Merge branch 'develop', remote-tracking branch 'upstream' into Prefetch-SRU-Update

Core/build.xml

@@ -136,12 +136,12 @@
               tofile="${ext.dir}/sleuthkit-${TSK_VERSION}.jar"/>
         <copy file="${env.TSK_HOME}/bindings/java/lib/sqlite-jdbc-3.42.0.1.jar"
               tofile="${ext.dir}/sqlite-jdbc-3.42.0.1.jar"/>
-		<copy file="${env.TSK_HOME}/bindings/java/lib/postgresql-42.3.5.jar" 
+		<copy file="${env.TSK_HOME}/bindings/java/lib/postgresql-42.7.3.jar" 
-              tofile="${ext.dir}/postgresql-42.3.5.jar"/>
+              tofile="${ext.dir}/postgresql-42.7.3.jar"/>
         <copy file="${env.TSK_HOME}/bindings/java/lib/c3p0-0.9.5.5.jar"
               tofile="${ext.dir}/c3p0-0.9.5.5.jar"/>
-        <copy file="${env.TSK_HOME}/bindings/java/lib/mchange-commons-java-0.2.20.jar"
+        <copy file="${env.TSK_HOME}/bindings/java/lib/mchange-commons-java-0.3.0.jar"
-              tofile="${ext.dir}/mchange-commons-java-0.2.20.jar"/>
+              tofile="${ext.dir}/mchange-commons-java-0.3.0.jar"/>
         <copy file="${env.TSK_HOME}/bindings/java/lib/SparseBitSet-1.1.jar"
               tofile="${ext.dir}/SparseBitSet-1.1.jar"/>	
         <copy file="${env.TSK_HOME}/case-uco/java/dist/sleuthkit-caseuco-${TSK_VERSION}.jar" 

Core/nbproject/project.properties

@@ -65,7 +65,7 @@ file.reference.license4j-runtime-library-4.7.1.jar=release/modules/ext/license4j
 file.reference.listenablefuture-1.0.jar=release/modules/ext/listenablefuture-1.0.jar
 file.reference.logback-classic-1.2.10.jar=release/modules/ext/logback-classic-1.2.10.jar
 file.reference.logback-core-1.2.10.jar=release/modules/ext/logback-core-1.2.10.jar
-file.reference.mchange-commons-java-0.2.20.jar=release/modules/ext/mchange-commons-java-0.2.20.jar
+file.reference.mchange-commons-java-0.3.0.jar=release/modules/ext/mchange-commons-java-0.3.0.jar
 file.reference.metadata-extractor-2.18.0.jar=release/modules/ext/metadata-extractor-2.18.0.jar
 file.reference.netty-buffer-4.1.73.Final.jar=release/modules/ext/netty-buffer-4.1.73.Final.jar
 file.reference.netty-codec-4.1.73.Final.jar=release/modules/ext/netty-codec-4.1.73.Final.jar
@@ -80,7 +80,7 @@ file.reference.netty-transport-native-epoll-4.1.73.Final.jar=release/modules/ext
 file.reference.netty-transport-native-unix-common-4.1.73.Final.jar=release/modules/ext/netty-transport-native-unix-common-4.1.73.Final.jar
 file.reference.okhttp-2.7.5.jar=release/modules/ext/okhttp-2.7.5.jar
 file.reference.okio-1.6.0.jar=release/modules/ext/okio-1.6.0.jar
-file.reference.postgresql-42.3.5.jar=release/modules/ext/postgresql-42.3.5.jar
+file.reference.postgresql-42.7.3.jar=release/modules/ext/postgresql-42.7.3.jar
 file.reference.Rejistry-1.1-SNAPSHOT.jar=release/modules/ext/Rejistry-1.1-SNAPSHOT.jar
 file.reference.serializer-2.7.2.jar=release/modules/ext/serializer-2.7.2.jar
 file.reference.sevenzipjbinding-AllPlatforms.jar=release/modules/ext/sevenzipjbinding-AllPlatforms.jar

Core/nbproject/project.xml

@@ -638,8 +638,8 @@
                 <binary-origin>release/modules/ext/logback-core-1.2.10.jar</binary-origin>
             </class-path-extension>
             <class-path-extension>
-                <runtime-relative-path>ext/mchange-commons-java-0.2.20.jar</runtime-relative-path>
+                <runtime-relative-path>ext/mchange-commons-java-0.3.0.jar</runtime-relative-path>
-                <binary-origin>release/modules/ext/mchange-commons-java-0.2.20.jar</binary-origin>
+                <binary-origin>release/modules/ext/mchange-commons-java-00.3.0.jar</binary-origin>
             </class-path-extension>
             <class-path-extension>
                 <runtime-relative-path>ext/metadata-extractor-2.18.0.jar</runtime-relative-path>
@@ -698,8 +698,8 @@
                 <binary-origin>release/modules/ext/okio-1.6.0.jar</binary-origin>
             </class-path-extension>
             <class-path-extension>
-                <runtime-relative-path>ext/postgresql-42.3.5.jar</runtime-relative-path>
+                <runtime-relative-path>ext/postgresql-42.7.3.jar</runtime-relative-path>
-                <binary-origin>release/modules/ext/postgresql-42.3.5.jar</binary-origin>
+                <binary-origin>release/modules/ext/postgresql-42.7.3.jar</binary-origin>
             </class-path-extension>
             <class-path-extension>
                 <runtime-relative-path>ext/Rejistry-1.1-SNAPSHOT.jar</runtime-relative-path>

Core/src/org/sleuthkit/autopsy/actions/AddTagAction.java

@@ -239,7 +239,7 @@ abstract class AddTagAction extends AbstractAction implements Presenter.Popup {
          */
         private JMenuItem createMenutItem(TagName tagName) {
             String tagDisplayName = tagName.getDisplayName();
-            String notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+            String notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
             JMenuItem tagNameItem = new JMenuItem(tagDisplayName + notableString);
 
             if (tagDisplayName.equals(TagsManager.getBookmarkTagDisplayName())) {

Core/src/org/sleuthkit/autopsy/actions/GetTagNameDialog.java

@@ -174,10 +174,10 @@ public class GetTagNameDialog extends JDialog {
 
         private final String name;
         private final String description;
-        private final TskData.FileKnown status;
+        private final TskData.TagType status;
         private final TagName.HTML_COLOR color;
         
-        AddTagNameWorker(String name, String description, TskData.FileKnown status, TagName.HTML_COLOR color) {
+        AddTagNameWorker(String name, String description, TskData.TagType status, TagName.HTML_COLOR color) {
             this.name = name;
             this.description = description;
             this.status = status;
@@ -375,7 +375,7 @@ public class GetTagNameDialog extends JDialog {
     private void okButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_okButtonActionPerformed
         String tagDisplayName = tagNameField.getText();
         String userTagDescription = descriptionTextArea.getText();
-        TskData.FileKnown status = notableCheckbox.isSelected() ? TskData.FileKnown.BAD : TskData.FileKnown.UNKNOWN;
+        TskData.TagType status = notableCheckbox.isSelected() ? TskData.TagType.BAD : TskData.TagType.SUSPICIOUS;
         if (tagDisplayName.isEmpty()) {
             JOptionPane.showMessageDialog(this,
                     NbBundle.getMessage(this.getClass(),

