diff options
Diffstat (limited to 'tor.spec.in')
-rw-r--r-- | tor.spec.in | 149 |
1 files changed, 90 insertions, 59 deletions
diff --git a/tor.spec.in b/tor.spec.in index 5f116f6f2a..4ef458bc20 100644 --- a/tor.spec.in +++ b/tor.spec.in @@ -10,9 +10,10 @@ ## Things users may want to change # -# User (and group) name under which the Tor daemon runs +# User (and group) name under which the Tor daemon runs. -%define runuser _tor +%define toruser @TORUSER@ +%define torgroup @TORGROUP@ ## Version song and dance # @@ -31,8 +32,8 @@ # have their own ideas about the right ways to do things. %define pkgspec tor -# This spec is intended to build and install on multiple distributions. -# Detect the distribution we're building on. +# This spec is intended to build and install on multiple distributions +# (someday). Detect the distribution we're building on. %define is_rh %(test -e /etc/redhat-release && echo 1 || echo 0) %define is_fc %(test -e /etc/fedora-release && echo 1 || echo 0) @@ -102,8 +103,11 @@ Vendor: R. Dingledine <arma@seul.org> Packager: Nick Mathewson <nickm@seul.org> Requires: openssl >= 0.9.6 -BuildRequires: openssl-devel >= 0.9.6, rpm-build >= 4.0 -Requires(pre): shadow-utils, /usr/bin/id, /bin/date, /bin/sh +BuildRequires: openssl-devel >= 0.9.6 +%if %{is_fc} +BuildRequires: rpm-build >= 4.0 +%endif +Requires(pre): /usr/bin/id, /bin/date, /bin/sh Requires(pre): %{_sbindir}/useradd, %{_sbindir}/groupadd Source0: http://tor.eff.org/dist/%{name}-%{native_version}.tar.gz @@ -114,8 +118,9 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root Tor is a connection-based low-latency anonymous communication system. This package provides the "tor" program, which serves as both a client and -a relay node. Scripts will automatically create a "%{runuser}" user and -group, and set tor up to run as a daemon when the system is rebooted. +a relay node. Scripts will automatically create a "%{toruser}" user and +a "%{torgroup}" group, and set tor up to run as a daemon when the system +is rebooted. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in @@ -135,49 +140,24 @@ for high-stakes anonymity. %prep %setup -q -n %{name}-%{native_version} -# Patch the startup script to use the right user and group IDs. Force -# the use of /bin/sh as the shell for the "tor" account. -ed -s contrib/tor.sh.in << '/EOF/' > /dev/null -,s/^TORUSER=$/TORUSER=%{runuser}/ -,s/^TORGROUP=$/TORGROUP=%{runuser}/ -,s:\$SUPROG:$SUPROG -s /bin/sh: -# -# Save and exit ed -w -q -/EOF/ - %build -%configure +%configure --with-tor-user=%{toruser} --with-tor-group=%{torgroup} %make %install %makeinstall -# Install init script. +# Install init script and control script %__mkdir_p ${RPM_BUILD_ROOT}%{_initrddir} %__install -p -m 755 contrib/tor.sh ${RPM_BUILD_ROOT}%{_initrddir}/%{name} +%__install -p -m 755 contrib/torctl ${RPM_BUILD_ROOT}%{_bindir} # Set up config file; "sample" file implements a basic user node. %__install -p -m 644 ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/torrc.sample ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/torrc -# Create a logrotate file. This should really be a source file, -# but hey... +# Install the logrotate control file. %__mkdir_p -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d -%__cat > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} << /EOF/ -%{_localstatedir}/log/%{name}/*log { - daily - rotate 5 - compress - delaycompress - missingok - notifempty - sharedscripts - postrotate - /etc/rc.d/init.d/tor reload > /dev/null - endscript -} -/EOF/ +%__install -p -m 644 contrib/tor.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} # Directories that don't have any preinstalled files %__mkdir_p -m 700 ${RPM_BUILD_ROOT}%{_localstatedir}/lib/%{name} @@ -187,37 +167,76 @@ q %clean [ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT} -# These scripts are probably wrong for Mandrake or SuSe. They're certainly +# These scripts are probably wrong for Mandrake or SuSE. They're certainly # wrong for Debian, but what are you doing using RPM on Debian? + %pre -[ -f %{_initrddir}/%{name} ] && /sbin/service %{name} stop -if [ ! -n "`/usr/bin/id -g %{runuser} 2>/dev/null`" ]; then + +# If tor is already installed and running (whether installed by RPM +# or not), then kill it, but remember that it was running. +%__rm -f /tmp/${name}-was-running-%{version}-%{release} +if [ -f %{_initrddir}/%{name} ] && /sbin/service %{name} status ; then + /sbin/service %{name} stop + touch /tmp/${name}-was-running-%{version}-%{release} +fi + +# +# Create a user and group if need be +# +if [ ! -n "`/usr/bin/id -g %{torgroup} 