File tor.spec of Package tor

# spec file for package tor
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

Name:           tor
Release:        0
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Summary:        Anonymizing overlay network for TCP (The onion router)
License:        BSD-3-Clause
Group:          Productivity/Networking/Security
# PATCH-FIX-UPSTREAM tor- -- add su to logrotate config to fix W: suse-logrotate-user-writable-log-dir
Patch0:         tor-
Requires:       logrotate
BuildRequires:  openssl-devel
%if 0%{?suse_version} > 1100
BuildRequires:  libevent-devel
BuildRequires:  libevent

%define toruser %{name}
%define torgroup %{name}
%define home_dir /var/lib/empty

Tor is a connection-based low-latency anonymous communication system.

This package provides the "tor" program, which serves as both a client and
a relay node. Scripts will automatically create a "%{toruser}" user and
a "%{torgroup}" group, and set tor up to run as a daemon when the system
is rebooted.

Applications connect to the local Tor proxy using the SOCKS
protocol. The tor client chooses a path through a set of relays, in
which each relay knows its predecessor and successor, but no
others. Traffic flowing down the circuit is unwrapped by a symmetric
key at each relay, which reveals the downstream relay.

Warnings: Tor does no protocol cleaning.  That means there is a danger
that application protocols and associated programs can be induced to
reveal information about the initiator. Tor depends on Privoxy or
similar protocol cleaners to solve this problem. This is alpha code,
and is even more likely than released code to have anonymity-spoiling
bugs. The present network is small -- this further reduces the
strength of the anonymity provided. Tor is not presently suitable
for high-stakes anonymity.

%setup -q

%configure \
	--with-tor-user=%{toruser} \
	--with-tor-group=%{torgroup} \

%__make %{?jobs:-j%{jobs}}


# missing dirs
%{__install} -d -m 700 \
        %{buildroot}/var/lib/%{name} \

%{__install} -d -m 755 \
        %{buildroot}/var/run/%{name} \
        %{buildroot}/var/log/%{name} \

# control script
%__install -p -m 755 contrib/torctl %{buildroot}/%{_bindir}

# sample config file
%__install -p -m 644 src/config/torrc.sample %{buildroot}/%{_sysconfdir}/%{name}/torrc.sample

# init script
%__install -D -m 755 contrib/suse/ %{buildroot}/%{_initrddir}/%{name}
%{__ln_s} -f ../..%{_initrddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}

# logrotate conf
%__sed -i -e "s|_tor|tor|g" contrib/tor.logrotate
%__install -D -m 644 contrib/tor.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}

%__rm -rf "%{buildroot}"

/usr/sbin/groupadd -r %{torgroup} &>/dev/null || :
/usr/sbin/useradd -o -g %{torgroup} -s /bin/false -r -c "User to run %{name}" -d %{home_dir} %{toruser} &>/dev/null || :

%fillup_and_insserv tor

%stop_on_removal tor

%restart_on_update tor

%doc LICENSE README ChangeLog doc/HACKING doc/TODO doc/*.html
%doc %{_mandir}/man*/*
%dir %{_datadir}/%{name}
%config %{_initrddir}/%{name}
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}
%dir %attr(0755,root,%{torgroup}) %{_sysconfdir}/%{name}
%config(noreplace) %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/*
%attr(0700,%{toruser},%{torgroup}) %dir %{_localstatedir}/lib/%{name}
%ghost %attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/run/%{name}
%attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/log/%{name}