[Bug 175433] Review Request: tor - Anonymizing overlay network for TCP (The onion router)

Wed Jan 18 01:47:18 UTC 2006

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: tor - Anonymizing overlay network for TCP (The onion router)

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175433

------- Additional Comments From paul at xtdnet.nl  2006-01-17 20:47 EST -------
I still see a file being created in the spec file:

%prep
%setup -q
%patch0 -p1 -b .setgroups

sed -i -e 's!^\# *\(Log notice file \)!\1!;
           s!^\(\# *\)\?DataDirectory .*!DataDirectory %homedir/.tor!'
src/config/torrc.sample.in
cat <<EOF >>src/config/torrc.sample.in
Group %username
User  %username
EOF

I think that should be a separate SOURCE file.

It uses a harcoded user/group id of 19. I am not sure what the official policy
is for creating users, but I don't think it is needed to create them with a
globally set userid, since tor does not span its files over multiple servers.
Just giving the toranon user /sbin/nologin, as already done, should be enough.
Perhaps there is some "fedora registry" and some policy somewhere for requesting
static userids? 

BuildRequires has libevent-devel, but Requires does not (because it is using
libevent statically linked, which is against fedora policies. (I did inform
Roger, the main tor developer, of this as well. they should not do this). This
needs to be fixed. see further:
https://www.redhat.com/archives/fedora-extras-list/2005-November/msg00386.html

I dont think circular dependancies are cool. Currently "tor" requires "tor-lsb"
and "tor-lsb" requires "tor". I thnk as an FE package, the initscripts should
just come with the tor package. If FC/FE migrates to another system, it can be
changed later with everything else.

source1 (the gpg signature) is defined but not used. It should probably either
not be defined, or it should be used to actualy gpg check the source file in the
prep stage.

Missing chkconfig --add / --delete in %post, %prun, %postun
Missing: Requires(post): /sbin/chkconfig
Missing: Requires(preun): /sbin/chkconfig, /sbin/service
Missing: Requires(postun): /sbin/service

The username/group toranon is good and will prevent conflicts with the common
name tor.

Daemon correctly ony listens on localhost in the default configuration.

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.