tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 66657139678740dc83cfbc1b0d45fd1cd5d69ee7
parent 109063185be9b42e343d0ef7d085494c60fa05d2
Author: Alexander Færøy <ahf@torproject.org>
Date:   Wed, 29 Jul 2020 13:39:59 +0000

Merge remote-tracking branch 'tor-gitlab/mr/87'

Diffstat:

Achanges/ticket30797 | 5+++++


Mconfigure.ac | 1-


Mcontrib/README | 2--


Dcontrib/dist/tor.service.in | 35-----------------------------------


Mcontrib/include.am | 1-


5 files changed, 5 insertions(+), 39 deletions(-)

diff --git a/changes/ticket30797 b/changes/ticket30797
@@ -0,0 +1,5 @@
+  o Removed features:
+    - We no longer ship or build a "tor.service" file for use with systemd.
+      No distribution included this script unmodified, and we don't have the
+      expertise ourselves to maintain this in a way that all the various
+      systemd-based distributions can use. Closes ticket 30797.
diff --git a/configure.ac b/configure.ac
@@ -2602,7 +2602,6 @@ AC_CONFIG_FILES([
 	Makefile
 	config.rust
 	contrib/operator-tools/tor.logrotate
-	contrib/dist/tor.service
 	src/config/torrc.sample
 	src/config/torrc.minimal
 	src/rust/.cargo/config
diff --git a/contrib/README b/contrib/README
@@ -32,8 +32,6 @@ dist/ -- Scripts and files for use when packaging Tor
 torctl and tor.sh are init scripts for use with SysV-style init
 tools.  Everybody likes to write init scripts differently, it seems.
 
-tor.service is a sample service file for use with systemd.
-
 operator-tools/ -- Tools for Tor relay operators
 ------------------------------------------------
 
diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in
@@ -1,35 +0,0 @@
-# tor.service -- this systemd configuration file for Tor sets up a
-# relatively conservative, hardened Tor service.  You may need to
-# edit it if you are making changes to your Tor configuration that it
-# does not allow.  Package maintainers: this should be a starting point
-# for your tor.service; it is not the last point.
-
-[Unit]
-Description=Anonymizing overlay network for TCP
-After=syslog.target network.target nss-lookup.target
-
-[Service]
-Type=notify
-NotifyAccess=all
-ExecStartPre=@BINDIR@/tor -f @CONFDIR@/torrc --verify-config
-ExecStart=@BINDIR@/tor -f @CONFDIR@/torrc
-ExecReload=/bin/kill -HUP ${MAINPID}
-KillSignal=SIGINT
-TimeoutSec=60
-Restart=on-failure
-WatchdogSec=1m
-LimitNOFILE=32768
-
-# Hardening
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectHome=yes
-ProtectSystem=full
-ReadOnlyDirectories=/
-ReadWriteDirectories=-@LOCALSTATEDIR@/lib/tor
-ReadWriteDirectories=-@LOCALSTATEDIR@/log/tor
-NoNewPrivileges=yes
-CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE
-
-[Install]
-WantedBy=multi-user.target
diff --git a/contrib/include.am b/contrib/include.am
@@ -2,7 +2,6 @@
 EXTRA_DIST+= \
 	contrib/README					\
 	contrib/client-tools/torify			\
-	contrib/dist/tor.service.in			\
 	contrib/operator-tools/tor-exit-notice.html	\
 	contrib/or-tools/exitlist			\
 	contrib/win32build/tor-mingw.nsi.in		\