2004-11-04 16:17:22 +01:00
|
|
|
## NOTE: tor.spec is autogenerated from tor.spec.in . Edit the latter,
|
|
|
|
## not the former.
|
|
|
|
|
|
|
|
## Things that need to be edited frequently
|
|
|
|
#
|
|
|
|
# This should be incremented whenever the spec file changes, but
|
|
|
|
# can drop back to zero at a new Tor version
|
|
|
|
|
2004-12-20 01:59:38 +01:00
|
|
|
%define specver 3
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
## Things users may want to change
|
|
|
|
#
|
|
|
|
# User (and group) name under which the Tor daemon runs
|
|
|
|
|
2004-12-19 04:06:33 +01:00
|
|
|
%define runuser _tor
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
## Version song and dance
|
|
|
|
#
|
|
|
|
# This should be the Tor version number, as it appears on the tarball,
|
|
|
|
# including any "pre<x>" or "rc<y>" suffix. This gets massaged to
|
|
|
|
# create the RPM version number, in a way that depends on the Tor
|
|
|
|
# numbering scheme.
|
2004-11-15 00:18:20 +01:00
|
|
|
%define native_version @VERSION@
|
2004-11-04 16:17:22 +01:00
|
|
|
|
2004-12-18 23:19:32 +01:00
|
|
|
%define version %(echo %{native_version} | sed -e 's/-/./g')
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
## Release and OS identification song and dance
|
|
|
|
#
|
|
|
|
# This identifies the lineage of the spec file. This file is the
|
|
|
|
# standard one that comes with Tor; various distributions may
|
|
|
|
# have their own ideas about the right ways to do things.
|
|
|
|
%define pkgspec tor
|
|
|
|
|
|
|
|
# This spec is intended to build and install on multiple distributions.
|
|
|
|
# Detect the distribution we're building on.
|
|
|
|
|
|
|
|
%define is_rh %(test -e /etc/redhat-release && echo 1 || echo 0)
|
|
|
|
%define is_fc %(test -e /etc/fedora-release && echo 1 || echo 0)
|
|
|
|
%define is_mdk %(test -e /etc/mandrake-release && echo 1 || echo 0)
|
|
|
|
%define is_suse %(test -e /etc/SuSE-release && echo 1 || echo 0)
|
|
|
|
|
|
|
|
%if %{is_fc}
|
|
|
|
%define ostag %(sed -e 's/^.*release /fc/' -e 's/ .*$//' -e 's/\\./_/g' < /etc/fedora-release)
|
2004-11-04 16:34:04 +01:00
|
|
|
%else
|
2004-11-04 16:17:22 +01:00
|
|
|
%if %{is_rh}
|
|
|
|
%define ostag %(sed -e 's/^.*release /rh/' -e 's/ .*$//' -e 's/\\./_/g' < /etc/redhat-release)
|
|
|
|
%endif
|
2004-11-04 16:34:04 +01:00
|
|
|
%endif
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
# These are probably wrong... just placeholders should we actually
|
|
|
|
# end up supporting these distributions
|
|
|
|
|
|
|
|
%if %{is_mdk}
|
|
|
|
%define ostag mdk
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{is_suse}
|
|
|
|
%define ostag suse
|
|
|
|
%endif
|
|
|
|
|
2004-12-19 00:04:55 +01:00
|
|
|
|
2004-11-04 16:17:22 +01:00
|
|
|
# Using the build date ensures that every build really does get
|
2004-12-19 00:04:55 +01:00
|
|
|
# a different release number. We use this trick for CVS versions.
|
|
|
|
# For release versions, we don't want or need it.
|
|
|
|
%define is_cvs_version %(echo %{native_version} | grep 'cvs' > /dev/null && echo 1 || echo 0)
|
2004-11-04 16:17:22 +01:00
|
|
|
|
2004-12-19 00:04:55 +01:00
|
|
|
%if %{is_cvs_version}
|
|
|
|
%define blddate %(date -u +"%Y%m%d%H%M")
