git: 918612d6fe2e - main - security/arti: Fix rc.d service using daemon, update URL
Date: Sun, 25 Sep 2022 16:22:00 UTC
The branch main has been updated by cs:
URL: https://cgit.FreeBSD.org/ports/commit/?id=918612d6fe2e312a1a57446d1c8f9c72df400e9e
commit 918612d6fe2e312a1a57446d1c8f9c72df400e9e
Author: Carlo Strub <cs@FreeBSD.org>
AuthorDate: 2022-09-25 16:21:15 +0000
Commit: Carlo Strub <cs@FreeBSD.org>
CommitDate: 2022-09-25 16:21:15 +0000
security/arti: Fix rc.d service using daemon, update URL
---
GIDs | 2 +-
UIDs | 2 +-
security/arti/Makefile | 11 ++---
security/arti/files/arti.in | 51 ++++++++++++++--------
.../patch-crates_arti_src_arti-example-config.toml | 10 +++--
5 files changed, 48 insertions(+), 28 deletions(-)
diff --git a/GIDs b/GIDs
index 4e3ef856f3a4..743b8d57e5e9 100644
--- a/GIDs
+++ b/GIDs
@@ -251,7 +251,7 @@ jicofo:*:307:jitsi
jvb:*:308:jitsi
wazuh:*:309:
cardano:*:310:
-# free: 311
+_arti:*:311:
_sphinx:*:312:
_fastdfs:*:313:
# free: 314
diff --git a/UIDs b/UIDs
index 1e52a1072fe9..1fa5eb54fad1 100644
--- a/UIDs
+++ b/UIDs
@@ -256,7 +256,7 @@ jicofo:*:307:307::0:0:Jitsi Conference Focus Owner:/nonexistent:/usr/sbin/nologi
jvb:*:308:308::0:0:Jitsi VideoBridge Owner:/nonexistent:/usr/sbin/nologin
wazuh:*:309:309::0:0:Wazuh Owner:/var/ossec:/usr/sbin/nologin
cardano:*:310:310::0:0:Cardano Node Daemon:/nonexistent:/usr/sbin/nologin
-# free: 311
+_arti:*:311:311::0:0:Arti Daemon:/nonexistent:/usr/sbin/nologin
_sphinx:*:312:312::0:0:Sphinxsearch Owner:/nonexistent:/usr/sbin/nologin
_fastdfs:*:313:313::0:0:FastDFS Owner:/nonexistent:/usr/sbin/nologin
# free: 314
diff --git a/security/arti/Makefile b/security/arti/Makefile
index fa8ffb74ba0a..3fea1e343fde 100644
--- a/security/arti/Makefile
+++ b/security/arti/Makefile
@@ -1,19 +1,20 @@
PORTNAME= arti
DISTVERSION= 1.0.0
+PORTREVISION= 1
CATEGORIES= security
MAINTAINER= cs@FreeBSD.org
COMMENT= Implementation of Tor, in Rust
-WWW= https://gitlab.torproject.org/tpo/core/arti/
+WWW= https://arti.torproject.org/
LICENSE= MIT
USES= cargo sqlite ssl
USE_RC_SUBR= arti
-#GROUPS= _arti
-#USERS= _arti
-#SUB_LIST= USER="${USERS}" GROUP="${GROUPS}"
-#PLIST_SUB= USER="${USERS}" GROUP="${GROUPS}"
+GROUPS= _arti
+USERS= _arti
+SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}"
+PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}"
USE_GITLAB= yes
GL_SITE= https://gitlab.torproject.org
GL_ACCOUNT= tpo/core
diff --git a/security/arti/files/arti.in b/security/arti/files/arti.in
index b7226c5ebe14..8cb8d4a48513 100644
--- a/security/arti/files/arti.in
+++ b/security/arti/files/arti.in
@@ -1,37 +1,54 @@
#!/bin/sh
-# $FreeBSD$
-#
# PROVIDE: arti
-# REQUIRE: LOGIN
-# KEYWORD: shutdown
+# REQUIRE: DAEMON FILESYSTEMS
+# BEFORE: LOGIN
#
# Add these lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# arti_enable (bool): Set to NO by default.
# Set it to YES to enable arti.
-# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.cf
+# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.toml
# by default.
-# arti_user (str): Arti daemon user. Default: %%USER%%
-# arti_pidfile (str): Arti pid file. Default: /var/run/arti/arti.pid
-
+# arti_user (str): Arti daemon user. Default: %%USERS%%
+# arti_group (str): Arti daemon group. Default: %%GROUPS%%
. /etc/rc.subr
-name=arti
-rcvar=arti_enable
+name="arti"
+rcvar="arti_enable"
load_rc_config $name
: ${arti_enable:="NO"}
: ${arti_config="%%PREFIX%%/etc/arti/arti.toml"}
-: ${arti_pidfile="/var/run/arti/arti.pid"}
-: ${arti_logfile="/var/log/arti/arti.log"}
-
-command=/usr/sbin/daemon
-arti=%%PREFIX%%/bin/${name}
-
-command_args="-f -o $arti_logfile -P $arti_pidfile $arti proxy -c $arti_config"
+: ${arti_user="%%USERS%%"}
+: ${arti_group="%%GROUPS%%"}
+
+pidfiledir="/var/run/${name}"
+pidfile="${pidfiledir}/${name}.pid"
+logfiledir="/var/log/${name}"
+logfile="${logfiledir}/${name}.log"
+dbfiledir="/var/db/${name}"
+command="/usr/sbin/daemon"
+procname="%%PREFIX%%/bin/${name}"
+
+command_args="-f -o $logfile -p $pidfile $procname proxy --config $arti_config"
+
+start_precmd="${name}_prestart"
+
+arti_prestart()
+{
+ if [ ! -d ${pidfiledir} ]; then
+ install -d -o ${arti_user} -g ${arti_group} ${pidfiledir}
+ fi
+ if [ ! -d ${logfiledir} ]; then
+ install -d -o ${arti_user} -g ${arti_group} ${logfiledir}
+ fi
+ if [ ! -d ${dbfiledir} ]; then
+ install -d -o ${arti_user} -g ${arti_group} ${dbfiledir}
+ fi
+}
run_rc_command "$1"
diff --git a/security/arti/files/patch-crates_arti_src_arti-example-config.toml b/security/arti/files/patch-crates_arti_src_arti-example-config.toml
index ce175bb1c293..8ba17cd44b05 100644
--- a/security/arti/files/patch-crates_arti_src_arti-example-config.toml
+++ b/security/arti/files/patch-crates_arti_src_arti-example-config.toml
@@ -1,11 +1,13 @@
---- crates/arti/src/arti-example-config.toml.orig 2022-05-29 12:30:55 UTC
+--- crates/arti/src/arti-example-config.toml.orig 2022-09-25 15:06:18 UTC
+++ crates/arti/src/arti-example-config.toml
-@@ -62,7 +62,7 @@
+@@ -86,8 +86,8 @@
#
# The state directory is not yet used.
[storage]
-#cache_dir = "${ARTI_CACHE}"
-+cache_dir = "/var/db/arti"
- #state_dir = "${ARTI_LOCAL_DATA}"
+-#state_dir = "${ARTI_LOCAL_DATA}"
++cache_dir = "/var/db/arti/"
++state_dir = "/var/db/arti/"
# Describe how to enforce permissions on the filesystem when accessing the cache
+ # and state directories. (This does not apply to configuration files)