[tor-dev] Proposal: only parse .torrc files in torrc.d directory
iry at riseup.net
Mon Feb 5 18:37:00 UTC 2018
-----BEGIN PGP SIGNED MESSAGE-----
> Could you please look at existing .d folders of any other projects
> tell me what you think? Perhaps discuss this with Tor Project.
> [...] From my quick search, it appears that the Debian feature
> request is still open, and no other distro is using torrc.d yet.
> But you should check, too.
I went through all Tor packages listed here:
https://trac.torproject.org/projects/tor/wiki/doc/packages and no
distros shipped a torrc with %include line enabled.
I know Whonix will not use torrc.d before next stable version. I also
did a grep -r -i "%include" on Tails source code and I do not think
Tails has enabled it by default.
nickm suggested proposed to create a new syntax to take care of the
> %include /etc/torrc.d/*.conf
Here is my thoughts on this:
1. I agree that "[a]nybody who currently has a working setup will have
it fail if we start requiring a suffix that they didn't know to
provide", which is not good for compatibility. But, letting people
still use or will be able to use a setting that is not recommended
anymore seems also not to be a very good idea? Considering the
potential danger of parsing all the files, shall we go a little bit
aggressive? I would rather break people's current potentially
dangerous settings. What do you think?
2. Since no distros I know has enabled this feature by default, I
guess there are only a very small number of users has enabled this
feature. Will an info in the release note saying "%include
/etc/torrc.d/ will only pase files suffixed with .torrc files" be
enough to inform them? Maybe we can even document the manual migration
3. %include /etc/torrc.d/*.conf syntax is very flexible so that Tor
does not have to decide which extension names should be parsed.
4. %include /etc/torrc.d/*.conf syntax explicitly says which extension
name will be used rather than the implicit document.
5. But is it a good idea to make the syntax that flexible? For
example, anon-connection-wizard will generate a torrc files in torrc.d
directory, I (and maybe many other developers) prefer writing to a
file that I can guarantee it will be parsed in most case. If I write
to 40_anon-connection-wizard.conf but some people set to pase .torrc
or anything else only, it will be not be very good? (I do not want
anon-connection-wizard to touch /etc/tor/torrc)
Finally, do you think it is a good idea to switch to the ticket for
further discussion to avoid cross posting and high volume on @tor-dev?
Thank you very much!
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-dev