|
2004-11-04 16:17:22 +01:00
|
|
|
%define release %{pkgspec}.%{specver}.%{ostag}.%{blddate}
|
2004-12-19 00:04:55 +01:00
|
|
|
%else
|
|
|
|
%define release %{pkgspec}.%{specver}.%{ostag}
|
|
|
|
%endif
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
## General-purpose macros
|
|
|
|
#
|
|
|
|
# Some systems don't have some macros. If a macro doesn't seem
|
|
|
|
# to exist on your system, add it here...
|
|
|
|
|
|
|
|
%if %{!?__make:1}%{?__make:0}
|
|
|
|
%define __make make
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{!?make:1}%{?make:0}
|
|
|
|
%define make %{__make}
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{!?_localstatedir:1}%{?_localstatedir:0}
|
|
|
|
%define _localstatedir @LOCALSTATEDIR@
|
|
|
|
%endif
|
|
|
|
|
|
|
|
## Package information
|
|
|
|
#
|
|
|
|
Name: tor
|
|
|
|
Version: %{version}
|
|
|
|
Release: %{release}
|
|
|
|
|
|
|
|
Summary: Anonymizing overlay network for TCP (The onion router)
|
|
|
|
URL: http://freehaven.net/%{name}/
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
|
|
|
|
License: BSD-like
|
|
|
|
Vendor: R. Dingledine <arma@seul.org>
|
|
|
|
Packager: Nick Mathewson <nickm@seul.org>
|
|
|
|
|
|
|
|
Requires: openssl >= 0.9.6
|
|
|
|
BuildRequires: openssl-devel >= 0.9.6, rpm-build >= 4.0
|
|
|
|
Requires(pre): shadow-utils, /usr/bin/id, /bin/date, /bin/sh
|
|
|
|
Requires(pre): %{_sbindir}/useradd, %{_sbindir}/groupadd
|
|
|
|
|
|
|
|
Source0: http://freehaven.net/%{name}/dist/%{name}-%{native_version}.tar.gz
|
|
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
|
|
|
|
|
|
%description
|
|
|
|
Tor is a connection-based low-latency anonymous communication system.
|
|
|
|
|
|
|
|
This package provides the "tor" program, which serves as both a client and
|
|
|
|
a relay node. Scripts will automatically create a "%{runuser}" user and
|
|
|
|
group, and set tor up to run as a daemon when the system is rebooted.
|
|
|
|
|
2004-12-20 01:59:38 +01:00
|
|
|
Applications connect to the local Tor proxy using the SOCKS
|
|
|
|
protocol. The local proxy chooses a path through a set of relays, in
|
2004-11-04 16:17:22 +01:00
|
|
|
which each relay knows its predecessor and successor, but no
|
|
|
|
others. Traffic flowing down the circuit is unwrapped by a symmetric
|
2004-12-20 01:59:38 +01:00
|
|
|
key at each relay, which reveals the downstream relay.
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
Warnings: Tor does no protocol cleaning. That means there is a danger
|
|
|
|
that application protocols and associated programs can be induced to
|
|
|
|
reveal information about the initiator. Tor depends on Privoxy and
|
|
|
|
similar protocol cleaners to solve this problem. This is alpha code,
|
|
|
|
and is even more likely than released code to have anonymity-spoiling
|
|
|
|
bugs. The present network is very small -- this further reduces the
|
|
|
|
strength of the anonymity provided. Tor is not presently suitable
|
|
|
|
for high-stakes anonymity.
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q -n %{name}-%{native_version}
|
|
|
|
|
|
|
|
# Patch the startup script to use the right user and group IDs. Force
|
|
|
|
# the use of /bin/sh as the shell for the "tor" account.
|
|
|
|
ed -s contrib/tor.sh.in << '/EOF/' > /dev/null
|
|
|
|
,s/^TORUSER=$/TORUSER=%{runuser}/
|
|
|
|
,s/^TORGROUP=$/TORGROUP=%{runuser}/
|
|
|
|
,s:/bin/su:/bin/su -s /bin/sh:
|
|
|
|
#
|
|
|
|
# Save and exit ed
|
|
|
|
w
|
|
|
|
q
|
|
|
|
/EOF/
|
|
|
|
|
|
|
|
%build
|
|
|
|
%configure
|
|
|
|
%make
|
|
|
|
|
|
|
|
%install
|
|
|
|
%makeinstall
|
|
|
|
|
|
|
|
# Install init script.
|
|
|
|
%__mkdir_p ${RPM_BUILD_ROOT}%{_initrddir}
|
|
|
|
%__install -p -m 755 contrib/tor.sh ${RPM_BUILD_ROOT}%{_initrddir}/%{name}
|
|
|
|
|
|
|
|
# Set up config file; "sample" file implements a basic user node.
|
|
|
|
%__install -p -m 644 ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/torrc.sample ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/torrc