Core/src/org/sleuthkit/autopsy/actions/ReplaceTagAction.java

@@ -226,7 +226,7 @@ abstract class ReplaceTagAction<T extends Tag> extends AbstractAction implements
      */
     private JMenuItem createMenutItem(TagName tagName, Set<String> tagNamesToDisable, Collection<? extends T> selectedTags) {
         String tagDisplayName = tagName.getDisplayName();
-        String notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+        String notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
         JMenuItem tagNameItem = new JMenuItem(tagDisplayName + notableString);
 
         if (tagDisplayName.equals(TagsManager.getBookmarkTagDisplayName())) {

Core/src/org/sleuthkit/autopsy/casemodule/Bundle.properties-MERGED

@@ -107,6 +107,12 @@ Case.servicesException.notificationTitle={0} Error
 Case.servicesException.serviceResourcesCloseError=Could not close case resources for {0} service: {1}
 Case_caseType_multiUser=Multi-user case
 Case_caseType_singleUser=Single-user case
+Case_checkImagePaths_exceptionOccurred=An exception occurred while checking if image paths are present
+# {0} - paths
+Case_checkImagePaths_noPaths=The following images had no associated paths: {0}
+# {0} - appplicationName
+Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException=The case is open in {0}. Please close it before attempting to open it in Autopsy.
+Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException_defaultApp=another application
 CaseDetailsPanel.casePanel.border.title=Case
 CaseDetailsPanel.examinerLabel.text=Name:
 CaseDetailsPanel.examinerPanel.border.title=Examiner

Core/src/org/sleuthkit/autopsy/casemodule/Case.java

@@ -41,6 +41,7 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
 import java.text.SimpleDateFormat;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
@@ -64,6 +65,7 @@ import javax.annotation.concurrent.GuardedBy;
 import javax.annotation.concurrent.ThreadSafe;
 import javax.swing.JOptionPane;
 import javax.swing.SwingUtilities;
+import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.openide.util.Lookup;
 import org.openide.util.NbBundle;
@@ -143,6 +145,7 @@ import org.sleuthkit.autopsy.timeline.OpenTimelineAction;
 import org.sleuthkit.autopsy.timeline.events.TimelineEventAddedEvent;
 import org.sleuthkit.datamodel.BlackboardArtifactTag;
 import org.sleuthkit.datamodel.CaseDbConnectionInfo;
+import org.sleuthkit.datamodel.ConcurrentDbAccessException;
 import org.sleuthkit.datamodel.Content;
 import org.sleuthkit.datamodel.ContentStreamProvider;
 import org.sleuthkit.datamodel.ContentTag;
@@ -194,8 +197,6 @@ public class Case {
     private final SleuthkitEventListener sleuthkitEventListener;
     private CollaborationMonitor collaborationMonitor;
     private Services caseServices;
-    // matches something like '\\.\PHYSICALDRIVE0'
-    private static final String PLACEHOLDER_DS_PATH_REGEX = "^\\s*\\\\\\\\\\.\\\\PHYSICALDRIVE\\d*\\s*$";
 
     private volatile boolean hasDataSource = false;
     private volatile boolean hasData = false;
@@ -1307,13 +1308,6 @@ public class Case {
             String path = entry.getValue();
             boolean fileExists = (new File(path).exists()|| DriveUtils.driveExists(path));
             if (!fileExists) {
-                // CT-7336: ignore relocating datasources if file provider is present and placeholder path is used.
-                if (newCurrentCase.getMetadata() != null
-                        && !StringUtils.isBlank(newCurrentCase.getMetadata().getContentProviderName())
-                        && (path == null || path.matches(PLACEHOLDER_DS_PATH_REGEX))) {
-                    continue;
-                }
-                
                 try {
                     DataSource ds = newCurrentCase.getSleuthkitCase().getDataSource(obj_id);
                     String hostName = StringUtils.defaultString(ds.getHost() == null ? "" : ds.getHost().getName());
@@ -2293,6 +2287,8 @@ public class Case {
             checkForCancellation();
             openCommunicationChannels(progressIndicator);
             checkForCancellation();
+            checkImagePaths();
+            checkForCancellation();
             openFileSystemsInBackground();
             return null;
 
@@ -2312,6 +2308,40 @@ public class Case {
         }
     }
     
+    /**
+     * Check if content provider is present, all images have paths, or throw an error.
+     * @throws CaseActionException 
+     */
+    @Messages({
+        "# {0} - paths",
+        "Case_checkImagePaths_noPaths=The following images had no associated paths: {0}",
+        "Case_checkImagePaths_exceptionOccurred=An exception occurred while checking if image paths are present"
+    })
+    private void checkImagePaths() throws CaseActionException {
+        // if there is a content provider, images don't necessarily need paths
+        if (StringUtils.isNotBlank(this.metadata.getContentProviderName())) {
+            return;
+        }
+        
+        // identify images without paths
+        try {
+            List<Image> noPathImages = new ArrayList<>();
+            List<Image> images = this.caseDb.getImages();
+            for (Image img: images) {
+                if (ArrayUtils.isEmpty(img.getPaths())) {
+                    noPathImages.add(img);
+                }
+            }
+            
+            if (!noPathImages.isEmpty()) {
+                String imageListStr = noPathImages.stream().map(Image::getName).collect(Collectors.joining(", "));
+                throw new CaseActionException(Bundle.Case_checkImagePaths_noPaths(imageListStr));
+            }
+        } catch (TskCoreException ex) {
+            throw new CaseActionException(Bundle.Case_checkImagePaths_exceptionOccurred(), ex);
+        }
+    }
+
     /**
      * Starts a background task that reads a sector from each file system of
      * each image of a case to do an eager open of the filesystems in the case.
@@ -2707,7 +2737,7 @@ public class Case {
                  * with a standard name, physically located in the case
                  * directory.
                  */
-                caseDb = SleuthkitCase.newCase(Paths.get(metadata.getCaseDirectory(), SINGLE_USER_CASE_DB_NAME).toString());
+                caseDb = SleuthkitCase.newCase(Paths.get(metadata.getCaseDirectory(), SINGLE_USER_CASE_DB_NAME).toString(), (ContentStreamProvider) null, APP_NAME);
                 metadata.setCaseDatabaseName(SINGLE_USER_CASE_DB_NAME);
             } else {
                 /*
@@ -2719,6 +2749,7 @@ public class Case {
                 metadata.setCaseDatabaseName(caseDb.getDatabaseName());
             }
         } catch (TskCoreException ex) {
+            throwIfConcurrentDbAccessException(ex);
             throw new CaseActionException(Bundle.Case_exceptionMessage_couldNotCreateCaseDatabase(ex.getLocalizedMessage()), ex);
         } catch (UserPreferencesException ex) {
             throw new CaseActionException(Bundle.Case_exceptionMessage_couldNotGetDbServerConnectionInfo(ex.getLocalizedMessage()), ex);
@@ -2759,7 +2790,7 @@ public class Case {
             }
 
             if (CaseType.SINGLE_USER_CASE == metadata.getCaseType()) {
-                caseDb = SleuthkitCase.openCase(metadata.getCaseDatabasePath(), contentProvider);
+                caseDb = SleuthkitCase.openCase(metadata.getCaseDatabasePath(), contentProvider, APP_NAME);
             } else if (UserPreferences.getIsMultiUserModeEnabled()) {
                 caseDb = SleuthkitCase.openCase(databaseName, UserPreferences.getDatabaseConnectionInfo(), metadata.getCaseDirectory(), contentProvider);
             } else {
@@ -2771,11 +2802,46 @@ public class Case {
         } catch (UserPreferencesException ex) {
             throw new CaseActionException(Bundle.Case_exceptionMessage_couldNotGetDbServerConnectionInfo(ex.getLocalizedMessage()), ex);
         } catch (TskCoreException ex) {
+            throwIfConcurrentDbAccessException(ex);
             throw new CaseActionException(Bundle.Case_exceptionMessage_couldNotOpenCaseDatabase(ex.getLocalizedMessage()), ex);    
         }
     }
     
