[Tor-BSD] FreeBSD/HardenedBSD - auto updating packages
shawn.webb at hardenedbsd.org
Sat Feb 3 11:45:33 EST 2018
On Sat, Feb 03, 2018 at 10:04:00AM +0000, nusenu wrote:
> >> just wanted to let you know that Shawn created a page
> >> for FreeBSD/HardenedBSD auto updates (for the packages at least):
> >> https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/BSDUpdates
> > From what I can see this will update all packages, not just tor.
> Yes that is intended.
> > It also
> > will not restart Tor, so one will keep running an old version until it's
> > manually restarted or a reboot happens.
> Thanks for mentioning this very important point.
> Shawn, what is the best way to fix this?
> Add a check if tor's version changed and issue a
> service restart if it did?
There's two ways of doing it:
1. Run `pkg update` first to update the repo metadata, then use `pkg
version` (with extra arguments) to check if the tor package gets
upgraded. Cache this as a boolean value. Run `pkg upgrade` and after
it's finished upgrading all packages, if the cached boolean value is
true, then restart tor. This can be integrated into the script that
gets written by cron.
2. Write a plugin for pkg that restarts services whenever packages
with enabled rc.d scripts get updated. I would prefer this route as it
would be generically applied and useful outside of just tor.
I can do either option. However, my time is limited and it'd take me
around two weeks to getting around to doing it. So if someone beats me
to it, then great.
Cofounder and Security Engineer
Tor-ified Signal: +1 443-546-8752
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Tor-BSD