2>/dev/null`" ]; then # One would like to default the GID, but doing that properly would # require thought. - %{_sbindir}/groupadd %{runuser} 2> /dev/null + %{_sbindir}/groupadd %{torgroup} 2> /dev/null fi -if [ ! -n "`/usr/bin/id -u %{runuser} 2>/dev/null`" ]; then +if [ ! -n "`/usr/bin/id -u %{toruser} 2>/dev/null`" ]; then # One would also like to default the UID, but doing that properly would # also require thought. - if [ -x /sbin/nologin ]; then - %{_sbindir}/useradd -r -g %{runuser} -d %{_localstatedir}/lib/%{name} -s /sbin/nologin %{runuser} 2> /dev/null + if [ -x %{_sbindir}/nologin ]; then + %{_sbindir}/useradd -r -g %{torgroup} -d% {_localstatedir}/lib/%{name} -s %{_sbindir}/nologin %{toruser} 2> /dev/null else - %{_sbindir}/useradd -r -g %{runuser} -d %{_localstatedir}/lib/%{name} -s /bin/false %{runuser} 2> /dev/null + %{_sbindir}/useradd -r -g %{torgroup} -d %{_localstatedir}/lib/%{name} -s /bin/false %{toruser} 2> /dev/null fi fi exit 0 %post -/sbin/chkconfig --add %{name} + +# If this is a new installation, use chkconfig to put tor in the +# default set of runlevels. If it's an upgrade, leave the existing +# configuration alone. +if [ $1 -eq 1 ]; then + /sbin/chkconfig --add %{name} +fi + +# Older tor RPMS used a different username for the tor daemon. +# Make sure the runtime data have the right ownership. +%__chown -R %{toruser}.%{torgroup} %{_localstatedir}/{lib,log,run}/%{name} + +if [ -f /tmp/${name}-was-running-%{version}-%{release} ]; then + /sbin/service %{name} start + %__rm -f /tmp/${name}-was-running-%{version}-%{release} +fi exit 0 %preun -/sbin/chkconfig --del %{name} -%__rm -f ${_localstatedir}/lib/%{name}/cached-directory -%__rm -f ${_localstatedir}/lib/%{name}/bw_accounting -%__rm -f ${_localstatedir}/lib/%{name}/control_auth_cookie -%__rm -f ${_localstatedir}/lib/%{name}/router.desc -%__rm -f ${_localstatedir}/lib/%{name}/fingerprint + +# If no instances of tor will be installed when we're done, make +# sure that it gets killed. We *don't* want to kill it or delete +# any of its data on uninstall if it's being upgraded to a new +# version, because the new version will actually already have +# been installed and started before the uninstall script for +# the old version is run, and we'd end up hosing it. +if [ $1 -le 0 ]; then + if [ -f %{_initrddir}/%{name} ] && /sbin/service %{name} status ; then + /sbin/service %{name} stop + fi + %/sbin/chkconfig --del %{name} + %__rm -f ${_localstatedir}/lib/%{name}/cached-directory + %__rm -f ${_localstatedir}/lib/%{name}/bw_accounting + %__rm -f ${_localstatedir}/lib/%{name}/control_auth_cookie + %__rm -f ${_localstatedir}/lib/%{name}/router.desc + %__rm -f ${_localstatedir}/lib/%{name}/fingerprint +fi exit 0 %files @@ -225,17 +244,30 @@ exit 0 %doc AUTHORS INSTALL LICENSE README ChangeLog doc/HACKING doc/TODO doc/FAQ %{_mandir}/man*/* %{_bindir}/tor +%{_bindir}/torctl %{_bindir}/torify %{_bindir}/tor-resolve %config %{_initrddir}/%{name} %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name} -%dir %attr(0755,root,%{runuser}) %{_sysconfdir}/%{name}/ -%config(noreplace) %attr(0644,root,%{runuser}) %{_sysconfdir}/%{name}/* -%attr(0700,%{runuser},%{runuser}) %dir %{_localstatedir}/lib/%{name} -%attr(0750,%{runuser},%{runuser}) %dir %{_localstatedir}/run/%{name} -%attr(0750,%{runuser},%{runuser}) %dir %{_localstatedir}/log/%{name} +%dir %attr(0755,root,%{torgroup}) %{_sysconfdir}/%{name}/ +%config(noreplace) %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/* +%attr(0700,%{toruser},%{torgroup}) %dir %{_localstatedir}/lib/%{name} +%attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/run/%{name} +%attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/log/%{name} %changelog + +* Mon Jan 17 2005 John Bashinski <jbash@velvet.com> +- Take runtime user and group names from configure system. Default + user/group names are now "_tor"; blame Roger... +- Make logrotate control file a separate file in the source distribution, + rather than creating it from the spec file. +- Properly handle the order in which RPM executes scriptlets on upgrade. + The old code would kill the daemon on upgrade. +- Start the tor daemon after installation if and only if it was + running before installation. Preserve runlevel setup on upgrade. +- Package the torctl script; the init script is now a wrapper around it. + * Tue Nov 5 2004 John Bashinski <jbash@velvet.com> - Add skeletal support for multiple distributions - Even more ridiculous level of macro-ization @@ -258,4 +290,3 @@ exit 0 * Sat Jan 17 2004 John Bashinski <jbash@velvet.com> - Basic spec file; tested with Red Hat 9. - |