[arch-commits] Commit in tor/repos (7 files)

Evangelos Foutras foutrelis at gemini.archlinux.org
Thu Aug 4 13:19:41 UTC 2022 

    Date: Thursday, August 4, 2022 @ 13:19:41
  Author: foutrelis
Revision: 1260268

archrelease: copy trunk to community-testing-x86_64

Added:
  tor/repos/community-testing-x86_64/
  tor/repos/community-testing-x86_64/PKGBUILD
    (from rev 1260267, tor/trunk/PKGBUILD)
  tor/repos/community-testing-x86_64/keys/
  tor/repos/community-testing-x86_64/tor.service
    (from rev 1260267, tor/trunk/tor.service)
  tor/repos/community-testing-x86_64/tor.sysusers
    (from rev 1260267, tor/trunk/tor.sysusers)
  tor/repos/community-testing-x86_64/tor.tmpfiles
    (from rev 1260267, tor/trunk/tor.tmpfiles)
  tor/repos/community-testing-x86_64/torrc.patch
    (from rev 1260267, tor/trunk/torrc.patch)

--------------+
 PKGBUILD     |   69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 tor.service  |   35 ++++++++++++++++++++++++++++
 tor.sysusers |    1 
 tor.tmpfiles |    1 
 torrc.patch  |   28 +++++++++++++++++++++++
 5 files changed, 134 insertions(+)

Copied: tor/repos/community-testing-x86_64/PKGBUILD (from rev 1260267, tor/trunk/PKGBUILD)
===================================================================
--- community-testing-x86_64/PKGBUILD	                        (rev 0)
+++ community-testing-x86_64/PKGBUILD	2022-08-04 13:19:41 UTC (rev 1260268)
@@ -0,0 +1,69 @@
+# Maintainer: Lukas Fleischer <lfleischer at archlinux.org>
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Maintainer: kpcyrd <kpcyrd[at]archlinux[dot]org>
+# Contributor: Daniel Micay <danielmicay at gmail.com>
+# Contributor: simo <simo at archlinux.org>
+# Contributor: Sid Karunaratne
+
+pkgname=tor
+pkgver=0.4.7.8
+pkgrel=2
+pkgdesc='Anonymizing overlay network.'
+arch=('x86_64')
+url='https://www.torproject.org/download/tor/'
+license=('BSD')
+depends=('openssl' 'libevent' 'bash' 'libseccomp' 'zstd' 'libcap' 'systemd-libs'
+         'libsystemd.so' 'libzstd.so' 'libseccomp.so' 'libcap.so')
+optdepends=('torsocks: for torify')
+makedepends=('ca-certificates' 'systemd')
+backup=('etc/tor/torrc')
+source=("https://dist.torproject.org/${pkgname}-${pkgver}.tar.gz"{,.sha256sum{,.asc}}
+        'torrc.patch'
+        'tor.sysusers'
+        'tor.tmpfiles'
+        'tor.service')
+b2sums=('40f6eab453d95a09e4531ce7cdb59715a21b84e1d0b1045d107add6a443fb7563a5747734b23e0e1dfda6490a5a7659f912e38c11cdb5fa635535dcff6169eeb'
+        '0fa1e094af83c74f46f87d0569a623bd3061b416f272d19326faf08ab6e9e926b14c2d46c99fba80d68f22188aa74c73e68477015e1c37382e4acb115d10a5a2'
+        'SKIP'
+        '3359e138d823a77df2a42ce3fe8c6ecb4004e9ec191863db7857aceea7c136c78f09518b1a199dfd3215f5d61f1c060f4a0e2141c5bdb6b847af60fb6e9a81a7'
+        '9053da53926f2120ac57b6c1442238f5bbd89bf9270347c4e00b721b39939bebc6adfcf814a9d7289dfd14d085d91c193529305336db93190da5b7f586a031df'
+        '5d55d9a7e42b6ce78b8ab985bab37afe8f0bacddb5abd895c4a490adb8f98b9422f90b40066fef05ecf37b7b21e80aadc615c4b7f6e12b05581304113a1b1f1d'
+        '327c1a35c3d4c44f93edb47959c8c41ab6af4cbfcbb8f4e9f54f2f69d17d148bf85e2d2c8aefe2d3165e123056dd68a248af78d1ba713b94a4e6d27a9cf412f1')
+validpgpkeys=(
+  '2133BC600AB133E1D826D173FE43009C4607B1FB' # Nick Mathewson
+  'B74417EDDF22AC9F9E90F49142E86A2A11F48D36' # David Goulet
+  '1C1BC007A9F607AA8152C040BEA7B180B1491921' # Alexander Færøy
+)
+
+prepare() {
+  # verify the signed sums match the expected source tarball
+  sha256sum -c ${pkgname}-${pkgver}.tar.gz.sha256sum
+  cd ${pkgname}-${pkgver}
+  # uncomment essential config sections in the torrc file
+  patch -Np1 < "${srcdir}/torrc.patch"
+}
+
+build() {
+  cd ${pkgname}-${pkgver}
+  ./configure \
+    --prefix=/usr \
+    --sysconfdir=/etc \
+    --localstatedir=/var
+  make
+}
+
+package() {
+  cd ${pkgname}-${pkgver}
+
+  make DESTDIR="${pkgdir}" install
+  mv "${pkgdir}"/etc/tor/torrc{.sample,}
+
+  # install arch custom files
+  install -Dm 644 "${srcdir}"/*.service -t "${pkgdir}"/usr/lib/systemd/system
+  install -Dm 644 "${srcdir}"/tor.sysusers "${pkgdir}"/usr/lib/sysusers.d/tor.conf
+  install -Dm 644 "${srcdir}"/tor.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/tor.conf
+
+  install -Dm 644 LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname}
+}
+
+# vim: ts=2 sw=2 et:

