Fix tracemadness entrypoint's path to its temporary ghidra server's "repositories" directory to match that expected by ghidra 11.3.1

[salubrious-stew]

The default repositories path in ghidra 11.3.1 is now specified differently; update the tracemadness entrypoint to match

[bmitchell-lts]

I don't see any changes to the default server.conf provided by Ghidra between 11.0 and 11.3.1 that would alter where the server looks for repositories. The following is the diff for server.conf between Ghidra 11.0 and Ghidra 11.3.1:

diff --git a/Ghidra/RuntimeScripts/Common/server/server.conf b/Ghidra/RuntimeScripts/Common/server/server.conf
index 40007f2e93..82d675b3b9 100644
--- a/Ghidra/RuntimeScripts/Common/server/server.conf
+++ b/Ghidra/RuntimeScripts/Common/server/server.conf
@@ -40,29 +40,36 @@ wrapper.java.additional.5=-Djna.tmpdir=${wrapper_tmpdir}
 # NOTE: multiple protocols must be separated with a semi-colon (e.g., TLSv1.2;TLSv1.3).
 wrapper.java.additional.6=-Dghidra.tls.server.protocols=TLSv1.2;TLSv1.3
 
+# Restrict server to specific TLS cipher suites for all secure communications
+# NOTE: multiple ciphers must be separated using "\,".  The specified list includes both TLSv1.2 and TLSv1.3 supported ciphers.
+# TLSv1.3 info: https://www.packetmania.net/en/2023/08/21/TLS1-3-intro/
+# See Commercial National Security Algorithm (CNSA) Suite Profile for TLS and DTLS 1.2 and 1.3
+#   RFC 9151 https://datatracker.ietf.org/doc/rfc9151/
+wrapper.java.additional.7=-Djdk.tls.server.cipherSuites="TLS_DHE_RSA_WITH_AES_256_GCM_SHA384\,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\,TLS_AES_256_GCM_SHA384"
+
 # A suitable cacerts file must be installed when using PKI authentication
-#wrapper.java.additional.7=-Dghidra.cacerts=./Ghidra/cacerts
+#wrapper.java.additional.8=-Dghidra.cacerts=./Ghidra/cacerts
 
 # If Ghidra clients must authenticate the server, the server will need to install
 # a server key/certificate in a secure location (e.g., /etc/pki/...) 
 # and specify the location and password via the properties below.
 # Be sure to properly set permissions on the Ghidra installation and this file
 # if using these settings.
-#wrapper.java.additional.8=-Dghidra.keystore=
-#wrapper.java.additional.9=-Dghidra.password=
+#wrapper.java.additional.9=-Dghidra.keystore=
+#wrapper.java.additional.10=-Dghidra.password=
 
 # Enable/Disable use of compression for DataBuffer serialization and Block Streams
-wrapper.java.additional.10=-Ddb.buffers.DataBuffer.compressedOutput=true
+wrapper.java.additional.11=-Ddb.buffers.DataBuffer.compressedOutput=true
 
 # Uncomment to enable remote debug support
 # The debug address will listen on all network interfaces, if desired the '*' may be
 # set to a specific interface IP address (e.g., 127.0.0.1) if you wish to restrict.
-# During debug it may be necessary to increase timeout values to prevent the wrapper
+# During debug it will be necessary to increase timeout values to prevent the wrapper
 # from restarting the server due to unresponsiveness.
-#wrapper.java.additional.11=-Xdebug
-#wrapper.java.additional.12=-Xnoagent
-#wrapper.java.additional.13=-Djava.compiler=NONE
-#wrapper.java.additional.14=-Xrunjdwp:transport=dt_socket\,server=y\,suspend=n\,address=*:18200
+#wrapper.java.additional.12=-Xdebug
+#wrapper.java.additional.13=-Xnoagent
+#wrapper.java.additional.14=-Djava.compiler=NONE
+#wrapper.java.additional.15=-Xrunjdwp:transport=dt_socket\,server=y\,suspend=n\,address=*:18200
 #wrapper.startup.timeout=0
 #wrapper.ping.timeout=0
 
@@ -71,12 +78,17 @@ wrapper.java.additional.10=-Ddb.buffers.DataBuffer.compressedOutput=true
 # timeouts to their maximum values.
 #wrapper.java.debug.port=18200
 
-# Uncomment to enable remote use of jvisualvm for profiling
+# Uncomment to allow VisualVM Profiling to avoid "Rejected class serialization..." errors
+# NOTE: A Java class serialization filter is added for RMI security assurance and should remain 
+# enabled during normal use.
+#wrapper.java.additional.16=-Dghidra.server.serialization.filter.disabled=true
+
+# Uncomment to enable remote use of VisualVM for profiling
 # See JMX documentation for more information: http://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html
-#wrapper.java.additional.15=-Dcom.sun.management.jmxremote.port=9010
-#wrapper.java.additional.16=-Dcom.sun.management.jmxremote.local.only=false
-#wrapper.java.additional.17=-Dcom.sun.management.jmxremote.authenticate=false
-#wrapper.java.additional.18=-Dcom.sun.management.jmxremote.ssl=false
+#wrapper.java.additional.17=-Dcom.sun.management.jmxremote.port=9010
+#wrapper.java.additional.18=-Dcom.sun.management.jmxremote.local.only=false
+#wrapper.java.additional.19=-Dcom.sun.management.jmxremote.authenticate=false
+#wrapper.java.additional.20=-Dcom.sun.management.jmxremote.ssl=false
 
 # YAJSW will by default assume a POSIX spawn for Linux and Mac OS X systems, unfortunately it has 
 # not yet been implemented for Mac OS X.  The default process support within YAJSW for Mac OS X is 
@@ -202,12 +214,6 @@ wrapper.logfile.maxsize=10m
 #  files are deleted.  The default value of 0 implies no limit.
 wrapper.logfile.maxfiles=10
 
-#********************************************************************
-# Service Wrapper Linux Properties
-#********************************************************************
-# Force initd (systemd had issues during testing on Ubuntu 21.04 with yajsw-13.00)
-wrapper.daemon.system = initd
-
 #********************************************************************
 # Service Wrapper Windows Properties
 #********************************************************************

Notably, there has been a number of changes, so I will likely pull in the server.conf from Ghidra 11.3.1 as the base for the changes we make in container-tracemadness/templates/server.conf to reduce the diff between our changes to server.conf and the base. But, I will likely need some additional logs or info to see how these changes impact the project import processes.