Re: [Tails-dev] Persistent torrc [Was: Tails Server: updated…

このメッセージを削除

このメッセージに返信
著者: segfault
日付:  
To: The Tails public development discussion list
古いトピック: Re: [Tails-dev] Tails Server: updated plan and GSoC!
題目: Re: [Tails-dev] Persistent torrc [Was: Tails Server: updated plan and GSoC!]
anonym:
> [...]
> One thing to note about the mumble-server script is the "little
> bind-mount trick" used to workaround Tor's AppArmor confinement. We
> won't have that problem, I think. I did that so that all things we want
> to make persistent for mumble-server lives in the same directory on the
> persistent media, i.e. both Tor's HS bits, and mumble-server's data. We
> certainly can do better by making these two separate, e.g. we make
> /var/lib/tor/hs persistent and store all HS bits there, and then make
> another directory outside of this persistent for the service
> configuration/data bits.


I ran into this problem today. To make it possible to use both ephemeral
services and persistent services at the same time, I can't simply add
all services to /etc/tor/torrc and make it persistent, because then
obviously all hidden services would be persistent. Sadly, we don't have
/etc/torrc.d yet. So instead I chose to use the
/usr/share/tor/tor-service-defaults-torrc for the persistent services
and /etc/tor/torrc for the ephemeral ones.

I wrote some code to make single files persistent by creating a new
directory in TailsData_unlocked, moving the file into it and adding the
directory to the persistence.conf with type "link". I think this a
pretty ugly solution.

Now the problem is that the AppArmor confinement doesn't allow Tor to
use this symlink, because it points to a file outside of the allowed Tor
directories.

I could make the whole directory /etc/torrc or /usr/share/tor
persistent, but this would make some other files persistent too. I think
it would be problematic if a future release contains important changes
on any these files. Actually, this would also be problematic if we only
make one of the torrc files persistent and there would be important
changes to it.

I could make this persistence feature even more ugly by creating a
subdirectory in /usr/share/tor/, making this subdirectory persistent,
then creating a symlink to it to TailsData_unlocked, putting the
tor-service-defaults-torrc in it and adding it to the persistence.conf
with type "link" to link the tor-service-defaults-torrc to /usr/share/tor.

I think the best way would be to implement the torrc.d feature and/or
the bind-mounting-regular-files feature.