[arch-commits] Commit in tor/repos/community-x86_64 (10 files)
Levente Polyak
anthraxx at archlinux.org
Wed Mar 10 21:30:48 UTC 2021
Date: Wednesday, March 10, 2021 @ 21:30:46
Author: anthraxx
Revision: 887244
archrelease: copy trunk to community-x86_64
Added:
tor/repos/community-x86_64/PKGBUILD
(from rev 887243, tor/trunk/PKGBUILD)
tor/repos/community-x86_64/tor.service
(from rev 887243, tor/trunk/tor.service)
tor/repos/community-x86_64/tor.sysusers
(from rev 887243, tor/trunk/tor.sysusers)
tor/repos/community-x86_64/tor.tmpfiles
(from rev 887243, tor/trunk/tor.tmpfiles)
tor/repos/community-x86_64/torrc.patch
(from rev 887243, tor/trunk/torrc.patch)
Deleted:
tor/repos/community-x86_64/PKGBUILD
tor/repos/community-x86_64/tor.sysusers
tor/repos/community-x86_64/tor.tmpfiles
tor/repos/community-x86_64/torrc.patch
tor/repos/community-x86_64/torservice.patch
------------------+
PKGBUILD | 121 +++++++++++++++++++++++++++--------------------------
tor.service | 35 +++++++++++++++
tor.sysusers | 2
tor.tmpfiles | 2
torrc.patch | 56 ++++++++++++------------
torservice.patch | 11 ----
6 files changed, 128 insertions(+), 99 deletions(-)
Deleted: PKGBUILD
===================================================================
--- PKGBUILD 2021-03-10 21:30:17 UTC (rev 887243)
+++ PKGBUILD 2021-03-10 21:30:46 UTC (rev 887244)
@@ -1,58 +0,0 @@
-# Maintainer: Lukas Fleischer <lfleischer at archlinux.org>
-# Contributor: Daniel Micay <danielmicay at gmail.com>
-# Contributor: simo <simo at archlinux.org>
-# Contributor: Sid Karunaratne
-
-pkgname=tor
-pkgver=0.4.4.6
-pkgrel=1
-pkgdesc='Anonymizing overlay network.'
-arch=('x86_64')
-url='https://www.torproject.org/'
-license=('BSD')
-depends=('openssl' 'libevent' 'bash' 'libseccomp' 'zstd' 'libcap' 'systemd-libs')
-optdepends=('torsocks: for torify')
-makedepends=('ca-certificates' 'systemd')
-backup=('etc/tor/torrc')
-source=("https://www.torproject.org/dist/${pkgname}-${pkgver}.tar.gz"{,.asc}
- 'torrc.patch'
- 'torservice.patch'
- 'tor.sysusers'
- 'tor.tmpfiles')
-b2sums=('8eb5f22825193a61be42105ad32bd82e662c1859971fb2248fe05da2f80d1a3a9cbc96ee4f47f4127da56c328f5c60a6f57d5641cfa90b79becc8bf622f56f3f'
- 'SKIP'
- 'ac2f3008108e736de3dd37895ad543d5c8cdcfa5ec3e09c93eed227d00a30a31636e3ef1db4cf8649a3c666e7844ea692ecd632a0ddba672efa3cfc1a64c529d'
- '941e1b3ffdb9035219f484888c942db9c295b23feff571de0af8d3fe8836e1a4b0e606b6a3583aa581f2cd6e4f975aca0b883ef6ee7f2d5b50a4ef677fb5db52'
- '9053da53926f2120ac57b6c1442238f5bbd89bf9270347c4e00b721b39939bebc6adfcf814a9d7289dfd14d085d91c193529305336db93190da5b7f586a031df'
- '5d55d9a7e42b6ce78b8ab985bab37afe8f0bacddb5abd895c4a490adb8f98b9422f90b40066fef05ecf37b7b21e80aadc615c4b7f6e12b05581304113a1b1f1d')
-validpgpkeys=('2133BC600AB133E1D826D173FE43009C4607B1FB' # Nick Mathewson
- 'F65CE37F04BA5B360AE6EE17C218525819F78451') # Roger Dingledine
-
-build() {
- cd ${pkgname}-${pkgver}
-
- ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
- make
-}
-
-package() {
- # install arch custom files
- install -Dm0644 tor.sysusers "${pkgdir}"/usr/lib/sysusers.d/tor.conf
- install -Dm0644 tor.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/tor.conf
-
- cd ${pkgname}-${pkgver}
- # patch service file to fix FS#68157
- patch -Np1 < "${srcdir}/torservice.patch"
- # uncomment essential config sections in the torrc file
- patch -Np1 < "${srcdir}/torrc.patch"
-
- # invoke upstream install routine
- make DESTDIR="${pkgdir}" install
- install -Dm0644 contrib/dist/tor.service "${pkgdir}"/usr/lib/systemd/system/tor.service
-
- # install torrc
- install -Dm0644 src/config/torrc.sample "${pkgdir}"/etc/tor/torrc
- rm "${pkgdir}"/etc/tor/torrc.sample
-
- install -Dm0644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
-}
Copied: tor/repos/community-x86_64/PKGBUILD (from rev 887243, tor/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2021-03-10 21:30:46 UTC (rev 887244)
@@ -0,0 +1,63 @@
+# Maintainer: Lukas Fleischer <lfleischer at archlinux.org>
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Maintainer: kpcyrd <kpcyrd[at]archlinux[dot]org>
+# Contributor: Daniel Micay <danielmicay at gmail.com>
+# Contributor: simo <simo at archlinux.org>
+# Contributor: Sid Karunaratne
+
+pkgname=tor
+pkgver=0.4.5.6
+pkgrel=1
+pkgdesc='Anonymizing overlay network.'