|
|
|
|
|
|
|
|
# Create a logrotate file. This should really be a source file,
|
|
|
|
# but hey...
|
|
|
|
%__mkdir_p -m 755 ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d
|
|
|
|
%__cat > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} << /EOF/
|
2004-12-19 04:06:33 +01:00
|
|
|
%{_localstatedir}/log/%{name}/*log {
|
|
|
|
daily
|
|
|
|
rotate 5
|
|
|
|
compress
|
|
|
|
delaycompress
|
|
|
|
missingok
|
|
|
|
notifempty
|
|
|
|
sharedscripts
|
|
|
|
postrotate
|
|
|
|
/etc/rc.d/init.d/tor reload > /dev/null
|
|
|
|
endscript
|
2004-11-04 16:17:22 +01:00
|
|
|
}
|
|
|
|
/EOF/
|
|
|
|
|
|
|
|
# Directories that don't have any preinstalled files
|
|
|
|
%__mkdir_p -m 700 ${RPM_BUILD_ROOT}%{_localstatedir}/lib/%{name}
|
|
|
|
%__mkdir_p -m 755 ${RPM_BUILD_ROOT}%{_localstatedir}/run/%{name}
|
|
|
|
%__mkdir_p -m 755 ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}
|
|
|
|
|
|
|
|
%clean
|
|
|
|
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
|
|
|
|
|
|
|
|
# These scripts are probably wrong for Mandrake or SuSe. They're certainly
|
|
|
|
# wrong for Debian, but what are you doing using RPM on Debian?
|
|
|
|
%pre
|
|
|
|
[ -f %{_initrddir}/%{name} ] && /sbin/service %{name} stop
|
|
|
|
if [ ! -n "`/usr/bin/id -g %{runuser} 2>/dev/null`" ]; then
|
|
|
|
# One would like to default the GID, but doing that properly would
|
|
|
|
# require thought.
|
|
|
|
%{_sbindir}/groupadd %{runuser} 2> /dev/null
|
|
|
|
fi
|
|
|
|
if [ ! -n "`/usr/bin/id -u %{runuser} 2>/dev/null`" ]; then
|
|
|
|
# One would also like to default the UID, but doing that properly would
|
|
|
|
# also require thought.
|
|
|
|
if [ -x /sbin/nologin ]; then
|
|
|
|
%{_sbindir}/useradd -r -g %{runuser} -d / -s /sbin/nologin %{runuser} 2> /dev/null
|
|
|
|
else
|
|
|
|
%{_sbindir}/useradd -r -g %{runuser} -d / -s /bin/false %{runuser} 2> /dev/null
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
%post
|
|
|
|
/sbin/chkconfig --add %{name}
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
%preun
|
|
|
|
/sbin/chkconfig --del %{name}
|
2004-11-15 00:47:42 +01:00
|
|
|
%__rm -f ${_localstatedir}/lib/%{name}/cached-directory
|
|
|
|
%__rm -f ${_localstatedir}/lib/%{name}/bw_accounting
|
|
|
|
%__rm -f ${_localstatedir}/lib/%{name}/control_auth_cookie
|
|
|
|
%__rm -f ${_localstatedir}/lib/%{name}/router.desc
|
|
|
|
%__rm -f ${_localstatedir}/lib/%{name}/fingerprint
|
2004-11-04 16:17:22 +01:00
|
|
|
exit 0
|
|
|
|
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%doc AUTHORS INSTALL LICENSE README ChangeLog doc/HACKING doc/TODO doc/FAQ
|
|
|
|
%{_mandir}/man*/*
|
|
|
|
%{_bindir}/tor
|
|
|
|
%{_bindir}/torify
|
|
|
|
%{_bindir}/tor-resolve
|
|
|
|
%config %{_initrddir}/%{name}
|
|
|
|
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}
|
2004-12-20 01:59:38 +01:00
|
|
|
%dir %attr(0755,root,%{runuser}) %{_sysconfdir}/%{name}/
|
|
|
|
%config(noreplace) %attr(0644,root,%{runuser}) %{_sysconfdir}/%{name}/*
|
2004-11-04 16:17:22 +01:00
|
|
|
%attr(0700,%{runuser},%{runuser}) %dir %{_localstatedir}/lib/%{name}
|
|
|
|
%attr(0750,%{runuser},%{runuser}) %dir %{_localstatedir}/run/%{name}
|
|
|
|
%attr(0750,%{runuser},%{runuser}) %dir %{_localstatedir}/log/%{name}
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
* Tue Nov 5 2004 John Bashinski <jbash@velvet.com>
|
|
|
|
- Add skeletal support for multiple distributions
|
|
|
|
- Even more ridiculous level of macro-ization
|
|
|
|
- Modify version numbers so RPM can determine when it has a newer version
|
|
|
|
- Return to including distribution name in package release number
|
|
|
|
- Sharply trim description
|
|
|
|
- Change user/group name from "tor" to "tordmn"; "tor" is a common
|
|
|
|
given name (reported by Marius Hjelle)
|
|
|
|
- Change group to "System Environment/Daemons" (suggested by Marius Hjelle)
|
|
|
|
- Create logrotate file (suggested by Marius Hjelle)
|
|
|
|
- Make Tor run as a user proxy by default (suggested by Marius Hjelle)
|
|
|
|
- Autogenerate spec file from GNU autotools data, substituting version
|
|
|
|
and whatnot
|
|
|
|
- Be perhaps excessively paranoid with config file and directory modes
|
|
|
|
- Remove auto-start and auto-stop at installation time; there's some kind
|
|
|
|
of weird race going on, and it's arguably a bad thing anyway.
|
|
|
|
|
|
|
|
* Mon Jun 06 2004 Nick Mathewson <nickm@freehaven.net> 0.0.7-0.std.0.1.rc2
|
2004-11-10 02:20:17 +01:00
|
|
|
- Make spec file more happy with fc2 packaging
|
2004-11-04 16:17:22 +01:00
|
|
|
|
|
|
|
* Sat Jan 17 2004 John Bashinski <jbash@velvet.com>
|
|
|
|
- Basic spec file; tested with Red Hat 9.
|
|
|
|
|