Re: git: 918612d6fe2e - main - security/arti: Fix rc.d service using daemon, update URL
- In reply to: Carlo Strub : "git: 918612d6fe2e - main - security/arti: Fix rc.d service using daemon, update URL"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 26 Sep 2022 08:46:41 UTC
On Sun, Sep 25, 2022 at 04:22:00PM +0000, Carlo Strub wrote:
> The branch main has been updated by cs:
>
> URL: https://cgit.FreeBSD.org/ports/commit/?id=918612d6fe2e312a1a57446d1c8f9c72df400e9e
>
Again (somewhat) based upon PR 266296.
Just closing that PR as OBE somehow doesn't feel right to me.
Perhaps I'm just grumpy again.
René
> commit 918612d6fe2e312a1a57446d1c8f9c72df400e9e
> Author: Carlo Strub <cs@FreeBSD.org>
> AuthorDate: 2022-09-25 16:21:15 +0000
> Commit: Carlo Strub <cs@FreeBSD.org>
> CommitDate: 2022-09-25 16:21:15 +0000
>
> security/arti: Fix rc.d service using daemon, update URL
> ---
> GIDs | 2 +-
> UIDs | 2 +-
> security/arti/Makefile | 11 ++---
> security/arti/files/arti.in | 51 ++++++++++++++--------
> .../patch-crates_arti_src_arti-example-config.toml | 10 +++--
> 5 files changed, 48 insertions(+), 28 deletions(-)
>
> diff --git a/GIDs b/GIDs
> index 4e3ef856f3a4..743b8d57e5e9 100644
> --- a/GIDs
> +++ b/GIDs
> @@ -251,7 +251,7 @@ jicofo:*:307:jitsi
> jvb:*:308:jitsi
> wazuh:*:309:
> cardano:*:310:
> -# free: 311
> +_arti:*:311:
> _sphinx:*:312:
> _fastdfs:*:313:
> # free: 314
> diff --git a/UIDs b/UIDs
> index 1e52a1072fe9..1fa5eb54fad1 100644
> --- a/UIDs
> +++ b/UIDs
> @@ -256,7 +256,7 @@ jicofo:*:307:307::0:0:Jitsi Conference Focus Owner:/nonexistent:/usr/sbin/nologi
> jvb:*:308:308::0:0:Jitsi VideoBridge Owner:/nonexistent:/usr/sbin/nologin
> wazuh:*:309:309::0:0:Wazuh Owner:/var/ossec:/usr/sbin/nologin
> cardano:*:310:310::0:0:Cardano Node Daemon:/nonexistent:/usr/sbin/nologin
> -# free: 311
> +_arti:*:311:311::0:0:Arti Daemon:/nonexistent:/usr/sbin/nologin
> _sphinx:*:312:312::0:0:Sphinxsearch Owner:/nonexistent:/usr/sbin/nologin
> _fastdfs:*:313:313::0:0:FastDFS Owner:/nonexistent:/usr/sbin/nologin
> # free: 314
> diff --git a/security/arti/Makefile b/security/arti/Makefile
> index fa8ffb74ba0a..3fea1e343fde 100644
> --- a/security/arti/Makefile
> +++ b/security/arti/Makefile
> @@ -1,19 +1,20 @@
> PORTNAME= arti
> DISTVERSION= 1.0.0
> +PORTREVISION= 1
> CATEGORIES= security
>
> MAINTAINER= cs@FreeBSD.org
> COMMENT= Implementation of Tor, in Rust
> -WWW= https://gitlab.torproject.org/tpo/core/arti/
> +WWW= https://arti.torproject.org/
>
> LICENSE= MIT
>
> USES= cargo sqlite ssl
> USE_RC_SUBR= arti
> -#GROUPS= _arti
> -#USERS= _arti
> -#SUB_LIST= USER="${USERS}" GROUP="${GROUPS}"
> -#PLIST_SUB= USER="${USERS}" GROUP="${GROUPS}"
> +GROUPS= _arti
> +USERS= _arti
> +SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}"
> +PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}"
> USE_GITLAB= yes
> GL_SITE= https://gitlab.torproject.org
> GL_ACCOUNT= tpo/core
> diff --git a/security/arti/files/arti.in b/security/arti/files/arti.in
> index b7226c5ebe14..8cb8d4a48513 100644
> --- a/security/arti/files/arti.in
> +++ b/security/arti/files/arti.in
> @@ -1,37 +1,54 @@
> #!/bin/sh
>
> -# $FreeBSD$
> -#
> # PROVIDE: arti
> -# REQUIRE: LOGIN
> -# KEYWORD: shutdown
> +# REQUIRE: DAEMON FILESYSTEMS
> +# BEFORE: LOGIN
> #
> # Add these lines to /etc/rc.conf.local or /etc/rc.conf
> # to enable this service:
> #
> # arti_enable (bool): Set to NO by default.
