Ensure version of tor installed is from FPF repo #4169
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
emkll
changed the title
install_files/ansible-base/roles/tor-hidden-services/tasks/install_tor.yml
Outdated
Show resolved
Hide resolved
|
✅Using prod VMs, check out this branch and attempt installing against prod apt servers. Fails as expected. Gonna push a wee change to resolve that nit inline... |
Ubuntu upstream uses older versions: - 0.2.4.27 (Trusty) - 0.2.9.14 (Xenial)
redshiftzero
force-pushed
the
4162-validate-tor-version
branch
from
73115d5 to
2ef9dd1
Compare
redshiftzero
approved these changes
Feb 21, 2019
conorsch
approved these changes
Feb 21, 2019
There was a problem hiding this comment.
- The test/assertion introduced make sense, we don't want to pin specific tor versions to SecureDrop releases.
- Using prod VMs or hardware, check out this branch and attempt installing against prod apt servers. This should fail because it will be installing Tor from Ubuntu's repos, as apt-tor.freedom.press was removed.
- Using prod VMs or hardware, check out this branch and attempt installing against test apt server (apt-test.freedom.press). This should succeed because Tor packages are served by the test apt server.
5 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Ready for review
Description of Changes
Fixes #4162 .
Because we don't want to couple Tor versions with SecureDrop releases, and that we probably won't go back in Tor versions, specifying
>=the current Tor version seems like a sensible approach, given the versions being served in Ubuntu Trusty and Xenial apt repos:Changes proposed in this pull request:
Testing
CI/staging scenarios are not an accurate test as they also include apt-test in their source list (for kernel tests).
Deployment
This change only affects new installs, and will be provided via the Ansible install logic.
Checklist
If you made non-trivial code changes: