It makes sense. Debian bug reporting instructions says:
Don’t file bugs upstream
If you file a bug in Debian, don’t send a copy to the upstream software maintainers yourself, as it is possible that the bug exists only in Debian. If necessary, the maintainer of the package will forward the bug upstream.
In the same file, options that appear later override earlier options.
Currently, there is no torrc.d directory created when you install the tor package. However, you can use a %include in the configuration file or in the defaults file. When you insert a %include in a file, it works as if all the options for the included file or folder were written on the line of the %include. If you’re including a folder, the files will be processed in lexicographic order and files starting with a dot will be ignored.
Here is an example:
tor-service-defaults-torrc:
SomeOption 0
%include /etc/tor/torrc.d/ # SomeOption is now 2
SomeOption 3 # SomeOption is now 3
/etc/tor/torrc.d/01_one:
SomeOption 1
/etc/tor/torrc.d/02_two:
SomeOption 2
With this configuration, the value for some option is 3.
But we can have a torrc with %include too:
/etc/torrc:
SomeOption 4 # SomeOption is now 4
%include /etc/tor/foo.torrc # SomeOption is now 5
SomeOption 6 # SomeOption is now 6
/etc/tor/foo.torrc:
SomeOption 5
With both these files, the value for SomeOption is 6.
Should we suggest user use a separate file /etc/torrc.d/bridges.torrc as configuration file? Or a more general question: should user use /etc/torrc.d/ or /etc/tor/torrc ?
Advantage:
The torrc configuration is more modularized ;
Disadvantage:
torrc configuration will be more scattered. Sometime users may forget they put a .torrc in /etc/torrc.d/ which they do not want anymore.
Although torrc.d feature is available in Tor stable now, it has not been decided by Debian on which directory to use as default torrc.d directory.
Always go for .d whenever possible. We recommend this at Configuration Files - Kicksecure but I think a
more general advice on configuration files editing would be useful as
well in the wiki. @torjunkie
Otherwise users get an dpkg interactive conflict resolution dialog.
(
)
Which will confuse them even more. They might:
select “overwrite” and loose their settings or,
select nothing and keep the update stalled.
select “not overwrite” and miss recommended changes by upstream
(Debian or Whonix)
The fewest of them will be able to merge upstream changes with their
local changes.
As for /etc/torrc.d/bridges.torrc the file name part bridges.torrc
is not ideal.
Good that you are using an extension .torrc. Using no extension (if
that would even work) is not so great. Harder to parse. Easier to source*.torrc rather than parsing * and then skipping files
ending ~ (graphical editor backup files) and files ending -dpkg.old
or similar.
I think adding a number_ prefix would be better. Such as 50_user.torrc.
There are a few .d folders and it’s not well standardized. But I would
suggest 50_ for users. 10_ for Debian, 20_ for torproject, 30_
for Whonix and so forth. Somehow a useful stackable order. An ordering
where the more upstream something is (Linux (most upstream) → Debian
(distribution) → Ubuntu (derivative of Debian, further downstream than
Debian)). Could you please look at existing .d folders of any other
projects tell me what you think? Perhaps discuss this with Tor Project.
Could you please look at existing .d folders of any other
projects tell me what you think? Perhaps discuss this with Tor Project.
update Wiki
rename /etc/torrc.d/anon-connection-wizard.torrc to /etc/torrc.d/51_anon-connection-wizard.torrc ? I am not sure if it should be 49 or 51 but since anon-connection-wizard is used by user, anon-connection-wizard.torrc should also be seen as user configuration.
Please make that 40_. Reason: not by a distribution but also not done manually by the user. Done with a gui tool. 50_ could be used to override settings by the gui tool the user disagrees with (mostly theoretic at this point).
Doudble check: DisableNetwork 0 should also go to /etc/torrc.d/50_user.torrc and it should not appear in any other .torrc correct?
When using anon-connection-wizard gui:
DisableNetwork 0 can be in a torrc file generated by
anon-connection-wizard 40_...
Manually:
Recommend use of /etc/torrc.d/50_user.torrc.
But I am not too sure about this yet. Someone who first did it manually
using /etc/torrc.d/50_user.torrcUseBridges 0 and then uses
anon-connection-wizard UseBridges 1 would result in actually UseBridges 0.
So it’s not perfect yet. I guess nothing similar has been done before
that’s why we struggle with this?
Solution? anon-connection-wizard should parse all Tor config files and
warn/abort (not enable/restart Tor) about any conflicting (final)
result? That would be future work.
(actually we need to remove tor_status.py from whonix-setup-wizard packet, correct?)
Btw… After a while (undefined time)… Please create a ticket from
what has been consensus among the developers from that discussion on trac.torproject.org. Please reference the thread. Additionally, I like
to reference the ticket being created on the mailing list to neatly link
everything together.
Alternatively, you could also skip the mailing list discussion and post
right on trac.torproject.org.
When I install the package locally using make deb-icup, I got a hint to do: systemctl daemon-reload so that the new configurations will take effect.
I am wondering if this is something we should take care of in the package installation process? If so, what’s the proper way to auto execute systemctl daemon-reload? In Makefile I guess?
After the recent tor mailing list discussion, let’s change the extension .torrc to .conf? I doubt they’ll go with *.torrc since no one uses that. How did we invent that anyhow? .conf is more likely. Will work on the change accordingly now.
The testers-only release is ready for upload, but I’ll recreate to get this change in.