We want to executing some scripts before starting Tor. For example, script that fix the missing file and directory or script that shows detailed Tor configuration report.

However, a drop-in file in /lib/systemd/system/tor@default.service.d may not work as expected. This is because, before executing the drop-in file, tor@default.service will check the tor configuration. If the --verify-config return non-zero, the tor@default.service will just fail and stop further executing, without giving the drop-in file a chance to fix the problem.

user@host:~$ grep -i "execstartpre" /lib/systemd/system/tor@default.service
ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor
ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config

Patrick proposed a workaround that:

we can extend /lib/systemd/system/tor.service with ExecStartPre=... systemd unit file drop-in instead.
[...]
Maybe we shouldn’t tell users to engage with sudo systemctl restart tor@default.service directly but use sudo systemctl restart tor.service instead.

This approach has been used by Qubes:

user@host:~$ ls -l /lib/systemd/system/tor.service.d
total 8
-rw-r--r-- 1 root root  90 Feb 22 11:49 30_qubes.conf
-rw-r--r-- 1 root root 313 Oct 21  2015 40_qubes.conf