You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
253 lines
5.9 KiB
253 lines
5.9 KiB
#! /bin/bash
|
|
|
|
### BEGIN INIT INFO
|
|
# Provides: tor
|
|
# Required-Start: $local_fs $remote_fs $network $named $time
|
|
# Required-Stop: $local_fs $remote_fs $network $named $time
|
|
# Should-Start: $syslog
|
|
# Should-Stop: $syslog
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: Starts The Onion Router daemon processes
|
|
# Description: Start The Onion Router, a TCP overlay
|
|
# network client that provides anonymous
|
|
# transport.
|
|
### END INIT INFO
|
|
|
|
# Load the VERBOSE setting and other rcS variables
|
|
. /lib/init/vars.sh
|
|
|
|
# Define LSB log_* functions.
|
|
. /lib/lsb/init-functions
|
|
|
|
PATH=/sbin:/bin:/usr/sbin:/usr/bin
|
|
DAEMON=/usr/bin/tor
|
|
NAME=tor
|
|
DESC="tor daemon"
|
|
TORLOGDIR=/var/log/tor
|
|
TORPIDDIR=/var/run/tor
|
|
TORPID=$TORPIDDIR/tor.pid
|
|
DEFAULTSFILE=/etc/default/$NAME
|
|
WAITFORDAEMON=60
|
|
DEFAULT_ARGS="--defaults-torrc /usr/share/tor/tor-service-defaults-torrc"
|
|
VERIFY_ARGS="--verify-config $DEFAULT_ARGS"
|
|
USE_AA_EXEC="yes"
|
|
ARGS=""
|
|
if [ "${VERBOSE:-}" != "yes" ]; then
|
|
ARGS="$ARGS --hush"
|
|
fi
|
|
|
|
# Let's try to figure our some sane defaults:
|
|
if [ -r /proc/sys/fs/file-max ]; then
|
|
system_max=`cat /proc/sys/fs/file-max`
|
|
if [ "$system_max" -gt "80000" ] ; then
|
|
MAX_FILEDESCRIPTORS=32768
|
|
elif [ "$system_max" -gt "40000" ] ; then
|
|
MAX_FILEDESCRIPTORS=16384
|
|
elif [ "$system_max" -gt "10000" ] ; then
|
|
MAX_FILEDESCRIPTORS=8192
|
|
else
|
|
MAX_FILEDESCRIPTORS=1024
|
|
cat << EOF
|
|
|
|
Warning: Your system has very few filedescriptors available in total.
|
|
|
|
Maybe you should try raising that by adding 'fs.file-max=100000' to your
|
|
/etc/sysctl.conf file. Feel free to pick any number that you deem appropriate.
|
|
Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and
|
|
file-nr in the same directory for how many of those are used at the moment.
|
|
|
|
EOF
|
|
fi
|
|
else
|
|
MAX_FILEDESCRIPTORS=8192
|
|
fi
|
|
|
|
NICE=""
|
|
|
|
test -x $DAEMON || exit 0
|
|
|
|
# Include tor defaults if available
|
|
if [ -f $DEFAULTSFILE ] ; then
|
|
. $DEFAULTSFILE
|
|
fi
|
|
|
|
wait_for_deaddaemon () {
|
|
pid=$1
|
|
sleep 1
|
|
if test -n "$pid"
|
|
then
|
|
if kill -0 $pid 2>/dev/null
|
|
then
|
|
cnt=0
|
|
while kill -0 $pid 2>/dev/null
|
|
do
|
|
cnt=`expr $cnt + 1`
|
|
if [ $cnt -gt $WAITFORDAEMON ]
|
|
then
|
|
log_action_end_msg 1 "still running"
|
|
exit 1
|
|
fi
|
|
sleep 1
|
|
[ "`expr $cnt % 3`" != 2 ] || log_action_cont_msg ""
|
|
done
|
|
fi
|
|
fi
|
|
log_action_end_msg 0
|
|
}
|
|
|
|
|
|
check_torpiddir () {
|
|
if test ! -d $TORPIDDIR; then
|
|
mkdir -m 02750 "$TORPIDDIR"
|
|
chown debian-tor:debian-tor "$TORPIDDIR"
|
|
! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR"
|
|
fi
|
|
|
|
if test ! -x $TORPIDDIR; then
|
|
log_action_end_msg 1 "cannot access $TORPIDDIR directory, are you root?"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
check_torlogdir () {
|
|
if test ! -d $TORLOGDIR; then
|
|
mkdir -m 02750 "$TORLOGDIR"
|
|
chown debian-tor:adm "$TORLOGDIR"
|
|
! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR"
|
|
fi
|
|
}
|
|
|
|
|
|
check_config () {
|
|
if ! $DAEMON $VERIFY_ARGS > /dev/null; then
|
|
log_failure_msg "Checking if $NAME configuration is valid"
|
|
$DAEMON $VERIFY_ARGS >&2
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
|
|
case "$1" in
|
|
start)
|
|
if [ "$RUN_DAEMON" != "yes" ]; then
|
|
log_action_msg "Not starting $DESC (Disabled in $DEFAULTSFILE)."
|
|
exit 0
|
|
fi
|
|
|
|
if [ -n "$MAX_FILEDESCRIPTORS" ]; then
|
|
[ "${VERBOSE:-}" != "yes" ] || log_action_begin_msg "Raising maximum number of filedescriptors (ulimit -n) for tor to $MAX_FILEDESCRIPTORS"
|
|
if ulimit -n "$MAX_FILEDESCRIPTORS" ; then
|
|
[ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 0
|
|
else
|
|
[ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 1
|
|
fi
|
|
fi
|
|
|
|
check_torpiddir
|
|
check_torlogdir
|
|
check_config
|
|
|
|
log_action_begin_msg "Starting $DESC"
|
|
|
|
if start-stop-daemon --stop --signal 0 --quiet --pidfile $TORPID --exec $DAEMON; then
|
|
log_action_end_msg 0 "already running"
|
|
else
|
|
if [ "$USE_AA_EXEC" = "yes" ] &&
|
|
[ -x /usr/sbin/aa-status ] && \
|
|
[ -x /usr/sbin/aa-exec ] && \
|
|
[ -e /etc/apparmor.d/system_tor ] && \
|
|
/usr/sbin/aa-status --enabled ; then
|
|
AA_EXEC="--startas /usr/sbin/aa-exec"
|
|
AA_EXEC_ARGS="--profile=system_tor -- $DAEMON"
|
|
else
|
|
AA_EXEC=""
|
|
AA_EXEC_ARGS=""
|
|
fi
|
|
if start-stop-daemon --start --quiet \
|
|
--pidfile $TORPID \
|
|
$NICE \
|
|
$AA_EXEC \
|
|
--exec $DAEMON -- $AA_EXEC_ARGS $DEFAULT_ARGS $ARGS
|
|
then
|
|
log_action_end_msg 0
|
|
else
|
|
log_action_end_msg 1
|
|
exit 1
|
|
fi
|
|
fi
|
|
;;
|
|
stop)
|
|
log_action_begin_msg "Stopping $DESC"
|
|
pid=`cat $TORPID 2>/dev/null` || true
|
|
|
|
if test ! -f $TORPID -o -z "$pid"; then
|
|
log_action_end_msg 0 "not running - there is no $TORPID"
|
|
exit 0
|
|
fi
|
|
|
|
if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then
|
|
wait_for_deaddaemon $pid
|
|
elif kill -0 $pid 2>/dev/null; then
|
|
log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?"
|
|
exit 1
|
|
else
|
|
log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied"
|
|
exit 1
|
|
fi
|
|
;;
|
|
reload|force-reload)
|
|
check_config
|
|
|
|
log_action_begin_msg "Reloading $DESC configuration"
|
|
pid=`cat $TORPID 2>/dev/null` || true
|
|
|
|
if test ! -f $TORPID -o -z "$pid"; then
|
|
log_action_end_msg 1 "not running - there is no $TORPID"
|
|
exit 1
|
|
fi
|
|
|
|
if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON
|
|
then
|
|
log_action_end_msg 0
|
|
elif kill -0 $pid 2>/dev/null; then
|
|
log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?"
|
|
exit 1
|
|
else
|
|
log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied"
|
|
exit 1
|
|
fi
|
|
;;
|
|
restart)
|
|
check_config
|
|
|
|
$0 stop
|
|
sleep 1
|
|
$0 start
|
|
;;
|
|
status)
|
|
if test ! -r $(dirname $TORPID); then
|
|
log_failure_msg "cannot read PID file $TORPID"
|
|
exit 4
|
|
fi
|
|
pid=`cat $TORPID 2>/dev/null` || true
|
|
if test ! -f $TORPID -o -z "$pid"; then
|
|
log_failure_msg "$NAME is not running"
|
|
exit 3
|
|
fi
|
|
if ps "$pid" >/dev/null 2>&1; then
|
|
log_success_msg "$NAME is running"
|
|
exit 0
|
|
else
|
|
log_failure_msg "$NAME is not running"
|
|
exit 1
|
|
fi
|
|
;;
|
|
*)
|
|
log_action_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}" >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
exit 0
|