Bug 205651 - security/tor: pid file location
Summary: security/tor: pid file location
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Dmitry Marakasov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-12-27 20:53 UTC by Sir l33tname
Modified: 2016-01-19 14:00 UTC (History)
2 users (show)

See Also:
amdmi3: maintainer-feedback-

Attachments
Create pid folder with rc script (1.67 KB, patch)
2015-12-30 15:43 UTC, Sir l33tname 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sir l33tname 2015-12-27 20:53:47 UTC 
The tor package does not create the /var/run/tor folder. 

so it's this line: ${tor_pidfile="/var/run/tor/tor.pid"} in
http://svnweb.freebsd.org/ports/head/security/tor/files/tor.in?view=markup

I personally would like if it would be just /var/run/tor.pid. 
Or is there a reason that the pid file is in /var/run/tor?

I didn't add a patch because it's probably easier to change it 
than to apply a patch.
Comment 1 Ben Woods freebsd_committer freebsd_triage 2015-12-28 15:09:43 UTC 
This is typically because tor runs as the unprivileged user "_tor" and does not have permissions to create a file within the /var/run/ folder. Creating the folder /var/run/tor which is owned by the _tor user is one way to solve this.

Another way to solve it, is to get the rc.d script (which is executed as root) to manage the creation and deletion of the pid file and datadir folder. Something like this:

start_precmd=%%RC_NAME%%_precmd
%%RC_NAME%%_precmd()
{
        if [ ! -e "${pidfile}" ]; then
                install -g ${%%RC_NAME%%_group} -o ${%%RC_NAME%%_user} -- /dev/null "${pidfile}";
        fi

        if [ ! -d "${%%RC_NAME%%_datadir}" ]; then
                install -d -g ${%%RC_NAME%%_group} -o ${%%RC_NAME%%_user} -- "${%%RC_NAME%%_datadir}";
        fi
}

stop_postcmd=%%RC_NAME%%_postcmd
%%RC_NAME%%_postcmd()
{
        rm -f -- "${pidfile}"
}
Comment 2 Rodrigo N. Hernandez freebsd_triage 2015-12-28 22:19:48 UTC 
(In reply to Sir l33tname from comment #0)

Hi Sir l33tname. Technically your issue is covered already by the package post installation message:

Message from tor-0.2.6.9:
================================================================================
To enable the tor server, set tor_enable="YES" in your /etc/rc.conf
and edit /usr/local/etc/tor/torrc as desired. (However, note that the
/usr/local/etc/rc.d/tor rc.subr script can override some torrc
options: see that script for details.) To use the torify script, install
the net/torsocks port. After installing tor for the first time, or after
a major update of tor, you should:

rm -r /var/db/tor /var/run/tor
mkdir -p /var/db/tor/data /var/run/tor
touch /var/log/tor
chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
chmod -R 700 /var/db/tor

before starting the tor server. Tor users are strongly advised to prevent traffic
analysis that exploits sequential IP IDs by setting:

sysctl net.inet.ip.random_id=1

(see sysctl.conf(5)).
================================================================================
Comment 3 Sir l33tname 2015-12-30 15:43:32 UTC 
Created attachment 164867 [details]
Create pid folder with rc script
Comment 4 Sir l33tname 2015-12-30 15:44:58 UTC 
Comment on attachment 164867 [details]
Create pid folder with rc script

maybe something like this? (I hope I created the patch the right way)
Comment 5 Dmitry Marakasov freebsd_committer freebsd_triage 2016-01-12 18:46:04 UTC 
I'm working on this. It _should_ be a folder for tor, running under _tor user, to be able to create its pidfile (only root can create files in /var/run). Port should also create log directory, same reasons.
Comment 6 Dmitry Marakasov freebsd_committer freebsd_triage 2016-01-14 13:16:47 UTC 
See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206235