[tor-bugs] #32550 [Circumvention/Obfs4]: Static tor in docker container

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Nov 22 07:59:04 UTC 2019 

#32550: Static tor in docker container
---------------------------------+--------------------------
 Reporter:  thymbahutymba        |          Owner:  phw
     Type:  enhancement          |         Status:  assigned
 Priority:  Medium               |      Milestone:
Component:  Circumvention/Obfs4  |        Version:
 Severity:  Normal               |     Resolution:
 Keywords:  docker               |  Actual Points:
Parent ID:                       |         Points:
 Reviewer:                       |        Sponsor:
---------------------------------+--------------------------

Comment (by thymbahutymba):

 Replying to [comment:1 phw]:
 > So the idea is to use a more lightweight image, like alpine, and copy a
 statically-compiled tor binary into the image?

 Yes that is the idea.

 > I like the idea of making our image more lightweight but I worry about
 the additional complexity in the build process. For example, we also need
 to include Tor's GeoIP database because otherwise the bridge won't be
 reporting the country codes of its clients. Debian's tor package depends
 on tor-geoipdb, which takes care of this for us.

 Actually this problem does not exist because looking at the debian geoipdb
 package [https://packages.debian.org/sid/all/tor-geoipdb/filelist tor-
 geoipdb] the interesting file are {{{/usr/share/tor/geoip*}}}; if we look
 at the result from the tor statically compilation these file are already
 present.

 {{{
 $ ls -al etc/tor/ share/tor/ bin/
 bin/:
 total 23816
 drwxr-xr-x 2 alarm alarm     4096 Nov 19 22:03 ./
 drwxr-xr-x 5 alarm alarm     4096 Nov 20 16:57 ../
 -rwxr-xr-x 1 alarm alarm 15843708 Nov 19 22:03 tor*
 -rwxr-xr-x 1 alarm alarm  3934620 Nov 19 22:03 tor-gencert*
 -rwxr-xr-x 1 alarm alarm     1375 Nov 19 22:03 torify*
 -rwxr-xr-x 1 alarm alarm  3253832 Nov 19 22:03 tor-print-ed-signing-cert*
 -rwxr-xr-x 1 alarm alarm  1335172 Nov 19 22:03 tor-resolve*

 etc/tor/:
 total 20
 drwxr-xr-x 2 alarm alarm  4096 Nov 19 22:03 ./
 drwxr-xr-x 3 alarm alarm  4096 Nov 19 22:03 ../
 -rw-r--r-- 1 alarm alarm 11663 Nov 19 22:03 torrc.sample

 share/tor/:
 total 7356
 drwxr-xr-x 2 alarm alarm    4096 Nov 19 22:03 ./
 drwxr-xr-x 3 alarm alarm    4096 Nov 19 22:03 ../
 -rw-r--r-- 1 alarm alarm 4647198 Nov 19 22:03 geoip
 -rw-r--r-- 1 alarm alarm 2871417 Nov 19 22:03 geoip6
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32550#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list