fixed chroot permissions

(Portage version: 2.1.1-r1)
author: Gustavo Felisberto <humpback@gentoo.org> 2006-10-22 16:06:25 +0000
committer: Gustavo Felisberto <humpback@gentoo.org> 2006-10-22 16:06:25 +0000
commit: 594694e7c7357b4d826d7412577feac5909ee45d (patch)
tree: d64576853baf0f442d60e99626361c0d34dca4e6 /net-misc
parent: Add ~amd64 keyword. Bug #148045. (diff)
download: gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.tar.gz
gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.tar.bz2
gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.zip
4 files changed, 146 insertions, 4 deletions
diff --git a/net-misc/tor/ChangeLog b/net-misc/tor/ChangeLog
index b1497bc7b4b5..95b40ecefa94 100644
--- a/net-misc/tor/ChangeLog
+++ b/net-misc/tor/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-misc/tor
 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/ChangeLog,v 1.73 2006/10/21 16:22:10 humpback Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/ChangeLog,v 1.74 2006/10/22 16:06:24 humpback Exp $
+
+*tor-0.1.0.18-r1 (22 Oct 2006)
+
+  22 Oct 2006; Gustavo Felisberto <humpback@gentoo.org>;
+  tor-0.1.0.18.ebuild, +tor-0.1.0.18-r1.ebuild:
+  Small configuration issue in the chroot. Fixes bug #139354.
 
   21 Oct 2006; Gustavo Felisberto <humpback@gentoo.org>;
   tor-0.1.0.18.ebuild, tor-0.1.1.23.ebuild, tor-0.1.1.24.ebuild:
diff --git a/net-misc/tor/files/digest-tor-0.1.0.18-r1 b/net-misc/tor/files/digest-tor-0.1.0.18-r1
new file mode 100644
index 000000000000..56fe090c1a89
--- /dev/null
+++ b/net-misc/tor/files/digest-tor-0.1.0.18-r1
@@ -0,0 +1,3 @@
+MD5 b76e661873fe27debf4df15920e9abd4 tor-0.1.0.18.tar.gz 633222
+RMD160 5bb12bbc808c08026098410657785ab61f4efd43 tor-0.1.0.18.tar.gz 633222
+SHA256 bc815e1b12e9eab1a03a9c83aa7169820bf250a8fce445c533996293e9e01cf6 tor-0.1.0.18.tar.gz 633222
diff --git a/net-misc/tor/tor-0.1.0.18-r1.ebuild b/net-misc/tor/tor-0.1.0.18-r1.ebuild
new file mode 100644
index 000000000000..cf606b456c3e
--- /dev/null
+++ b/net-misc/tor/tor-0.1.0.18-r1.ebuild
@@ -0,0 +1,133 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.1.0.18-r1.ebuild,v 1.1 2006/10/22 16:06:25 humpback Exp $
+
+inherit eutils flag-o-matic
+
+DESCRIPTION="The Onion Router - Anonymizing overlay network for TCP"
+HOMEPAGE="http://tor.eff.org/"
+SRC_URI="http://tor.eff.org/dist/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="static"
+
+DEPEND=">=dev-libs/openssl-0.9.6
+		dev-libs/libevent"
+RDEPEND="!static? (
+			net-proxy/tsocks
+			>=dev-libs/openssl-0.9.6
+			dev-libs/libevent
+		)"
+
+pkg_setup() {
+	enewgroup tor
+	enewuser tor -1 -1 /var/lib/tor tor
+}
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}
+	epatch ${FILESDIR}/torrc.sample-0.1.0.16.patch
+}
+
+src_compile() {
+	use static && append-ldflags -static
+	use static && append-flags -static
+	econf || die
+	emake || die
+}
+
+src_install() {
+	exeinto /etc/init.d ; newexe ${FILESDIR}/tor.initd-r1 tor
+	insinto /etc/conf.d ; newins ${FILESDIR}/tor.confd tor
+	make DESTDIR=${D} install || die
+
+	dodoc README ChangeLog AUTHORS INSTALL \
+		doc/{CLIENTS,FAQ,HACKING,TODO} \
+		doc/{control-spec.txt,rend-spec.txt,tor-doc.css,tor-doc.html,tor-spec.txt}
+
+	dodir /var/lib/tor
+	dodir /var/log/tor
+	fperms 750 /var/lib/tor /var/log/tor
+	fowners tor:tor /var/lib/tor /var/log/tor
+}
+
+pkg_postinst() {
+	einfo "You must create /etc/tor/torrc, you can use the sample that is in that directory"
+	einfo "To have privoxy and tor working together you must add:"
+	einfo "forward-socks4a / localhost:9050 ."
+	ewarn "(notice the . at the end of the line)"
+	einfo "to /etc/privoxy/config"
+	einfo
+	einfo "The Tor ebuild now includes chroot support."
+	einfo "If you like to run tor in chroot AND this is a new install OR"
+	einfo "your tor doesn't already run in chroot, simply run:"
+	einfo "\`emerge --config =${CATEGORY}/${PF} \`"
+	einfo "Before running the above command you might want to change the chroot"
+	einfo "dir in /etc/conf.d/tor. Otherwise /chroot/tor will be used."
+}
+
+pkg_config() {
+	CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/tor 2>/dev/null`
+	EXISTS="no"
+
+	if [ -z "${CHROOT}" -a ! -d "/chroot/tor" ]; then
+		CHROOT="/chroot/tor"
+	elif [ -d ${CHROOT} ]; then
+		eerror; eerror "${CHROOT:-/chroot/tor} already exists. Quitting."; eerror; EXISTS="yes"
+	fi
+
+	if [ ! "$EXISTS" = yes ]; then
+		USERNAME="tor"
+		BINARY="/usr/bin/tor"
+
+		einfo
+		einfo "Setting up the chroot directory..."
+		mkdir -m 700 -p ${CHROOT}
+		mkdir -p ${CHROOT}/etc/tor \
+			${CHROOT}/dev ${CHROOT}/var/log/tor ${CHROOT}/var/lib/tor \
+			${CHROOT}/usr/bin ${CHROOT}/var/run ${CHROOT}/lib \
+			${CHROOT}/usr/lib
+
+		einfo "Creating devices..."
+		mknod -m 0444 ${CHROOT}/dev/random c 1 8
+		mknod -m 0444 ${CHROOT}/dev/urandom c 1 9
+		mknod -m 0666 ${CHROOT}/dev/null c 1 3
+
+		einfo "Adding ${USERNAME} to ${CHROOT}/etc/passwd and group..."
+		grep ^${USERNAME}: /etc/passwd > ${CHROOT}/etc/passwd
+		grep ^${USERNAME}: /etc/group > ${CHROOT}/etc/group
+
+		einfo "Copying system files..."
+		cp -p /etc/{nsswitch.conf,host.conf,resolv.conf,hosts,localtime} ${CHROOT}/etc
+		cp -p /lib/{libc.*,libnsl.*,libnss_*.*,libresolv.*,libgcc_*.*,ld-linux.*} ${CHROOT}/lib
+
+		# Static version has no dynamic dependencies
+		if useq !static ; then
+			einfo "Copying dependencies..."
+			for DEP in $(ldd $BINARY | awk '{print $3}'); do
+				test -f ${DEP} && cp ${DEP} ${CHROOT}${DEP}
+			done
+		fi
+
+		einfo "Copying binaries and config files..."
+		for i in ${BINARY}; do
+			cp ${i} ${CHROOT}${i}
+		done
+
+		cp -R /etc/tor ${CHROOT}/etc/
+		cp -Rp /var/lib/tor ${CHROOT}/var/lib/
+
+		einfo "Setting permissions..."
+		chown root:${USERNAME} ${CHROOT} ${CHROOT}/var/lib/tor \
+			${CHROOT}/var/log/tor ${CHROOT}/var/run
+		chmod 0750 ${CHROOT}/var/lib/tor ${CHROOT}/var/run ${CHROOT}/var/log/tor
+		chmod 0444 ${CHROOT}/etc/{group,host.conf,hosts,localtime,nsswitch.conf}
+		chmod 0444 ${CHROOT}/etc/{passwd,resolv.conf}
+		chmod 0644 ${CHROOT}/etc/tor/*
+
+		einfo "Done."
+	fi
+}
diff --git a/net-misc/tor/tor-0.1.0.18.ebuild b/net-misc/tor/tor-0.1.0.18.ebuild
index af4a27ec6e68..1f54354be640 100644
--- a/net-misc/tor/tor-0.1.0.18.ebuild
+++ b/net-misc/tor/tor-0.1.0.18.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2006 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.1.0.18.ebuild,v 1.8 2006/10/21 16:22:10 humpback Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.1.0.18.ebuild,v 1.9 2006/10/22 16:06:24 humpback Exp $
 
