-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi,
I'm currently preparing/testing a systemd unit file (#14995) for debian (wheezy-backports/systemd 204) based on the one shipped by tor [1].
It does not work yet, and although the 'fix' would be easy - simply remove: NoNewPrivileges = yes I'd like to hear from you before removing such a security feature.
Does tor require new privileges to work?
It actually fails in two instances:
1) before actually starting the tor daemon (--verify-config):
Process: 2844 ExecStartPre=/usr/bin/tor -f /etc/tor/torrc - --verify-config (code=exited, status=227/NO_NEW_PRIVILEGES)
2) and when actually starting the daemon
thanks, Nusenu
I'm testing with 0.2.5.10-1~d70.wheezy
minimal test torrc used: User debian-tor DataDirectory /var/lib/tor Log debug file /var/log/tor/log
[1] https://gitweb.torproject.org/tor.git/tree/contrib/dist/tor.service.in#n25