+arch=('x86_64')
+url='https://www.torproject.org/'
+license=('BSD')
+depends=('openssl' 'libevent' 'bash' 'libseccomp' 'zstd' 'libcap' 'systemd-libs'
+ 'libsystemd.so' 'libzstd.so' 'libseccomp.so' 'libcap.so')
+optdepends=('torsocks: for torify')
+makedepends=('ca-certificates' 'systemd')
+backup=('etc/tor/torrc')
+source=("https://www.torproject.org/dist/${pkgname}-${pkgver}.tar.gz"{,.asc}
+ 'torrc.patch'
+ 'tor.sysusers'
+ 'tor.tmpfiles'
+ 'tor.service')
+b2sums=('fe7e2c0020f4c2bbfbcbdfb666413d19e4b58ec90c4e44324ab0e2a96871a4ce2ccf63cffaaa229f6d91948babde83c3ebd4600ebfd6c63694f2afde9ccff21c'
+ 'SKIP'
+ '3359e138d823a77df2a42ce3fe8c6ecb4004e9ec191863db7857aceea7c136c78f09518b1a199dfd3215f5d61f1c060f4a0e2141c5bdb6b847af60fb6e9a81a7'
+ '9053da53926f2120ac57b6c1442238f5bbd89bf9270347c4e00b721b39939bebc6adfcf814a9d7289dfd14d085d91c193529305336db93190da5b7f586a031df'
+ '5d55d9a7e42b6ce78b8ab985bab37afe8f0bacddb5abd895c4a490adb8f98b9422f90b40066fef05ecf37b7b21e80aadc615c4b7f6e12b05581304113a1b1f1d'
+ '327c1a35c3d4c44f93edb47959c8c41ab6af4cbfcbb8f4e9f54f2f69d17d148bf85e2d2c8aefe2d3165e123056dd68a248af78d1ba713b94a4e6d27a9cf412f1')
+validpgpkeys=('2133BC600AB133E1D826D173FE43009C4607B1FB' # Nick Mathewson
+ 'F65CE37F04BA5B360AE6EE17C218525819F78451') # Roger Dingledine
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+ # uncomment essential config sections in the torrc file
+ patch -Np1 < "${srcdir}/torrc.patch"
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var
+ make
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+
+ make DESTDIR="${pkgdir}" install
+ mv "${pkgdir}"/etc/tor/torrc{.sample,}
+
+ # install arch custom files
+ install -Dm 644 "${srcdir}"/*.service -t "${pkgdir}"/usr/lib/systemd/system
+ install -Dm 644 "${srcdir}"/tor.sysusers "${pkgdir}"/usr/lib/sysusers.d/tor.conf
+ install -Dm 644 "${srcdir}"/tor.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/tor.conf
+
+ install -Dm 644 LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname}
+}
+
+# vim: ts=2 sw=2 et:
Copied: tor/repos/community-x86_64/tor.service (from rev 887243, tor/trunk/tor.service)
===================================================================
--- tor.service (rev 0)
+++ tor.service 2021-03-10 21:30:46 UTC (rev 887244)
@@ -0,0 +1,35 @@
+# tor.service -- this systemd configuration file for Tor sets up a
+# relatively conservative, hardened Tor service. You may need to
+# edit it if you are making changes to your Tor configuration that it
+# does not allow. Package maintainers: this should be a starting point
+# for your tor.service; it is not the last point.