     
+    /**
+     * Throws a CaseActionException if the exception or any nested exception is a ConcurrentDbAccessException (max depth of 10)
+     * @param ex The exception.
+     * @throws CaseActionException Thrown if there is a concurrent db access exception.
+     */
+    @Messages({
+        "# {0} - appplicationName",
+        "Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException=The case is open in {0}. Please close it before attempting to open it in Autopsy.",
+        "Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException_defaultApp=another application"
+    })
+    private void throwIfConcurrentDbAccessException(Exception ex) throws CaseActionException {
+        ConcurrentDbAccessException concurrentEx = null;
+        Throwable curEx = ex;
+        // max depth search for a concurrent db access exception will be 10
+        for (int i = 0; i < 10; i++) {
+            if (curEx == null) {
+                break;
+            } else if (curEx instanceof ConcurrentDbAccessException foundEx) {
+                concurrentEx = foundEx;
+                break;
+            } else {
+                curEx = curEx.getCause();    
+            }
+        }
+        
+        if (concurrentEx != null) {
+            throw new CaseActionException(Bundle.Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException(
+                    StringUtils.defaultIfBlank(concurrentEx.getConflictingApplicationName(),
+                            Bundle.Case_throwIfConcurrentDbAccessException_fileLock_concurrentAccessException_defaultApp())
+            ), concurrentEx);
+        }
+    }
+    
+     
     /**
      * Attempts to load a content provider for the provided arguments. Returns
      * null if no content provider for the arguments can be identified.

Core/src/org/sleuthkit/autopsy/casemodule/services/TagNameDefinition.java

@@ -1,7 +1,7 @@
 /*
  * Autopsy Forensic Browser
  *
- * Copyright 2011-2018 Basis Technology Corp.
+ * Copyright 2011-2024 Basis Technology Corp.
  * Contact: carrier <at> sleuthkit <dot> org
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -54,20 +54,20 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
     private static final String TAGS_SETTINGS_NAME = "Tags"; //NON-NLS
     private static final String TAG_NAMES_SETTING_KEY = "TagNames"; //NON-NLS 
     private static final String TAG_SETTING_VERSION_KEY = "CustomTagNameVersion";
-    private static final int TAG_SETTINGS_VERSION = 1;
+    private static final int TAG_SETTINGS_VERSION = 2; // Changed tag type from TskData.FileKnown to TskData.TagType
 
     private final String displayName;
     private final String description;
     private final TagName.HTML_COLOR color;
-    private final TskData.FileKnown knownStatus;
+    private final TskData.TagType tagType;
 
     private static final List<TagNameDefinition> STANDARD_TAGS_DEFINITIONS = new ArrayList<>();
     private static final List<String> PROJECT_VIC_NAMES_NO_LONGER_USED = new ArrayList<>();
 
     static {
-        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_bookmark_text(), "", TagName.HTML_COLOR.NONE, TskData.FileKnown.UNKNOWN));
+        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_bookmark_text(), "", TagName.HTML_COLOR.NONE, TskData.TagType.SUSPICIOUS));
-        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_followUp_text(), "", TagName.HTML_COLOR.NONE, TskData.FileKnown.UNKNOWN));
+        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_followUp_text(), "", TagName.HTML_COLOR.NONE, TskData.TagType.SUSPICIOUS));
-        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_notableItem_text(), "", TagName.HTML_COLOR.NONE, TskData.FileKnown.BAD));
+        STANDARD_TAGS_DEFINITIONS.add(new TagNameDefinition(Bundle.TagNameDefinition_predefTagNames_notableItem_text(), "", TagName.HTML_COLOR.NONE, TskData.TagType.BAD));
 
         PROJECT_VIC_NAMES_NO_LONGER_USED.add("CAT-1: Child Exploitation (Illegal)");
         PROJECT_VIC_NAMES_NO_LONGER_USED.add("CAT-2: Child Exploitation (Non-Illegal/Age Difficult)");
@@ -79,18 +79,27 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
 
     /**
      * Constructs a tag name definition consisting of a display name,
-     * description, color and knownStatus.
+     * description, color and tag type.
      *
      * @param displayName The display name for the tag name.
      * @param description The description for the tag name.
      * @param color       The color for the tag name.
      * @param status      The status denoted by the tag name.
+     * @deprecated TagNameDefinition(String displayName, String description, TagName.HTML_COLOR color, TskData.TagType status) should be used instead.
      */
+    @Deprecated
     public TagNameDefinition(String displayName, String description, TagName.HTML_COLOR color, TskData.FileKnown status) {
         this.displayName = displayName;
         this.description = description;
         this.color = color;
-        this.knownStatus = status;
+        this.tagType = TskData.TagType.convertFileKnownToTagType(status);
+    }
+    
+    public TagNameDefinition(String displayName, String description, TagName.HTML_COLOR color, TskData.TagType status) {
+        this.displayName = displayName;
+        this.description = description;
+        this.color = color;
+        this.tagType = status;
     }
 
     static Collection<TagNameDefinition> getStandardTagNameDefinitions() {
@@ -164,10 +173,21 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
     /**
      * The status which will be applied to items with this tag.
      *
-     * @return a value of TskData.FileKnown which is associated with this tag
+     * @return a value of TskData.TagType which is associated with this tag
      */
+    public TskData.TagType getTagType() {
+        return tagType;
+    }
+    
+    /**
+     * The status which will be applied to items with this tag.
+     *
+     * @return a value of TskData.FileKnown which is associated with this tag
+     * @deprecated getTagType() should be used instead.
+     */
+    @Deprecated
     public TskData.FileKnown getKnownStatus() {
-        return knownStatus;
+        return TskData.TagType.convertTagTypeToFileKnown(tagType);
     }
 
     /**
@@ -212,7 +232,7 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
             return false;
         }
         boolean sameName = this.getDisplayName().equals(((TagNameDefinition) obj).getDisplayName());
-        boolean sameStatus = this.getKnownStatus().equals(((TagNameDefinition) obj).getKnownStatus());
+        boolean sameStatus = this.getTagType().equals(((TagNameDefinition) obj).getTagType());
         return sameName && sameStatus;
     }
 
@@ -231,13 +251,13 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
      *         that is used by the tags settings file.
      */
     private String toSettingsFormat() {
-        return displayName + "," + description + "," + color.name() + "," + knownStatus.toString();
+        return displayName + "," + description + "," + color.name() + "," + tagType.toString();
     }
 
