|
|
4b2079d |
%global _hardened_build 1
|
|
|
4b2079d |
|
|
|
7aa6ac5 |
%global toruser toranon
|
|
|
7aa6ac5 |
%global torgroup toranon
|
|
|
eb9d043 |
%global homedir %{_localstatedir}/lib/%{name}
|
|
|
eb9d043 |
%global logdir %{_localstatedir}/log/%{name}
|
|
|
4b2079d |
|
|
|
88cb1e7 |
Name: tor
|
|
|
88cb1e7 |
Version: 0.2.3.25
|
|
|
88cb1e7 |
Release: 1802%{?dist}
|
|
|
88cb1e7 |
Group: System Environment/Daemons
|
|
|
88cb1e7 |
License: BSD
|
|
|
88cb1e7 |
Summary: Anonymizing overlay network for TCP (The onion router)
|
|
|
88cb1e7 |
URL: https://www.torproject.org
|
|
|
88cb1e7 |
|
|
|
88cb1e7 |
Source0: https://www.torproject.org/dist/%{name}-%{version}.tar.gz
|
|
|
88cb1e7 |
Source1: https://www.torproject.org/dist/%{name}-%{version}.tar.gz.asc
|
|
|
eb63d1e |
# Upstream ship their own logrotate file. Ours only has 2 modifications:
|
|
|
eb63d1e |
# use 'toranon' user, and use systemctl to reload.
|
|
|
88cb1e7 |
Source2: tor.logrotate
|
|
|
dcfcf83 |
# This makes sure tor runs as 'toranon', logs to syslog at 'notice' level,
|
|
|
dcfcf83 |
# and writes to /var/lib/tor instead of /root/.tor directory.
|
|
|
88cb1e7 |
Source3: tor.defaults-torrc
|
|
|
eb63d1e |
# A ticket has been opened to have the systemd service included upstream:
|
|
|
eb63d1e |
# https://trac.torproject.org/projects/tor/ticket/8368
|
|
|
88cb1e7 |
Source10: tor.systemd.service
|
|
|
d243e33 |
|
|
|
eb63d1e |
# Obsoletes/Provides for tor-core, tor-systemd and torify were introduced
|
|
|
eb63d1e |
# in Fedora 19 (rawhide).
|
|
|
143576c |
Obsoletes: tor-core < 0:0.2.3.25-1802
|
|
|
88cb1e7 |
Provides: tor-core = 0:%{version}-%{release}
|
|
|
143576c |
Obsoletes: tor-systemd < 0:0.2.3.25-1802
|
|
|
88cb1e7 |
Provides: tor-systemd = 0:%{version}-%{release}
|
|
|
143576c |
Obsoletes: torify < 0:0.2.3.25-1802
|
|
|
88cb1e7 |
Provides: torify = 0:%{version}-%{release}
|
|
|
4b2079d |
|
|
|
88cb1e7 |
BuildRequires: asciidoc
|
|
|
88cb1e7 |
BuildRequires: libevent-devel
|
|
|
88cb1e7 |
BuildRequires: openssl-devel
|
|
|
eb63d1e |
|
|
|
64ad648 |
# /usr/bin/torify is now just a wrapper for torsocks and is only there for
|
|
|
64ad648 |
# backwards compatibility.
|
|
|
64ad648 |
Requires: torsocks
|
|
|
64ad648 |
Requires(pre): shadow-utils
|
|
|
64ad648 |
Requires(post): systemd
|
|
|
64ad648 |
Requires(preun): systemd
|
|
|
685ebe3 |
Requires(postun): systemd
|
|
|
d243e33 |
|
|
|
d243e33 |
|
|
|
d243e33 |
%description
|
|
|
d243e33 |
Tor is a connection-based low-latency anonymous communication system.
|
|
|
d243e33 |
|
|
|
d243e33 |
Applications connect to the local Tor proxy using the SOCKS protocol. The
|
|
|
d243e33 |
local proxy chooses a path through a set of relays, in which each relay
|
|
|
d243e33 |
knows its predecessor and successor, but no others. Traffic flowing down
|
|
|
d243e33 |
the circuit is unwrapped by a symmetric key at each relay, which reveals
|
|
|
d243e33 |
the downstream relay.
|
|
|
d243e33 |
|
|
|
d243e33 |
Warnings: Tor does no protocol cleaning. That means there is a danger
|
|
|
d243e33 |
that application protocols and associated programs can be induced to
|
|
|
d243e33 |
reveal information about the initiator. Tor depends on Privoxy and
|
|
|
d243e33 |
similar protocol cleaners to solve this problem. This is alpha code,
|
|
|
d243e33 |
and is even more likely than released code to have anonymity-spoiling
|
|
|
d243e33 |
bugs. The present network is very small -- this further reduces the
|
|
|
d243e33 |
strength of the anonymity provided. Tor is not presently suitable for
|
|
|
d243e33 |
high-stakes anonymity.
