[tor/el6] Various fixes to initscript
Jamie Nguyen
jamielinux at fedoraproject.org
Mon Jan 28 00:59:18 UTC 2013
commit eaa9e2b04b90ccce71a2e6e0de9d456f0e62efc2
Author: Jamie Nguyen <j at jamielinux.com>
Date: Mon Jan 28 00:58:36 2013 +0000
Various fixes to initscript
defaults-torrc | 5 ++++
tor.service | 68 ++++++++++++++++++++++++++++++++++++++++---------------
tor.spec | 28 +++++++++++++++-------
3 files changed, 73 insertions(+), 28 deletions(-)
---
diff --git a/defaults-torrc b/defaults-torrc
new file mode 100644
index 0000000..f2bd440
--- /dev/null
+++ b/defaults-torrc
@@ -0,0 +1,5 @@
+DataDirectory /var/lib/tor/tor
+Log notice syslog
+User toranon
+RunAsDaemon 1
+PidFile /var/run/tor/tor.pid
diff --git a/tor.service b/tor.service
index 883bb72..dd713f9 100644
--- a/tor.service
+++ b/tor.service
@@ -16,16 +16,11 @@
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/bin/tor
NAME=tor
-DESC="tor daemon"
-TORPIDDIR=/var/run/tor
-TORPID=$TORPIDDIR/tor.pid
-WAITFORDAEMON=60
-ARGS=""
-
-TORCTL=/usr/bin/torctl
-TORUSER=toranon
-export TORUSER
-SUPROG=/bin/su
+PIDFILE=/var/run/tor/tor.pid
+STOP_TIMEOUT=60
+DEFAULT_ARGS="--defaults-torrc /usr/share/tor/defaults-torrc"
+VERIFY_ARGS="--verify-config $DEFAULT_ARGS"
+ARGS="--hush"
lockfile=/var/lock/subsys/tor
@@ -57,6 +52,16 @@ fi
NICE=""
+test -x $DAEMON || exit 0
+
+check_config () {
+ if ! $DAEMON $VERIFY_ARGS >/dev/null; then
+ echo -n $"Checking if $NAME configuration is valid"
+ $DAEMON --verify-config >&2
+ exit 1
+ fi
+}
+
start() {
if [ -n "$MAX_FILEDESCRIPTORS" ]; then
echo -n "Raising maximum number of filedescriptors (ulimit -n) to $MAX_FILEDESCRIPTORS"
@@ -66,36 +71,61 @@ start() {
echo ": FAILED."
fi
fi
+ check_config
echo -n $"Starting $NAME: "
- $TORCTL start
- retval=$?
- [ $retval -eq 0 ] && touch $lockfile
+ daemon --pidfile=$PIDFILE $DAEMON $DEFAULT_ARGS $ARGS
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch $lockfile
+ return $RETVAL
}
stop() {
echo -n $"Stopping $NAME: "
- $TORCTL stop
- retval=$?
- [ $retval -eq 0 ] && rm -f $lockfile
+ killproc -p $PIDFILE -d $STOP_TIMEOUT $DAEMON -INT
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f $lockfile
+ return $RETVAL
}
restart() {
+ check_config
stop
start
}
reload() {
+ check_config
echo -n $"Reloading $NAME: "
- $TORCTL reload
- retval=$?
+ killproc -p $PIDFILE $DAEMON -HUP
+ RETVAL=$?
+ echo
+ return $RETVAL
}
rh_status() {
- $TORCTL status
+ if test ! -r $(dirname $PIDFILE); then
+ echo "cannot read PID file $PIDFILE"
+ return 4
+ fi
+ pid=`cat $PIDFILE 2>/dev/null` || true
+ if test ! -f $PIDFILE -o -z "$pid"; then
+ echo "$NAME is not running"
+ return 3
+ fi
+ if ps "$pid" >/dev/null 2>&1; then
+ echo "$NAME is running (pid: $pid)"
+ return 0
+ else
+ echo "$NAME is not running"
+ return 1
+ fi
}
rh_status_q() {
rh_status >/dev/null 2>/dev/null
+ return $?
}
case $1 in
diff --git a/tor.spec b/tor.spec
index 7cc2b9a..84d2b9f 100644
--- a/tor.spec
+++ b/tor.spec
@@ -6,7 +6,7 @@
Name: tor
Version: 0.2.3.25
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Anonymizing overlay network for TCP (The onion router)
Group: System Environment/Daemons
@@ -17,6 +17,7 @@ Source0: https://www.torproject.org/dist/tor-%{version}.tar.gz
Source1: https://www.torproject.org/dist/tor-%{version}.tar.gz.asc
Source2: tor.logrotate
Source3: tor.service
+Source4: defaults-torrc
BuildRequires: libevent-devel >= 1.4.13
BuildRequires: openssl-devel >= 0.9.7
@@ -42,7 +43,7 @@ key at each relay, which reveals the downstream relay.
Warnings: Tor does no protocol cleaning. That means there is a danger
that application protocols and associated programs can be induced to
-reveal information about the initiator. Tor depends on Privoxy or
+reveal information about the initiator. Tor depends on Privoxy or
similar protocol cleaners to solve this problem. This is alpha code,
and is even more likely than released code to have anonymity-spoiling
bugs. The present network is small -- this further reduces the
@@ -80,15 +81,14 @@ install -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/tor
install -p -D -m 0755 contrib/torctl %{buildroot}%{_bindir}/torctl
install -p -D -m 0755 %{SOURCE3} %{buildroot}%{_initrddir}/tor
+install -p -D -m 0644 %{SOURCE4} %{buildroot}%{_datadir}/tor/defaults-torrc
+
%pre
-if [ $1 -eq 1 ]; then
- getent group %{tor_group} >/dev/null || groupadd -r %{tor_group}
- getent passwd %{tor_user} >/dev/null || \
- useradd -r -g %{tor_group} -d %{tor_homedir} -s /sbin/nologin \
- -c "Tor client" %{tor_user}
- exit 0
-fi
+getent group %{tor_group} >/dev/null || groupadd -r %{tor_group}
+getent passwd %{tor_user} >/dev/null || \
+ useradd -r -g %{tor_group} -d %{tor_homedir} -s /sbin/nologin \
+ -c "Tor client" %{tor_user}
%post
/sbin/chkconfig --add tor
@@ -128,6 +128,16 @@ fi
%changelog
+* Mon Jan 28 2013 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.2.3.25-4
+- add defaults-torrc
+- amend %%pre scriptlet to add toranon user even when updating
+- several fixes to initscript including:
+ - do not use torctl
+ - use configuration from defaults-torrc
+ - send SIGINT to shutdown gracefully
+ - use --verify-config before starting, restarting or reloading
+ - remove unnecessary variables
+
* Sat Dec 08 2012 Jamie Nguyen <jamielinux at fedoraproject.org> - 0.2.3.25-3
- remove dependency on fedora-usermgmt
More information about the scm-commits
mailing list