Date: Wednesday, June 16, 2021 @ 11:03:11 Author: diabonas Revision: 964273
archrelease: copy trunk to community-testing-x86_64 Added: tor/repos/community-testing-x86_64/ tor/repos/community-testing-x86_64/PKGBUILD (from rev 964272, tor/trunk/PKGBUILD) tor/repos/community-testing-x86_64/tor.service (from rev 964272, tor/trunk/tor.service) tor/repos/community-testing-x86_64/tor.sysusers (from rev 964272, tor/trunk/tor.sysusers) tor/repos/community-testing-x86_64/tor.tmpfiles (from rev 964272, tor/trunk/tor.tmpfiles) tor/repos/community-testing-x86_64/torrc.patch (from rev 964272, tor/trunk/torrc.patch) --------------+ PKGBUILD | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ tor.service | 35 +++++++++++++++++++++++++++++++ tor.sysusers | 1 tor.tmpfiles | 1 torrc.patch | 28 +++++++++++++++++++++++++ 5 files changed, 128 insertions(+) Copied: tor/repos/community-testing-x86_64/PKGBUILD (from rev 964272, tor/trunk/PKGBUILD) =================================================================== --- community-testing-x86_64/PKGBUILD (rev 0) +++ community-testing-x86_64/PKGBUILD 2021-06-16 11:03:11 UTC (rev 964273) @@ -0,0 +1,63 @@ +# Maintainer: Lukas Fleischer <lfleisc...@archlinux.org> +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: kpcyrd <kpcyrd[at]archlinux[dot]org> +# Contributor: Daniel Micay <danielmi...@gmail.com> +# Contributor: simo <s...@archlinux.org> +# Contributor: Sid Karunaratne + +pkgname=tor +pkgver=0.4.6.5 +pkgrel=1 +pkgdesc='Anonymizing overlay network.' +arch=('x86_64') +url='https://www.torproject.org/' +license=('BSD') +depends=('openssl' 'libevent' 'bash' 'libseccomp' 'zstd' 'libcap' 'systemd-libs' + 'libsystemd.so' 'libzstd.so' 'libseccomp.so' 'libcap.so') +optdepends=('torsocks: for torify') +makedepends=('ca-certificates' 'systemd') +backup=('etc/tor/torrc') +source=("https://www.torproject.org/dist/${pkgname}-${pkgver}.tar.gz"{,.asc} + 'torrc.patch' + 'tor.sysusers' + 'tor.tmpfiles' + 'tor.service') +b2sums=('bdff61863f8b48381cc52d66c54f417e90177118d6cdd1402f3ecca9783f32141f74bb979b4f8c919d9e2c6cd4373fd9a5e0e84498a26470af1fbc6eb2c7caed' + 'SKIP' + '3359e138d823a77df2a42ce3fe8c6ecb4004e9ec191863db7857aceea7c136c78f09518b1a199dfd3215f5d61f1c060f4a0e2141c5bdb6b847af60fb6e9a81a7' + '9053da53926f2120ac57b6c1442238f5bbd89bf9270347c4e00b721b39939bebc6adfcf814a9d7289dfd14d085d91c193529305336db93190da5b7f586a031df' + '5d55d9a7e42b6ce78b8ab985bab37afe8f0bacddb5abd895c4a490adb8f98b9422f90b40066fef05ecf37b7b21e80aadc615c4b7f6e12b05581304113a1b1f1d' + '327c1a35c3d4c44f93edb47959c8c41ab6af4cbfcbb8f4e9f54f2f69d17d148bf85e2d2c8aefe2d3165e123056dd68a248af78d1ba713b94a4e6d27a9cf412f1') +validpgpkeys=('2133BC600AB133E1D826D173FE43009C4607B1FB' # Nick Mathewson + 'F65CE37F04BA5B360AE6EE17C218525819F78451') # Roger Dingledine + +prepare() { + cd ${pkgname}-${pkgver} + # uncomment essential config sections in the torrc file + patch -Np1 < "${srcdir}/torrc.patch" +} + +build() { + cd ${pkgname}-${pkgver} + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var + make +} + +package() { + cd ${pkgname}-${pkgver} + + make DESTDIR="${pkgdir}" install + mv "${pkgdir}"/etc/tor/torrc{.sample,} + + # install arch custom files + install -Dm 644 "${srcdir}"/*.service -t "${pkgdir}"/usr/lib/systemd/system + install -Dm 644 "${srcdir}"/tor.sysusers "${pkgdir}"/usr/lib/sysusers.d/tor.conf + install -Dm 644 "${srcdir}"/tor.