Date: Wed, 2 Nov 2016 02:57:03 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r425102 - in head/security/tor: . files Message-ID: <201611020257.uA22v34s072276@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Wed Nov 2 02:57:03 2016 New Revision: 425102 URL: https://svnweb.freebsd.org/changeset/ports/425102 Log: security/tor: add multi-instance support PR: 207129 Submitted by: yuri@rawbw.com (maintainer) Modified: head/security/tor/Makefile (contents, props changed) head/security/tor/files/pkg-message.in (contents, props changed) head/security/tor/files/tor.in Modified: head/security/tor/Makefile ============================================================================== --- head/security/tor/Makefile Wed Nov 2 02:13:31 2016 (r425101) +++ head/security/tor/Makefile Wed Nov 2 02:57:03 2016 (r425102) @@ -3,6 +3,7 @@ PORTNAME= tor PORTVERSION= 0.2.8.9 +PORTREVISION= 1 CATEGORIES= security net ipv6 MASTER_SITES= TOR Modified: head/security/tor/files/pkg-message.in ============================================================================== --- head/security/tor/files/pkg-message.in Wed Nov 2 02:13:31 2016 (r425101) +++ head/security/tor/files/pkg-message.in Wed Nov 2 02:57:03 2016 (r425102) @@ -11,4 +11,12 @@ exploits sequential IP IDs by setting: sysctl net.inet.ip.random_id=1 (see sysctl.conf(5)). + +In order to run additional, independent instances of tor on the same machine +set tor_instances="inst1 inst2 ..." in your /etc/rc.conf, and create the +corresponding additional configuration files %%PREFIX%%/etc/tor/torrc@inst1, ... + +Alternatively, you can use the extended instance definition to specify all +instance parameteres explicitly: +inst_name{:inst_conf:inst_user:inst_group:inst_pidfile:inst_data_dir} ================================================================================ Modified: head/security/tor/files/tor.in ============================================================================== --- head/security/tor/files/tor.in Wed Nov 2 02:13:31 2016 (r425101) +++ head/security/tor/files/tor.in Wed Nov 2 02:57:03 2016 (r425102) @@ -11,10 +11,19 @@ # they are command line options. # # tor_enable (bool): Set it to "YES" to enable tor. Default: NO +# tor_instances (str): List of instances. Default: "" # tor_conf (str): Points to your torrc file. # Default: %%PREFIX%%/etc/tor/torrc -# tor_user (str): Tor daemon user. Default: _tor +# tor_user (str): Tor daemon user. Default: %%USER%% +# tor_group (str): Tor group. Default: %%GROUP%% +# tor_pidfile (str): Tor pid file. Default: /var/run/tor/tor.pid # tor_datadir (str): Tor datadir. Default: /var/db/tor +# tor_disable_default_instance (str): Doesn't run the default instance. +# Only valid when tor_instances is used. +# Default: NO +# +# The instance definition that tor_instances expects: +# inst_name{:inst_conf:inst_user:inst_group:inst_pidfile:inst_data_dir} # . /etc/rc.subr @@ -25,10 +34,59 @@ rcvar=tor_enable load_rc_config ${name} : ${tor_enable="NO"} +: ${tor_instances=""} : ${tor_conf="%%PREFIX%%/etc/tor/torrc"} : ${tor_user="%%USER%%"} +: ${tor_group="%%GROUP%%"} : ${tor_pidfile="/var/run/tor/tor.pid"} : ${tor_datadir="/var/db/tor"} +: ${tor_disable_default_instance="NO"} + +instance=${2} +if [ -n "${instance}" ]; then + # extended instance: parameters are set explicitly + inst_def=${instance} + inst_name=${inst_def%%:*} + inst_def=${inst_def#$inst_name} + if [ -n "$inst_def" ]; then + inst_def=${inst_def#:} + tor_conf=${inst_def%%:*} + inst_def=${inst_def#$tor_conf:} + tor_user=${inst_def%%:*} + inst_def=${inst_def#$tor_user:} + tor_group=${inst_def%%:*} + inst_def=${inst_def#$tor_group:} + tor_pidfile=${inst_def%%:*} + tor_datadir=${inst_def#$tor_pidfile:} + if [ -z "${tor_conf}" -o -z "${tor_user}" -o -z "${tor_group}" -o -z "${tor_pidfile}" -o -z "${tor_datadir}" ]; then + warn "invalid tor instance ${inst_name} settings" + exit 1 + fi + else + # regular instance: default parameters are used + tor_conf=${tor_conf}@${inst_name} + tor_pidfile=${tor_pidfile}@${inst_name} + tor_datadir=${tor_datadir}/instance@${inst_name} + fi + if ! [ -r ${tor_conf} ]; then + warn "tor instance ${inst_name} config file ${tor_conf} doesn't exist or isn't readable" + warn "you can copy the sample config %%PREFIX%%/etc/tor/torrc.sample and modify it" + exit 1 + fi + if ! [ -d ${tor_datadir} ]; then + mkdir -p ${tor_datadir} && + chown ${tor_user}:${tor_group} ${tor_datadir} && + chmod 0700 ${tor_datadir} && + echo "${name}: created the instance data directory ${tor_datadir}" + fi +fi + +if [ -z "${instance}" -a -n "${tor_instances}" ]; then + for i in ${tor_instances}; do + %%PREFIX%%/etc/rc.d/tor $1 ${i} || warn "$1 failed for the tor instance $i" + done + checkyesno tor_disable_default_instance && return 0 +fi required_files=${tor_conf} required_dirs=${tor_datadir}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611020257.uA22v34s072276>