 inherit eutils flag-o-matic
 
@@ -123,9 +123,9 @@ pkg_config() {
 		cp -Rp /var/lib/tor ${CHROOT}/var/lib/
 
 		einfo "Setting permissions..."
-		chown ${USERNAME}:${USERNAME} ${CHROOT} ${CHROOT}/var/lib/tor \
+		chown root:${USERNAME} ${CHROOT} ${CHROOT}/var/lib/tor \
 			${CHROOT}/var/log/tor ${CHROOT}/var/run
-		chmod 0700 ${CHROOT}/var/lib/tor ${CHROOT}/var/run ${CHROOT}/var/log/tor
+		chmod 0750 ${CHROOT}/var/lib/tor ${CHROOT}/var/run ${CHROOT}/var/log/tor
 		chmod 0444 ${CHROOT}/etc/{group,host.conf,hosts,localtime,nsswitch.conf}
 		chmod 0444 ${CHROOT}/etc/{passwd,resolv.conf}
 		chmod 0644 ${CHROOT}/etc/tor/*
author	Gustavo Felisberto <humpback@gentoo.org>	2006-10-22 16:06:25 +0000
committer	Gustavo Felisberto <humpback@gentoo.org>	2006-10-22 16:06:25 +0000
commit	594694e7c7357b4d826d7412577feac5909ee45d (patch)
tree	d64576853baf0f442d60e99626361c0d34dca4e6 /net-misc
parent	Add ~amd64 keyword. Bug #148045. (diff)
download	gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.tar.gz gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.tar.bz2 gentoo-2-594694e7c7357b4d826d7412577feac5909ee45d.zip