[Pkg-privacy-commits] [vidalia] 96/160: Updated pkg documentation with clear bullet-point detailed steps and some minor changes
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:14:39 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch master
in repository vidalia.
commit d0106b7e023f8a1d7b7bd5491d50bdd902564c67
Author: Dererk <dererk at debian.org>
Date: Mon Feb 13 13:20:40 2012 -0300
Updated pkg documentation with clear bullet-point detailed steps
and some minor changes
---
debian/NEWS | 2 +-
debian/README.Debian | 276 +++++++++++++++++++++++++++++++++------------------
debian/changelog | 4 +-
debian/control | 4 +-
4 files changed, 187 insertions(+), 99 deletions(-)
diff --git a/debian/NEWS b/debian/NEWS
index ba537c3..46afa9c 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -14,7 +14,7 @@ vidalia (0.2.17-1) unstable; urgency=low
silently overwritten at daily's Tor logrotation, but it's a bug too, because
if you logrotate before hupping, Tor won't open any new logs.
.
- As a resume, this translates into an undesired effect on Tor's logging
+ /As a resume/, this translates into an undesired effect on Tor's logging
capacity, but it's highly unlikely this will affect any of your privacy
properties at any point.
.
diff --git a/debian/README.Debian b/debian/README.Debian
index 4a38d64..8620ad2 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -1,161 +1,247 @@
Vidalia for Debian
-------------------
+-------------------
- ---------------------------
- DEPRECATED (or so)
- ---------------------------
+ Default Configuration: Simplest and Painless
+ =============================================
-Currently, Vidalia speaks directly through a socket to Tor, only required
- steps to perform is to answer properly at Debconf templates for adding
- Vidalia users into debian-tor group, who owns Tor's Control Socket.
+ Currently, Vidalia speaks against Tor directly through a local (unix) socket.
+ This is recommended and Debian's default configuration.
+ Only two (even only one) steps are required to be performed:
-The following documentation is still valid, although its not expected for
- for you to perform ANY of this steps to get Vidalia running.
+ 1. Answer debconf question at Vidalia's config/upgrade time with the proper
+ user/list of users that you'll allow to connect/configure/monitor your
+ local instance of Tor, and,
+ 2. If the user/any of the users from the list below is currently logged in,
+ he/she will have to restart his/her X session before starting Vidalia.
+ That would be all!
- ---------------------------
- DEPRECATED (or so)
- ---------------------------
+ ------------------------------------------------------------------------------
+ This is default and recommended configuration because the bast majority of
+ the users will find here the most suitable choice for a local Tor daemon.
+ ------------------------------------------------------------------------------
- For the anxious and impatient
- -----------------------------
+
+
+
+ The 'But...'
+ =============
+
+ On the other hand, there could be a few situations in which you wont be able
+ to use this configuration profile, some of them being:
-There are three ways of running Vidalia:
+ - You couldn't convince an admin to add you into the list of local system
+ users allowed to control Tor
+ - The Tor instance you're willing to control runs on a remote host
+ - Some old manuscripts have been recently revealed vulnerabilities on the
+ unixsocket implementation, or simply you just don't wish to use it because
+ you dislike the word 'unix' on 'unixsocket'.
-1. (Re)Configure Vidalia not to let Tor start, and simply start Vidalia.
-2. Enable Tor's ControlPort and enable CookieAuthentication in Tor's config,
+
+ In this cases, or whichever ones you may find, you can still make use any of
+ the following alternatives:
+
+ 1. If facing a local Tor daemon situation in which you are unable to connect
+ for some reason to the system-wide Tor's Control Socket (as the example
+ explained below), you can still launch a personal Tor session and manually
+ configure Vidalia to use it.
+
+ 2. Enable Tor's ControlPort and enable CookieAuthentication in Tor's config,
then grab the cookie file from /var/lib/tor/control_auth_cookie, profit!
- (RECOMMENDED for greater security)
-3. Enable Tor's ControlPort, get a hashed password at 'tor --hash-password',
+
+ 3. Enable Tor's ControlPort, get a hashed password at 'tor --hash-password',
load back the output into the HashedControlPassword Tor's config field,
profit!