     TagName saveToCase(SleuthkitCase caseDb) {
         TagName tagName = null;
         try {
-            tagName = caseDb.getTaggingManager().addOrUpdateTagName(displayName, description, color, knownStatus);
+            tagName = caseDb.getTaggingManager().addOrUpdateTagName(displayName, description, color, tagType);
         } catch (TskCoreException ex) {
             LOGGER.log(Level.SEVERE, "Error saving tag name definition", ex);
         }
@@ -251,7 +271,7 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
      * The currently custom tags properties are stored in one string property
      * value separated by ;. The properties of an individual tag are comma
      * separated in the format of:
-     * tag_name,tag_description,tag_color,known_status
+     * tag_name,tag_description,tag_color,tag_type
      *
      * In prior versions of autopsy the known_status was stored in the central
      * repository, therefore the properties file only had three values.
@@ -279,7 +299,7 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
             String[] attributes = tagProps.split(",");
 
             definitions.add(new TagNameDefinition(attributes[0], attributes[1],
-                    TagName.HTML_COLOR.valueOf(attributes[2]), TskData.FileKnown.valueOf(attributes[3])));
+                    TagName.HTML_COLOR.valueOf(attributes[2]), TskData.TagType.valueOf(attributes[3])));
         }
 
         return definitions;
@@ -316,7 +336,7 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
         Integer version = getPropertyFileVersion();
         List<TagNameDefinition> definitions = new ArrayList<>();
 
-        if (version == null) {
+        if (version == null || version == 1) {
             String tagsProperty = ModuleSettings.getConfigSetting(TAGS_SETTINGS_NAME, TAG_NAMES_SETTING_KEY);
             if (tagsProperty == null || tagsProperty.isEmpty()) {
                 ModuleSettings.setConfigSetting(TAGS_SETTINGS_NAME, TAG_SETTING_VERSION_KEY, Integer.toString(TAG_SETTINGS_VERSION));
@@ -332,22 +352,27 @@ final public class TagNameDefinition implements Comparable<TagNameDefinition> {
             List<String> notableTagList = null;
             for (String tagProps : individualTags) {
                 String[] attributes = tagProps.split(",");
-                TskData.FileKnown fileKnown = TskData.FileKnown.UNKNOWN;
+                TskData.TagType tagType = TskData.TagType.SUSPICIOUS;
                 if (attributes.length == 3) {
                     // If notableTagList is null load it from the CR.
                     if (notableTagList == null) {
                         notableTagList = getCRNotableList();
                     } else {
                         if (notableTagList.contains(attributes[0])) {
-                            fileKnown = TskData.FileKnown.BAD;
+                            tagType = TskData.TagType.BAD;
                         }
                     }
                 } else {
-                    fileKnown = TskData.FileKnown.valueOf(attributes[3]);
+                    if (version == 1) {
+                        // handle backwards compatibility
+                        tagType = TskData.TagType.convertFileKnownToTagType(TskData.FileKnown.valueOf(attributes[3]));
+                    } else {
+                        tagType = TskData.TagType.valueOf(attributes[3]);
+                    }
                 }
 
                 definitions.add(new TagNameDefinition(attributes[0], attributes[1],
-                        TagName.HTML_COLOR.valueOf(attributes[2]), fileKnown));
+                        TagName.HTML_COLOR.valueOf(attributes[2]), tagType));
             }
         }
 

Core/src/org/sleuthkit/autopsy/casemodule/services/TagNameDialog.java

@@ -62,7 +62,7 @@ final class TagNameDialog extends javax.swing.JDialog {
         initComponents();
         tagNameTextField.setText(tagNameToEdit.getDisplayName());
         descriptionTextArea.setText(tagNameToEdit.getDescription());
-        notableCheckbox.setSelected(tagNameToEdit.getKnownStatus() == TskData.FileKnown.BAD);
+        notableCheckbox.setSelected(tagNameToEdit.getTagType() == TskData.TagType.BAD);
         tagNameTextField.setEnabled(false);
         this.display();
     }

Core/src/org/sleuthkit/autopsy/casemodule/services/TagOptionsPanel.java

@@ -314,7 +314,7 @@ final class TagOptionsPanel extends javax.swing.JPanel implements OptionsPanel {
         TagNameDialog dialog = new TagNameDialog();
         TagNameDialog.BUTTON_PRESSED result = dialog.getResult();
         if (result == TagNameDialog.BUTTON_PRESSED.OK) {
-            TskData.FileKnown status = dialog.isTagNotable() ? TskData.FileKnown.BAD : TskData.FileKnown.UNKNOWN;
+            TskData.TagType status = dialog.isTagNotable() ? TskData.TagType.BAD : TskData.TagType.SUSPICIOUS;
             TagNameDefinition newTagType = new TagNameDefinition(dialog.getTagName(), dialog.getTagDesciption(), DEFAULT_COLOR, status);
             /*
              * If tag name already exists, don't add the tag name.
@@ -348,7 +348,7 @@ final class TagOptionsPanel extends javax.swing.JPanel implements OptionsPanel {
         TagNameDialog dialog = new TagNameDialog(originalTagName);
         TagNameDialog.BUTTON_PRESSED result = dialog.getResult();
         if (result == TagNameDialog.BUTTON_PRESSED.OK) {
-            TskData.FileKnown status = dialog.isTagNotable() ? TskData.FileKnown.BAD : TskData.FileKnown.UNKNOWN;
+            TskData.TagType status = dialog.isTagNotable() ? TskData.TagType.BAD : TskData.TagType.SUSPICIOUS;
             TagNameDefinition newTagType = new TagNameDefinition(dialog.getTagName(), dialog.getTagDesciption(), DEFAULT_COLOR, status);
             /*
              * If tag name already exists, don't add the tag name.
@@ -359,7 +359,7 @@ final class TagOptionsPanel extends javax.swing.JPanel implements OptionsPanel {
             tagNamesList.setSelectedValue(newTagType, true);
             updatePanel();
             firePropertyChange(OptionsPanelController.PROP_CHANGED, null, null);
-            if (originalTagName.getKnownStatus() != newTagType.getKnownStatus() && Case.isCaseOpen()) {
+            if (originalTagName.getTagType() != newTagType.getTagType() && Case.isCaseOpen()) {
                 updatedStatusTags.add(newTagType.getDisplayName());
             }
         }
@@ -449,7 +449,7 @@ final class TagOptionsPanel extends javax.swing.JPanel implements OptionsPanel {
         deleteTagNameButton.setEnabled(enableEdit);
         if (isSelected) {
             descriptionTextArea.setText(tagNamesList.getSelectedValue().getDescription());
-            if (tagNamesList.getSelectedValue().getKnownStatus() == TskData.FileKnown.BAD) {
+            if (tagNamesList.getSelectedValue().getTagType() == TskData.TagType.BAD) {
                 notableYesOrNoLabel.setText("Yes");
             } else {
                 notableYesOrNoLabel.setText("No");

Core/src/org/sleuthkit/autopsy/casemodule/services/TagsManager.java

@@ -188,7 +188,7 @@ public class TagsManager implements Closeable {
     }
 
     /**
-     * Gets the set of display names of notable (TskData.FileKnown.BAD) tag
+     * Gets the set of display names of notable (TskData.TagType.BAD) tag
      * types. If a case is not open the list will only include only the user
      * defined custom tags. Otherwise the list will include all notable tags.
      *
@@ -197,7 +197,7 @@ public class TagsManager implements Closeable {
     public static List<String> getNotableTagDisplayNames() {
         List<String> tagDisplayNames = new ArrayList<>();
         for (TagNameDefinition tagDef : TagNameDefinition.getTagNameDefinitions()) {
-            if (tagDef.getKnownStatus() == TskData.FileKnown.BAD) {
+            if (tagDef.getTagType() == TskData.TagType.BAD) {
                 tagDisplayNames.add(tagDef.getDisplayName());
             }
         }
@@ -205,7 +205,7 @@ public class TagsManager implements Closeable {
         try {
             TagsManager tagsManager = Case.getCurrentCaseThrows().getServices().getTagsManager();
             for (TagName tagName : tagsManager.getAllTagNames()) {
-                if (tagName.getKnownStatus() == TskData.FileKnown.BAD
+                if (tagName.getTagType() == TskData.TagType.BAD
                         && !tagDisplayNames.contains(tagName.getDisplayName())) {
                     tagDisplayNames.add(tagName.getDisplayName());
                 }
@@ -303,14 +303,14 @@ public class TagsManager implements Closeable {
                 
