[tor-bugs] #6824 [Torouter]: Torrouter Update Mechanism

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 26 18:56:10 UTC 2012 

#6824: Torrouter Update Mechanism
----------------------+-----------------------------------------------------
 Reporter:  proper    |          Owner:  ioerror
     Type:  task      |         Status:  new    
 Priority:  normal    |      Milestone:         
Component:  Torouter  |        Version:         
 Keywords:            |         Parent:         
   Points:            |   Actualpoints:         
----------------------+-----------------------------------------------------

Comment(by ficus):

 My current thinking is that the build and release process for torouter
 should
 be to have regular versioned updates of the entire image (configuration
 defaults, kernel, most of userspace) combined with fully automated apt
 security
 updates for critical network daemons (tor itself, ssh, ntp, dhcp, any http
 daemon) pushed by torproject.org, possibly tunneled through the tor
 network
 itself. users should be notified of available image updates through
 banners in
 the web interface and/or an announce email list.

 Maintaining stable security-fix branches of the tor daemon for every
 release of
 torouter would probably be too much work, so every revision of torouter
 would
 pull from a single apt repository (either the vanilla torproject
 repository or
 a special torouter repository which would track "most-recent-
 torouter's-tor
 plus security updates"). this would mean that all torouters would be
 running
 the same recent tor daemon debian package unless automatic updates had
 been
 disabled. a new point release of the torouter image would mean an
 automatic
 update of the tor daemon on all active torouter devices, even if those
 updates
 included feature additions or changes of behavior.

 One problem could be reconciling additions and modifications to the
 vanilla
 torrc with the torouter-default or user-modified torrc; perhaps some
 mechanism
 like a torouter-torrc.deb package could override the vanilla torrc?
 another
 would be larger changes to the tor daemon which would break functionality
 for
 old point releases of torouter; i'm not sure what tor's backwards
 compatibility
 policy is or how frequently this scenario would occur.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6824#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list