[tor-dev] Guardiness: Yet another external dirauth script

George Kadianakis desnacked at riseup.net
Thu Oct 9 09:23:55 UTC 2014


George Kadianakis <desnacked at riseup.net> writes:

> George Kadianakis <desnacked at riseup.net> writes:
>
>> ==Guardiness: Yet another external dirauth script==
>>
>> <sniped>
>>
>
> FWIW, a weasel suggested to me a potentially better solution than the
> iffy summary files.
>
> He suggested parsing consensuses and putting them in an sqlite3
> database. Each time we have a new consensus, parse it and import it in
> the database. Then query the database when creating the guardiness
> output file.
>
> The good thing with this approach is that you only need to parse
> consensuses once, instead of every hour. Also, we don't need to do
> file management for summary files etc. I like this approach and I will
> be looking into it the following days.
>
> I think that the weasel suggested that the database should have an
> entry for each guard, and for each guard it should note down when that
> guard was observed in a consensus (the precise date is required so
> that we can discard expired observations).

So, the script has been rewritten to support the above
architecture. It has already received some review in:
https://trac.torproject.org/projects/tor/ticket/13125

I now wanted to show you a sample cron script that will be called
every hour:
https://gitweb.torproject.org/user/asn/hax.git/blob/refs/heads/guardfraction:/cron.sh

Do you think that's a sensible script to cron? So far, I've been
running it on my system for a while and it seems to work.

Some notes on the script:

a) I'm wgetting from moria instead of copying from the DataDirectory,
   because I don't know what kind of user permissions and setup most
   dirauth operators have. This will probably need to change in the
   future.

b) I'm keeping imported consensuses around. Maybe people don't want
   that but I didn't bother making a configurable shell script. If
   people want me to do that, I can.

c) I should probably do stuff like WGET=/usr/bin/wget, instead of
   calling wget/python/etc directly. I will fix this before
   deployment. Also, the dependency to torsocks.


More information about the tor-dev mailing list