                 // add the standard tag names
                 for (TagNameDefinition def : TagNameDefinition.getStandardTagNameDefinitions()) {
-                    taggingMgr.addOrUpdateTagName(def.getDisplayName(), def.getDescription(), def.getColor(), def.getKnownStatus());
+                    taggingMgr.addOrUpdateTagName(def.getDisplayName(), def.getDescription(), def.getColor(), def.getTagType());
                 }
                 
                 //Assume new case and add all tag sets
                 for (TagSetDefinition setDef : TagSetDefinition.readTagSetDefinitions()) {
                     List<TagName> tagNamesInSet = new ArrayList<>();
                     for (TagNameDefinition tagNameDef : setDef.getTagNameDefinitions()) {
-                        tagNamesInSet.add(taggingMgr.addOrUpdateTagName(tagNameDef.getDisplayName(), tagNameDef.getDescription(), tagNameDef.getColor(), tagNameDef.getKnownStatus()));
+                        tagNamesInSet.add(taggingMgr.addOrUpdateTagName(tagNameDef.getDisplayName(), tagNameDef.getDescription(), tagNameDef.getColor(), tagNameDef.getTagType()));
                     }
 
                     if (!tagNamesInSet.isEmpty()) {
@@ -505,7 +505,7 @@ public class TagsManager implements Closeable {
      *                                       name to the case database.
      */
     public TagName addTagName(String displayName) throws TagNameAlreadyExistsException, TskCoreException {
-        return addTagName(displayName, "", TagName.HTML_COLOR.NONE, TskData.FileKnown.UNKNOWN);
+        return addTagName(displayName, "", TagName.HTML_COLOR.NONE, TskData.TagType.SUSPICIOUS);
     }
 
     /**
@@ -524,7 +524,7 @@ public class TagsManager implements Closeable {
      *                                       name to the case database.
      */
     public TagName addTagName(String displayName, String description) throws TagNameAlreadyExistsException, TskCoreException {
-        return addTagName(displayName, description, TagName.HTML_COLOR.NONE, TskData.FileKnown.UNKNOWN);
+        return addTagName(displayName, description, TagName.HTML_COLOR.NONE, TskData.TagType.SUSPICIOUS);
     }
 
     /**
@@ -543,7 +543,23 @@ public class TagsManager implements Closeable {
      *                                       name to the case database.
      */
     public TagName addTagName(String displayName, String description, TagName.HTML_COLOR color) throws TagNameAlreadyExistsException, TskCoreException {
-        return addTagName(displayName, description, color, TskData.FileKnown.UNKNOWN);
+        return addTagName(displayName, description, color, TskData.TagType.SUSPICIOUS);
+    }
+    
+    /**
+     * 
+     * @param displayName
+     * @param description
+     * @param color
+     * @param knownStatus
+     * @return
+     * @throws org.sleuthkit.autopsy.casemodule.services.TagsManager.TagNameAlreadyExistsException
+     * @throws TskCoreException
+     * @deprecated addTagName(String displayName, String description, TagName.HTML_COLOR color, TskData.TagType tagType) should be used instead
+     */
+    @Deprecated
+    public TagName addTagName(String displayName, String description, TagName.HTML_COLOR color, TskData.FileKnown knownStatus) throws TagNameAlreadyExistsException, TskCoreException {
+        return addTagName(displayName, description, color, TskData.TagType.convertFileKnownToTagType(knownStatus));
     }
 
     /**
@@ -553,8 +569,8 @@ public class TagsManager implements Closeable {
      * @param displayName The display name for the new tag type.
      * @param description The description for the new tag type.
      * @param color       The color to associate with the new tag type.
-     * @param knownStatus The knownStatus to be used for the tag when
+     * @param tagType The tagType to be used for the tag when
-     *                    correlating on the tagged item
+                    correlating on the tagged item
      *
      * @return A TagName object that can be used to add instances of the tag
      *         type to the case database.
@@ -563,12 +579,12 @@ public class TagsManager implements Closeable {
      * @throws TskCoreException              If there is an error adding the tag
      *                                       name to the case database.
      */
-    public TagName addTagName(String displayName, String description, TagName.HTML_COLOR color, TskData.FileKnown knownStatus) throws TagNameAlreadyExistsException, TskCoreException {
+    public TagName addTagName(String displayName, String description, TagName.HTML_COLOR color, TskData.TagType tagType) throws TagNameAlreadyExistsException, TskCoreException {
         synchronized (lock) {
             try {
-                TagName tagName = caseDb.getTaggingManager().addOrUpdateTagName(displayName, description, color, knownStatus);
+                TagName tagName = caseDb.getTaggingManager().addOrUpdateTagName(displayName, description, color, tagType);
                 Set<TagNameDefinition> customTypes = TagNameDefinition.getTagNameDefinitions();
-                customTypes.add(new TagNameDefinition(displayName, description, color, knownStatus));
+                customTypes.add(new TagNameDefinition(displayName, description, color, tagType));
                 TagNameDefinition.setTagNameDefinitions(customTypes);
                 return tagName;
             } catch (TskCoreException ex) {

Core/src/org/sleuthkit/autopsy/centralrepository/application/OtherOccurrences.java

@@ -167,8 +167,8 @@ public final class OtherOccurrences {
         if (newNode.getKnown() != TskData.FileKnown.BAD) {
             List<ContentTag> fileMatchTags = autopsyCase.getServices().getTagsManager().getContentTagsByContent(newFile);
             for (ContentTag tag : fileMatchTags) {
-                TskData.FileKnown tagKnownStatus = tag.getName().getKnownStatus();
+                TskData.TagType tagType = tag.getName().getTagType();
-                if (tagKnownStatus.equals(TskData.FileKnown.BAD)) {
+                if (tagType.equals(TskData.TagType.BAD)) {
                     newNode.updateKnown(TskData.FileKnown.BAD);
                     break;
                 }

Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/CentralRepoDbUtil.java

@@ -307,7 +307,7 @@ public class CentralRepoDbUtil {
     }
 
     /**
-     * Conver thte Type's DbTableName string to the *_instances table name.
+     * Convert the Type's DbTableName string to the *_instances table name.
      *
      * @param type Correlation Type
      *

Core/src/org/sleuthkit/autopsy/centralrepository/eventlisteners/CaseEventListener.java

