summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJamie Nguyen <j@jamielinux.com>2015-05-21 17:06:58 +0100
committerJamie Nguyen <j@jamielinux.com>2015-05-21 17:06:58 +0100
commit4f51bac26c7cdbe12fce2ac7342d2684f4f57795 (patch)
treead2cfb1c7f3f4dff26ce5c70cf550e36716984cc
parent7f3daa38d83a75dfa1c07386d7a0523a811c691e (diff)
Update to 0.2.6.8 and improve systemd service file
-rw-r--r--.gitignore2
-rw-r--r--sources4
-rw-r--r--tor.service (renamed from tor.systemd.service)11
-rw-r--r--tor.spec14
-rw-r--r--tor@.service24
5 files changed, 48 insertions, 7 deletions
diff --git a/.gitignore b/.gitignore
index 3b7e746..f18fbd0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,5 @@
/tor-0.2.5.11.tar.gz.asc
/tor-0.2.5.12.tar.gz
/tor-0.2.5.12.tar.gz.asc
+/tor-0.2.6.8.tar.gz
+/tor-0.2.6.8.tar.gz.asc
diff --git a/sources b/sources
index 3ef8097..cde2876 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-89745069a7efb7aafd01ae263bd0fe5c tor-0.2.5.12.tar.gz
-3db5c03de8abc1ffd3c9915b88b7b883 tor-0.2.5.12.tar.gz.asc
+20a8c1f8cd7e8c912c4f3f0b67740fa5 tor-0.2.6.8.tar.gz
+ccb8886658580ddb618809948fd2ed12 tor-0.2.6.8.tar.gz.asc
diff --git a/tor.systemd.service b/tor.service
index c598283..ec6dcd7 100644
--- a/tor.systemd.service
+++ b/tor.service
@@ -4,12 +4,21 @@ After = syslog.target network.target nss-lookup.target
[Service]
Type = simple
+ExecStartPre = /usr/bin/tor -f /etc/tor/torrc --verify-config
ExecStart = /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc
ExecReload = /bin/kill -HUP ${MAINPID}
-ExecStop = /bin/kill -INT ${MAINPID}
+KillSignal = SIGINT
TimeoutSec = 30
Restart = on-failure
LimitNOFILE = 32768
+PrivateTmp = yes
+DeviceAllow = /dev/null rw
+DeviceAllow = /dev/urandom r
+InaccessibleDirectories = /home
+ReadOnlyDirectories = /
+ReadWriteDirectories = -/var/lib/tor
+ReadWriteDirectories = -/var/log/tor
+
[Install]
WantedBy = multi-user.target
diff --git a/tor.spec b/tor.spec
index 94f0494..df43a6d 100644
--- a/tor.spec
+++ b/tor.spec
@@ -6,7 +6,7 @@
%global logdir %{_localstatedir}/log/%{name}
Name: tor
-Version: 0.2.5.12
+Version: 0.2.6.8
Release: 1%{?dist}
Group: System Environment/Daemons
License: BSD
@@ -21,9 +21,8 @@ Source2: tor.logrotate
# This makes sure tor runs as 'toranon', logs to syslog at 'notice' level,
# and writes to /var/lib/tor instead of /root/.tor directory.
Source3: tor.defaults-torrc
-# A ticket has been opened to have the systemd service included upstream:
-# https://trac.torproject.org/projects/tor/ticket/8368
-Source10: tor.systemd.service
+Source10: tor.service
+Source11: tor@.service
BuildRequires: asciidoc
BuildRequires: libevent-devel
@@ -75,6 +74,7 @@ mkdir -p $RPM_BUILD_ROOT%{logdir}
mkdir -p $RPM_BUILD_ROOT%{homedir}
install -D -p -m 0644 %{SOURCE10} $RPM_BUILD_ROOT%_unitdir/%{name}.service
+install -D -p -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%_unitdir/%{name}@.service
install -D -p -m 0644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/tor
install -D -p -m 0644 %{SOURCE3} $RPM_BUILD_ROOT%{_datadir}/%{name}/defaults-torrc
@@ -114,6 +114,7 @@ exit 0
%{_datadir}/tor/geoip
%{_datadir}/tor/geoip6
%{_unitdir}/%{name}.service
+%{_unitdir}/%{name}@.service
%dir %{_sysconfdir}/tor
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/tor/torrc
@@ -124,6 +125,11 @@ exit 0
%changelog
+* Thu May 21 2015 Jamie Nguyen <jamielinux@fedoraproject.org> - 0.2.6.8-1
+- update to upstream release 0.2.6.8
+- improve/harden systemd service file
+- add multi-instance systemd service file (#1210837)
+
* Tue Apr 07 2015 Jamie Nguyen <jamielinux@fedoraproject.org> - 0.2.5.12-1
- update to upstream release 0.2.5.12
diff --git a/tor@.service b/tor@.service
new file mode 100644
index 0000000..96dfe17
--- /dev/null
+++ b/tor@.service
@@ -0,0 +1,24 @@
+[Unit]
+Description = Anonymizing overlay network for TCP
+After = syslog.target network.target nss-lookup.target
+
+[Service]
+Type = simple
+ExecStartPre = /usr/bin/tor -f /etc/tor/%i.torrc --verify-config
+ExecStart = /usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/%i.torrc
+ExecReload = /bin/kill -HUP ${MAINPID}
+KillSignal = SIGINT
+TimeoutSec = 30
+Restart = on-failure
+LimitNOFILE = 32768
+
+PrivateTmp = yes
+DeviceAllow = /dev/null rw
+DeviceAllow = /dev/urandom r
+InaccessibleDirectories = /home
+ReadOnlyDirectories = /
+ReadWriteDirectories = -/var/lib/tor
+ReadWriteDirectories = -/var/log/tor
+
+[Install]
+WantedBy = multi-user.target