|
|
|
d243e33 |
|
|
|
d243e33 |
|
|
|
d243e33 |
%prep
|
|
|
d243e33 |
%setup -q
|
|
|
d243e33 |
|
|
|
d243e33 |
|
|
|
d243e33 |
%build
|
|
|
7aa6ac5 |
%configure --with-tor-user=%{toruser} --with-tor-group=%{torgroup} \
|
|
|
2257b53 |
--docdir=%{_docdir}/%{name}-%{version}
|
|
|
d243e33 |
make %{?_smp_mflags}
|
|
|
d243e33 |
|
|
|
d243e33 |
|
|
|
d243e33 |
%install
|
|
|
d243e33 |
make install DESTDIR=$RPM_BUILD_ROOT
|
|
|
88cb1e7 |
mv $RPM_BUILD_ROOT%{_sysconfdir}/tor/torrc.sample \
|
|
|
4b2079d |
$RPM_BUILD_ROOT%{_sysconfdir}/tor/torrc
|
|
|
d243e33 |
|
|
|
4b2079d |
mkdir -p $RPM_BUILD_ROOT%{logdir}
|
|
|
4b2079d |
mkdir -p $RPM_BUILD_ROOT%{homedir}
|
|
|
d243e33 |
|
|
|
88cb1e7 |
install -D -p -m 0644 %SOURCE10 $RPM_BUILD_ROOT%_unitdir/%{name}.service
|
|
|
88cb1e7 |
install -D -p -m 0644 %SOURCE2 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/tor
|
|
|
88cb1e7 |
install -D -p -m 0644 %SOURCE3 $RPM_BUILD_ROOT%{_datadir}/%{name}/defaults-torrc
|
|
|
481b5f8 |
|
|
|
d243e33 |
|
|
|
5217026 |
%pre
|
|
|
7aa6ac5 |
getent group %{torgroup} >/dev/null || groupadd -r %{torgroup}
|
|
|
7aa6ac5 |
getent passwd %{toruser} >/dev/null || \
|
|
|
c10c743 |
useradd -r -s /sbin/nologin -d %{homedir} -M \
|
|
|
7aa6ac5 |
-c 'TOR anonymizing user' -g %{torgroup} %{toruser}
|
|
|
c10c743 |
exit 0
|
|
|
d243e33 |
|
|
|
685ebe3 |
%post
|
|
|
8835dc9 |
%systemd_post %{name}.service
|
|
|
d243e33 |
|
|
|
685ebe3 |
%preun
|
|
|
8835dc9 |
%systemd_preun %{name}.service
|
|
|
ca4ac65 |
|
|
|
685ebe3 |
%postun
|
|
|
88cb1e7 |
%systemd_postun_with_restart %{name}.service
|
|
|
ca4ac65 |
|
|
|
481b5f8 |
|
|
|
d243e33 |
%files
|
|
|
2257b53 |
%doc LICENSE README ChangeLog ReleaseNotes doc/HACKING doc/*.html
|
|
|
4b2079d |
%{_bindir}/tor
|
|
|
4b2079d |
%{_bindir}/tor-gencert
|
|
|
4b2079d |
%{_bindir}/tor-resolve
|
|
|
88c65cd |
%{_bindir}/torify
|
|
|
4b2079d |
%{_mandir}/man1/tor.1*
|
|
|
4b2079d |
%{_mandir}/man1/tor-gencert.1*
|
|
|
4b2079d |
%{_mandir}/man1/tor-resolve.1*
|
|
|
88c65cd |
%{_mandir}/man1/torify.1*
|
|
|
88c65cd |
%dir %{_datadir}/tor
|
|
|
88c65cd |
%{_datadir}/tor/defaults-torrc
|
|
|
88c65cd |
%{_datadir}/tor/geoip
|
|
|
88c65cd |
%{_unitdir}/%{name}.service
|
|
|
cb8dac3 |
|
|
|
4b2079d |
%dir %{_sysconfdir}/tor
|
|
|
2257b53 |
%config(noreplace) %{_sysconfdir}/tor/tor-tsocks.conf
|
|
|
cb8dac3 |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/tor/torrc
|
|
|
4b2079d |
%config(noreplace) %{_sysconfdir}/logrotate.d/tor
|
|
|
cb8dac3 |
|
|
|
7aa6ac5 |
%attr(0700,%{toruser},%{torgroup}) %dir %{homedir}
|
|
|
7aa6ac5 |
%attr(0700,%{toruser},%{torgroup}) %dir %{logdir}
|
|
|
4b2079d |
|
|
|
d243e33 |
|
|
|
d243e33 |
%changelog
|
|
|
6db90eb |
* Mon Mar 04 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 0.2.3.25-1802
|
|
|
6db90eb |
- add missing %%{?dist}
|
|
|
8835dc9 |
- cleanup systemd macros
|
|
|
a480cf1 |
- remove unnecessary Requires on logrotate directory
|
|
|
11a9e82 |
- change permissions of the following files/directories:
|
|
|
11a9e82 |
/var/log/tor should be owned by toranon:toranon with 0700 permissions;
|
|
|
11a9e82 |
/var/lib/tor should be owned by toranon:toranon with 0700 permissions;
|
|
|
11a9e82 |
/etc/tor/torrc should be owned by root:root with 0644 permissions;
|
|
|
c10c743 |
- remove dependency on fedora-usermgmt as it has been queued for obsoletion
|
|
|
c10c743 |
from Fedora
|
|
|
c10c743 |
