| 1234567891011121314151617181920212223242526272829303132333435 |
- #!/bin/bash
- # torchroot generate script
- export TORCHROOT=/opt/torchroot
- mkdir -p $TORCHROOT
- mkdir -p $TORCHROOT/etc/tor
- mkdir -p $TORCHROOT/dev
- mkdir -p $TORCHROOT/usr/bin
- mkdir -p $TORCHROOT/usr/lib
- mkdir -p $TORCHROOT/usr/share/tor
- mkdir -p $TORCHROOT/var/lib
- ln -s /usr/lib $TORCHROOT/lib
- # Replace this line if you want to copy your own torrc instead of the one provided by hardened script.
- cp /opt/tor-hardened-scripts/torrc $TORCHROOT/etc/tor/
- cp /usr/bin/tor $TORCHROOT/usr/bin/
- cp /usr/share/tor/geoip* $TORCHROOT/usr/share/tor/
- cp /lib/libnss* /lib/libnsl* /lib/ld-linux-*.so* /lib/libresolv* /lib/libgcc_s.so* $TORCHROOT/usr/lib/
- cp $(ldd /usr/bin/tor | awk '{print $3}'|grep --color=never "^/") $TORCHROOT/usr/lib/
- cp -r /var/lib/tor $TORCHROOT/var/lib/
- chown -R tor:tor $TORCHROOT/var/lib/tor
- sh -c "grep --color=never ^tor /etc/passwd > $TORCHROOT/etc/passwd"
- sh -c "grep --color=never ^tor /etc/group > $TORCHROOT/etc/group"
- mknod -m 644 $TORCHROOT/dev/random c 1 8
- mknod -m 644 $TORCHROOT/dev/urandom c 1 9
- mknod -m 666 $TORCHROOT/dev/null c 1 3
- if [[ "$(uname -m)" == "x86_64" ]]; then
- cp /usr/lib/ld-linux-x86-64.so* $TORCHROOT/usr/lib/.
- ln -sr /usr/lib64 $TORCHROOT/lib64
- ln -s $TORCHROOT/usr/lib ${TORCHROOT}/usr/lib64
- fi
|
