security/arti: Fix rc.d service using daemon, update URL

This commit is contained in:
Carlo Strub 2022-09-25 18:21:15 +02:00
parent f095bf66ba
commit 918612d6fe
5 changed files with 46 additions and 26 deletions

2
GIDs
View File

@ -251,7 +251,7 @@ jicofo:*:307:jitsi
jvb:*:308:jitsi
wazuh:*:309:
cardano:*:310:
# free: 311
_arti:*:311:
_sphinx:*:312:
_fastdfs:*:313:
# free: 314

2
UIDs
View File

@ -256,7 +256,7 @@ jicofo:*:307:307::0:0:Jitsi Conference Focus Owner:/nonexistent:/usr/sbin/nologi
jvb:*:308:308::0:0:Jitsi VideoBridge Owner:/nonexistent:/usr/sbin/nologin
wazuh:*:309:309::0:0:Wazuh Owner:/var/ossec:/usr/sbin/nologin
cardano:*:310:310::0:0:Cardano Node Daemon:/nonexistent:/usr/sbin/nologin
# free: 311
_arti:*:311:311::0:0:Arti Daemon:/nonexistent:/usr/sbin/nologin
_sphinx:*:312:312::0:0:Sphinxsearch Owner:/nonexistent:/usr/sbin/nologin
_fastdfs:*:313:313::0:0:FastDFS Owner:/nonexistent:/usr/sbin/nologin
# free: 314

View File

@ -1,19 +1,20 @@
PORTNAME= arti
DISTVERSION= 1.0.0
PORTREVISION= 1
CATEGORIES= security
MAINTAINER= cs@FreeBSD.org
COMMENT= Implementation of Tor, in Rust
WWW= https://gitlab.torproject.org/tpo/core/arti/
WWW= https://arti.torproject.org/
LICENSE= MIT
USES= cargo sqlite ssl
USE_RC_SUBR= arti
#GROUPS= _arti
#USERS= _arti
#SUB_LIST= USER="${USERS}" GROUP="${GROUPS}"
#PLIST_SUB= USER="${USERS}" GROUP="${GROUPS}"
GROUPS= _arti
USERS= _arti
SUB_LIST= USERS="${USERS}" GROUPS="${GROUPS}"
PLIST_SUB= USERS="${USERS}" GROUPS="${GROUPS}"
USE_GITLAB= yes
GL_SITE= https://gitlab.torproject.org
GL_ACCOUNT= tpo/core

View File

@ -1,37 +1,54 @@
#!/bin/sh
# $FreeBSD$
#
# PROVIDE: arti
# REQUIRE: LOGIN
# KEYWORD: shutdown
# REQUIRE: DAEMON FILESYSTEMS
# BEFORE: LOGIN
#
# Add these lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# arti_enable (bool): Set to NO by default.
# Set it to YES to enable arti.
# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.cf
# arti_config (path): Set to %%PREFIX%%/etc/arti/arti.toml
# by default.
# arti_user (str): Arti daemon user. Default: %%USER%%
# arti_pidfile (str): Arti pid file. Default: /var/run/arti/arti.pid
# arti_user (str): Arti daemon user. Default: %%USERS%%
# arti_group (str): Arti daemon group. Default: %%GROUPS%%
. /etc/rc.subr
name=arti
rcvar=arti_enable
name="arti"
rcvar="arti_enable"
load_rc_config $name
: ${arti_enable:="NO"}
: ${arti_config="%%PREFIX%%/etc/arti/arti.toml"}
: ${arti_pidfile="/var/run/arti/arti.pid"}
: ${arti_logfile="/var/log/arti/arti.log"}
: ${arti_user="%%USERS%%"}
: ${arti_group="%%GROUPS%%"}
command=/usr/sbin/daemon
arti=%%PREFIX%%/bin/${name}
pidfiledir="/var/run/${name}"
pidfile="${pidfiledir}/${name}.pid"
logfiledir="/var/log/${name}"
logfile="${logfiledir}/${name}.log"
dbfiledir="/var/db/${name}"
command="/usr/sbin/daemon"
procname="%%PREFIX%%/bin/${name}"
command_args="-f -o $arti_logfile -P $arti_pidfile $arti proxy -c $arti_config"
command_args="-f -o $logfile -p $pidfile $procname proxy --config $arti_config"
start_precmd="${name}_prestart"
arti_prestart()
{
if [ ! -d ${pidfiledir} ]; then
install -d -o ${arti_user} -g ${arti_group} ${pidfiledir}
fi
if [ ! -d ${logfiledir} ]; then
install -d -o ${arti_user} -g ${arti_group} ${logfiledir}
fi
if [ ! -d ${dbfiledir} ]; then
install -d -o ${arti_user} -g ${arti_group} ${dbfiledir}
fi
}
run_rc_command "$1"

View File

@ -1,11 +1,13 @@
--- crates/arti/src/arti-example-config.toml.orig 2022-05-29 12:30:55 UTC
--- crates/arti/src/arti-example-config.toml.orig 2022-09-25 15:06:18 UTC
+++ crates/arti/src/arti-example-config.toml
@@ -62,7 +62,7 @@
@@ -86,8 +86,8 @@
#
# The state directory is not yet used.
[storage]
-#cache_dir = "${ARTI_CACHE}"
+cache_dir = "/var/db/arti"
#state_dir = "${ARTI_LOCAL_DATA}"
-#state_dir = "${ARTI_LOCAL_DATA}"
+cache_dir = "/var/db/arti/"
+state_dir = "/var/db/arti/"
# Describe how to enforce permissions on the filesystem when accessing the cache
# and state directories. (This does not apply to configuration files)