Opened 2 years ago

Last modified 20 months ago

#20340 new enhancement

nice to have: test torrc for incompatible transistions of config values

Reported by: toralf Owned by:
Priority: Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.8.8
Severity: Minor Keywords: tor-relay usability torrc configuration load transition
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Under Gentoo we do have a config check in the OpenRc script:
"${command} --verify-config --hush"
But unfortunately that will not catch the case where the config is ok but a reload will fail due to changes eg. from "SandBox 0" to "SandBox 1".

It would be a nifty feature to prevent a reload of Tor in such a case.

Child Tickets

Change History (6)

comment:1 Changed 2 years ago by nickm

toralf: any thoughts about what kind of interface might make sense here? How do other daemons handle this kind of thing, if they do?

comment:2 Changed 2 years ago by toralf

What just comes into my mind:
Add an option like "--strict-test-that-reload-would-work" which would force tor to return rather an error code then zero, if the torrc is fine but would break a reload.
FWIW the OpenRc init.d script as used in Gentoo land looks straightforward :

t44 ~ # cat /etc/init.d/tor
#!/sbin/openrc-run
# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$

command=/usr/bin/tor
pidfile=/var/run/tor/tor.pid
command_args="--hush --runasdaemon 1 --pidfile \"${pidfile}\""
retry=${GRACEFUL_TIMEOUT:-60}

extra_commands="checkconfig"
extra_started_commands="reload"
description="Anonymizing overlay network for TCP"
description_checkconfig="Check for valid config file"
description_reload="Reload the configuration"

checkconfig() {
        ${command} --verify-config --hush > /dev/null 2>&1
        if [ $? -ne 0 ] ; then
                eerror "Tor configuration (/etc/tor/torrc) is not valid."
                eerror "Example is in /etc/tor/torrc.sample"
                return 1
        fi
}

start_pre() {
        checkconfig || return 1
        checkpath -d -m 0755 -o tor:tor /var/run/tor
}

stop() {
        ebegin "Stopping Tor (waiting up to ${retry} seconds)"
        start-stop-daemon -K -s INT -R ${retry} -P -p ${pidfile}
        eend $?
}

reload() {
        checkconfig || return 1
        ebegin "Reloading Tor configuration"
        start-stop-daemon -s HUP --pidfile ${pidfile}
        eend $?
}

comment:3 Changed 2 years ago by teor

We have options_transition_allowed(), and then various other bugs that cause transitions to fail.

We could expose options_transition_allowed() on the command line using --verify-torrc-reload or something.

comment:4 Changed 2 years ago by nickm

I think a pure command-line solution will only work in the case where no options have changed in Tor due to SETCONF etc. If some options have changed their values, then we won't be able to tell whether the transition is allowed using only the commandline and the two torrc files.

comment:5 Changed 2 years ago by nickm

Milestone: Tor: unspecified

comment:6 Changed 20 months ago by nickm

Keywords: tor-relay usability torrc configuration load transition added
Note: See TracTickets for help on using tickets.