Hello community, here is the log from the commit of package tor for openSUSE:Factory checked in at 2020-01-09 22:50:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tor (Old) and /work/SRC/openSUSE:Factory/.tor.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tor" Thu Jan 9 22:50:58 2020 rev:78 rq:761967 version:0.4.2.5 Changes: -------- --- /work/SRC/openSUSE:Factory/tor/tor.changes 2019-12-10 22:44:11.201769862 +0100 +++ /work/SRC/openSUSE:Factory/.tor.new.6675/tor.changes 2020-01-09 22:51:51.914747433 +0100 @@ -1,0 +2,16 @@ +Tue Jan 7 11:21:02 UTC 2020 - Bernhard Wiedemann <[email protected]> + +- Update tor.service and add defaults-torrc + to work without dropped torctl (boo#1072274) +- Add tor-master.service to allow handling multiple tor daemons + +------------------------------------------------------------------- +Sat Dec 14 20:35:25 UTC 2019 - Andreas Stieger <[email protected]> + +- tor 0.4.2.5: + * first stable release in the 0.4.2.x series + * improves reliability and stability + * several stability and correctness improvements for onion services + * fixes many smaller bugs present in previous series + +------------------------------------------------------------------- Old: ---- tor-0.4.1.7.tar.gz tor-0.4.1.7.tar.gz.asc New: ---- defaults-torrc tor-0.4.2.5.tar.gz tor-0.4.2.5.tar.gz.asc tor-master.service ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tor.spec ++++++ --- /var/tmp/diff_new_pack.nmqMvY/_old 2020-01-09 22:51:53.122748038 +0100 +++ /var/tmp/diff_new_pack.nmqMvY/_new 2020-01-09 22:51:53.126748041 +0100 @@ -20,7 +20,7 @@ %define torgroup %{name} %define home_dir %{_localstatedir}/lib/empty Name: tor -Version: 0.4.1.7 +Version: 0.4.2.5 Release: 0 Summary: Anonymizing overlay network for TCP (The onion router) License: BSD-3-Clause @@ -31,6 +31,8 @@ Source2: tor.keyring Source3: tor.service Source4: tor.tmpfiles +Source5: defaults-torrc +Source6: tor-master.service Patch0: tor-0.2.5.x-logrotate.patch Patch1: fix-test.patch BuildRequires: openssl-devel >= 1.0.1 @@ -102,13 +104,12 @@ %{buildroot}/%{_sbindir} install -m 644 -D %{SOURCE3} %{buildroot}/%{_unitdir}/%{name}.service +install -m 644 -D %{SOURCE6} %{buildroot}/%{_unitdir}/%{name}-master.service +install -m 644 %{SOURCE5} %{buildroot}%{_datadir}/tor/defaults-torrc install -d -m 0755 %{buildroot}%{_libexecdir}/tmpfiles.d/ install -m 0644 %{SOURCE4} %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf ln -s -f service %{buildroot}%{_sbindir}/rc%{name} -# control script -install -p -m 755 contrib/dist/torctl %{buildroot}/%{_bindir} - # sample config files install -p -m 644 -D src/config/torrc.{sample,minimal} %{buildroot}/%{_sysconfdir}/%{name} install -p -m 644 src/config/torrc.minimal %{buildroot}/%{_sysconfdir}/%{name}/torrc @@ -148,6 +149,7 @@ %{_bindir}/* %dir %{_datadir}/%{name} %{_datadir}/%{name}/geoip* +%{_datadir}/%{name}/defaults-torrc %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name} %dir %attr(0755,root,%{torgroup}) %{_sysconfdir}/%{name} %config(noreplace) %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/torrc @@ -155,6 +157,7 @@ %attr(0700,%{toruser},%{torgroup}) %dir %{_localstatedir}/lib/%{name} %attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/log/%{name} %{_unitdir}/%{name}.service +%{_unitdir}/%{name}-master.service %{_libexecdir}/tmpfiles.d/%{name}.conf %{_sbindir}/rc%{name} ++++++ defaults-torrc ++++++ DataDirectory /var/lib/tor PidFile /var/run/tor/tor.pid User tor Log notice file /var/log/tor/tor.log #Log notice syslog ControlSocket /var/run/tor/control GroupWritable RelaxDirModeCheck ControlSocketsGroupWritable 1 SocksPort unix:/var/run/tor/socks WorldWritable SocksPort 9050 CookieAuthentication 1 CookieAuthFileGroupReadable 1 CookieAuthFile /var/run/tor/control.authcookie ++++++ tor-0.4.1.7.tar.gz -> tor-0.4.2.5.tar.gz ++++++ /work/SRC/openSUSE:Factory/tor/tor-0.4.1.7.tar.gz /work/SRC/openSUSE:Factory/.tor.new.6675/tor-0.4.2.5.tar.gz differ: char 12, line 1 ++++++ tor-master.service ++++++ # Use tor-master.service to restart/reload/stop the main tor.service and # all instances of [email protected] that are running. # # systemd targets cannot be reloaded so this is a service instead. [Unit] Description=Anonymizing overlay network for TCP (multi-instance master) [Service] Type=oneshot RemainAfterExit=yes ExecStart=/bin/true ExecReload=/bin/true [Install] WantedBy=multi-user.target ++++++ tor.service ++++++ --- /var/tmp/diff_new_pack.nmqMvY/_old 2020-01-09 22:51:53.778748367 +0100 +++ /var/tmp/diff_new_pack.nmqMvY/_new 2020-01-09 22:51:53.802748379 +0100 @@ -1,15 +1,35 @@ [Unit] -Description = Anonymizing overlay network for TCP -After = syslog.target network.target nss-lookup.target +Description=Anonymizing overlay network for TCP +After=syslog.target network.target nss-lookup.target +PartOf=tor-master.service +ReloadPropagatedFrom=tor-master.service [Service] -Type=forking -ExecStart=/usr/bin/torctl start -ExecReload=/usr/bin/torctl reload -ExecStop=/usr/bin/torctl stop +Type=notify +NotifyAccess=all +ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config +ExecStart=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT TimeoutSec=30 Restart=on-failure +RestartSec=1 +WatchdogSec=1m LimitNOFILE=32768 +# Hardening +PrivateTmp=yes +DeviceAllow=/dev/null rw +DeviceAllow=/dev/urandom r +ProtectHome=yes +#ProtectSystem=full +ReadOnlyDirectories=/run +ReadOnlyDirectories=/var +ReadWriteDirectories=/run/tor +ReadWriteDirectories=/var/lib/tor +ReadWriteDirectories=/var/log/tor +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH +PermissionsStartOnly=yes + [Install] WantedBy=multi-user.target