Copied: tor/repos/community-testing-x86_64/tor.service (from rev 1260267, tor/trunk/tor.service)
===================================================================
--- community-testing-x86_64/tor.service	                        (rev 0)
+++ community-testing-x86_64/tor.service	2022-08-04 13:19:41 UTC (rev 1260268)
@@ -0,0 +1,35 @@
+# tor.service -- this systemd configuration file for Tor sets up a
+# relatively conservative, hardened Tor service.  You may need to
+# edit it if you are making changes to your Tor configuration that it
+# does not allow.  Package maintainers: this should be a starting point
+# for your tor.service; it is not the last point.
+
+[Unit]
+Description=Anonymizing overlay network for TCP
+After=syslog.target network.target nss-lookup.target
+
+[Service]
+Type=notify
+NotifyAccess=all
+ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config
+ExecStart=/usr/bin/tor -f /etc/tor/torrc
+ExecReload=/bin/kill -HUP ${MAINPID}
+KillSignal=SIGINT
+TimeoutSec=60
+Restart=on-failure
+WatchdogSec=1m
+LimitNOFILE=32768
+
+# Hardening
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectHome=yes
+ProtectSystem=full
+ReadOnlyDirectories=/
+ReadWriteDirectories=-/var/lib/tor
+ReadWriteDirectories=-/var/log/tor
+NoNewPrivileges=yes
+CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
+
+[Install]
+WantedBy=multi-user.target

Copied: tor/repos/community-testing-x86_64/tor.sysusers (from rev 1260267, tor/trunk/tor.sysusers)
===================================================================
--- community-testing-x86_64/tor.sysusers	                        (rev 0)
+++ community-testing-x86_64/tor.sysusers	2022-08-04 13:19:41 UTC (rev 1260268)
@@ -0,0 +1 @@
+u tor 43 - /var/lib/tor

Copied: tor/repos/community-testing-x86_64/tor.tmpfiles (from rev 1260267, tor/trunk/tor.tmpfiles)
===================================================================
--- community-testing-x86_64/tor.tmpfiles	                        (rev 0)
+++ community-testing-x86_64/tor.tmpfiles	2022-08-04 13:19:41 UTC (rev 1260268)
@@ -0,0 +1 @@
+d /var/lib/tor 0700 tor tor - -

Copied: tor/repos/community-testing-x86_64/torrc.patch (from rev 1260267, tor/trunk/torrc.patch)
===================================================================
--- community-testing-x86_64/torrc.patch	                        (rev 0)
+++ community-testing-x86_64/torrc.patch	2022-08-04 13:19:41 UTC (rev 1260268)
@@ -0,0 +1,28 @@
+--- a/src/config/torrc.sample.in	2021-03-10 19:59:10.123456789 +0100
++++ b/src/config/torrc.sample.in	2021-03-10 19:59:10.123456789 +0100
+@@ -11,6 +11,7 @@
+ ##
+ ## Tor will look for this file in various places based on your platform:
+ ## https://www.torproject.org/docs/faq#torrc
++User tor
+ 
+ ## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't
+ ## configure one below. Set "SOCKSPort 0" if you plan to run Tor only
+@@ -39,7 +40,7 @@
+ ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
+ #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
+ ## Use the system log instead of Tor's logfiles
+-#Log notice syslog
++Log notice syslog
+ ## To send all messages to stderr:
+ #Log debug stderr
+ 
+@@ -50,7 +51,7 @@
+ 
+ ## The directory for keeping all the keys/etc. By default, we store
+ ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+-#DataDirectory @LOCALSTATEDIR@/lib/tor
++DataDirectory @LOCALSTATEDIR@/lib/tor
+ 
+ ## The port on which Tor will listen for local connections from Tor
+ ## controller applications, as documented in control-spec.txt.

More information about the arch-commits mailing list