[tor-bugs] #3629 [arm]: Arm/Tor Deb Torrc Configuration

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Jul 21 15:55:13 UTC 2011


#3629: Arm/Tor Deb Torrc Configuration
-------------------------+--------------------------------------------------
 Reporter:  atagar       |          Owner:  ioerror
     Type:  enhancement  |         Status:  new    
 Priority:  normal       |      Milestone:         
Component:  arm          |        Version:         
 Keywords:               |         Parent:         
   Points:               |   Actualpoints:         
-------------------------+--------------------------------------------------
 Hi Jake. Thanks for this! The only part I'll comment on much is python and
 arm since the change itself mostly concerns the arm deb -> tor deb
 interaction (which treads on areas I'm not too familiar with).

 See attached for a rewrite of the python script you sent me. Writing
 manual copy methods were unnecessary due to shutil, the group check is
 simplified a bit, and some minor syntax issues would have prevented it
 from running. This checks out with pylint but *I haven't exercised it*
 (not on a good test system).

 My understanding of your change is as follows. I'm sure I'm
 misunderstanding a few parts so corrections appreciated!

 Step 1: The resources you're providing will only be included or used in
 the arm deb. As such they'll be checked into the packaging branch under...
 {{{
 /resources/replaceTorrc/Makefile
 /resources/replaceTorrc/tor-arm-replace-torrc.c
 /resources/replaceTorrc/tor-arm-replace-torrc.h
 /resources/replaceTorrc/replaceTorrc.py
 }}}

 Step 2: In deb-prep.sh [1] we'll copy it into release_deb/src/resources
 via something like the following on line 33...
 {{{
 (cd resources && git archive --format=tar packaging replaceTorrc) | (cd
 ./release_deb/src/resources && tar xf -)
 }}}

 Step 3: Also in deb-prep.sh we change our default data directory from
 "~/.arm" to "/var/lib/tor-arm".

 Step 4: I build and send debs to Peter as normal, the only difference
 being that the arm deb has these "src/resources/replaceTorrc/*" contents.
 The tor-arm-replace-torrc is still uncompiled at this point.

 Step 5: Part of installing the deb is that a "tor-arm" group is created,
 "tor-arm-replace-torrc" is compiled and placed in "<DESTDIR>/bin/tor-arm-
 replace-torrc", and '/var/lib/tor-arm' is made under "root:tor-arm".

 Detail that I'm not clear on: if the user just runs 'arm' then it's under
 their user rather than tor-arm and hence won't be able to access the arm
 data directory, causing arm lots of problems (it won't die, but worse
 performance and many things will not work). Clarification here would be
 nice.

 Step 6: I add an "isDebHack" check which governs if we're gonna be using
 this or not. The conditional is:
 a. "tor-arm-replace-torrc" is in the PATH
 b. we're either not connected to tor *or* torrc path for the attached
 instance is "/etc/tor/torrc"

 Step 7: If "isDebHack" is true then when the wizard is finished [2] it
 calls "tor-arm-replace-torrc". If that's successful then HUP tor,
 otherwise show the user an error. This just means a little change around
 line 376.

 Step 8: My understanding is that the tor process is unable to write to its
 torrc, so SAVECONF calls fail on debian. Is that right? If so, then arm's
 saveConf function [3] will need to be modified so the configuration panel
 can write custom configs.

 If this is right then I can do the changes to make arm do the above with
 the exception of step 5. That deb change *and the testing* I'll be leaving
 up to you. My understanding is that this isn't impacting my deb prep
 process and that you're taking ownership of this feature. Please let me
 know if that isn't the case!

 I'd like an ok from Peter, Nick, and confirmation from Jake that he's
 owning this before I implement the above. Besides that, I'm thrilled arm
 will be getting better tor deb integration! -Damian

 [1] https://gitweb.torproject.org/arm.git/blob/packaging:/deb-prep.sh
 [2]
 https://gitweb.torproject.org/arm.git/blob/HEAD:/src/cli/wizard.py#l324
 [3]
 https://gitweb.torproject.org/arm.git/blob/HEAD:/src/util/torConfig.py#l395

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3629>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list