+
+[Unit]
+Description=Anonymizing overlay network for TCP
+After=syslog.target network.target nss-lookup.target
+
+[Service]
+Type=notify
+NotifyAccess=all
+ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config
+ExecStart=/usr/bin/tor -f /etc/tor/torrc
+ExecReload=/bin/kill -HUP ${MAINPID}
+KillSignal=SIGINT
+TimeoutSec=60
+Restart=on-failure
+WatchdogSec=1m
+LimitNOFILE=32768
+
+# Hardening
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectHome=yes
+ProtectSystem=full
+ReadOnlyDirectories=/
+ReadWriteDirectories=-/var/lib/tor
+ReadWriteDirectories=-/var/log/tor
+NoNewPrivileges=yes
+CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
+
+[Install]
+WantedBy=multi-user.target
Deleted: tor.sysusers
===================================================================
--- tor.sysusers 2021-03-10 21:30:17 UTC (rev 887243)
+++ tor.sysusers 2021-03-10 21:30:46 UTC (rev 887244)
@@ -1 +0,0 @@
-u tor 43 - /var/lib/tor
Copied: tor/repos/community-x86_64/tor.sysusers (from rev 887243, tor/trunk/tor.sysusers)
===================================================================
--- tor.sysusers (rev 0)
+++ tor.sysusers 2021-03-10 21:30:46 UTC (rev 887244)
@@ -0,0 +1 @@
+u tor 43 - /var/lib/tor
Deleted: tor.tmpfiles
===================================================================
--- tor.tmpfiles 2021-03-10 21:30:17 UTC (rev 887243)
+++ tor.tmpfiles 2021-03-10 21:30:46 UTC (rev 887244)
@@ -1 +0,0 @@
-d /var/lib/tor 0700 tor tor - -
Copied: tor/repos/community-x86_64/tor.tmpfiles (from rev 887243, tor/trunk/tor.tmpfiles)
===================================================================
--- tor.tmpfiles (rev 0)
+++ tor.tmpfiles 2021-03-10 21:30:46 UTC (rev 887244)
@@ -0,0 +1 @@
+d /var/lib/tor 0700 tor tor - -
Deleted: torrc.patch
===================================================================
--- torrc.patch 2021-03-10 21:30:17 UTC (rev 887243)
+++ torrc.patch 2021-03-10 21:30:46 UTC (rev 887244)
@@ -1,28 +0,0 @@
---- a/src/config/torrc.sample 2020-10-06 18:11:24.173821006 +0200
-+++ b/src/config/torrc.sample 2020-10-06 18:11:06.000000000 +0200
-@@ -11,6 +11,7 @@
- ##
- ## Tor will look for this file in various places based on your platform:
- ## https://www.torproject.org/docs/faq#torrc
-+User tor
-
- ## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't
- ## configure one below. Set "SOCKSPort 0" if you plan to run Tor only
-@@ -39,7 +40,7 @@
- ## Send every possible message to /var/log/tor/debug.log
- #Log debug file /var/log/tor/debug.log
- ## Use the system log instead of Tor's logfiles
--#Log notice syslog
-+Log notice syslog
- ## To send all messages to stderr:
- #Log debug stderr
-
-@@ -50,7 +51,7 @@
-
- ## The directory for keeping all the keys/etc. By default, we store
- ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
--#DataDirectory /var/lib/tor
-+DataDirectory /var/lib/tor
-
- ## The port on which Tor will listen for local connections from Tor
- ## controller applications, as documented in control-spec.txt.
Copied: tor/repos/community-x86_64/torrc.patch (from rev 887243, tor/trunk/torrc.patch)
===================================================================
--- torrc.patch (rev 0)
+++ torrc.patch 2021-03-10 21:30:46 UTC (rev 887244)
@@ -0,0 +1,28 @@
+--- a/src/config/torrc.sample.in 2021-03-10 19:59:10.123456789 +0100
++++ b/src/config/torrc.sample.in 2021-03-10 19:59:10.123456789 +0100
+@@ -11,6 +11,7 @@
+ ##
+ ## Tor will look for this file in various places based on your platform:
+ ## https://www.torproject.org/docs/faq#torrc
++User tor
+
+ ## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't
+ ## configure one below. Set "SOCKSPort 0" if you plan to run Tor only
+@@ -39,7 +40,7 @@
+ ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
+ #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
+ ## Use the system log instead of Tor's logfiles
+-#Log notice syslog
++Log notice syslog
+ ## To send all messages to stderr:
+ #Log debug stderr
+
+@@ -50,7 +51,7 @@
+
+ ## The directory for keeping all the keys/etc. By default, we store
+ ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+-#DataDirectory @LOCALSTATEDIR@/lib/tor
++DataDirectory @LOCALSTATEDIR@/lib/tor
+
+ ## The port on which Tor will listen for local connections from Tor
+ ## controller applications, as documented in control-spec.txt.
Deleted: torservice.patch
===================================================================
--- torservice.patch 2021-03-10 21:30:17 UTC (rev 887243)
+++ torservice.patch 2021-03-10 21:30:46 UTC (rev 887244)
@@ -1,11 +0,0 @@
---- a/contrib/dist/tor.service 2020-10-08 21:12:40.414833733 +0200
-+++ b/contrib/dist/tor.service 2020-10-08 21:12:42.751547264 +0200
-@@ -29,7 +29,7 @@
- ReadWriteDirectories=-/var/lib/tor
- ReadWriteDirectories=-/var/log/tor
- NoNewPrivileges=yes
--CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE
-+CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
-
- [Install]
- WantedBy=multi-user.target
More information about the arch-commits
mailing list