+ 'Two Tor instances on the same machine' Issue
+ ==============================================
- Full and complete explanation
- -----------------------------
-Vidalia provides a graphical graphical user interface to configure
-different aspects of the Tor Network, check its status at a glance,
-monitor its bandwidth usage or maybe just view Tor's event logs.
-This means that Vidalia needs to talk to the Tor daemon.
+ Be aware that if you choose to connect to Tor using a different method that
+ Debian's default, you'll be hitting a bug on Vidalia. This will also happen
+ if you have two instances of Tor running on the same maching.
+ See https://trac.torproject.org/projects/tor/ticket/4823 and
+ http://bugs.debian.org/654644 for more information.
-Vidalia supports three different ways of talking to Tor:
-1. Let Vidalia start the Tor process on its own.
- ---------------------------------------------
+
+
+
+ Detailed description
+ ---------------------
+ Vidalia provides a graphical graphical user interface to configure
+ different aspects of the Tor Network, check its status at a glance,
+ monitor its bandwidth usage or maybe just view Tor's event logs.
+ This means that Vidalia needs to talk to the Tor daemon.
- ------> "I want it, and I want it NOW!"
+ If for some reason you decide/are forced not to go by the default profile
+ which configures everything for you at Vidalia's installation time, you
+ may use any of this different approaches to have Vidalia and Tor working.
- This option is the simplest, but not usable on a multi-user system.
- Debconf offers this as the default option, but it can be easily
- reconfigured at any time by running 'dpkg-reconfigure vidalia'.
+ 1. Launch your own personal Tor session
+ ------------------------------------
+
*********************** FOR PARANOIDS ONLY ***************************
- | |
- | |
- | In the remote and unlikely event of a bug existing in the |
+ | |
+ | |
+ | In the remote and unlikely event of a bug existing in the |
| Tor routing algorithm or implementation itself, it might be |
| _relatively_ easy, or at least possible, for a remote user to |
- | gain access to the data of the user launching Vidalia (what's |
- | known as a "privilege escalation" attack) |
- | |
- | |
- | This will be much more difficult if you run Vidalia using |
- | either of the two alternatives described below. |
- | |
- | |
- | ** Please consider using them if possible! ** |
- | |
- | |
+ | gain access to the data of the user launching Vidalia. |
+ | |
+ | |
+ | This will be much more difficult if you run Vidalia using |
+ | either of the two alternatives described below. |
+ | |
+ | |
+ | ** Please consider using them if possible! ** |
+ | |
+ | |
*********************** FOR PARANOIDS ONLY ***************************
+ Required Steps:
+ # Start your own personal Tor session binary, create proper paths:
+ $ mkdir ~/.tor
+ $ chown $USER. ~/.tor && chmod go-rwx ~/.tor
+ $ /usr/sbin/tor ControlSocket ~/.tor/socket SocksPort $RANDOM ControlPort 0
-2. Enable Tor to use a control cookie to communicate with Vidalia.
- ---------------------------------------------------------------
+ # Make a note on the $RANDOM port it has used. You'll see something like:
+ Feb 13 12:28:20.819 [notice] Tor v0.2.2.35 (git-73ff13ab3cc9570d). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
+ Feb 13 12:28:20.820 [notice] Initialized libevent version 2.0.16-stable using method epoll. Good.
+ Feb 13 12:28:20.820 [notice] Opening Socks listener on 127.0.0.1:3771
- * The best password is the one you don't have to know about *
+ In this case, 3771 is your lucky number and you'll use it as socks port
+ for your favourite browser network preferences, polipo or privoxy, etc.
- This method consists of a password-less authentication. This means
- you won't have to remember any password, but you'll have to grab a
- very important and *SECRET* file from your disc, called "Auth Cookie".
+ # Launch Vidalia process. It will fail trying to start, because it's
+ unable to connect or because some other reason.
