"Ours" merge to avoid version bump.

When TOR_DISABLE_PRACTRACKER is set, print a message to
stderr when skipping practracker checks.

Part of 32705.

When practracker is disabled, its output will be empty.  We don't
want that happening during our tests.

Fixes bug 32705; bugfix on 0.4.2.1-alpha, when test_practracker.sh
was introduced.

Fixes bug 32778; bugfix on 0.4.1.1-alpha.

Peter Gerber authored 5 years ago and Peter Gerber committed 5 years ago

Allow calls to dup() which was introduced in commit a22fbab9.

From a security perspective, I don't think this should impact the
security of the sandbox significantly. As far as I can tell, there
is nothing an adversary can do with a duplicated FD that can't be
done with the original.

Peter Gerber authored 5 years ago and Nick Mathewson committed 5 years ago

This fixes a startup crash with libseccomp v2.4.0 if Sandbox is
set to 1.

Closes 32771; bugfix on 0.4.2.1-alpha.

Merge:
* libzstd-dev from ticket32242_035
* shellcheck from maint-0.4.0

Merge:
* CHUTNEY_TOR_SANDBOX=0 from bug32240_041
* RUST_VERSION from maint-0.4.2

Merge
* Chutney Trusty deletion in bug32240_029
* NSS addition in maint-0.3.5

Closes 32240.

We need to set "Sandbox 0", until we fix sandbox errors that are
triggered by Ubuntu Xenial and Bionic. See 32722.

Part of 32240.