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/tor.conf + + install -Dm 644 LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname} +} + +# vim: ts=2 sw=2 et: Copied: tor/repos/community-testing-x86_64/tor.service (from rev 964272, tor/trunk/tor.service) =================================================================== --- community-testing-x86_64/tor.service (rev 0) +++ community-testing-x86_64/tor.service 2021-06-16 11:03:11 UTC (rev 964273) @@ -0,0 +1,35 @@ +# tor.service -- this systemd configuration file for Tor sets up a +# relatively conservative, hardened Tor service. You may need to +# edit it if you are making changes to your Tor configuration that it +# does not allow. Package maintainers: this should be a starting point +# for your tor.service; it is not the last point. + +[Unit] +Description=Anonymizing overlay network for TCP +After=syslog.target network.target nss-lookup.target + +[Service] +Type=notify +NotifyAccess=all +ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config +ExecStart=/usr/bin/tor -f /etc/tor/torrc +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutSec=60 +Restart=on-failure +WatchdogSec=1m +LimitNOFILE=32768 + +# Hardening +PrivateTmp=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/var/lib/tor +ReadWriteDirectories=-/var/log/tor +NoNewPrivileges=yes +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH + +[Install] +WantedBy=multi-user.target Copied: tor/repos/community-testing-x86_64/tor.sysusers (from rev 964272, tor/trunk/tor.sysusers) =================================================================== --- community-testing-x86_64/tor.sysusers (rev 0) +++ community-testing-x86_64/tor.sysusers 2021-06-16 11:03:11 UTC (rev 964273) @@ -0,0 +1 @@ +u tor 43 - /var/lib/tor Copied: tor/repos/community-testing-x86_64/tor.tmpfiles (from rev 964272, tor/trunk/tor.tmpfiles) =================================================================== --- community-testing-x86_64/tor.tmpfiles (rev 0) +++ community-testing-x86_64/tor.tmpfiles 2021-06-16 11:03:11 UTC (rev 964273) @@ -0,0 +1 @@ +d /var/lib/tor 0700 tor tor - - Copied: tor/repos/community-testing-x86_64/torrc.patch (from rev 964272, tor/trunk/torrc.patch) =================================================================== --- community-testing-x86_64/torrc.patch (rev 0) +++ community-testing-x86_64/torrc.patch 2021-06-16 11:03:11 UTC (rev 964273) @@ -0,0 +1,28 @@ +--- a/src/config/torrc.sample.in 2021-03-10 19:59:10.123456789 +0100 ++++ b/src/config/torrc.sample.in 2021-03-10 19:59:10.123456789 +0100 +@@ -11,6 +11,7 @@ + ## + ## Tor will look for this file in various places based on your platform: + ## https://www.torproject.org/docs/faq#torrc ++User tor + + ## Tor opens a SOCKS proxy on port 9050 by default -- even if you don't + ## configure one below. Set "SOCKSPort 0" if you plan to run Tor only +@@ -39,7 +40,7 @@ + ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log + #Log debug file @LOCALSTATEDIR@/log/tor/debug.log + ## Use the system log instead of Tor's logfiles +-#Log notice syslog ++Log notice syslog + ## To send all messages to stderr: + #Log debug stderr + +@@ -50,7 +51,7 @@ + + ## The directory for keeping all the keys/etc. By default, we store + ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. +-#DataDirectory @LOCALSTATEDIR@/lib/tor ++DataDirectory @LOCALSTATEDIR@/lib/tor + + ## The port on which Tor will listen for local connections from Tor + ## controller applications, as documented in control-spec.txt.