- To enable this profile, edit Tor's configuration file, by default at
- '/etc/tor/torrc', add or uncomment both the 'ControlPort' and the
- 'CookieAuthentication' options, setting the last one to 1.
+ # Manually configure your Vidalia instance:
+ # Go to "Settings"
+ # Click on "Advanced" icon
+ # At "Tor Control" block, choose "Use Unix domain socket (ControlSocket)"
+ # Set "Path" to "/home/$USER$/.tor/socket" and click on "OK"
+ # Now click on "Start Tor" and enjoy! :-)
- You will end up having something like this:
- # egrep '(ControlPort|Auth)' /etc/tor/torrc
- ControlPort 9051
- CookieAuthentication 1
+ 2. Enable Tor to use a control cookie to communicate with Vidalia.
+ ---------------------------------------------------------------
- Now start/reload/restart the Tor daemon, and start Vidalia (as a regular X
- user). Vidalia will ask you for a "cookie file" at the next run:
+ * The best password is the one you don't have to know about *
-
- ------------------------------------------------------------------------
- You will have to fetch the "cookie file" from your local filesystem,
- by default at '/var/lib/tor/control_auth_cookie'
+ This method consists of a password-less authentication. This means
+ you won't have to remember any password, but you'll have to grab a
+ very important and *SECRET* file from disk, called "Auth Cookie".
- DO NOT share this file with anyone, Tor depends on it!
- ------------------------------------------------------------------------
+ To enable this profile, edit Tor's configuration file, by default at
+ '/etc/tor/torrc', add or uncomment both the 'ControlPort' and the
+ 'CookieAuthentication' options, setting the last one to 1.
+ You will end up having something like this:
- This option might be simpler than all the others, but will require you
- to grab a different cookie file every time you restart the Tor process,
- in contrast to the next methods.
+ # egrep '(ControlPort|Auth)' /etc/tor/torrc
+ ControlPort 9051
+ CookieAuthentication 1
- This is my preferred and recommended method, simple and easy, no
- passwords.
+ Now start/reload/restart the Tor daemon, and start Vidalia (as a regular X
+ user). Vidalia will ask you for a "cookie file" at the next run:
+
+ ------------------------------------------------------------------------
+ You will have to fetch the "cookie file" from your local filesystem,
+ by default at '/var/lib/tor/control_auth_cookie'
-3. Enable Tor to use a control passowrd to communicate with Vidalia.
- -----------------------------------------------------------------
+ DO NOT share this file with anyone, Tor's privacy depends on it!
+ ------------------------------------------------------------------------
- Edit the Tor configuration file, by default '/etc/tor/torrc', add or
- uncomment both the 'ControlPort' and 'HashedControlPassword' options
- and load 'tor --hash-password' hash got from the output into it,
- as shown below:
-
- # tor --hash-password SOME_PASSWORD_HERE
- Sep 17 18:48:49.421 [notice] Tor v0.2.0.30 (r15956). This is experimental
- software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
-
- 16:167F667A98F859D2600BD708B48B95343FEF7800B479E2AA4284ACF029
+ This option might be simpler than all the others, but will require you
+ to grab a different cookie file every time you restart the Tor process,
+ in contrast to the next methods.
-
- You will end up with something like this:
-
- # grep Control /etc/tor/torrc
- ControlPort 9051
- HashedControlPassword 16:167F667A98F...4ACF029
+ This is my preferred and recommended method, simple and easy, no
+ passwords.
+
+
+
+ 3. Enable Tor to use a control password to communicate with Vidalia.
+ -----------------------------------------------------------------
+
+ Edit the Tor configuration file, by default '/etc/tor/torrc', add or
+ uncomment both the 'ControlPort' and 'HashedControlPassword' options
+ and load 'tor --hash-password' hash got from the output into it,
+ as shown below:
+
+
+ # tor --hash-password SOME_PASSWORD_HERE
+ Sep 17 18:48:49.421 [notice] Tor v0.2.0.30 (r15956). This is experimental
+ software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
+
+ 16:167F667A98F859D2600BD708B48B95343FEF7800B479E2AA4284ACF029
+
+
+ You will end up with something like this:
+
+ # grep Control /etc/tor/torrc
+ ControlPort 9051
+ HashedControlPassword 16:167F667A98F...4ACF029
+
+
+ Now start/reload/restart the Tor daemon, and start Vidalia (as a regular X
+ user). Vidalia will ask you for the set password ('SOME_PASSWORD_HERE'
+ as for the example) at the next run and it will start using a secure
+ authentication.