- add users and groups without forcing use of uid=19 as it is not necessarily
|
|
|
c10c743 |
available, nor is it required or expected by upstream
|
|
|
c10c743 |
- do not remove users/groups in %%postun as the guidelines state:
|
|
|
c10c743 |
https://fedoraproject.org/wiki/Packaging:UsersAndGroups
|
|
|
47496d9 |
- remove tor-upstart subpackage as upstart is no longer installable within
|
|
|
47496d9 |
Fedora and renders the subpackage obsolete
|
|
|
f4dcbcb |
- amend logrotate file to match closer with upstream defaults, and removing
|
|
|
f4dcbcb |
references to several obsolete init systems
|
|
|
5217026 |
- move the tor-core subpackage back into the main tor package to match upstream
|
|
|
5217026 |
expectations and user expectations (ie, yum install tor)
|
|
|
685ebe3 |
- move the tor-systemd subpackage back into the main tor package:
|
|
|
685ebe3 |
the main tor package has a hard requirement on tor-systemd, so there is no
|
|
|
685ebe3 |
purpose for keeping tor-systemd separate from the main package
|
|
|
685ebe3 |
- remove "Requires: tor-systemd"
|
|
|
2257b53 |
- move the torify subpackage back into the main tor package to match upstream
|
|
|
2257b53 |
expectations and user expectations (ie, yum install tor)
|
|
|
2257b53 |
- remove the logic separating the documentation files for tor and torify,
|
|
|
2257b53 |
which is now no longer needed
|
|
|
2257b53 |
- use --docdir option when running %%configure
|
|
|
9060113 |
- after moving the tor-systemd and torify subpackages back into the main tor
|
|
|
9060113 |
package, the %%with_noarch macro and the associated conditionals are no
|
|
|
9060113 |
longer used so remove them
|
|
|
7aa6ac5 |
- split username global variable into separate toruser and torgroup global
|
|
|
7aa6ac5 |
variables to improve spec flexibility and ease of comprehension, as well
|
|
|
7aa6ac5 |
as matching how upstream have written their spec
|
|
|
7aa6ac5 |
- use --with-tor-user=%%toruser and --with-tor-group=%%torgroup options when
|
|
|
7aa6ac5 |
running %%configure, as recommended by upstream
|
|
|
109f25e |
- remove all modifications to the default tor configuration file so that we
|
|
|
109f25e |
can stick more closely to upstream defaults
|
|
|
109f25e |
- add /usr/share/tor/defaults-torrc file, which only contains two options:
|
|
|
109f25e |
DataDirectory /var/lib/tor
|
|
|
109f25e |
User toranon
|
|
|
109f25e |
Log notice syslog
|
|
|
109f25e |
- when starting the tor service, use the following options as recommended by
|
|
|
109f25e |
upstream: --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc
|
|
|
88c65cd |
- take a more cautious approach in the %%files section and specify filenames
|
|
|
88c65cd |
more explicitly rather than using wildcards, which also makes it easier to
|
|
|
88c65cd |
see the contents of the package
|
|
|
eb9d043 |
- the /var/run/tor directory is not needed so remove it, which also fixes
|
|
|
eb9d043 |
bug #656707
|
|
|
eb9d043 |
- use %%_localstatedir instead of %%_var
|
|
|
eb63d1e |
- add some useful comments about the Obsoletes/Provides/Requires
|
|
|
eb63d1e |
- add comments about tor.logrotate, tor.defaults-torrc and tor.systemd.service
|
|
|
b7cc561 |
- remove unnecessary custom LDFLAGS
|
|
|
b7cc561 |
- increase LimitNOFILE in tor.service from 4096 to 32768, as advised by
|
|
|
b7cc561 |
upstream: https://trac.torproject.org/projects/tor/ticket/8368#comment:4
|
|
|
64ad648 |
- remove unused files in git (verinfo and lastver)
