[tor-bugs] #34176 [Internal Services/Tor Sysadmin Team]: Tor Browser Nightly external server support

Tue May 12 05:18:19 UTC 2020

#34176: Tor Browser Nightly external server support
-------------------------------------------------+---------------------
 Reporter:  sysrqb                               |          Owner:  tpa
     Type:  task                                 |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------

Comment (by gk):

 Replying to [comment:1 anarcat]:
 > >  Or should TPA be involved in this process and help manage/maintain
 the OS?
 >
 > It depends if you want TPA to actually manage the machine. From what I
 understand from the discussion in #34122, you absolutely need root to run
 those builds, and we don't usually give out root to TPA-managed machines.
 That (and the lack of hardware, of course) is what's making us hesitant in
 setting up that machine. If there's an horizon after which that
 requirement could eventually change, we could be more open to changing
 that constraint, but it doesn't seem like there is an opening there...

 I think there is and we should try to avoid maintaining the machine/OS
 outside of TPA if we can help it. While we don't have the time to work on
 this until end of September, would a soft commit for October (this year
 :)) work for you? (That is a soft commit to work on a fix for
 #23631/#31996) We are in maintenance mode for Tor Browser and the you-
 need-root-to-be-able-to-build-Tor-Browser-issue is high enough on our list
 of things to fix, I think, to make maintenance easier. So this is fair
 game. What do you think?

 > In other words, if "run builds as root" is a hard requirement that will
 never change, I don't think we can help you with a TPA machine. That, of
 course, can be discussed, and that's what I tried to do in #34122 but that
 didn't seem to stick. :)
 >
 > This does mean that if you setup the machine outside of TPA
 architecture, we cannot manage it either.
 >
 > I should warn that previous experiments in that area didn't go so well.
 From what I understand, the current build box at sunet is severely out of
 date and not really maintained, so that is something that should be
 avoided in the future.

 I totally agree. Hence my hope we can get that box under TPA maintenance
 as well.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34176#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online