From nobody Sun Sep 25 16:22:00 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MbB3s1Jypz4dbRv; Sun, 25 Sep 2022 16:22:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MbB3s0tzfz472N; Sun, 25 Sep 2022 16:22:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1664122921; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Sm6+Zk0K642ZcqsV4+tP0ld4u4FzvhORsr9GqYDweDE=; b=pHv4sMLuLVMh07Iit53JPQQYpiZQf/66vXafq1HTuD+xQw7cCvvW+8Ve9cdahMXml0aqA6 je9INYazu01RNRbFTzOKrF+ZV6Flt6dUKD5ratwzDXY1d4t556JmrRVno+zJ3M6ce6/LtR ZE49SQBKZyRXz/T37B1t3E2vfZKGrcqIgg41cZD8bTKF4kYvnOi3Yzd3UjzHHuqFfsN0Pc +huwcvDRNj4OjH0AQvIYpsWld9yCUHqQ8S8Tpd9NUUqRgci/yaSRyhx9ok3Ypklp6U5+6D RkKFIagZqgMNhBdHd93EsVLRuZ1LlRMN3X8BFH6qsJWjB7OJsm5h4BdkkNnxyA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MbB3r6lk8zTD2; Sun, 25 Sep 2022 16:22:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 28PGM0Nb017196; Sun, 25 Sep 2022 16:22:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 28PGM06A017195; Sun, 25 Sep 2022 16:22:00 GMT (envelope-from git) Date: Sun, 25 Sep 2022 16:22:00 GMT Message-Id: <202209251622.28PGM06A017195@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Carlo Strub Subject: git: 918612d6fe2e - main - security/arti: Fix rc.d service using daemon, update URL List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cs X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 918612d6fe2e312a1a57446d1c8f9c72df400e9e Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1664122921; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Sm6+Zk0K642ZcqsV4+tP0ld4u4FzvhORsr9GqYDweDE=; b=QVGPUi5JQNAJgdvdXokylhsYbw6nZrxvQvO6ziF7IbhHFPEXCXUIaaZYD7acazJmiQNgBq WO+AdokoA2i9qofbPgr37G87QO7jaRbRdRe89gFwJTopotg2KajBQjYv3ko7l6bMvg6ZrJ qcCinWgFSzVLJZUJHBg6p+531nHfIHjb0cuD8HFOo24ov2EofdpmCH1nYKLkZL/a81zd9Q kUBJdmYzyLlaEm1/LBZUl6pvcbs027uc5vvD3S79VexGM5wnZMbRE6bz0M0Cj/LrBcFYHB 5QTLmBuljz744RFAe5XsCrrCQ/6g3ySaHnG74dcp9v26h4RCL0oVygotGIy9rg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1664122921; a=rsa-sha256; cv=none; b=shF1+Pvx+U8Y2OHYWegccI5mZXg81S6MBOQFIb85gXh5vAmaEQX2vIZCQDC9HFSduEiGGu ox+ZnYtq3yJCRSZFzF2CsFE8V+2wvvwFAcMtrImsuS6q7L54WGvkTiXmgbqfcwqQhl4F7e 8/ncDK0vpNdJCRGlKsgnADAH1Ia+pzamX/E1D4FX1PD+bKi5oJZYV9R33HzSLcsbPAjVrN UeD4L6YPDqewX+QJZ40/lmIAbjgPwa1k0E41LX4o6F2KPDQvyQ2eZ6LCh8+Ar89EooHEpw vrlY1ID7B8ALjUzPIcBis25pTM2/5cJa0zWXZUFzz2dm/wP+mZQVZjzu/SX7UQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by cs: URL: https://cgit.FreeBSD.org/ports/commit/?id=918612d6fe2e312a1a57446d1c8f9c72df400e9e commit 918612d6fe2e312a1a57446d1c8f9c72df400e9e Author: Carlo Strub AuthorDate: 2022-09-25 16:21:15 +0000 Commit: Carlo Strub CommitDate: 2022-09-25 16:21:15 +0000 security/arti: Fix rc.d service using daemon, update URL --- GIDs | 2 +- UIDs | 2 +- security/arti/Makefile | 11 ++--- security/arti/files/arti.in | 51 ++++++++++++++-------- .../patch-crates_arti_src_arti-example-config.toml | 10 +++-- 5 files changed, 48 insertions(+), 28 deletions(-) diff --git a/GIDs b/GIDs index 4e3ef856f3a4..743b8d57e5e9 100644 --- a/GIDs +++ b/GIDs @@ -251,7 +251,7 @@ jicofo:*:307:jitsi jvb:*:308:jitsi wazuh:*:309: cardano:*:310: -# free: 311 +_arti:*:311: _sphinx:*:312: _fastdfs:*:313: # free: 314 diff --git a/UIDs b/UIDs index 1e52a1072fe9..1fa5eb54fad1 100644 --- a/UIDs +++ b/UIDs @@ -256,7 +256,7 @@ jicofo:*:307:307::0:0:Jitsi Conference Focus Owner:/nonexistent:/usr/sbin/nologi jvb:*:308:308::0:0:Jitsi VideoBridge Owner:/nonexistent:/usr/sbin/nologin wazuh:*:309:309::0:0:Wazuh Owner:/var/ossec:/usr/sbin/nologin cardano:*:310:310::0:0:Cardano Node Daemon:/nonexistent:/usr/sbin/nologin -# free: 311 +_arti:*:311:311::0:0:Arti Daemon:/nonexistent:/usr/sbin/nologin _sphinx:*:312:312::0:0:Sphinxsearch Owner:/nonexistent:/usr/sbin/nologin _fastdfs:*:313:313::0:0:FastDFS Owner:/nonexistent:/usr/sbin/nologin # free: 314 diff --git a/security/arti/Makefile b/security/arti/Makefile index fa8ffb74ba0a..3fea1e343fde 100644 --- a/security/arti/Makefile +++ b/security/arti/Makefile @@ -1,19 +1,20 @@ PORTNAME= arti DISTVERSION= 1.0.0 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= cs@FreeBSD.org COMMENT= Implementation of Tor, in Rust -WWW= https://gitlab.torproject.org/tpo/core/arti/ +WWW= https://arti.torproject.org/ LICENSE= MIT USES= cargo sqlite ssl USE_RC_SUBR= arti -#GROUPS= _arti -#USERS= _arti -#SUB_LIST= USER="${USERS}" GROUP="${GROUPS}" -#PLIST_SUB= USER="${USERS}" GROUP="${GROUPS}" +GROUPS= _arti +USERS= _arti +SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}" +PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}" USE_GITLAB= yes GL_SITE= https://gitlab.torproject.org GL_ACCOUNT= tpo/core diff --git a/security/arti/files/arti.in b/security/arti/files/arti.in index b7226c5ebe14..8cb8d4a48513 100644 --- a/security/arti/files/arti.in +++ b/security/arti/files/arti.in @@ -1,37 +1,54 @@ #!/bin/sh -# $FreeBSD$ -# # PROVIDE: arti -# REQUIRE: LOGIN -# KEYWORD: shutdown +# REQUIRE: DAEMON FILESYSTEMS +# BEFORE: LOGIN # # Add these lines to /etc/rc.conf.local or /etc/rc.conf # to enable this service: # # arti_enable (bool): Set to NO by default. # Set it to YES to enable arti. -# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.cf +# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.toml # by default. -# arti_user (str): Arti daemon user. Default: %%USER%% -# arti_pidfile (str): Arti pid file. Default: /var/run/arti/arti.pid - +# arti_user (str): Arti daemon user. Default: %%USERS%% +# arti_group (str): Arti daemon group. Default: %%GROUPS%% . /etc/rc.subr -name=arti -rcvar=arti_enable +name="arti" +rcvar="arti_enable" load_rc_config $name : ${arti_enable:="NO"} : ${arti_config="%%PREFIX%%/etc/arti/arti.toml"} -: ${arti_pidfile="/var/run/arti/arti.pid"} -: ${arti_logfile="/var/log/arti/arti.log"} - -command=/usr/sbin/daemon -arti=%%PREFIX%%/bin/${name} - -command_args="-f -o $arti_logfile -P $arti_pidfile $arti proxy -c $arti_config" +: ${arti_user="%%USERS%%"} +: ${arti_group="%%GROUPS%%"} + +pidfiledir="/var/run/${name}" +pidfile="${pidfiledir}/${name}.pid" +logfiledir="/var/log/${name}" +logfile="${logfiledir}/${name}.log" +dbfiledir="/var/db/${name}" +command="/usr/sbin/daemon" +procname="%%PREFIX%%/bin/${name}" + +command_args="-f -o $logfile -p $pidfile $procname proxy --config $arti_config" + +start_precmd="${name}_prestart" + +arti_prestart() +{ + if [ ! -d ${pidfiledir} ]; then + install -d -o ${arti_user} -g ${arti_group} ${pidfiledir} + fi + if [ ! -d ${logfiledir} ]; then + install -d -o ${arti_user} -g ${arti_group} ${logfiledir} + fi + if [ ! -d ${dbfiledir} ]; then + install -d -o ${arti_user} -g ${arti_group} ${dbfiledir} + fi +} run_rc_command "$1" diff --git a/security/arti/files/patch-crates_arti_src_arti-example-config.toml b/security/arti/files/patch-crates_arti_src_arti-example-config.toml index ce175bb1c293..8ba17cd44b05 100644 --- a/security/arti/files/patch-crates_arti_src_arti-example-config.toml +++ b/security/arti/files/patch-crates_arti_src_arti-example-config.toml @@ -1,11 +1,13 @@ ---- crates/arti/src/arti-example-config.toml.orig 2022-05-29 12:30:55 UTC +--- crates/arti/src/arti-example-config.toml.orig 2022-09-25 15:06:18 UTC +++ crates/arti/src/arti-example-config.toml -@@ -62,7 +62,7 @@ +@@ -86,8 +86,8 @@ # # The state directory is not yet used. [storage] -#cache_dir = "${ARTI_CACHE}" -+cache_dir = "/var/db/arti" - #state_dir = "${ARTI_LOCAL_DATA}" +-#state_dir = "${ARTI_LOCAL_DATA}" ++cache_dir = "/var/db/arti/" ++state_dir = "/var/db/arti/" # Describe how to enforce permissions on the filesystem when accessing the cache + # and state directories. (This does not apply to configuration files)