[tor-dev] Guardiness: Yet another external dirauth script
George Kadianakis
desnacked at riseup.net
Thu Oct 9 09:23:55 UTC 2014
George Kadianakis <desnacked at riseup.net> writes:
> George Kadianakis <desnacked at riseup.net> writes:
>
>> ==Guardiness: Yet another external dirauth script==
>>
>> <sniped>
>>
>
> FWIW, a weasel suggested to me a potentially better solution than the
> iffy summary files.
>
> He suggested parsing consensuses and putting them in an sqlite3
> database. Each time we have a new consensus, parse it and import it in
> the database. Then query the database when creating the guardiness
> output file.
>
> The good thing with this approach is that you only need to parse
> consensuses once, instead of every hour. Also, we don't need to do
> file management for summary files etc. I like this approach and I will
> be looking into it the following days.
>
> I think that the weasel suggested that the database should have an
> entry for each guard, and for each guard it should note down when that
> guard was observed in a consensus (the precise date is required so
> that we can discard expired observations).
So, the script has been rewritten to support the above
architecture. It has already received some review in:
https://trac.torproject.org/projects/tor/ticket/13125
I now wanted to show you a sample cron script that will be called
every hour:
https://gitweb.torproject.org/user/asn/hax.git/blob/refs/heads/guardfraction:/cron.sh
Do you think that's a sensible script to cron? So far, I've been
running it on my system for a while and it seems to work.
Some notes on the script:
a) I'm wgetting from moria instead of copying from the DataDirectory,
because I don't know what kind of user permissions and setup most
dirauth operators have. This will probably need to change in the
future.
b) I'm keeping imported consensuses around. Maybe people don't want
that but I didn't bother making a configurable shell script. If
people want me to do that, I can.
c) I should probably do stuff like WGET=/usr/bin/wget, instead of
calling wget/python/etc directly. I will fix this before
deployment. Also, the dependency to torsocks.
More information about the tor-dev
mailing list