|
|
|
64ad648 |
- change URL to HTTPS
|
|
|
64ad648 |
- remove TODO as it doesn't contain any useful information
|
|
|
64ad648 |
- disallow group read for /var/log/tor
|
|
|
c10c743 |
|
|
|
db428ae |
* Thu Feb 07 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 0.2.3.25-1801
|
|
|
db428ae |
- torify subpackage should depend on torsocks not tsocks (#908569)
|
|
|
db428ae |
|
|
|
4b2079d |
* Wed Feb 06 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 0.2.3.25-1800
|
|
|
4b2079d |
- add additional %%configure options for user and group
|
|
|
4b2079d |
- add --defaults-torrc to systemd service to make sure sane defaults are set
|
|
|
4b2079d |
unless explicitly overridden
|
|
|
4b2079d |
- remove unnecessary BuildRoot tag
|
|
|
4b2079d |
- remove unnecessary rm -rf RPM_BUILD_ROOT
|
|
|
4b2079d |
- remove unnecessary %%clean section
|
|
|
4b2079d |
- remove unnecessary defattr's
|
|
|
4b2079d |
- fix Requires for torify subpackage
|
|
|
4b2079d |
- update scriptlets to latest systemd guidelines
|
|
|
4b2079d |
- aesthetic changes to the SPEC for clarity and readability
|
|
|
4b2079d |
- remove changelog entry from different branch
|
|
|
4b2079d |
|
|
|
4b2079d |
* Sat Sep 22 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.39-1900
|
|
Enrico Scholz |
ec8df03 |
- updated to 0.2.2.29
|
|
Enrico Scholz |
ec8df03 |
- CVE-2012-4419: assertion failure when comparing an address with port
|
|
Enrico Scholz |
ec8df03 |
0 to an address policy
|
|
Enrico Scholz |
ec8df03 |
- CVE-2012-4422: assertion failure in tor_timegm()
|
|
|
4b2079d |
- use %%systemd macros
|
|
Enrico Scholz |
ec8df03 |
|
|
|
4b2079d |
* Sun Aug 19 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.38-1900
|
|
Enrico Scholz |
cb77e0b |
- updated to 0.2.2.38
|
|
Enrico Scholz |
ed84a3c |
- conditionalized upstart and disabled it by default
|
|
Enrico Scholz |
cb77e0b |
|
|
|
7680332 |
* Fri Jul 27 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.2.37-1801
|
|
|
7680332 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
7680332 |
|
|
Enrico Scholz |
9a9ab66 |
* Tue Jun 12 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.37-1800
|
|
Enrico Scholz |
9a9ab66 |
- updated to 0.2.2.37
|
|
Enrico Scholz |
9a9ab66 |
|
|
Enrico Scholz |
af2f4e5 |
* Sat May 26 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.36-1800
|
|
Enrico Scholz |
af2f4e5 |
- updated to 0.2.2.36
|
|
Enrico Scholz |
af2f4e5 |
|
|
Enrico Scholz |
ef499c0 |
* Fri Apr 13 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.35-1800
|
|
Enrico Scholz |
ef499c0 |
- build with -fPIE
|
|
Enrico Scholz |
ef499c0 |
|
|
Enrico Scholz |
3904e56 |
* Tue Mar 6 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
|
|
Enrico Scholz |
3904e56 |
- fixed urls (#800236)
|
|
Enrico Scholz |
3904e56 |
|
|
|
05756b9 |
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.2.35-1702
|
|
|
05756b9 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
05756b9 |
|
|
Enrico Scholz |
7e0533c |
* Sat Dec 17 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.35-1701
|
|
Enrico Scholz |
a491a2d |
- added 'su' logrotate option (#751525)
|
|
Enrico Scholz |
632d78c |
- fixed systemd unit file; customization of TimeoutSec + LimitNOFILE is
|
|
Enrico Scholz |
632d78c |
not possible by environment variables. Hardcode some values which can
|
|
Enrico Scholz |
632d78c |
be overridden by the systemd .include method (#755167).
|
|
Enrico Scholz |
ba4e330 |
- added systemd rule in the postrotate script
|
|
Enrico Scholz |
7e0533c |
|
|
Enrico Scholz |
b84c8ae |
* Sat Dec 17 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.35-1700
|
|
Enrico Scholz |
b84c8ae |
- updated to 0.2.2.35 (security)
|
|
Enrico Scholz |
b84c8ae |
- CVE-2011-2778: Tor heap-based buffer overflow
|
|
Enrico Scholz |
b84c8ae |
|
|
Enrico Scholz |
f87a00a |
* Fri Oct 28 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.34-1700
|
|
Enrico Scholz |
f87a00a |
- updated to 0.2.2.34; critical privacy/anonymity fixes
|
|
Enrico Scholz |
58e3d78 |
- CVE-2011-2768
|
|
Enrico Scholz |
58e3d78 |
- CVE-2011-2769
|
|
Enrico Scholz |
f87a00a |
|
|
|
1961e7a |
* Wed Oct 26 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.2.33-1701
|
|
|
1961e7a |
- Rebuilt for glibc bug#747377
|
|
|
1961e7a |
|
|
Enrico Scholz |
5e18c18 |
* Sun Sep 18 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.2.33-1700
|
|
Enrico Scholz |
5e18c18 |
- updated to 2.2.33
|
|
Enrico Scholz |
5e18c18 |
- removed -doc subpackage because shipped files are not available
|
|
Enrico Scholz |
5e18c18 |
anymore
|
|
Enrico Scholz |
5f727d8 |
- ship torify files only in torify subpackage; not in main one
|
|
Enrico Scholz |
393af75 |
- start systemd service after nss-lookup.target (#719476)
|
|
Enrico Scholz |
5e18c18 |
|
|
Enrico Scholz |
ef9e562 |
* Thu Jul 28 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.30-1700
|
|
Enrico Scholz |
ef9e562 |
- added and use systemd macros
|
|
Enrico Scholz |
ef9e562 |
|
|
Enrico Scholz |
4ac537c |
* Thu Mar 17 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.30-1601
|
|
Enrico Scholz |
5966c83 |
- made EnvironmentFile in systemd definition optional
|
|
Enrico Scholz |
1606319 |
- systemd: added Requires: for core package; made it noarch
|
|
Enrico Scholz |
5966c83 |
|
|
Enrico Scholz |
daadcbf |
* Mon Feb 28 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.30-1600
|
|
Enrico Scholz |
daadcbf |
- updated to 0.2.1.30
|
|
Enrico Scholz |
558597e |
- added 'torify' script (#669684)
|
|
Enrico Scholz |
daadcbf |
|
|
|
97c0561 |
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.1.29-1501
|
|
|
97c0561 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
97c0561 |
|
|
Enrico Scholz |
be547a2 |
* Mon Jan 17 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.29-1500
|
|
Enrico Scholz |
be547a2 |
- updated to 0.2.1.29 (SECURITY)
|
|
Enrico Scholz |
be547a2 |
- CVE-2011-0427: heap overflow bug, potential remote code execution
|
|
Enrico Scholz |
be547a2 |
|
|
Luke Macken |
5fe7ea9 |
* Tue Dec 21 2010 Luke Macken <lmacken@redhat.com> - 0.2.1.28-1502
|
|
Luke Macken |
0697cae |
- updated to 0.2.1.28 (SECURITY: fixes a remotely exploitable heap overflow bug)
|
|
Luke Macken |
0697cae |
|
|
Enrico Scholz |
b9ae613 |
* Tue Dec 7 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.27-1501
|
|
Enrico Scholz |
b9ae613 |
- replaced lsb and sysv init stuff with systemd init script
|
|
Enrico Scholz |
b9ae613 |
|
|
Enrico Scholz |
02e6842 |
* Fri Nov 26 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.27-1500
|
|
Enrico Scholz |
02e6842 |
- updated to 0.2.1.27
|
|
Enrico Scholz |
594b82e |
- added tmpfiles.d file to create %%_var/run/%%name directory in -lsb
|
|
Enrico Scholz |
fe953a1 |
- work around broken chkconfig by adding dummy Default-Start: in -lsb
|
|
Enrico Scholz |
02e6842 |
|
|
Enrico Scholz |
571c1e1 |
* Fri Nov 26 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.26-1500
|
|
Enrico Scholz |
571c1e1 |
- fixed 'limit' statement in upstart script
|
|
Enrico Scholz |
571c1e1 |
|
|
|
a6e6e58 |
* Tue Jun 1 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.26-1400
|
|
|
a6e6e58 |
- updated to 0.2.1.26
|
|
|
a6e6e58 |
- log to syslog as request by upstream (#532373#19)
|
|
|
a6e6e58 |
- removed workaround to install lsb initscript because parts of the
|
|
|
a6e6e58 |
underlying problem have been fixed in redhat-lsb and the remaining
|
|
|
a6e6e58 |
ones were solved by previous commit
|
|
|
a6e6e58 |
- removed $local_fs dependency in -lsb initscript to workaround
|
|
|
a6e6e58 |
buggy redhat-lsb; $remote_fs should imply it and has been moved to
|
|
|
a6e6e58 |
Should-Start:
|
|
|
a6e6e58 |
|
|
|
ca4ac65 |
* Tue Jun 1 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
|
|
|
ca4ac65 |
