After some frustrating attempts to get a usable control script for my chrooted OpenBSD system I hacked together some mods for the default torctl file (that tor.sh points at). In the end I did not alter (or use for that matter) tor.sh because it doesn't play nice with torctl on my system. Here is my file and the changes I made are commented below. You can also set your /etc/rc.local to execute 'torctl start' so it will load on boot. Also, if you execute this torctl file and have duplicate settings in your torrc you stand a good chance of seeing duplicate log messages which can be annoying. My suggestion is to EITHER remove the $TORARGS part of the START line (see below) and move all necessary settings into your torrc OR remove your log directive from your torrc. For the sack of legibility I remove some comments.
Any improvements are welcome.
#!/bin/sh # Name of the executable EXEC=tor #added this: CHROOT="/var/tor" # the path to the chroot directory #changed this... this is within the chroot when called: TORBIN="/bin/$EXEC" # the path to your binary, including options if necessary #changed this... this is within the chroot when called: TORCONF="/etc/tor/torrc" # the path to the configuration file #changed this... this is within the chroot when called: PIDFILE="/var/lib/tor/tor.pid" # the path to your PID file #changed this... this is within the chroot when called: LOGFILE="/var/log/notices.log" # The path to the log file #changed this... this is within the chroot when called: TORDATA="/var/lib/tor" # The path to the datadirectory TORARGS="--pidfile $PIDFILE --log \"notice file $LOGFILE\" --runasdaemon 1" TORARGS="$TORARGS --datadirectory $TORDATA" #commented out these lines as useless/undesirable #if [ "x`id -u`" = "x0" ]; then # TORUSER=_tor #fi #if [ "x$TORUSER" != "x" ]; then # TORARGS="$TORARGS --user $TORUSER" #fi #changed this, if you specify the arguments in your torrc you can take out "$TORARGS": START="/usr/sbin/chroot -u _tor /var/tor $TORBIN -f $TORCONF $TORARGS" # # -------------------- -------------------- # |||||||||||||||||||| END CONFIGURATION SECTION |||||||||||||||||||| ERROR=0 ARGV="$@" if [ "x$ARGV" = "x" ] ; then ARGS="help" fi checkIfRunning ( ) { # check for pidfile PID=unknown if [ -f $CHROOT/$PIDFILE ] ; then #changed this so script will follow proper path PID=`/bin/cat $CHROOT/$PIDFILE` #changed this so script will follow proper path if [ "x$PID" != "x" ] ; then if kill -0 $PID 2>/dev/null ; then STATUS="$EXEC (pid $PID) running" RUNNING=1 else STATUS="PID file ($CHROOT/$PIDFILE) present, but $EXEC ($PID) not running" #changed this so script will follow proper path RUNNING=0 fi else STATUS="$EXEC (pid $PID?) not running" RUNNING=0 fi else STATUS="$EXEC apparently not running (no pid file)" RUNNING=0 fi return } for ARG in $@ $ARGS do checkIfRunning case $ARG in start) if [ $RUNNING -eq 1 ]; then echo "$0 $ARG: $EXEC (pid $PID) already running" continue fi if eval "$START" ; then echo "$0 $ARG: $EXEC started" # Make sure it stayed up! /bin/sleep 1 checkIfRunning if [ $RUNNING -eq 0 ]; then echo "$0 $ARG: $EXEC (pid $PID) quit unexpectedly" fi else echo "$0 $ARG: $EXEC could not be started" ERROR=3 fi ;; stop) if [ $RUNNING -eq 0 ]; then echo "$0 $ARG: $STATUS" continue fi if kill -15 $PID ; then echo "$0 $ARG: $EXEC stopped" else /bin/sleep 1 if kill -9 $PID ; then echo "$0 $ARG: $EXEC stopped" else echo "$0 $ARG: $EXEC could not be stopped" ERROR=4 fi fi # Make sure it really died! /bin/sleep 1 checkIfRunning if [ $RUNNING -eq 1 ]; then echo "$0 $ARG: $EXEC (pid $PID) unexpectedly still running" ERROR=4 fi ;; restart) $0 stop start ;; reload) if [ $RUNNING -eq 0 ]; then echo "$0 $ARG: $STATUS" continue fi if kill -1 $PID; then /bin/sleep 1 echo "$EXEC (PID $PID) reloaded" else echo "Can't reload $EXEC" ERROR=3 fi ;; status) echo $STATUS if [ $RUNNING -eq 1 ]; then ERROR=0 else ERROR=1 fi ;; log) cat $LOGFILE ;; help) echo "usage: $0 (start|stop|restart|status|help)" /bin/cat <<EOF start - start $EXEC stop - stop $EXEC restart - stop and restart $EXEC if running or start if not running reload - cause the running process to reinitialize itself status - tell whether $EXEC is running or not log - display the contents of the log file help - this text EOF ERROR=0 ;; *) $0 help ERROR=2 ;; esac done exit $ERROR