projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2f505ed)
tor-hs: put torrc_generated into in-memory folder /var/run/
authorSergey Ponomarev <[email protected]>
Wed, 7 Feb 2024 22:01:07 +0000 (00:01 +0200)
committerJosef Schlehofer <[email protected]>
Tue, 20 May 2025 11:20:46 +0000 (13:20 +0200)
On each tor-hs service restart it generates a config file /etc/tor/torrc_generated.
The /etc/ is stored on a disk and kills it and slow.

Instead create a dedicated tor service Runtime Dir in the temp /var/run/.
It will be accessible only to the tor user.

Signed-off-by: Sergey Ponomarev <[email protected]>
net/tor-hs/files/tor-hs.conf patch | blob | history
net/tor-hs/files/tor-hs.init patch | blob | history

diff --git a/net/tor-hs/files/tor-hs.conf b/net/tor-hs/files/tor-hs.conf
index 2165670bec83f920ff975318dd5aa6064862ecdd..48d69fd96336b233e8172b1c02ef371e8a00a5dc 100644 (file)
--- a/net/tor-hs/files/tor-hs.conf
+++ b/net/tor-hs/files/tor-hs.conf
@@ -1,5 +1,5 @@
 config tor-hs common
-       option GenConf "/etc/tor/torrc_generated"
+       option GenConf "/var/run/tor/torrc_generated"
        option HSDir "/etc/tor/hidden_service"
        option RestartTor 1
        option UpdateTorConf 1
diff --git a/net/tor-hs/files/tor-hs.init b/net/tor-hs/files/tor-hs.init
index 33e3b1a636d753b3d7849ef060d2272f8a8fd78f..14166d354f1987df598e1fe99641768e9d434d73 100755 (executable)
--- a/net/tor-hs/files/tor-hs.init
+++ b/net/tor-hs/files/tor-hs.init
@@ -5,7 +5,7 @@ STOP=52
 
 USE_PROCD=1
 
-TORRC_FILE=/etc/tor/torrc_generated # file with torrc config
+TORRC_FILE=/var/run/tor/torrc_generated # file with torrc config
 HS_DIR_PATH=/etc/tor/hidden_service # onion services directory
 TOR_USER=tor
 
@@ -92,15 +92,19 @@ parse_common_conf() {
 }
 
 start_service() {
+       # create runtime dir
+       mkdir -p -m 700 /var/run/tor
+       chown -R "$TOR_USER:$TOR_USER" /var/run/tor
        config_load tor-hs
        validate_common_section || {
                echo "validation failed"
                return 1
        }
-       # clean config
-       echo -n "" > "$TORRC_FILE"
        # load common config
        parse_common_conf
+       # clean config
+       echo -n "" > "$TORRC_FILE"
+       chown "$TOR_USER:$TOR_USER" "$TORRC_FILE"
        # load hs service
        config_foreach validate_hidden_service_section hidden-service parse_hs_conf
        # update tor config
@@ -111,7 +115,7 @@ start_service() {
 
 validate_common_section() {
        uci_validate_section tor-hs tor-hs common \
-               'GenConf:string:/etc/tor/torrc_generated' \
+               'GenConf:string:/var/run/tor/torrc_generated' \
                'HSDir:string:/etc/tor/hidden_service' \
                'RestartTor:bool:1' \
                'UpdateTorConf:bool:1'
Mirror of packages feed