- created -doc subpackage and moved most (all) files from main into it
|
|
|
ca4ac65 |
|
|
|
81fe605 |
* Sun Mar 28 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
|
|
|
81fe605 |
- added -sysv subpackage
|
|
|
81fe605 |
|
|
|
7a32f8a |
* Thu Mar 18 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.25-1400
|
|
|
7a32f8a |
- updated to 0.2.1.25
|
|
|
7a32f8a |
|
|
|
c985ebf |
* Wed Mar 3 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.24-1402
|
|
|
c985ebf |
- removed /var/lib/tor-data dir (Chen Lei)
|
|
|
c985ebf |
|
|
|
7589c34 |
* Tue Mar 2 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.24-1401
|
|
|
7589c34 |
- require tor-core, not tor in -upstart (thx to Dave Jones)
|
|
|
7589c34 |
|
|
|
77120ad |
* Sat Feb 27 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.24-1400
|
|
|
77120ad |
- updated to 0.2.1.24
|
|
|
77120ad |
|
|
|
decf0b3 |
* Mon Feb 15 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.23-1300
|
|
|
decf0b3 |
- updated to 0.2.1.23
|
|
|
decf0b3 |
|
|
|
904ac82 |
* Thu Jan 21 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.22-1300
|
|
|
904ac82 |
- updated to 0.2.1.22
|
|
|
904ac82 |
|
|
|
a208a5d |
* Thu Dec 31 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.21-1300
|
|
|
a208a5d |
- updated to 0.2.1.21
|
|
|
a208a5d |
|
|
|
afc380d |
* Sun Dec 6 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.20-1301
|
|
|
afc380d |
- updated -upstart to upstart 0.6.3
|
|
|
afc380d |
|
|
|
fa9528a |
* Sat Nov 14 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.20-1300
|
|
|
fa9528a |
- updated URLs (#532373)
|
|
|
3732221 |
- removed (inactive) update mechanism for GeoIP data; this might
|
|
|
3732221 |
reduce anonimity (#532373)
|
|
|
3732221 |
- use the pidfile at various places in the LSB initscript to operate
|
|
|
3732221 |
on the correct process (#532373)
|
|
|
fa9528a |
- set a higher 'nofile' limit in the upstart initscript to allow fast
|
|
|
fa9528a |
relays; LSB users will have to add a 'ulimit -n' into /etc/sysconfig/tor
|
|
|
fa9528a |
to get a similar effect (#532373)
|
|
|
3732221 |
- let the LSB initscript wait until process exits within a certain
|
|
|
3732221 |
time; this fixes shutdown/restart problems when working as a server
|
|
|
3732221 |
(#532373)
|
|
|
3732221 |
- fixed initng related typo in logrotate script (#532373)
|
|
|
3732221 |
- removed <linux/netfilter_ipv4.h> hack; it is fixed upstream and/or
|
|
|
3732221 |
in the kernel sources
|
|
|
fa9528a |
- use %%postun, not %%post as a -upstart scriptlet and send INT, not
|
|
|
fa9528a |
TERM signal to stop/restart daemon
|
|
|
fa9528a |
|
|
|
30f82ed |
* Sun Oct 25 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.20-1
|
|
|
30f82ed |
- updated to 0.2.1.20
|
|
|
30f82ed |
|
|
|
324f1e3 |
* Sat Sep 12 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.19-2
|
|
|
324f1e3 |
- workaround bug in redhat-lsb (#522053)
|
|
|
324f1e3 |
|
|
|
a0a2c71 |
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.2.1.19-1
|
|
|
a0a2c71 |
- rebuilt with new openssl
|
|
|
a0a2c71 |
|
|
|
158f965 |
* Sun Aug 9 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.1.19-0
|
|
|
158f965 |
- updated to 0.2.1.19
|
|
|
158f965 |
- rediffed patches
|
|
|
158f965 |
|
|
|
deb6a8a |
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.0.35-2
|
|
|
deb6a8a |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
deb6a8a |
|
|
|
4883443 |
* Fri Jun 26 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.35-1
|
|
|
4883443 |
- updated to 0.2.0.35
|
|
|
4883443 |
- added '--quiet' to startup options (bug #495987)
|
|
|
14aa17d |
- updated %%doc entries
|
|
|
4883443 |
|
|
|
fbe5024 |
* Wed May 6 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.34-4
|
|
|
fbe5024 |
- made it easy to rebuild package in RHEL by adding a 'noarch'
|
|
|
fbe5024 |
conditional to enable/disable noarch subpackages
|
|
|
fbe5024 |
|
|
|
481b5f8 |
* Sat Mar 7 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.34-3
|
|
|
481b5f8 |
- added -upstart subpackage (-lsb still wins by default as there exists
|
|
|
481b5f8 |
no end-user friendly solution for managing upstart initscripts)
|
|
|
481b5f8 |
|
|
|
f1bcd51 |
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.0.34-2
|
|
|
f1bcd51 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
f1bcd51 |
|
|
|
ba9fc1b |
* Tue Feb 10 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.34-1
|
|
|
ba9fc1b |
- updated to 0.2.0.34 (SECURITY: fixes DoS vulnerabilities)
|
|
|
ba9fc1b |
|
|
|
4460497 |
* Thu Jan 22 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.33-1
|
|
|
4460497 |
- updated to 0.2.0.33 (SECURITY: fixed heap-corruption bug)
|
|
|
4460497 |
|
|
|
51f8f68 |
* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 0.2.0.32-2
|
|
|
51f8f68 |
- rebuild with new openssl
|
|
|
51f8f68 |
|
|
|
19c708b |
* Sun Dec 7 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.32-1
|
|
|
19c708b |
- updated to 0.2.0.32
|
|
|
19c708b |
- removed -setgroups patch; supplementary groups are now set upstream
|
|
|
19c708b |
|
|
|
2e599d2 |
* Sun Jul 20 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.2.0.30-1
|
|
|
5b8e530 |
- updated to 0.2.0.30; rediffed patches
|
|
|
2e599d2 |
- (re)enabled transparent proxy support by workarounding broken
|
|
|
2e599d2 |
<linux/netfilter_ipv4.h> header
|
|
|
2e599d2 |
- moved the 'geoip' database to /var/lib/tor-data where it can be
|
|
|
2e599d2 |
updated periodically
|
|
|
2e599d2 |
- built with -Wl,--as-needed
|
|
|
2e599d2 |
|
|
Nikolay Vladimirov |
b1da098 |
* Thu Jul 10 2008 Nikolay Vladimirov <nikolay@vladimiroff.com> - 0.1.2.19-3
|
|
Nikolay Vladimirov |
b1da098 |
- rebuild for new libevent
|
|
Nikolay Vladimirov |
b1da098 |
|
|
|
e98ad5b |
* Wed Feb 13 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.19-2
|
|
|
e98ad5b |
- added 'missingok' to logrotate script (#429402)
|
|
|
e98ad5b |
|
|
|
ae3a018 |
* Tue Feb 12 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.19-1
|
|
|
ae3a018 |
- updated to 0.1.2.19
|
|
|
ae3a018 |
- use file based BR for latex
|
|
|
ae3a018 |
- improved 'status' method of initscript to return rc of 'pidofproc'
|
|
|
ae3a018 |
instead of doing further manual tests. Calling 'pidofproc' directly
|
|
|
ae3a018 |
instead of within a subshell should workaround #432254 too.
|
|
|
ae3a018 |
|
|
|
e740077 |
* Sat Jan 26 2008 Alex Lancaster <alexlan[AT]fedoraproject org> - 0.1.2.18-4
|
|
|
e740077 |
- Update BuildRequires: tex(latex),
|
|
|
e740077 |
- BR: texlive-texmf-fonts seems also to be necessary
|
|
|
e740077 |
|
|
|
e740077 |
* Sat Jan 26 2008 Alex Lancaster <alexlan[AT]fedoraproject org> - 0.1.2.18-3
|
|
|
50e64c3 |
- Rebuild for new libevent.
|
|
|
50e64c3 |
|
|
|
bbc2d14 |
* Thu Dec 06 2007 Release Engineering <rel-eng at fedoraproject dot org> - 0.1.2.18-2
|
|
|
bbc2d14 |
- Rebuild for deps
|
|
|
bbc2d14 |
|
|
|
740a459 |
* Tue Oct 30 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.18-1
|
|
|
740a459 |
- updated to 0.1.2.18
|
|
|
740a459 |
|
|
|
cbea9b1 |
* Fri Aug 31 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.17-1
|
|
|
cbea9b1 |
- updated to 0.1.2.17
|
|
|
cbea9b1 |
|
|
|
1f89aa3 |
* Sat Aug 25 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.16-2
|
|
|
1f89aa3 |
- fixed open(2) issue
|
|
|
1f89aa3 |
|
|
|
17039a9 |
* Fri Aug 3 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.16-1
|
|
|
17039a9 |
- updated to 0.1.2.16 (SECURITY)
|
|
|
17039a9 |
|
|
|
03d84ae |
* Sat Jul 28 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.15-1
|
|
|
03d84ae |
- updated to 0.1.2.15
|
|
|
03d84ae |
|
|
|
9a4d761 |
* Sat May 26 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.14-1
|
|
|
9a4d761 |
- updated to 0.1.2.14
|
|
|
9a4d761 |
|
|
|
126c378 |
* Wed Apr 25 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.2.13-1
|
|
|
126c378 |
- updated to 0.1.2.13
|
|
|
126c378 |
- minor cleanups; especially in the %%doc section
|
|
|
126c378 |
|
|
|
f5249f3 |
* Sun Apr 8 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.26-4
|
|
|
f5249f3 |
- rebuilt for (yet another) new libevent
|
|
|
f5249f3 |
|
|
|
632808c |
* Mon Feb 26 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.26-3
|
|
|
632808c |
- rebuilt for new libevent
|
|
|
632808c |
|
|
|
36321bd |
* Wed Jan 24 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.26-2
|
|
|
36321bd |
- updated -setgroups patch (#224090, thx to Sami Farin)
|
|
|
36321bd |
|
|
|
1ed7ca9 |
* Sun Dec 17 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.26-1
|
|
|
1ed7ca9 |
- updated to 0.1.1.26 (SECURITY)
|
|
|
1ed7ca9 |
- do not turn on logging by default; it's easier to say "we do not log
|
|
|
1ed7ca9 |
anything" to the police instead of enumerating the logged event
|
|
|
1ed7ca9 |
