On Mon, 2 Nov 2015 20:46:50 -0500 James Valleroy <[email protected]> wrote: > What I propose is a single debconf question like "How should Tor run?" with > multiselect choices of client-only, relay, or bridge relay. Then Tor would > enable options in torrc, with appropriate choices for that selection. This > would be the basic configuration that works for most users running in the > selected mode.
Here's a patch to implement this change. -- James
From 3ae772e72a668b37cc4e32adae7bc2f175573310 Mon Sep 17 00:00:00 2001 From: James Valleroy <[email protected]> Date: Mon, 9 Nov 2015 20:57:19 -0500 Subject: [PATCH] Use ucf to handle torrc. Add debconf question to select Tor mode. Add i18n support to debconf template. --- debian/control | 4 ++-- debian/po/POTFILES.in | 1 + debian/po/templates.pot | 55 +++++++++++++++++++++++++++++++++++++++++++++++++ debian/rules | 2 -- debian/tor.config | 20 ++++++++++++++++++ debian/tor.install | 2 +- debian/tor.postinst | 21 +++++++++++++++++++ debian/tor.postrm | 8 +++++++ debian/tor.templates | 15 ++++++++++++++ 9 files changed, 123 insertions(+), 5 deletions(-) create mode 100644 debian/po/POTFILES.in create mode 100644 debian/po/templates.pot create mode 100644 debian/tor.config create mode 100644 debian/tor.templates diff --git a/debian/control b/debian/control index 5ea8d70..73a8d34 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: tor Section: net Priority: optional Maintainer: Peter Palfrader <[email protected]> -Build-Depends: debhelper (>= 8.1.0~), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev [amd64 i386], dh-systemd [linux-any], libsystemd-dev [linux-any], pkg-config [linux-any], dh-autoreconf +Build-Depends: debhelper (>= 8.1.0~), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev [amd64 i386], dh-systemd [linux-any], libsystemd-dev [linux-any], pkg-config [linux-any], dh-autoreconf, po-debconf Build-Conflicts: libnacl-dev, libseccomp-dev [!amd64 !i386] Standards-Version: 3.9.4 Homepage: https://www.torproject.org/ @@ -11,7 +11,7 @@ Vcs-Browser: https://gitweb.torproject.org/debian/tor.git Package: tor Architecture: any -Depends: ${shlibs:Depends}, adduser, ${misc:Depends}, lsb-base +Depends: ${shlibs:Depends}, adduser, ${misc:Depends}, lsb-base, ucf, debconf Pre-Depends: ${misc:Pre-Depends} Conflicts: libssl0.9.8 (<< 0.9.8g-9) Recommends: logrotate, tor-geoipdb, torsocks diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in new file mode 100644 index 0000000..ecbf8eb --- /dev/null +++ b/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] tor.templates diff --git a/debian/po/templates.pot b/debian/po/templates.pot new file mode 100644 index 0000000..a20e68d --- /dev/null +++ b/debian/po/templates.pot @@ -0,0 +1,55 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the tor package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: tor\n" +"Report-Msgid-Bugs-To: [email protected]\n" +"POT-Creation-Date: 2015-11-09 22:42-0500\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <[email protected]>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: select +#. Description +#: ../tor.templates:1001 +msgid "How should Tor run?" +msgstr "" + +#. Type: select +#. Description +#: ../tor.templates:1001 +msgid "" +"Besides being run as a client, Tor can also be run as a relay, or as a " +"bridge relay. In these modes, you will donate some bandwidth to help the Tor " +"network." +msgstr "" + +#. Type: select +#. Description +#: ../tor.templates:1001 +msgid "If you select client, then Tor will run with its default configuration." +msgstr "" + +#. Type: select +#. Description +#: ../tor.templates:1001 +msgid "" +"If you select relay, then Tor will run as a non-exit relay. Your Tor relay " +"will be listed in the main Tor directory." +msgstr "" + +#. Type: select +#. Description +#: ../tor.templates:1001 +msgid "" +"If you select bridge, then Tor will run as a non-exit bridge relay. It will " +"not be listed in the main Tor directory." +msgstr "" diff --git a/debian/rules b/debian/rules index ee76e21..5fe7269 100755 --- a/debian/rules +++ b/debian/rules @@ -56,8 +56,6 @@ override_dh_clean: override_dh_install: dh_install --fail-missing - mv debian/tor/etc/tor/torrc.sample debian/tor/etc/tor/torrc - cp debian/tor.apparmor-profile debian/tor/etc/apparmor.d/system_tor cp debian/tor.apparmor-profile.abstraction debian/tor/etc/apparmor.d/abstractions/tor dh_apparmor --profile-name=system_tor -ptor diff --git a/debian/tor.config b/debian/tor.config new file mode 100644 index 0000000..cdb4c57 --- /dev/null +++ b/debian/tor.config @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e +. /usr/share/debconf/confmodule + +TORRC=/etc/tor/torrc + +if [ -e $TORRC ]; then + mode=client + if grep -q "^ORPort" $TORRC; then + mode=relay + if grep -q "^BridgeRelay 1" $TORRC; then + mode=bridge + fi + fi + db_set tor/mode $mode +fi + +db_input high tor/mode || true +db_go || true diff --git a/debian/tor.install b/debian/tor.install index e59def8..a6e6441 100644 --- a/debian/tor.install +++ b/debian/tor.install @@ -1,8 +1,8 @@ usr/bin usr/share/doc usr/share/man -etc/tor contrib/client-tools/torify usr/bin debian/tor-service-defaults-torrc usr/share/tor debian/tor.service lib/systemd/system +etc/tor/torrc.sample /usr/share/tor diff --git a/debian/tor.postinst b/debian/tor.postinst index 5ce8181..7c98db7 100644 --- a/debian/tor.postinst +++ b/debian/tor.postinst @@ -1,5 +1,26 @@ #!/bin/sh -e +. /usr/share/debconf/confmodule + +TORRC=/etc/tor/torrc + +if [ "$1" = "configure" ]; then + mkdir -p /etc/tor + cp -a -f /usr/share/tor/torrc.sample $TORRC.ucftmp + db_get tor/mode || true + if [ "$RET" != "client" ]; then + sed -i '0,/^#ORPort 9001$/s//ORPort auto/' $TORRC.ucftmp + sed -i '0,/^#ExitPolicy reject \*:\*/s//ExitPolicy reject *:*/' \ + $TORRC.ucftmp + fi + if [ "$RET" = "bridge" ]; then + sed -i '0,/^#BridgeRelay 1$/s//BridgeRelay 1/' $TORRC.ucftmp + fi + ucf --three-way --debconf-ok $TORRC.ucftmp $TORRC + ucfr tor $TORRC + rm -f $TORRC.ucftmp +fi + # checking debian-tor account uid=`getent passwd debian-tor | cut -d ":" -f 3` diff --git a/debian/tor.postrm b/debian/tor.postrm index eb8820b..2503560 100644 --- a/debian/tor.postrm +++ b/debian/tor.postrm @@ -1,6 +1,14 @@ #!/bin/sh -e if [ "$1" = "purge" ]; then + if [ -x "$(which ucf 2>/dev/null)" ]; then + ucf --purge /etc/tor/torrc + fi + if [ -x "$(which ucfr 2>/dev/null)" ]; then + ucfr --purge tor /etc/tor/torrc + fi + rm -f /etc/tor/torrc + # logs have to be removed according to policy. rm -rf /var/log/tor/ rm -rf /var/lib/tor/ diff --git a/debian/tor.templates b/debian/tor.templates new file mode 100644 index 0000000..05ba9e1 --- /dev/null +++ b/debian/tor.templates @@ -0,0 +1,15 @@ +Template: tor/mode +Type: select +Choices: client, relay, bridge +Default: client +_Description: How should Tor run? + Besides being run as a client, Tor can also be run as a relay, or as a bridge + relay. In these modes, you will donate some bandwidth to help the Tor network. + . + If you select client, then Tor will run with its default configuration. + . + If you select relay, then Tor will run as a non-exit relay. Your Tor relay + will be listed in the main Tor directory. + . + If you select bridge, then Tor will run as a non-exit bridge relay. It will + not be listed in the main Tor directory. -- 2.6.2
signature.asc
Description: OpenPGP digital signature
