#! /bin/bash ### BEGIN INIT INFO # Provides: tor # Required-Start: $local_fs $remote_fs $network $named $time # Required-Stop: $local_fs $remote_fs $network $named $time # Should-Start: $syslog # Should-Stop: $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Starts The Onion Router daemon processes # Description: Start The Onion Router, a TCP overlay # network client that provides anonymous # transport. ### END INIT INFO # Load the VERBOSE setting and other rcS variables . /lib/init/vars.sh # Define LSB log_* functions. . /lib/lsb/init-functions PATH=/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/bin/tor NAME=tor DESC="tor daemon" TORLOGDIR=/var/log/tor TORPIDDIR=/var/run/tor TORPID=$TORPIDDIR/tor.pid DEFAULTSFILE=/etc/default/$NAME WAITFORDAEMON=60 DEFAULT_ARGS="--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" VERIFY_ARGS="--verify-config $DEFAULT_ARGS" USE_AA_EXEC="yes" ARGS="" if [ "${VERBOSE:-}" != "yes" ]; then ARGS="$ARGS --hush" fi # Let's try to figure our some sane defaults: if [ -r /proc/sys/fs/file-max ]; then system_max=`cat /proc/sys/fs/file-max` if [ "$system_max" -gt "80000" ] ; then MAX_FILEDESCRIPTORS=32768 elif [ "$system_max" -gt "40000" ] ; then MAX_FILEDESCRIPTORS=16384 elif [ "$system_max" -gt "10000" ] ; then MAX_FILEDESCRIPTORS=8192 else MAX_FILEDESCRIPTORS=1024 cat << EOF Warning: Your system has very few filedescriptors available in total. Maybe you should try raising that by adding 'fs.file-max=100000' to your /etc/sysctl.conf file. Feel free to pick any number that you deem appropriate. Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and file-nr in the same directory for how many of those are used at the moment. EOF fi else MAX_FILEDESCRIPTORS=8192 fi NICE="" test -x $DAEMON || exit 0 # Include tor defaults if available if [ -f $DEFAULTSFILE ] ; then . $DEFAULTSFILE fi wait_for_deaddaemon () { pid=$1 sleep 1 if test -n "$pid" then if kill -0 $pid 2>/dev/null then cnt=0 while kill -0 $pid 2>/dev/null do cnt=`expr $cnt + 1` if [ $cnt -gt $WAITFORDAEMON ] then log_action_end_msg 1 "still running" exit 1 fi sleep 1 [ "`expr $cnt % 3`" != 2 ] || log_action_cont_msg "" done fi fi log_action_end_msg 0 } check_torpiddir () { if test ! -d $TORPIDDIR; then mkdir -m 02750 "$TORPIDDIR" chown debian-tor:debian-tor "$TORPIDDIR" ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" fi if test ! -x $TORPIDDIR; then log_action_end_msg 1 "cannot access $TORPIDDIR directory, are you root?" exit 1 fi } check_torlogdir () { if test ! -d $TORLOGDIR; then mkdir -m 02750 "$TORLOGDIR" chown debian-tor:adm "$TORLOGDIR" ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" fi } check_config () { if ! $DAEMON $VERIFY_ARGS > /dev/null; then log_failure_msg "Checking if $NAME configuration is valid" $DAEMON $VERIFY_ARGS >&2 exit 1 fi } case "$1" in start) if [ "$RUN_DAEMON" != "yes" ]; then log_action_msg "Not starting $DESC (Disabled in $DEFAULTSFILE)." exit 0 fi if [ -n "$MAX_FILEDESCRIPTORS" ]; then [ "${VERBOSE:-}" != "yes" ] || log_action_begin_msg "Raising maximum number of filedescriptors (ulimit -n) for tor to $MAX_FILEDESCRIPTORS" if ulimit -n "$MAX_FILEDESCRIPTORS" ; then [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 0 else [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 1 fi fi check_torpiddir check_torlogdir check_config log_action_begin_msg "Starting $DESC" if start-stop-daemon --stop --signal 0 --quiet --pidfile $TORPID --exec $DAEMON; then log_action_end_msg 0 "already running" else if [ "$USE_AA_EXEC" = "yes" ] && [ -x /usr/sbin/aa-status ] && \ [ -x /usr/sbin/aa-exec ] && \ [ -e /etc/apparmor.d/system_tor ] && \ /usr/sbin/aa-status --enabled ; then AA_EXEC="--startas /usr/sbin/aa-exec" AA_EXEC_ARGS="--profile=system_tor -- $DAEMON" else AA_EXEC="" AA_EXEC_ARGS="" fi if start-stop-daemon --start --quiet \ --pidfile $TORPID \ $NICE \ $AA_EXEC \ --exec $DAEMON -- $AA_EXEC_ARGS $DEFAULT_ARGS $ARGS then log_action_end_msg 0 else log_action_end_msg 1 exit 1 fi fi ;; stop) log_action_begin_msg "Stopping $DESC" pid=`cat $TORPID 2>/dev/null` || true if test ! -f $TORPID -o -z "$pid"; then log_action_end_msg 0 "not running - there is no $TORPID" exit 0 fi if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then wait_for_deaddaemon $pid elif kill -0 $pid 2>/dev/null; then log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" exit 1 else log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" exit 1 fi ;; reload|force-reload) check_config log_action_begin_msg "Reloading $DESC configuration" pid=`cat $TORPID 2>/dev/null` || true if test ! -f $TORPID -o -z "$pid"; then log_action_end_msg 1 "not running - there is no $TORPID" exit 1 fi if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON then log_action_end_msg 0 elif kill -0 $pid 2>/dev/null; then log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" exit 1 else log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" exit 1 fi ;; restart) check_config $0 stop sleep 1 $0 start ;; status) if test ! -r $(dirname $TORPID); then log_failure_msg "cannot read PID file $TORPID" exit 4 fi pid=`cat $TORPID 2>/dev/null` || true if test ! -f $TORPID -o -z "$pid"; then log_failure_msg "$NAME is not running" exit 3 fi if ps "$pid" >/dev/null 2>&1; then log_success_msg "$NAME is running" exit 0 else log_failure_msg "$NAME is not running" exit 1 fi ;; *) log_action_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}" >&2 exit 1 ;; esac exit 0