initial import
This commit is contained in:
38
tor-hardened-preferences/torchroot.sh
Normal file
38
tor-hardened-preferences/torchroot.sh
Normal file
@@ -0,0 +1,38 @@
|
||||
#!/bin/bash
|
||||
# torchroot generate script
|
||||
export TORCHROOT=/srv/torchroot
|
||||
|
||||
mkdir -p $TORCHROOT
|
||||
mkdir -p $TORCHROOT/etc/tor
|
||||
mkdir -p $TORCHROOT/dev
|
||||
mkdir -p $TORCHROOT/usr/bin
|
||||
mkdir -p $TORCHROOT/usr/lib
|
||||
mkdir -p $TORCHROOT/usr/share/tor
|
||||
mkdir -p $TORCHROOT/var/lib
|
||||
mkdir -p $TORCHROOT/var/run
|
||||
|
||||
ln -s /usr/lib $TORCHROOT/lib
|
||||
# Replace this line if you want to copy your own torrc instead of the one provided by hardened script.
|
||||
cp /usr/libexec/tor-hardened-scripts/torrc $TORCHROOT/etc/tor/
|
||||
|
||||
cp /usr/bin/tor $TORCHROOT/usr/bin/
|
||||
cp /usr/share/tor/geoip* $TORCHROOT/usr/share/tor/
|
||||
cp /lib/libnss* /lib/libnsl* /lib/ld-linux-*.so* /lib/libresolv* /usr/lib/libgcc_s.so* $TORCHROOT/usr/lib/
|
||||
cp $(ldd /usr/bin/tor | awk '{print $3}'|grep --color=never "^/") $TORCHROOT/usr/lib/
|
||||
cp -r /var/lib/tor $TORCHROOT/var/lib/
|
||||
chown -R tor:tor $TORCHROOT/var/lib/tor
|
||||
|
||||
sh -c "grep --color=never ^tor /etc/passwd > $TORCHROOT/etc/passwd"
|
||||
sh -c "grep --color=never ^tor /etc/group > $TORCHROOT/etc/group"
|
||||
|
||||
mknod -m 644 $TORCHROOT/dev/random c 1 8
|
||||
mknod -m 644 $TORCHROOT/dev/urandom c 1 9
|
||||
mknod -m 666 $TORCHROOT/dev/null c 1 3
|
||||
|
||||
if [[ "$(uname -m)" == "x86_64" ]]; then
|
||||
cp /lib64/ld-linux-x86-64.so* $TORCHROOT/usr/lib/.
|
||||
ln -sr /usr/lib64 $TORCHROOT/lib64
|
||||
ln -s $TORCHROOT/usr/lib ${TORCHROOT}/usr/lib64
|
||||
fi
|
||||
|
||||
chown -R root:root /var/lib/tor
|
||||
Reference in New Issue
Block a user