Hi Tor and Vidalia maintainers,
> In relation to this matter, there's an extremely interesting point
> that I've found to accomplish this, and it's very very simple to
> achieve: A better solution on Debian would be to use Tor's
> ControlSocket, which allows Vidalia to talk to Tor via a Unix domain
> socket, and could possibly be enabled by default in Tor's Debian
> packages. Vidalia can then authenticate to Tor using
> filesystem-based (cookie) authentication if the user running Vidalia
> is also in the debian-tor group.
Context: setting up Vidalia's access to a system-wide Tor daemon on a
Debian system currently requires following not-that-easy steps (i.e.
editing torrc as root) that are documented in Vidalia's README.Debian.
I guess it's the same for every other Tor controller UI.
Vidalia 0.2.12 announce tells us it now supports Tor's ControlSocket
as an alternative to ControlPort. I think it's now time to consider
how the Tor Debian package could support ControlSocket out-of-the-box
for easy (read: without editing torrc) Tor controller configuration by
end-users.
How about:
1. In the default torrc: set ControlSocket to /var/run/tor/control.socket
2. In tor's initscript:
- chmod g+x /var/run/tor/ (which is already owned by the
debian-tor group)
- make sure members of the debian-tor group are given
read-write access to /var/run/tor/control.socket
If the above steps were implemented, every Tor controller's
Debian-specific documentation could be greatly simplified; it would
now read "Add to the debian-tor group every user allowed to control
the system-wide Tor daemon... that's all folks :)".
What do affected parties think of this? Peter, would you apply a patch
that implements the changes I am proposing?
> In the meantime, I thought about a really stupid solution, but that
> temporarily solves some of this problems This is for Vidalia to make
> a flag, let's say a file-touch (just a flag file) to
> /etc/tor/tor.d/, that Tor's daemon could use to know to avoid
> starting, or stuff like that.
I'm not sure Tor supports /etc/tor/tor.d/ - does it?
Bye,
--
intrigeri <intrig...@boum.org>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| Who wants a world in which the guarantee that we shall not
| die of starvation would entail the risk of dying of boredom ?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
