Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
tails
tails
Commits
bbeded14
Commit
bbeded14
authored
Mar 10, 2015
by
intrigeri
Browse files
Turn the htpdate SysV initscript into a native systemd service.
parent
937afd02
Changes
7
Hide whitespace changes
Inline
Side-by-side
config/chroot_local-hooks/46-configure-htpdate
0 → 100755
View file @
bbeded14
#!/bin/sh
set
-e
echo
"Configuring htpdate HTTP User-Agent"
CONFFILE
=
'/etc/default/htpdate.user-agent'
install
-o
root
-g
root
-m
0644 /dev/null
"
$CONFFILE
"
echo
"HTTP_USER_AGENT=
\"
$(
/usr/local/bin/getTorBrowserUserAgent
)
\"
"
\
>
"
$CONFFILE
"
config/chroot_local-includes/etc/NetworkManager/dispatcher.d/20-time.sh
View file @
bbeded14
...
...
@@ -260,5 +260,5 @@ fi
touch
$TORDATE_DONE_FILE
log
"Restarting htpdate"
s
ervice htpdate restart
s
ystemctl restart htpdate.service
log
"htpdate service restarted with return code
$?
"
config/chroot_local-includes/etc/default/htpdate
→
config/chroot_local-includes/etc/default/htpdate
.pools
View file @
bbeded14
HTP_POOL_PAL="boum.org,chavez.indymedia.org,db.debian.org,epic.org,mail.riseup.net,sarava.org,squat.net,tachanka.org,www.1984.is,www.eff.org,www.immerda.ch,www.privacyinternational.org,www.torproject.org"
HTP_POOL_NEUTRAL="cve.mitre.org,en.wikipedia.org,lkml.org,thepiratebay.org,www.apache.org,www.centos.org,www.democracynow.org,www.duckduckgo.com,www.gnu.org,www.kernel.org,www.mozilla.org,www.stackexchange.com,www.startpage.com,www.xkcd.com"
HTP_POOL_FOE="encrypted.google.com,github.com,login.live.com,login.yahoo.com,secure.flickr.com,tumblr.com,twitter.com,www.adobe.com,www.gandi.net,www.myspace.com,www.paypal.com,www.rsa.com,www.sony.com"
HTTP_USER_AGENT="$(/usr/local/bin/getTorBrowserUserAgent)"
config/chroot_local-includes/etc/init.d/htpdate
deleted
100755 → 0
View file @
937afd02
#! /bin/sh
### BEGIN INIT INFO
# Provides: htpdate
# Default-Start:
# Default-Stop:
# Required-Start: mountkernfs $local_fs
# Required-Stop:
# Short-Description: Set time using HTP
# Description: Set time using HTP
### END INIT INFO
DESC
=
"Setting time using HTP"
NAME
=
htpdate
SCRIPTNAME
=
/etc/init.d/
$NAME
HTP_DIR
=
/var/run/
$NAME
PIDFILE
=
$HTP_DIR
/pid
HTP_DONE_FILE
=
$HTP_DIR
/done
HTP_SUCCESS_FILE
=
$HTP_DIR
/success
LOG
=
/var/log/
$NAME
.log
# Load the VERBOSE setting and other rcS variables
.
/lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
.
/lib/lsb/init-functions
# Create status directory and log file
install
-o
root
-g
root
-m
0755
-d
${
HTP_DIR
}
install
-o
htp
-g
nogroup
-m
0644 /dev/null
${
LOG
}
# Source configuration
.
/etc/default/
$NAME
log
()
{
echo
"
$@
"
>>
"
${
LOG
}
"
}
# Sanity checks
if
[
-z
"
$HTTP_USER_AGENT
"
]
;
then
log
"HTTP_USER_AGENT is not set."
exit
2
fi
if
[
-z
"
$HTP_POOL_PAL
"
]
;
then
log
"HTP_POOL_PAL is not set"
exit
3
fi
if
[
-z
"
$HTP_POOL_NEUTRAL
"
]
;
then
log
"HTP_POOL_NEUTRAL is not set"
exit
3
fi
if
[
-z
"
$HTP_POOL_FOE
"
]
;
then
log
"HTP_POOL_FOE is not set"
exit
3
fi
do_start
()
{
if
[
-e
"
$HTP_DONE_FILE
"
]
;
then
rm
-f
"
$HTP_DONE_FILE
"
fi
if
[
-e
"
$HTP_SUCCESS_FILE
"
]
;
then
rm
-f
"
$HTP_SUCCESS_FILE
"
fi
start-stop-daemon
-S
-q
-p
${
PIDFILE
}
-bm
-x
/usr/local/sbin/htpdate
--
\
--debug
\
--log_file
"
$LOG
"
\
--user_agent
"
$HTTP_USER_AGENT
"
\
--allowed_per_pool_failure_ratio
0.34
\
--user
htp
\
--done_file
"
$HTP_DONE_FILE
"
\
--success_file
"
$HTP_SUCCESS_FILE
"
\
--pal_pool
"
$HTP_POOL_PAL
"
\
--neutral_pool
"
$HTP_POOL_NEUTRAL
"
\
--foe_pool
"
$HTP_POOL_FOE
"
\
--proxy
127.0.0.1:9062
return
$?
