FLASH_INSTALL_DIR"
cd "$STAGINGDIR"
# Now get the tarball
$LOUD_DL "http://fpdownload.adobe.com/pub/flashplayer/pdc/$VERSION/flash_player_ppapi_linux.${ARCH}.tar.gz"
# Extract the contents of the Google Chrome binary package
tar xf flash_player_ppapi_linux.${ARCH}.tar.gz -C "$STAGINGDIR$PPAPI_FLASH_INSTALL_DIR"
chmod -R u+w,go+r-w,a-s .
# Escalate privileges if needed and copy files into place
if [ "$UID" = 0 ]; then
tar --owner=0 --group=0 -cf- ".$PPAPI_FLASH_INSTALL_DIR" | tar -xf- -C /
elif [ -r /etc/os-release ] && grep -qx 'ID=\(ubuntu\|linuxmint\)' /etc/os-release; then
echo "Calling sudo ... (if prompted, please enter your password, so Flash can be copied into place)"
tar --owner=0 --group=0 -cf- ".$PPAPI_FLASH_INSTALL_DIR" | sudo tar -xf- -C /
else
echo "Please enter your root password so Pepper Flash can be copied into place"
su -c "sh -c \"tar --owner=0 --group=0 -cf- .$PPAPI_FLASH_INSTALL_DIR | tar -xf- -C /\""
fi
# Tell the user we are done
printf "\nFlash installed into $PPAPI_FLASH_INSTALL_DIR\n"
@baptistedonaux

This comment has been minimized.

Show comment Hide comment
@baptistedonaux

baptistedonaux Apr 7, 2016

Great script ! Really nice !

Great script ! Really nice !

@ruario

This comment has been minimized.

Show comment Hide comment
@ruario

ruario Oct 19, 2016

Updated, to use packages from Adobe, rather than pulling apart Chrome.

Owner

ruario commented Oct 19, 2016

Updated, to use packages from Adobe, rather than pulling apart Chrome.

@mpyatishev

This comment has been minimized.

Show comment Hide comment
@mpyatishev

mpyatishev Nov 15, 2016

Thanks for this script!

Thanks for this script!

@fld

This comment has been minimized.

Show comment Hide comment
@fld

fld Dec 16, 2016

For Debian jessies chromium users:

% cat /etc/chromium.d/latest-pepper-flash
flashso="/opt/google/chrome/PepperFlash/libpepflashplayer.so"
flashversion=`strings $flashso 2> /dev/null | grep LNX | cut -d ' ' -f 2 | sed -e "s/,/./g"`
CHROMIUM_FLAGS="$CHROMIUM_FLAGS --ppapi-flash-path=$flashso --ppapi-flash-version=$flashversion"

fld commented Dec 16, 2016

For Debian jessies chromium users:

% cat /etc/chromium.d/latest-pepper-flash
flashso="/opt/google/chrome/PepperFlash/libpepflashplayer.so"
flashversion=`strings $flashso 2> /dev/null | grep LNX | cut -d ' ' -f 2 | sed -e "s/,/./g"`
CHROMIUM_FLAGS="$CHROMIUM_FLAGS --ppapi-flash-path=$flashso --ppapi-flash-version=$flashversion"
@kernc

This comment has been minimized.

Show comment Hide comment
@kernc

kernc Dec 29, 2016

For Debian jessies chromium users

In addition, they should remove /etc/chromium.d/pepperflashplugin-nonfree, if any.

@ruario Instead of checking for ubuntu|linuxmint in /etc/os-release, how about testing if groups | grep -q '\bsudo\b'. I use Debian in root-locked-sudo-mode and the latter test works.

kernc commented Dec 29, 2016

For Debian jessies chromium users

In addition, they should remove /etc/chromium.d/pepperflashplugin-nonfree, if any.

@ruario Instead of checking for ubuntu|linuxmint in /etc/os-release, how about testing if groups | grep -q '\bsudo\b'. I use Debian in root-locked-sudo-mode and the latter test works.

@ruario

This comment has been minimized.

Show comment Hide comment
@ruario

ruario Jan 2, 2017

@kernc doesn't help as that is just how it is done in debian. Other distros do not always use a sudo group.

In your case, just run the script itself under sudo (or tweak it for your own use).

Owner

ruario commented Jan 2, 2017

@kernc doesn't help as that is just how it is done in debian. Other distros do not always use a sudo group.

In your case, just run the script itself under sudo (or tweak it for your own use).

@nifgraup

This comment has been minimized.

Show comment Hide comment
@nifgraup

nifgraup Jan 12, 2017

@fld that command shouldn't be necessary, Vivaldi looks for flash in that location by default

@fld that command shouldn't be necessary, Vivaldi looks for flash in that location by default

@cybernova

This comment has been minimized.

Show comment Hide comment
@cybernova

cybernova May 13, 2017

Something has to be changed in the adobe site, now to get the version correctly this should be used:
VERSION=$($SILENT_DL http://www.adobe.com/software/flash/about/ | grep -FA2 'Chromium-based browsers - PPAPI' | grep -Eo '([0-9]+\.){3}[0-9]+' | tail -n1)

Something has to be changed in the adobe site, now to get the version correctly this should be used:
VERSION=$($SILENT_DL http://www.adobe.com/software/flash/about/ | grep -FA2 'Chromium-based browsers - PPAPI' | grep -Eo '([0-9]+\.){3}[0-9]+' | tail -n1)

@AngryPenguinPL

This comment has been minimized.

Show comment Hide comment
@AngryPenguinPL

AngryPenguinPL Jun 19, 2017

Yes, solution @cybernova work for me. Thanks.

Yes, solution @cybernova work for me. Thanks.

@ruario

This comment has been minimized.

Show comment Hide comment
@ruario

ruario Oct 11, 2017

Thanks @cybernova I comhe mean tpletely missed your comment before and I have been away for months on parental leave butI have finally fixed this now. I hope others saw your comment in the mean time

Owner

ruario commented Oct 11, 2017

Thanks @cybernova I comhe mean tpletely missed your comment before and I have been away for months on parental leave butI have finally fixed this now. I hope others saw your comment in the mean time

@ohaessler

This comment has been minimized.

Show comment Hide comment
@ohaessler

ohaessler Dec 14, 2017

@ruario thanks for the script. I had to deal with flash downloads as well, and came across a xml file with all flash versions:
http://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml

So the download could be changed to this (remove the "L" option in curl):


if available wget; then
SILENT_DL="wget -qO-"
LOUD_DL="wget"
elif available curl; then
SILENT_DL="curl -s"
LOUD_DL="curl -O"
else
echo "Install wget or curl" >&2
exit 1
fi

VERSION=$($SILENT_DL http://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml | sed '/</release>/,$d' | grep PPAPI_linuxchrome | awk -F'"' '{ print $2 }' | sed 's/,/./g')


This is a bit faster, and should also not change to often.

Cheers
Oliver

@ruario thanks for the script. I had to deal with flash downloads as well, and came across a xml file with all flash versions:
http://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml

So the download could be changed to this (remove the "L" option in curl):


if available wget; then
SILENT_DL="wget -qO-"
LOUD_DL="wget"
elif available curl; then
SILENT_DL="curl -s"
LOUD_DL="curl -O"
else
echo "Install wget or curl" >&2
exit 1
fi

VERSION=$($SILENT_DL http://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml | sed '/</release>/,$d' | grep PPAPI_linuxchrome | awk -F'"' '{ print $2 }' | sed 's/,/./g')


This is a bit faster, and should also not change to often.

Cheers
Oliver

@cybernova

This comment has been minimized.

Show comment Hide comment
@cybernova

cybernova Jan 10, 2018

Didn't notice that in the script we don't use any security by downloading updates from http instead of https exposing us to MitM attacks until today when I saw a report from ESET titled: Diplomats in Eastern Europe bitten by a Turla mosquito ( https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pdf ) where Turla APT apparently injects malware on the fly in adobe flash player's update.
So I suggest to apply a little patch to the script by simply changing all http to https as soon as possible.

EDIT:
I verified analyzing the traffic generated by the script, even with the use of https the check of the version is in plain text because of a redirect in this page: https://www.adobe.com/software/flash/about/ -> http://get.adobe.com/flashplayer/about/ :D
The better solution is to use the suggest of @ohaessler ( is more faster and stable as he said, Thanks! ) and to use a string for verifying the version like this :
VERSION=$($SILENT_DL https://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml | grep -m1 "PPAPI_linux version" | cut -d \" -f 2 | tr , .)
Note the use of https and this time works and is full encrypted.

cybernova commented Jan 10, 2018

Didn't notice that in the script we don't use any security by downloading updates from http instead of https exposing us to MitM attacks until today when I saw a report from ESET titled: Diplomats in Eastern Europe bitten by a Turla mosquito ( https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pdf ) where Turla APT apparently injects malware on the fly in adobe flash player's update.
So I suggest to apply a little patch to the script by simply changing all http to https as soon as possible.

EDIT:
I verified analyzing the traffic generated by the script, even with the use of https the check of the version is in plain text because of a redirect in this page: https://www.adobe.com/software/flash/about/ -> http://get.adobe.com/flashplayer/about/ :D
The better solution is to use the suggest of @ohaessler ( is more faster and stable as he said, Thanks! ) and to use a string for verifying the version like this :
VERSION=$($SILENT_DL https://fpdownload.macromedia.com/pub/flashplayer/masterversion/masterversion.xml | grep -m1 "PPAPI_linux version" | cut -d \" -f 2 | tr , .)
Note the use of https and this time works and is full encrypted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment