commit 915af1a65bc217fa33490876199bb69f760bea23 Author: Nick Mathewson <nickm@torproject.org> Date: Wed Jul 29 00:04:42 2020 -0400 Remove tor.service.in We aren't good at maintaining this; downstream maintainers are much better at figuring out what is right for them. Closes #30797. --- changes/ticket30797 | 5 +++++ configure.ac | 1 - contrib/README | 2 -- contrib/dist/tor.service.in | 35 ----------------------------------- contrib/include.am | 1 - 5 files changed, 5 insertions(+), 39 deletions(-) diff --git a/changes/ticket30797 b/changes/ticket30797 new file mode 100644 index 0000000000..0c116bd664 --- /dev/null +++ b/changes/ticket30797 @@ -0,0 +1,5 @@ + o Removed features: + - We no longer ship or build a "tor.service" file for use with systemd. + No distribution included this script unmodified, and we don't have the + expertise ourselves to maintain this in a way that all the various + systemd-based distributions can use. Closes ticket 30797. diff --git a/configure.ac b/configure.ac index 3076f2f1ff..d580eaaedd 100644 --- a/configure.ac +++ b/configure.ac @@ -2602,7 +2602,6 @@ AC_CONFIG_FILES([ Makefile config.rust contrib/operator-tools/tor.logrotate - contrib/dist/tor.service src/config/torrc.sample src/config/torrc.minimal src/rust/.cargo/config diff --git a/contrib/README b/contrib/README index a56065f97d..3edb0fafae 100644 --- a/contrib/README +++ b/contrib/README @@ -32,8 +32,6 @@ dist/ -- Scripts and files for use when packaging Tor torctl and tor.sh are init scripts for use with SysV-style init tools. Everybody likes to write init scripts differently, it seems. -tor.service is a sample service file for use with systemd. - operator-tools/ -- Tools for Tor relay operators ------------------------------------------------ diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in deleted file mode 100644 index e857a8664e..0000000000 --- a/contrib/dist/tor.service.in +++ /dev/null @@ -1,35 +0,0 @@ -# tor.service -- this systemd configuration file for Tor sets up a -# relatively conservative, hardened Tor service. You may need to -# edit it if you are making changes to your Tor configuration that it -# does not allow. Package maintainers: this should be a starting point -# for your tor.service; it is not the last point. - -[Unit] -Description=Anonymizing overlay network for TCP -After=syslog.target network.target nss-lookup.target - -[Service] -Type=notify -NotifyAccess=all -ExecStartPre=@BINDIR@/tor -f @CONFDIR@/torrc --verify-config -ExecStart=@BINDIR@/tor -f @CONFDIR@/torrc -ExecReload=/bin/kill -HUP ${MAINPID} -KillSignal=SIGINT -TimeoutSec=60 -Restart=on-failure -WatchdogSec=1m -LimitNOFILE=32768 - -# Hardening -PrivateTmp=yes -PrivateDevices=yes -ProtectHome=yes -ProtectSystem=full -ReadOnlyDirectories=/ -ReadWriteDirectories=-@LOCALSTATEDIR@/lib/tor -ReadWriteDirectories=-@LOCALSTATEDIR@/log/tor -NoNewPrivileges=yes -CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE - -[Install] -WantedBy=multi-user.target diff --git a/contrib/include.am b/contrib/include.am index 60783dc439..7a85093b68 100644 --- a/contrib/include.am +++ b/contrib/include.am @@ -2,7 +2,6 @@ EXTRA_DIST+= \ contrib/README \ contrib/client-tools/torify \ - contrib/dist/tor.service.in \ contrib/operator-tools/tor-exit-notice.html \ contrib/or-tools/exitlist \ contrib/win32build/tor-mingw.nsi.in \