classes and trying to explain that they do not contain any valuable
|
|
|
1ed7ca9 |
information
|
|
|
1ed7ca9 |
|
|
|
1ed7ca9 |
* Sun Nov 12 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.25-1
|
|
|
1ed7ca9 |
- updated to 0.1.1.25
|
|
|
1ed7ca9 |
|
|
|
965ed04 |
* Thu Oct 5 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.24-1
|
|
|
965ed04 |
- updated to 0.1.1.24
|
|
|
965ed04 |
|
|
|
c1d09ab |
* Sat Sep 30 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-5
|
|
|
c1d09ab |
- updated to recent fedora-usermgmt
|
|
|
c1d09ab |
- minor cleanups
|
|
|
c1d09ab |
- require only 'lsb-core-noarch' instead of whole 'lsb'
|
|
|
c1d09ab |
|
|
|
3959dc5 |
* Tue Sep 26 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-4
|
|
|
3959dc5 |
- first FE release (review #175433)
|
|
|
3959dc5 |
|
|
|
d243e33 |
* Mon Sep 25 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-3
|
|
|
d243e33 |
- removed '.have-lsb' and related logic in logrotate script; check for
|
|
|
d243e33 |
existence of the corresponding initscript instead of
|
|
|
d243e33 |
- fixed bare '%%' in changelog section
|
|
|
d243e33 |
|
|
|
d243e33 |
* Thu Sep 21 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-2
|
|
|
d243e33 |
- simplified things yet more and removed tsocks/torify too
|
|
|
d243e33 |
- build -lsb unconditionally
|
|
|
d243e33 |
|
|
|
d243e33 |
* Thu Sep 21 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-1
|
|
|
d243e33 |
- simplified spec file and removed -initng and -minit stuff
|
|
|
d243e33 |
|
|
|
d243e33 |
* Sun Aug 13 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.23-0
|
|
|
d243e33 |
- updated to 0.1.1.23
|
|
|
d243e33 |
|
|
|
d243e33 |
* Sat Jul 8 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.22-0
|
|
|
d243e33 |
- updated to 0.1.1.22
|
|
|
d243e33 |
|
|
|
d243e33 |
* Tue Jun 13 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.21-0
|
|
|
d243e33 |
- updated to 0.1.1.21
|
|
|
d243e33 |
|
|
|
d243e33 |
* Wed May 24 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.1.20-0
|
|
|
d243e33 |
- updated to 0.1.1.20; adjusted %%doc file-list
|
|
|
d243e33 |
- added (optional) -tsocks subpackage
|
|
|
d243e33 |
- use the more modern %%bcond_with* for specifying optional features
|
|
|
d243e33 |
|
|
|
d243e33 |
* Sun Feb 19 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.17-0
|
|
|
d243e33 |
- updated to 0.1.0.17
|
|
|
d243e33 |
|
|
|
d243e33 |
* Mon Jan 30 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.16-0.1
|
|
|
d243e33 |
- renamed the current main-package into a '-core' subpackage and
|
|
|
d243e33 |
created a new main-package which requires both the 'tor-core'
|
|
|
d243e33 |
subpackage and this with the current default init-method. This
|
|
|
d243e33 |
allows 'yum install tor' to work better; because yum is not very
|
|
|
d243e33 |
smart, the old packaging might install unwanted packages else.
|
|
|
d243e33 |
|
|
|
d243e33 |
* Wed Jan 4 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.16-0
|
|
|
d243e33 |
- updated to 0.1.0.16
|
|
|
d243e33 |
|
|
|
d243e33 |
* Fri Dec 23 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1.11
|
|
|
d243e33 |
- reworked the 'setgroups' patch so that 'tor' survives a SIGHUP
|
|
|
d243e33 |
- (re)added the 'reload' functionality to the lsb initscript and use
|
|
|
d243e33 |
it in logrotate
|
|
|
d243e33 |
|
|
|
d243e33 |
* Fri Dec 23 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1.8
|
|
|
d243e33 |
- added ChangeLog to %%doc
|
|
|
d243e33 |
- made torrc not world-readable
|
|
|
d243e33 |
- added logrotate script
|
|
|
d243e33 |
|
|
|
d243e33 |
* Thu Dec 22 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1.4
|
|
|
d243e33 |
- updated initng scripts to initng-0.4.8 syntax
|
|
|
d243e33 |
- tweaked some Requires(...):
|
|
|
d243e33 |
- added ghostscript BuildRequires:
|
|
|
d243e33 |
- install initng scripts into the correct dir
|
|
|
d243e33 |
|
|
|
d243e33 |
* Thu Dec 15 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1.2
|
|
|
d243e33 |
- use relative UID of 19 instead of 18 due to conflicts with the
|
|
|
d243e33 |
'munin' package
|
|
|
d243e33 |
|
|
|
d243e33 |
* Wed Dec 14 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1.1
|
|
|
d243e33 |
- added -minit subpackage
|
|
|
d243e33 |
|
|
|
d243e33 |
* Sat Dec 10 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 0.1.0.15-1
|
|
|
d243e33 |
- initial build
|