Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: f00221d0eb75
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 5bd12c694bfe
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Apr 18, 2018

  1. nixos/tor: use RuntimeDirectory, StateDirectory (#39083)

    @dotlambda
    dotlambda authored Apr 18, 2018
    Copy the full SHA
    5bd12c6 View commit details
Showing with 4 additions and 6 deletions.
  1. +4 −6 nixos/modules/services/security/tor.nix
10 changes: 4 additions & 6 deletions nixos/modules/services/security/tor.nix
View file
Original file line number Diff line number Diff line change
@@ -703,14 +703,10 @@ in
after = [ "network.target" ];
restartTriggers = [ torRcFile ];

# Translated from the upstream contrib/dist/tor.service.in
preStart = ''
install -o tor -g tor -d ${torDirectory}/onion ${torRunDirectory}
${pkgs.tor}/bin/tor -f ${torRcFile} --verify-config
'';

serviceConfig =
{ Type = "simple";
# Translated from the upstream contrib/dist/tor.service.in
ExecStartPre = "${pkgs.tor}/bin/tor -f ${torRcFile} --verify-config";
ExecStart = "${pkgs.tor}/bin/tor -f ${torRcFile} --RunAsDaemon 0";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
KillSignal = "SIGINT";
@@ -725,6 +721,8 @@ in
# DeviceAllow /dev/urandom r
# .. but we can't specify DeviceAllow multiple times. 'closed'
# is close enough.
RuntimeDirectory = "tor";
StateDirectory = [ "tor" "tor/onion" ];
PrivateTmp = "yes";
DevicePolicy = "closed";
InaccessibleDirectories = "/home";