+
+
+
+ Last Minute Notes (Quoted from debian/NEWS)
+ ===========================================
+
+ A known bug has been introduced at this release point (in fact it was on
+ 0.2.16, see below), which produces a little undesired effect on very
+ particular configuration sets.
+
+ Bug description:
+ If you use Vidalia to control Tor and change Tor's config but Vidalia's
+ saveconf attempt fails (e.g. because Vidalia is controlling the system Tor
+ and it can't write to /etc/tor/torrc, which is default), then Vidalia will
+ tell Tor to quit reloading its torrc on hup.
+
+ This is a feature by its own, because now the changes Vidalia made won't be
+ silently overwritten at daily's Tor logrotation, but it's a bug too, because
+ if you logrotate before hupping, Tor won't open any new logs.
+
+ /As a resume/, this translates into an undesired effect on Tor's logging
+ capacity, but it's highly unlikely this will affect any of your privacy
+ properties at any point.
+ See upstreams's bug report at:
+ https://trac.torproject.org/projects/tor/ticket/5095
- Now start/reload/restart the Tor daemon, and start Vidalia (as a regular X
- user). Vidalia will ask you for the set password ('SOME_PASSWORD_HERE'
- as for the example) at the next run and it will start using a secure
- authentication.
+ For the curious, there was indeed a 0.2.16 upstrem release, which differs
+ from the version you're now at by just a little policy change on Vidalia's
+ user interface translations.
- -- Ulises Vitulli <dererk at debian.org> Thu, 23 Jun 2011 10:46:24 -0300
+ -- Ulises Vitulli <dererk at debian.org> Sun, 12 Jun 2012 19:21:02 -0300
diff --git a/debian/changelog b/debian/changelog
index a398cfe..5dbe0ab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,8 @@
vidalia (0.2.17-1) unstable; urgency=low
- * New upstream release (minor changeset since 0.2.16).
+ * New upstream release.
* Updated debian/NEWS with a known release point bug.
+ * Updated debian/README.Debian documentation (Closes: #654642).
* Debconf templates improves, translation round called:
- Czech, thanks Martin.Šín (Closes: #654709).
- Danish, thanks Joe.Dalton (Closes: #654820).
@@ -14,6 +15,7 @@ vidalia (0.2.17-1) unstable; urgency=low
- Indonesian, new translation added, thanks Mahyuddin.Susanto (Closes: #658705).
- Simplified and Traditional Chinese, thanks Vern.Sun.
- Spanish.
+ * Updated Maintainer/Uploader fields.
-- Ulises Vitulli <dererk at debian.org> Sat, 11 Feb 2012 22:26:58 -0300
diff --git a/debian/control b/debian/control
index 0074fed..66edd80 100644
--- a/debian/control
+++ b/debian/control
@@ -1,8 +1,8 @@
Source: vidalia
Section: net
Priority: extra
-Maintainer: Vern Sun <s5unty at gmail.com>
-Uploaders: Ulises Vitulli <dererk at debian.org>, Erinn Clark <erinn at torproject.org>
+Maintainer: Ulises Vitulli <dererk at debian.org>
+Uploaders: Vern Sun <s5unty at gmail.com>
Build-Depends: debhelper (>= 6.0.7~), autotools-dev, libqt4-dev (>= 4.1.0), po-debconf (>= 1.0), cmake (>= 2.4.8), libssl-dev (>= 0.9.8g)
Standards-Version: 3.9.2.0
Homepage: https://www.torproject.org/projects/vidalia
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/vidalia.git
More information about the Pkg-privacy-commits
mailing list