@@ -482,10 +482,11 @@ public final class CaseEventListener implements PropertyChangeListener {
                 for (BlackboardArtifactTag bbTag : artifactTags) {
                     //start with assumption that none of the other tags applied to this Correlation Attribute will prevent it's status from being changed
                     boolean hasTagWithConflictingKnownStatus = false;
-                    // if the status of the tag has been changed to TskData.FileKnown.UNKNOWN
+                    // if the status of the tag has been changed to TskData.TagType.UNKNOWN or TskData.TagType.SUSPICIOUS
                     // we need to check the status of all other tags on this correlation attribute before changing
                     // the status of the correlation attribute in the central repository
-                    if (tagName.getKnownStatus() == TskData.FileKnown.UNKNOWN) {
+                    if (tagName.getTagType() == TskData.TagType.UNKNOWN
+                            || tagName.getTagType() == TskData.TagType.SUSPICIOUS) {
                         Content content = bbTag.getContent();
                         // If the content which this Blackboard Artifact Tag is linked to is an AbstractFile with KNOWN status then 
                         // it's status in the central reporsitory should not be changed to UNKNOWN
@@ -503,7 +504,7 @@ public final class CaseEventListener implements PropertyChangeListener {
                                 continue;
                             }
                             //if any other tags on this artifact are Notable in status then this artifact can not have its status changed 
-                            if (TskData.FileKnown.BAD == t.getName().getKnownStatus()) {
+                            if (TskData.TagType.BAD == t.getName().getTagType()) {
                                 //a tag with a conflicting status has been found, the status of this correlation attribute can not be modified
                                 hasTagWithConflictingKnownStatus = true;
                                 break;
@@ -522,10 +523,11 @@ public final class CaseEventListener implements PropertyChangeListener {
                 for (ContentTag contentTag : fileTags) {
                     //start with assumption that none of the other tags applied to this ContentTag will prevent it's status from being changed
                     boolean hasTagWithConflictingKnownStatus = false;
-                    // if the status of the tag has been changed to TskData.FileKnown.UNKNOWN
+                    // if the status of the tag has been changed to TskData.TagType.UNKNOWN or TskData.TagType.SUSPICIOUS
                     // we need to check the status of all other tags on this file before changing
                     // the status of the file in the central repository
-                    if (tagName.getKnownStatus() == TskData.FileKnown.UNKNOWN) {
+                    if (tagName.getTagType() == TskData.TagType.UNKNOWN
+                            || tagName.getTagType() == TskData.TagType.SUSPICIOUS) {
                         Content content = contentTag.getContent();
                         TagsManager tagsManager = Case.getCurrentCaseThrows().getServices().getTagsManager();
                         List<ContentTag> tags = tagsManager.getContentTagsByContent(content);
@@ -536,7 +538,7 @@ public final class CaseEventListener implements PropertyChangeListener {
                                 continue;
                             }
                             //if any other tags on this file are Notable in status then this file can not have its status changed 
-                            if (TskData.FileKnown.BAD == t.getName().getKnownStatus()) {
+                            if (TskData.TagType.BAD == t.getName().getTagType()) {
                                 //a tag with a conflicting status has been found, the status of this file can not be modified
                                 hasTagWithConflictingKnownStatus = true;
                                 break;
@@ -556,7 +558,7 @@ public final class CaseEventListener implements PropertyChangeListener {
                     }
                 }
             } catch (TskCoreException ex) {
-                LOGGER.log(Level.SEVERE, "Cannot update known status in central repository for tag: " + modifiedTagName, ex);  //NON-NLS
+                LOGGER.log(Level.SEVERE, "Cannot update tag type in central repository for tag: " + modifiedTagName, ex);  //NON-NLS
             } catch (CentralRepoException ex) {
                 LOGGER.log(Level.SEVERE, "Cannot get central repository for tag: " + modifiedTagName, ex);  //NON-NLS
             } catch (NoCurrentCaseException ex) {

Core/src/org/sleuthkit/autopsy/contentviewers/analysisresults/AnalysisResultsViewModel.java

@@ -175,7 +175,8 @@ public class AnalysisResultsViewModel {
         "AnalysisResultsViewModel_displayAttributes_score=Score",
         "AnalysisResultsViewModel_displayAttributes_type=Type",
         "AnalysisResultsViewModel_displayAttributes_configuration=Configuration",
-        "AnalysisResultsViewModel_displayAttributes_conclusion=Conclusion"
+        "AnalysisResultsViewModel_displayAttributes_conclusion=Conclusion",
+        "AnalysisResultsViewModel_displayAttributes_justification=Justification"
     })
     private ResultDisplayAttributes getDisplayAttributes(AnalysisResult analysisResult) {
         // The type of BlackboardArtifact.Type of the analysis result.
@@ -195,7 +196,9 @@ public class AnalysisResultsViewModel {
                 Pair.of(Bundle.AnalysisResultsViewModel_displayAttributes_configuration(),
                         normalizeAttr(analysisResult.getConfiguration())),
                 Pair.of(Bundle.AnalysisResultsViewModel_displayAttributes_conclusion(),
-                        normalizeAttr(analysisResult.getConclusion()))
+                        normalizeAttr(analysisResult.getConclusion())),
+                Pair.of(Bundle.AnalysisResultsViewModel_displayAttributes_justification(),
+                        normalizeAttr(analysisResult.getJustification()))
         );
 
         // The BlackboardAttributes sorted by type display name.

Core/src/org/sleuthkit/autopsy/contentviewers/analysisresults/Bundle.properties-MERGED

@@ -8,5 +8,6 @@ AnalysisResultsContentViewer_title=Analysis Results
 AnalysisResultsContentViewer_tooltip=Viewer for Analysis Results related to the selected node.
 AnalysisResultsViewModel_displayAttributes_conclusion=Conclusion
 AnalysisResultsViewModel_displayAttributes_configuration=Configuration
+AnalysisResultsViewModel_displayAttributes_justification=Justification
 AnalysisResultsViewModel_displayAttributes_score=Score
 AnalysisResultsViewModel_displayAttributes_type=Type

Core/src/org/sleuthkit/autopsy/core/Installer.java

@@ -66,11 +66,17 @@ public class Installer extends ModuleInstall {
 
     private static final long serialVersionUID = 1L;
 
+    private static final String JAVA_TEMP = "java.io.tmpdir";
+    private static final String AUTOPSY_TEMP_DIR = "autopsy_temp";
+    private static final String TSK_TEMP = "tsk.tmpdir";
+    
     private final List<ModuleInstall> packageInstallers;
     private static final Logger logger = Logger.getLogger(Installer.class.getName());
     private static volatile boolean javaFxInit = false;
 
     static {
+        setTskTemp();
+        
         loadDynLibraries();
         
         // This call was moved from MediaViewImagePanel so that it is 
@@ -81,6 +87,24 @@ public class Installer extends ModuleInstall {
         OpenCvLoader.openCvIsLoaded();
     }
     
+    /**
+     * Set TSK temp directory to de-conflict with other programs using TSK libs.
+     */
+    private static void setTskTemp() {
+        try {
+            String curTemp = System.getProperty(JAVA_TEMP, "");
+            String tskTemp = curTemp + (curTemp.endsWith(File.separator) ? "" : File.separator) + AUTOPSY_TEMP_DIR;
+            System.setProperty(TSK_TEMP, tskTemp);
+            File tskTempDir = new File(tskTemp);
+            tskTempDir.mkdirs();
+            if (!tskTempDir.isDirectory()) {
+                throw new IOException("Unable to create directory at " + tskTemp);
+            }
+        } catch (Exception ex) {
+            logger.log(Level.WARNING, "There was an error setting up tsk temp directory", ex);
+        }
+    }
+
     private static void loadDynLibraries() {
         /*
          * On Windows, we distribute dlls that libtsk_jni depend on. If
@@ -551,11 +575,6 @@ public class Installer extends ModuleInstall {
 
         logger.log(Level.INFO, "close()"); //NON-NLS
 
-        //exit JavaFx plat
-        if (javaFxInit) {
-            Platform.exit();
-        }
-
         for (ModuleInstall mi : packageInstallers) {
             logger.log(Level.INFO, "{0} close()", mi.getClass().getName()); //NON-NLS
             try {
@@ -567,5 +586,10 @@ public class Installer extends ModuleInstall {
         for (Handler h : logger.getHandlers()) {
             h.close();   //must call h.close or a .LCK file will remain.
         }
+        
+        //exit JavaFx plat
+        if (javaFxInit) {
+            Platform.exit();
+        }
     }
 }