}
do_stop
()
{
start-stop-daemon
-K
-q
-p
${
PIDFILE
}
}
case
"
$1
"
in
start
)
[
"
$VERBOSE
"
!=
no
]
&&
log_daemon_msg
"
$DESC
"
"
$NAME
"
do_start
case
"
$?
"
in
0|1
)
[
"
$VERBOSE
"
!=
no
]
&&
log_end_msg 0
;;
2
)
[
"
$VERBOSE
"
!=
no
]
&&
log_end_msg 1
;;
esac
;;
stop
)
do_stop
;;
restart
)
do_stop
do_start
;;
*
)
echo
"Usage:
$SCRIPTNAME
(start|stop|restart)"
>
&2
exit
3
;;
esac
:
config/chroot_local-includes/lib/systemd/system/htpdate.service
0 → 100644
View file @
bbeded14
[Unit]
Description
=
Setting time using HTP
Documentation
=
https://tails.boum.org/contribute/design/Time_syncing/
[Service]
Type
=
simple
Environment
=
DONE_FILE=/run/htpdate/done
Environment
=
SUCCESS_FILE=/run/htpdate/success
Environment
=
LOG=/var/log/htpdate.log
EnvironmentFile
=
/etc/default/htpdate.*
ExecStartPre
=
/bin/sh -c '[ -n "${HTTP_USER_AGENT}" ]'
ExecStartPre
=
/bin/sh -c '[ -n "${HTP_POOL_PAL}" ]'
ExecStartPre
=
/bin/sh -c '[ -n "${HTP_POOL_NEUTRAL}" ]'
ExecStartPre
=
/bin/sh -c '[ -n "${HTP_POOL_FOE}" ]'
ExecStartPre
=
/bin/rm -f "${DONE_FILE}"
ExecStartPre
=
/bin/rm -f "${SUCCESS_FILE}"
ExecStartPre
=
/usr/bin/install -o root -g root -m 0755 -d /run/htpdate
ExecStartPre
=
/usr/bin/install -o htp -g nogroup -m 0644 /dev/null "${LOG}"
ExecStart
=
/usr/local/sbin/htpdate
\
--debug
\
--log_file "${LOG}"
\
--user_agent "${HTTP_USER_AGENT}"
\
--allowed_per_pool_failure_ratio 0.34
\
--user htp
\
--done_file "${DONE_FILE}"
\
--success_file "${SUCCESS_FILE}"
\
--pal_pool "${HTP_POOL_PAL}"
\
--neutral_pool "${HTP_POOL_NEUTRAL}"
\
--foe_pool "${HTP_POOL_FOE}"
\
--proxy 127.0.0.1:9062
RemainAfterExit=yes
wiki/src/contribute/design/Time_syncing.mdwn
View file @
bbeded14
...
...
@@ -162,7 +162,7 @@ the the other pools. The pools are as follows:
* The "neutral" pool members have a neutral raltionship to both the
"pal" and "foe" pool.
The pools are listed in [[!tails_gitweb config/chroot_local-includes/etc/default/htpdate]].
The pools are listed in [[!tails_gitweb config/chroot_local-includes/etc/default/htpdate
.pools
]].
Basically, Tails `htpdate` pick three random servers (one from each
pool), and then build the mediate of the three advertised dates.
...
...
@@ -188,3 +188,8 @@ efforts and compromise should be made to prevent these?
A Network Manager hook runs the whole thing:
[[!tails_gitweb config/chroot_local-includes/etc/NetworkManager/dispatcher.d/20-time.sh]].
See also:
* [[!tails_gitweb config/chroot_local-hooks/46-configure-htpdate]]
* [[!tails_gitweb config/chroot_local-includes/lib/systemd/system/htpdate.service]]
wiki/src/contribute/design/stream_isolation.mdwn
View file @
bbeded14
...
...
@@ -92,7 +92,7 @@ in [[!tails_gitweb config/chroot_local-includes/etc/tor/torrc]]:
Applications are configured to use the right SOCKS port:
- [[!tails_gitweb config/chroot_local-includes/etc/tor-browser/profile/preferences/0000tails.js]]
- [[!tails_gitweb config/chroot_local-includes/
etc/init.d/htpdat
e]]
- [[!tails_gitweb config/chroot_local-includes/
lib/systemd/system/htpdate.servic
e]]
- [[!tails_gitweb config/chroot_local-includes/etc/tor/tor-tsocks-mua.conf]]
- [[!tails_gitweb config/chroot_local-includes/usr/local/bin/tails-security-check]]
- [[!tails_gitweb config/chroot_local-includes/usr/local/bin/torified-claws-mail]]
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment