GNU bug report logs - #32346
[PATCH 0/6] TOR via Unix domain SOCKS socket

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Chris Marusich <cmmarusich <at> gmail.com>
Subject: bug#32346: closed (Re: [bug#32346] [PATCH 1/6] services: tor: Add
 a system test.)
Date: Tue, 28 Aug 2018 07:47:02 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#32346: [PATCH 0/6] TOR via Unix domain SOCKS socket

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 32346 <at> debbugs.gnu.org.

-- 
32346: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=32346
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Chris Marusich <cmmarusich <at> gmail.com>
To: ludo <at> gnu.org (Ludovic Courtès)
Cc: 32346-done <at> debbugs.gnu.org
Subject: Re: [bug#32346] [PATCH 1/6] services: tor: Add a system test.
Date: Tue, 28 Aug 2018 00:46:05 -0700

[Message part 3 (text/plain, inline)]

Hi Ludo,

I've incorporated your feedback and committed this patch series as
3bcb305b98e02f6c9d98e7325813fc00f18f0e6c.  Details follow.

ludo <at> gnu.org (Ludovic Courtès) writes:

> Chris Marusich <cmmarusich <at> gmail.com> skribis:
>
>
> [...]
>
>> +      ;; Allow TOR to write its PID file.
>
> Nitpick: I think the maintainers no longer consider the name an acronym
> and write it as “Tor”, not “TOR”.

This is good to know.  In each patch that uses the incorrect name "TOR",
I've changed it to use the correct name "Tor".

>> +(define* (wait-for-unix-socket path marionette
>
> Super nitpick: s/path/file/ or s/path/file-name/, as per GNU
> convention (where “path” means “search path”.)

I've updated this to follow the convention.

>> +@deftp {Data Type} tor-configuration
>> +@table @asis
>> +@item @code{tor} (default: @code{tor})
>> +The package that provides the TOR daemon.  This package is expected
>> to provide
>> +the daemon at @file{bin/tor} relative to its output directory.  The default
>> +package is the @uref{https://www.torproject.org, TOR Project's}
>> +implementation.
>> +@item @code{config-file} (default: @code{(plain-file "empty" "")})
>
> You could skip a line between between each @item for clarity.

Good idea.  I've done this, too.

> Thank you for this nice patch series!

Thank you for the thoughtful review!

I appreciate your attention to detail.  If you hadn't told me, I
wouldn't have known about some of these things, such as the GNU
convention to use "file" or "file-name" instead of "path" when speaking
about UNIX domain sockets.  I'll remember these things going forward.

And with that, I will now close this patch!

-- 
Chris

[signature.asc (application/pgp-signature, inline)]

[Message part 5 (message/rfc822, inline)]

From: Chris Marusich <cmmarusich <at> gmail.com>
To: guix-patches <at> gnu.org
Cc: Christopher Lemmer Webber <cwebber <at> dustycloud.org>,
 Chris Marusich <cmmarusich <at> gmail.com>
Subject: [PATCH 0/6] TOR via Unix domain SOCKS socket
Date: Wed,  1 Aug 2018 23:45:20 -0700

Hi,

This patch series makes it possible to use our TOR service over a Unix
domain socket.  Specifically, after applying this patch series you can
configure the TOR service as follows:

    (service tor-service-type
             (tor-configuration (socks-socket-type 'unix)))

This configures the TOR daemon to run its SOCKS proxy on the Unix
domain socket "/var/run/tor/socks-sock" rather than localhost port
9050.  The SOCKS socket is made group-writable so that any member of
the "tor" group may connect to it.

Along the way, this patch series also adds system tests for TOR and
adds a tiny bit of functionality to the marionette test framework.

This patch series applies cleanly to commit
0d206dd054b74279838d44029c52a5f7663de189.  For each patch in the
series, I've verified that (1) Guix builds successfully and (2) both
the new "tor" system test and the existing "dhcpd" system test pass.
I ran the "dhcpd" system test as a sanity test to make sure I didn't
introduce a regression in existing system tests.  I'm currently
reconfiguring my GuixSD system to confirm that it works for real, but
it's going to take a long time for the reconfigure to succeed, so I'm
sending the patch series now.

Regarding hidden services, I haven't changed anything intentionally,
so it should continue to work as before.  I'll also test hidden
services, but that's also going to take more time because I've never
done it before, and I have to wait for my system to build many things.

I'll let you know if it all works after I reconfigure my system.  In
the meantime, please take a look at the patches.  Thank you!

Chris Marusich (6):
  services: tor: Add a system test.
  services: tor: Rename activation procedure.
  marionette: Add support for QEMU's "quit" command.
  marionette: Add wait-for-unix-socket.
  tests: tor: Add more test cases.
  services: tor: Make it easier to use UNIX sockets.

 doc/guix.texi               | 52 +++++++++++++++++---
 gnu/build/marionette.scm    | 28 ++++++++++-
 gnu/services/networking.scm | 34 ++++++++++---
 gnu/tests/networking.scm    | 97 ++++++++++++++++++++++++++++++++++++-
 4 files changed, 196 insertions(+), 15 deletions(-)

-- 
2.18.0

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.