Core/src/org/sleuthkit/autopsy/datamodel/Bundle.properties-MERGED

@@ -169,6 +169,8 @@ ImageNode.createSheet.type.displayName=Type
 ImageNode.createSheet.type.name=Type
 ImageNode.createSheet.type.text=Image
 ImageNode.getActions.openFileSearchByAttr.text=Open File Search by Attributes
+Installer_validate_tskLibLock_description=<html>Another forensics application is running that uses The Sleuth Kit.<br/>You must close that application before launching Autopsy.<br/>If that application is Cyber Triage, then you should upgrade it so that it can run at the same time as Autopsy.</html>
+Installer_validate_tskLibLock_title=Error calling Sleuth Kit library
 KeyValueNode.menuItemText.viewFileInDir=View Source File in Directory
 KeywordHits.createNodeForKey.accessTime.desc=Access Time
 KeywordHits.createNodeForKey.accessTime.displayName=Access Time

Core/src/org/sleuthkit/autopsy/datamodel/Installer.java

@@ -26,6 +26,9 @@ import org.sleuthkit.autopsy.coreutils.Logger;
 import javax.swing.JOptionPane;
 import org.openide.LifecycleManager;
 import org.openide.modules.ModuleInstall;
+import org.openide.util.NbBundle.Messages;
+import org.sleuthkit.datamodel.LibraryLock;
+import org.sleuthkit.datamodel.LibraryLock.LockState;
 import org.sleuthkit.datamodel.SleuthkitJNI;
 
 /**
@@ -46,8 +49,14 @@ public class Installer extends ModuleInstall {
         super();
     }
 
+    @Messages({
+        "Installer_validate_tskLibLock_title=Error calling Sleuth Kit library",
+        "Installer_validate_tskLibLock_description=<html>Another forensics application is running that uses The Sleuth Kit.<br/>You must close that application before launching Autopsy.<br/>If that application is Cyber Triage, then you should upgrade it so that it can run at the same time as Autopsy.</html>"
+    })
     @Override
     public void validate() throws IllegalStateException {
+
+        
         /*
          * The NetBeans API specifies that a module should throw an
          * IllegalStateException if it can't be initalized, but NetBeans doesn't
@@ -59,7 +68,13 @@ public class Installer extends ModuleInstall {
 
         // Check that the the Sleuth Kit JNI is working by getting the Sleuth Kit version number
         Logger logger = Logger.getLogger(Installer.class.getName());
+
         try {
+            LibraryLock libLock = LibraryLock.acquireLibLock();
+            if (libLock != null && libLock.getLockState() == LockState.HELD_BY_OLD) {
+                throw new OldAppLockException("A lock on the libtsk_jni lib is already held by an old application.  " + (libLock.getLibTskJniFile() != null ? libLock.getLibTskJniFile().getAbsolutePath() : ""));
+            }
+                    
             String skVersion = SleuthkitJNI.getVersion();
 
             if (skVersion == null) {
@@ -71,15 +86,25 @@ public class Installer extends ModuleInstall {
             }
 
         } catch (Exception | UnsatisfiedLinkError e) {
-            logger.log(Level.SEVERE, "Error calling Sleuth Kit library (test call failed)", e); //NON-NLS
-            logger.log(Level.SEVERE, "Is Autopsy or Cyber Triage already running?)", e); //NON-NLS
             
             // Normal error box log handler won't be loaded yet, so show error here.
             final Component parentComponent = null; // Use default window frame.
-            final String message = NbBundle.getMessage(this.getClass(), "Installer.tskLibErr.msg", e.toString());
-            final String title = NbBundle.getMessage(this.getClass(), "Installer.tskLibErr.err");
             final int messageType = JOptionPane.ERROR_MESSAGE;
 
+            final String message;
+            final String title;
+            
+            if (e instanceof OldAppLockException ex) {
+                logger.log(Level.SEVERE, "An older application already holds a lock on the libtsk_jni lib", ex);
+                message = Bundle.Installer_validate_tskLibLock_description();
+                title = Bundle.Installer_validate_tskLibLock_title();
+            } else {
+                logger.log(Level.SEVERE, "Error calling Sleuth Kit library (test call failed)", e); //NON-NLS
+                logger.log(Level.SEVERE, "Is Autopsy or Cyber Triage already running?)", e); //NON-NLS
+                message = NbBundle.getMessage(this.getClass(), "Installer.tskLibErr.msg", e.toString());
+                title = NbBundle.getMessage(this.getClass(), "Installer.tskLibErr.err");
+            }
+            
             JOptionPane.showMessageDialog(
                     parentComponent,
                     message,
@@ -91,4 +116,38 @@ public class Installer extends ModuleInstall {
         }
 
     }
+
+    @Override
+    public void close() {
+        try {
+            LibraryLock.removeLibLock();
+        } catch (Exception ex) {
+            Logger logger = Logger.getLogger(Installer.class.getName());
+            logger.log(Level.WARNING, "There was an error removing the TSK lib lock.", ex);
+        }
+    }
+
+    @Override
+    public void uninstalled() {
+        try {
+            LibraryLock.removeLibLock();
+        } catch (Exception ex) {
+            Logger logger = Logger.getLogger(Installer.class.getName());
+            logger.log(Level.WARNING, "There was an error removing the TSK lib lock.", ex);
+        }
+    }
+    
+    
+    
+
+    /**
+     * An exception when an older application (Autopsy
+     */
+    static class OldAppLockException extends Exception {
+
+        public OldAppLockException(String message) {
+            super(message);
+        }
+        
+    }
 }

Core/src/org/sleuthkit/autopsy/report/infrastructure/ReportVisualPanel2.java

@@ -158,7 +158,7 @@ final class ReportVisualPanel2 extends JPanel {
         }
 
         for (TagName tagName : tagNamesInUse) {
-            String notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+            String notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
             tagStates.put(tagName.getDisplayName() + notableString, Boolean.FALSE);
         }
         tags.addAll(tagStates.keySet());

Core/src/org/sleuthkit/autopsy/report/infrastructure/TableReportGenerator.java

@@ -94,7 +94,7 @@ class TableReportGenerator {
 
         String notableString = "";
         for (TagName tagName : tagNamesInUse) {
-            notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+            notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
             tagNames.add(tagName.getDisplayName() + notableString);
         }
         tagNamesFilter = new HashSet<>(tagNames);
@@ -369,7 +369,7 @@ class TableReportGenerator {
             }
 
             // skip tags that we are not reporting on 
-            String notableString = tag.getName().getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+            String notableString = tag.getName().getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
             if (passesTagNamesFilter(tag.getName().getDisplayName() + notableString) == false) {
                 continue;
             }
@@ -461,7 +461,7 @@ class TableReportGenerator {
                 return;
             }
 
-            String notableString = tag.getName().getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+            String notableString = tag.getName().getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
             if (passesTagNamesFilter(tag.getName().getDisplayName() + notableString) == false) {
                 continue;
             }
@@ -1193,7 +1193,7 @@ class TableReportGenerator {
                 try {
                     List<ContentTag> contentTags = Case.getCurrentCaseThrows().getServices().getTagsManager().getContentTagsByContent(content);
                     for (ContentTag ct : contentTags) {
-                        String notableString = ct.getName().getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+                        String notableString = ct.getName().getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
                         allTags.add(ct.getName().getDisplayName() + notableString);
                     }
                 } catch (TskCoreException | NoCurrentCaseException ex) {
@@ -1239,7 +1239,7 @@ class TableReportGenerator {
                 List<BlackboardArtifactTag> tags = Case.getCurrentCaseThrows().getServices().getTagsManager().getBlackboardArtifactTagsByArtifact(artifact);
                 HashSet<String> uniqueTagNames = new HashSet<>();
                 for (BlackboardArtifactTag tag : tags) {
-                    String notableString = tag.getName().getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+                    String notableString = tag.getName().getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
                     uniqueTagNames.add(tag.getName().getDisplayName() + notableString);
                 }
                 if (failsTagFilter(uniqueTagNames, tagNamesFilter)) {

Core/src/org/sleuthkit/autopsy/report/modules/html/HTMLReport.java

@@ -954,7 +954,7 @@ public class HTMLReport implements TableReportModule {
             }
             for (int i = 0; i < contentTags.size(); i++) {
                 ContentTag tag = contentTags.get(i);
-                String notableString = tag.getName().getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+                String notableString = tag.getName().getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
                 linkToThumbnail.append(tag.getName().getDisplayName()).append(notableString);
                 if (i != contentTags.size() - 1) {
                     linkToThumbnail.append(", ");

Core/src/org/sleuthkit/autopsy/report/modules/portablecase/PortableCaseReportModule.java

@@ -344,7 +344,7 @@ public class PortableCaseReportModule implements ReportModule {
         progressPanel.updateStatusLabel(Bundle.PortableCaseReportModule_generateReport_copyingTags());
         try {
             for (TagName tagName : tagNames) {
-                TagName newTagName = portableSkCase.getTaggingManager().addOrUpdateTagName(tagName.getDisplayName(), tagName.getDescription(), tagName.getColor(), tagName.getKnownStatus());
+                TagName newTagName = portableSkCase.getTaggingManager().addOrUpdateTagName(tagName.getDisplayName(), tagName.getDescription(), tagName.getColor(), tagName.getTagType());
                 oldTagNameToNewTagName.put(tagName, newTagName);
             }
         } catch (TskCoreException ex) {

Core/src/org/sleuthkit/autopsy/tags/TagUtils.java

@@ -64,7 +64,7 @@ public final class TagUtils {
             logger.log(Level.SEVERE, String.format("Failed to get TagSet for TagName '%s' (ID=%d)", tagName.getDisplayName(), tagName.getId()));            
         }
 
-        if (tagName.getKnownStatus() == TskData.FileKnown.BAD) {
+        if (tagName.getTagType() == TskData.TagType.BAD) {
             displayName += " (Notable)";
         }
 

ImageGallery/src/org/sleuthkit/autopsy/imagegallery/ImageGalleryService.java

@@ -65,11 +65,11 @@ public class ImageGalleryService implements AutopsyService {
 
     static {
         // NOTE: The colors here are what will be shown in the border
-        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT0, "", TagName.HTML_COLOR.GREEN, TskData.FileKnown.UNKNOWN));
+        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT0, "", TagName.HTML_COLOR.GREEN, TskData.TagType.SUSPICIOUS));
-        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT1, "", TagName.HTML_COLOR.RED, TskData.FileKnown.BAD));
+        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT1, "", TagName.HTML_COLOR.RED, TskData.TagType.BAD));
-        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT2, "", TagName.HTML_COLOR.YELLOW, TskData.FileKnown.BAD));
+        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT2, "", TagName.HTML_COLOR.YELLOW, TskData.TagType.BAD));
-        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT3, "", TagName.HTML_COLOR.FUCHSIA, TskData.FileKnown.BAD));
+        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT3, "", TagName.HTML_COLOR.FUCHSIA, TskData.TagType.BAD));
-        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT4, "", TagName.HTML_COLOR.BLUE, TskData.FileKnown.UNKNOWN));
+        PROJECT_VIC_US_CATEGORIES.add(new TagNameDefinition(PV_US_CAT4, "", TagName.HTML_COLOR.BLUE, TskData.TagType.SUSPICIOUS));
     }
 
     @Override
@@ -149,7 +149,7 @@ public class ImageGalleryService implements AutopsyService {
     private void addProjetVicTagSet(Case currentCase) throws TskCoreException {
         List<TagName> tagNames = new ArrayList<>();
         for (TagNameDefinition def : PROJECT_VIC_US_CATEGORIES) {
-            tagNames.add(currentCase.getSleuthkitCase().getTaggingManager().addOrUpdateTagName(def.getDisplayName(), def.getDescription(), def.getColor(), def.getKnownStatus()));
+            tagNames.add(currentCase.getSleuthkitCase().getTaggingManager().addOrUpdateTagName(def.getDisplayName(), def.getDescription(), def.getColor(), def.getTagType()));
         }
         currentCase.getServices().getTagsManager().addTagSet(PROJECT_VIC_TAG_SET_NAME, tagNames);
     }

ImageGallery/src/org/sleuthkit/autopsy/imagegallery/actions/AddTagAction.java

@@ -68,7 +68,7 @@ public class AddTagAction extends Action {
         this.selectedFileIDs = selectedFileIDs;
         this.tagName = tagName;
         setGraphic(controller.getTagsManager().getGraphic(tagName));
-        String notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+        String notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
         setText(tagName.getDisplayName() + notableString);
         setEventHandler(actionEvent -> addTagWithComment(""));
     }

ImageGallery/src/org/sleuthkit/autopsy/imagegallery/actions/DeleteTagAction.java

@@ -66,7 +66,7 @@ public class DeleteTagAction extends Action {
         this.tagName = tagName;
         this.contentTag = contentTag;
         setGraphic(controller.getTagsManager().getGraphic(tagName));
-        String notableString = tagName.getKnownStatus() == TskData.FileKnown.BAD ? TagsManager.getNotableTagLabel() : "";
+        String notableString = tagName.getTagType() == TskData.TagType.BAD ? TagsManager.getNotableTagLabel() : "";
         setText(tagName.getDisplayName() + notableString);
         setEventHandler(actionEvent -> deleteTag());
     }

RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java

@@ -320,6 +320,8 @@ class Chromium extends Extract {
                     jProfile = jElement.get("profile").getAsJsonObject(); //NON-NLS
                     jInfoCache = jProfile.get("info_cache").getAsJsonObject();
                 } else {
+                    userProfiles.put(browserLocation, "Default");
+                    browserLocations.put(browserLocation, browser);                    
                     continue;
                 }
             } catch (JsonIOException | JsonSyntaxException | IllegalStateException ex) {
@@ -854,6 +856,7 @@ class Chromium extends Extract {
             Set<String> bookmarkKeys = jRoot.keySet();
             for (String bookmarkKey : bookmarkKeys) {
                 JsonObject jBookmark = jRoot.get(bookmarkKey).getAsJsonObject(); //NON-NLS
+                if (jBookmark.has("children")) {
                     JsonArray jBookmarkArray = jBookmark.getAsJsonArray("children"); //NON-NLS
                     for (JsonElement result : jBookmarkArray) {
                         JsonObject address = result.getAsJsonObject();
@@ -908,6 +911,7 @@ class Chromium extends Extract {
 
                     }
                 }
+             }
             
             if (!context.dataSourceIngestIsCancelled()) {
                 postArtifacts(bbartifacts);