summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorskydrome2020-11-23 18:17:34 -0500
committerskydrome2020-11-23 18:17:34 -0500
commitf2c9cafea88ff016edeb57718cd9d5edb2b9589e (patch)
tree60d533751b816811063f0f4727d7dca950314a11
parent4ab9df472b5e4426e4eb515d3cc4bf66f3775bb8 (diff)
downloadaur-f2c9cafea88ff016edeb57718cd9d5edb2b9589e.tar.gz
0.4.6.0.alpha
Diffstat
-rw-r--r--.SRCINFO7
-rw-r--r--PKGBUILD8
-rw-r--r--tor.service8
-rw-r--r--torrc4
4 files changed, 16 insertions, 11 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 8cfe5e0ee308..a6c927368118 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
pkgbase = tor-git
pkgdesc = An anonymizing overlay network (development version)
- pkgver = 0.4.5.0.alpha.r304.g95fc085
+ pkgver = 0.4.6.0.alpha.dev.r50.g94fc207
pkgrel = 1
url = https://www.torproject.org
arch = i686
@@ -37,15 +37,14 @@ pkgbase = tor-git
source = tor.tmpfiles
source = tor.sysusers
sha256sums = SKIP
- sha256sums = e739da6271814ef8dd928a0b5d3338ef4370d0c131e86ec26cea4d7f96572d0b
+ sha256sums = 70dd879309db4c1b346ea35e0926eda6f2fe37dcb6f827e31506af4ee692b433
sha256sums = 72ed5d90c54d9d5354af0d9fc7eb1412c548cc308868b85a99278abe8ccbf145
sha256sums = 90a588c3c2dc7826172341453f76739e8f48df7b0c858adebd12e97f047bde26
sha256sums = 7fbb63e9411eee2176964449a3d6809d16e1120152c6ff201ecea1d1f97f102b
sha256sums = 748b7264b49b12d5252d688b8859820046413938c5fde91578da0d5b95594c2e
sha256sums = d447227fcc2756778a1be143b8975d67b25ea15688cde2291185b3c71d0f6e34
- sha256sums = ebd5c845ca5ff9be01747465b41959171bd6a8093317cc382c34a9b8a7198d27
+ sha256sums = 488525b2051cf0f216ac14c3ab1bc8531d308cedf92e64d147f7f11b6c58cf41
sha256sums = 06c00318d84ead3f939b267c7ae9e4cc1cd90c534d0b57ddd2595fee9065ee7f
sha256sums = 231405d1fbbcc68168248f93edd19ae14b60f66bb4d1c8e46ead1d4cd8e0ae7c
pkgname = tor-git
-
diff --git a/PKGBUILD b/PKGBUILD
index cb739837e093..a88f675cb05a 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,7 +5,7 @@
#_malloc=jemalloc # tcmalloc
pkgname=tor-git
-pkgver=0.4.5.0.alpha.r304.g95fc085
+pkgver=0.4.6.0.alpha.dev.r50.g94fc207
pkgrel=1
pkgdesc="An anonymizing overlay network (development version)"
arch=('i686' 'x86_64' 'armv6h' 'armv7h')
@@ -35,20 +35,20 @@ source=("git+https://git.torproject.org/tor.git#branch=${_branch:-master}"
'tor.logrotate' 'tor.service' 'tor.tmpfiles' 'tor.sysusers')
sha256sums=('SKIP'
- 'e739da6271814ef8dd928a0b5d3338ef4370d0c131e86ec26cea4d7f96572d0b'
+ '70dd879309db4c1b346ea35e0926eda6f2fe37dcb6f827e31506af4ee692b433'
'72ed5d90c54d9d5354af0d9fc7eb1412c548cc308868b85a99278abe8ccbf145'
'90a588c3c2dc7826172341453f76739e8f48df7b0c858adebd12e97f047bde26'
'7fbb63e9411eee2176964449a3d6809d16e1120152c6ff201ecea1d1f97f102b'
'748b7264b49b12d5252d688b8859820046413938c5fde91578da0d5b95594c2e'
'd447227fcc2756778a1be143b8975d67b25ea15688cde2291185b3c71d0f6e34'
- 'ebd5c845ca5ff9be01747465b41959171bd6a8093317cc382c34a9b8a7198d27'
+ '488525b2051cf0f216ac14c3ab1bc8531d308cedf92e64d147f7f11b6c58cf41'
'06c00318d84ead3f939b267c7ae9e4cc1cd90c534d0b57ddd2595fee9065ee7f'
'231405d1fbbcc68168248f93edd19ae14b60f66bb4d1c8e46ead1d4cd8e0ae7c')
pkgver () {
cd tor
git describe --long --tags --abbrev=7 "origin/${_branch:-master}" \
- |sed -e 's/[tor\|dev].//g;s/\([^-]*-g\)/r\1/;s/-/./g'
+ |sed -e 's/tor.//g;s/\([^-]*-g\)/r\1/;s/-/./g'
}
prepare() {
diff --git a/tor.service b/tor.service
index ee40d39b3fec..9757d503669c 100644
--- a/tor.service
+++ b/tor.service
@@ -14,6 +14,7 @@ Restart=on-failure
RestartSec=1
WatchdogSec=1m
LimitNOFILE=32768
+LimitMEMLOCK=infinity
# Hardening
PrivateTmp=yes
@@ -22,10 +23,11 @@ DeviceAllow=/dev/null rw
DeviceAllow=/dev/urandom r
ProtectHome=yes
ProtectSystem=full
-ProtectKernelTunables=yes
+NoNewPrivileges=true
+MemoryDenyWriteExecute=true
ReadOnlyDirectories=/
-ReadWriteDirectories=-/var/lib/tor -/var/log/tor
-NoNewPrivileges=yes
+ReadWriteDirectories=-/var/lib/tor
+ReadWriteDirectories=-/var/log/tor
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
[Install]
diff --git a/torrc b/torrc
index 420f15bc0e3f..534cf617f8bc 100644
--- a/torrc
+++ b/torrc
@@ -252,6 +252,10 @@ AvoidDiskWrites 1
## Try to use built-in (static) crypto hardware acceleration when available.
HardwareAccel 1
+## If set to 1, Tor will attempt to lock all current and future memory pages,
+## so that memory cannot be paged out.
+DisableAllSwap 1
+
## Configuration options can be imported from files or folders using the %include
## option with the value being a path. This path can have wildcards. Wildcards are
## expanded first, using lexical order. Then, for each matching file or folder, the following