Turn the htpdate SysV initscript into a native systemd service.

bbeded14 · intrigeri · 937afd02 · bbeded14 · bbeded14 · bbeded14
Commit bbeded14 authored Mar 10, 2015 by intrigeri
--- a/config/chroot_local-hooks/46-configure-htpdate
+++ b/config/chroot_local-hooks/46-configure-htpdate
+#!/bin/sh
+
+set -e
+
+echo "Configuring htpdate HTTP User-Agent"
+
+CONFFILE='/etc/default/htpdate.user-agent'
+
+install -o root -g root -m 0644 /dev/null "$CONFFILE"
+
+echo "HTTP_USER_AGENT=\"$(/usr/local/bin/getTorBrowserUserAgent)\"" \
+     > "$CONFFILE"
--- a/config/chroot_local-includes/etc/NetworkManager/dispatcher.d/20-time.sh
+++ b/config/chroot_local-includes/etc/NetworkManager/dispatcher.d/20-time.sh
@@ -260,5 +260,5 @@ fi
 touch $TORDATE_DONE_FILE

 log "Restarting htpdate"
-service htpdate restart
+systemctl restart htpdate.service
 log "htpdate service restarted with return code $?"
--- a/config/chroot_local-includes/etc/default/htpdate
+++ b/config/chroot_local-includes/etc/default/htpdate
 HTP_POOL_PAL="boum.org,chavez.indymedia.org,db.debian.org,epic.org,mail.riseup.net,sarava.org,squat.net,tachanka.org,www.1984.is,www.eff.org,www.immerda.ch,www.privacyinternational.org,www.torproject.org"
 HTP_POOL_NEUTRAL="cve.mitre.org,en.wikipedia.org,lkml.org,thepiratebay.org,www.apache.org,www.centos.org,www.democracynow.org,www.duckduckgo.com,www.gnu.org,www.kernel.org,www.mozilla.org,www.stackexchange.com,www.startpage.com,www.xkcd.com"
 HTP_POOL_FOE="encrypted.google.com,github.com,login.live.com,login.yahoo.com,secure.flickr.com,tumblr.com,twitter.com,www.adobe.com,www.gandi.net,www.myspace.com,www.paypal.com,www.rsa.com,www.sony.com"
-HTTP_USER_AGENT="$(/usr/local/bin/getTorBrowserUserAgent)"
--- a/config/chroot_local-includes/etc/init.d/htpdate
+++ b/config/chroot_local-includes/etc/init.d/htpdate
-#! /bin/sh
-### BEGIN INIT INFO
-# Provides:          htpdate
-# Default-Start:
-# Default-Stop:
-# Required-Start:    mountkernfs $local_fs
-# Required-Stop:
-# Short-Description: Set time using HTP
-# Description:       Set time using HTP
-### END INIT INFO
-
-DESC="Setting time using HTP"
-NAME=htpdate
-SCRIPTNAME=/etc/init.d/$NAME
-HTP_DIR=/var/run/$NAME
-PIDFILE=$HTP_DIR/pid
-HTP_DONE_FILE=$HTP_DIR/done
-HTP_SUCCESS_FILE=$HTP_DIR/success
-LOG=/var/log/$NAME.log
-
-# Load the VERBOSE setting and other rcS variables
-. /lib/init/vars.sh
-
-# Define LSB log_* functions.
-# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
-# and status_of_proc is working.
-. /lib/lsb/init-functions
-
-# Create status directory and log file
-install -o root -g root -m 0755 -d ${HTP_DIR}
-install -o htp -g nogroup -m 0644 /dev/null ${LOG}
-
-# Source configuration
-. /etc/default/$NAME
-
-log() {
-	echo "$@" >> "${LOG}"
-}
-
-# Sanity checks
-if [ -z "$HTTP_USER_AGENT" ]; then
-	log "HTTP_USER_AGENT is not set."
-	exit 2
-fi
-if [ -z "$HTP_POOL_PAL" ]; then
-	log "HTP_POOL_PAL is not set"
-	exit 3
-fi
-if [ -z "$HTP_POOL_NEUTRAL" ]; then
-	log "HTP_POOL_NEUTRAL is not set"
-	exit 3
-fi
-if [ -z "$HTP_POOL_FOE" ]; then
-	log "HTP_POOL_FOE is not set"
-	exit 3
-fi
-
-do_start() {
-	if [ -e "$HTP_DONE_FILE" ]; then
-		rm -f "$HTP_DONE_FILE"
-	fi
-
-	if [ -e "$HTP_SUCCESS_FILE" ]; then
-		rm -f "$HTP_SUCCESS_FILE"
-	fi
-
-	start-stop-daemon -S -q -p ${PIDFILE} -bm -x /usr/local/sbin/htpdate -- \
-		--debug \
-		--log_file "$LOG" \
-		--user_agent "$HTTP_USER_AGENT" \
-		--allowed_per_pool_failure_ratio 0.34 \
-		--user htp \
-		--done_file    "$HTP_DONE_FILE" \
-		--success_file "$HTP_SUCCESS_FILE" \
-		--pal_pool     "$HTP_POOL_PAL" \
-		--neutral_pool "$HTP_POOL_NEUTRAL" \
-		--foe_pool     "$HTP_POOL_FOE" \
-	        --proxy        127.0.0.1:9062
-
-	return $?
-}
-
-do_stop() {
-	start-stop-daemon -K -q -p ${PIDFILE}
-}
-
-case "$1" in
-  start)
-	[ "$VERBOSE" != no ] && log_daemon_msg "$DESC" "$NAME"
-	do_start
-	case "$?" in
-		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
-		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
-	esac
-	;;
-  stop)
-	do_stop
-	;;
-  restart)
-	do_stop
-	do_start
-	;;
-  *)
-	echo "Usage: $SCRIPTNAME (start|stop|restart)" >&2
-	exit 3
-	;;
-esac
-
-:
--- a/config/chroot_local-includes/lib/systemd/system/htpdate.service
+++ b/config/chroot_local-includes/lib/systemd/system/htpdate.service
+[Unit]
+Description=Setting time using HTP
+Documentation=https://tails.boum.org/contribute/design/Time_syncing/
+
+[Service]
+Type=simple
+Environment=DONE_FILE=/run/htpdate/done
+Environment=SUCCESS_FILE=/run/htpdate/success
+Environment=LOG=/var/log/htpdate.log
+EnvironmentFile=/etc/default/htpdate.*
+ExecStartPre=/bin/sh -c '[ -n "${HTTP_USER_AGENT}"  ]'
+ExecStartPre=/bin/sh -c '[ -n "${HTP_POOL_PAL}"     ]'
+ExecStartPre=/bin/sh -c '[ -n "${HTP_POOL_NEUTRAL}" ]'
+ExecStartPre=/bin/sh -c '[ -n "${HTP_POOL_FOE}"     ]'
+ExecStartPre=/bin/rm -f "${DONE_FILE}"
+ExecStartPre=/bin/rm -f "${SUCCESS_FILE}"
+ExecStartPre=/usr/bin/install -o root -g root -m 0755 -d /run/htpdate
+ExecStartPre=/usr/bin/install -o htp -g nogroup -m 0644 /dev/null "${LOG}"
+ExecStart=/usr/local/sbin/htpdate                   \
+              --debug                               \
+              --log_file "${LOG}"                   \
+              --user_agent "${HTTP_USER_AGENT}"     \
+              --allowed_per_pool_failure_ratio 0.34 \
+              --user htp                            \
+              --done_file    "${DONE_FILE}"         \
+              --success_file "${SUCCESS_FILE}"      \
+              --pal_pool     "${HTP_POOL_PAL}"      \
+              --neutral_pool "${HTP_POOL_NEUTRAL}"  \
+              --foe_pool     "${HTP_POOL_FOE}"      \
+              --proxy        127.0.0.1:9062
+RemainAfterExit=yes
--- a/wiki/src/contribute/design/Time_syncing.mdwn
+++ b/wiki/src/contribute/design/Time_syncing.mdwn
@@ -162,7 +162,7 @@ the the other pools. The pools are as follows:
 * The "neutral" pool members have a neutral raltionship to both the
  "pal" and "foe" pool.

-The pools are listed in [[!tails_gitweb config/chroot_local-includes/etc/default/htpdate]].
+The pools are listed in [[!tails_gitweb config/chroot_local-includes/etc/default/htpdate.pools]].

 Basically, Tails `htpdate` pick three random servers (one from each
 pool), and then build the mediate of the three advertised dates.
@@ -188,3 +188,8 @@ efforts and compromise should be made to prevent these?

 A Network Manager hook runs the whole thing:
 [[!tails_gitweb config/chroot_local-includes/etc/NetworkManager/dispatcher.d/20-time.sh]].
+
+See also:
+
+* [[!tails_gitweb config/chroot_local-hooks/46-configure-htpdate]]
+* [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/htpdate.service]]
--- a/wiki/src/contribute/design/stream_isolation.mdwn
+++ b/wiki/src/contribute/design/stream_isolation.mdwn
@@ -92,7 +92,7 @@ in [[!tails_gitweb config/chroot_local-includes/etc/tor/torrc]]:
 Applications are configured to use the right SOCKS port:

 - [[!tails_gitweb config/chroot_local-includes/etc/tor-browser/profile/preferences/0000tails.js]]
- [[!tails_gitweb config/chroot_local-includes/etc/init.d/htpdate]]
+- [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/htpdate.service]]
 - [[!tails_gitweb config/chroot_local-includes/etc/tor/tor-tsocks-mua.conf]]
 - [[!tails_gitweb config/chroot_local-includes/usr/local/bin/tails-security-check]]
 - [[!tails_gitweb config/chroot_local-includes/usr/local/bin/torified-claws-mail]]