> # Set it to YES to enable arti.
> -# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.cf
> +# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.toml
> # by default.
> -# arti_user (str): Arti daemon user. Default: %%USER%%
> -# arti_pidfile (str): Arti pid file. Default: /var/run/arti/arti.pid
> -
> +# arti_user (str): Arti daemon user. Default: %%USERS%%
> +# arti_group (str): Arti daemon group. Default: %%GROUPS%%
>
> . /etc/rc.subr
>
> -name=arti
> -rcvar=arti_enable
> +name="arti"
> +rcvar="arti_enable"
>
> load_rc_config $name
>
> : ${arti_enable:="NO"}
> : ${arti_config="%%PREFIX%%/etc/arti/arti.toml"}
> -: ${arti_pidfile="/var/run/arti/arti.pid"}
> -: ${arti_logfile="/var/log/arti/arti.log"}
> -
> -command=/usr/sbin/daemon
> -arti=%%PREFIX%%/bin/${name}
> -
> -command_args="-f -o $arti_logfile -P $arti_pidfile $arti proxy -c $arti_config"
> +: ${arti_user="%%USERS%%"}
> +: ${arti_group="%%GROUPS%%"}
> +
> +pidfiledir="/var/run/${name}"
> +pidfile="${pidfiledir}/${name}.pid"
> +logfiledir="/var/log/${name}"
> +logfile="${logfiledir}/${name}.log"
> +dbfiledir="/var/db/${name}"
> +command="/usr/sbin/daemon"
> +procname="%%PREFIX%%/bin/${name}"
> +
> +command_args="-f -o $logfile -p $pidfile $procname proxy --config $arti_config"
> +
> +start_precmd="${name}_prestart"
> +
> +arti_prestart()
> +{
> + if [ ! -d ${pidfiledir} ]; then
> + install -d -o ${arti_user} -g ${arti_group} ${pidfiledir}
> + fi
> + if [ ! -d ${logfiledir} ]; then
> + install -d -o ${arti_user} -g ${arti_group} ${logfiledir}
> + fi
> + if [ ! -d ${dbfiledir} ]; then
> + install -d -o ${arti_user} -g ${arti_group} ${dbfiledir}
> + fi
> +}
>
> run_rc_command "$1"
> diff --git a/security/arti/files/patch-crates_arti_src_arti-example-config.toml b/security/arti/files/patch-crates_arti_src_arti-example-config.toml
> index ce175bb1c293..8ba17cd44b05 100644
> --- a/security/arti/files/patch-crates_arti_src_arti-example-config.toml
> +++ b/security/arti/files/patch-crates_arti_src_arti-example-config.toml
> @@ -1,11 +1,13 @@
> ---- crates/arti/src/arti-example-config.toml.orig 2022-05-29 12:30:55 UTC
> +--- crates/arti/src/arti-example-config.toml.orig 2022-09-25 15:06:18 UTC
> +++ crates/arti/src/arti-example-config.toml
> -@@ -62,7 +62,7 @@
> +@@ -86,8 +86,8 @@
> #
> # The state directory is not yet used.
> [storage]
> -#cache_dir = "${ARTI_CACHE}"
> -+cache_dir = "/var/db/arti"
> - #state_dir = "${ARTI_LOCAL_DATA}"
> +-#state_dir = "${ARTI_LOCAL_DATA}"
> ++cache_dir = "/var/db/arti/"
> ++state_dir = "/var/db/arti/"
>
> # Describe how to enforce permissions on the filesystem when accessing the cache
> + # and state directories. (This does not apply to configuration files)