Commit 60429473 authored by intrigeri's avatar intrigeri

Manage the flag file that indicates that Tor has bootstrapped via a dedicated...

Manage the flag file that indicates that Tor has bootstrapped via a dedicated unit file, that deletes the file whenever Tor is stopped, so that Onion Circuits stops pretending that Tor is still up.

refs: #9002
parent 8bf5f477
......@@ -44,6 +44,7 @@ systemctl enable tails-sdmem-on-media-removal.service
systemctl enable tails-set-wireless-devices-state.service
systemctl enable tails-tor-has-bootstrapped.target
systemctl enable tails-wait-until-tor-has-bootstrapped.service
systemctl enable tails-tor-has-bootstrapped-flag-file.service
systemctl enable tor-controlport-filter.service
# Enable our own systemd user unit files
......
[Unit]
Description=Manage the flag file that indicates whether Tor has bootstrapped
Documentation=https://tails.boum.org/contribute/design/
After=tails-wait-until-tor-has-bootstrapped.service
PartOf=tails-tor-has-bootstrapped.target
[Service]
Type=oneshot
RemainAfterExit=yes
User=debian-tor
ExecStart=/bin/touch /run/tor-has-bootstrapped/done
ExecStop=/bin/rm -f /run/tor-has-bootstrapped/done
CapabilityBoundingSet=
PrivateDevices=yes
PrivateNetwork=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
[Install]
WantedBy=tails-tor-has-bootstrapped.target
......@@ -7,12 +7,10 @@ Before=tails-tor-has-bootstrapped.target
[Service]
Type=oneshot
User=debian-tor
ExecStartPre=/bin/rm -f /run/tor-has-bootstrapped/done
ExecStart=/bin/sh -c '. /usr/local/lib/tails-shell-library/tor.sh ; \
while ! tor_is_working ; do \
/bin/sleep 1 ; \
done'
ExecStartPost=/bin/touch /run/tor-has-bootstrapped/done
TimeoutStartSec=0
CapabilityBoundingSet=
PrivateDevices=yes
......
......@@ -995,6 +995,7 @@ browser anyway:
- [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/tails-tor-has-bootstrapped.target]]
- [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/tails-wait-until-tor-has-bootstrapped.service]]
- [[!tails_gitweb config/chroot_local-includes/usr/lib/systemd/user/tails-wait-until-tor-has-bootstrapped.service]]
- [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/tails-tor-has-bootstrapped-flag-file.service]]
- [[!tails_gitweb config/chroot_local-includes/usr/local/sbin/tor-has-bootstrapped]]
Once Tor is ready to be used, the user is informed they can now use
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment