-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear Tor developers, I met a problem when trying to use the snowflake-client binary extracted from TBB 8.0a8 with the system Tor. Specifically, it seems snowflake-client cannot be run by debian-tor user, regardless of the permissions it is given. I am posting the full steps below. A better formatted version of it can be found here: http://forums.whonix.org/t/replacing-meek-snowflake/5190/18
Here is the original permission and ownership of snowflake-client:
user@host:~$ ls -l snowflake-client -rwx------ 1 user user 14160744 Jun 4 06:17 snowflake-client
It can be executed by user user:
user@host:~$ sudo -u user ./snowflake-client 2018/06/04 06:18:21
--- Starting Snowflake Client --- 2018/06/04 06:18:21 No HTTP signaling detected. Using manual copy-paste signaling. 2018/06/04 06:18:21 Waiting for a "signal" pipe... ^C
We now change the permission to let it executable by user debian-tor:
user@host:~$ sudo chmod 777 snowflake-client
user@host:~$ sudo -u debian-tor ./snowflake-client 2018/06/04 06:18:43
Noticed the permission denied:
--- Starting Snowflake Client --- 2018/06/04 06:18:43 No HTTP signaling detected. Using manual copy-paste signaling. 2018/06/04 06:18:43 Waiting for a "signal" pipe... 2018/06/04 06:18:43 open signal: permission denied
We now change its ownership to debian-tor:debian-tor:
user@host:~$ sudo chown debian-tor:debian-tor snowflake-client user@host:~$ ls -l snowflake-client -rwxrwxrwx 1 debian-tor debian-tor 14160744 Jun 4 06:17 snowflake-client
Still, permission denied:
user@host:~$ sudo -u debian-tor ./snowflake-client 2018/06/04 06:19:15
--- Starting Snowflake Client --- 2018/06/04 06:19:15 No HTTP signaling detected. Using manual copy-paste signaling. 2018/06/04 06:19:15 Waiting for a "signal" pipe... 2018/06/04 06:19:15 open signal: permission denied
However, when executing it by user, it works fine:
user@host:~$ sudo -u user ./snowflake-client 2018/06/04 06:19:22
--- Starting Snowflake Client --- 2018/06/04 06:19:22 No HTTP signaling detected. Using manual copy-paste signaling. 2018/06/04 06:19:22 Waiting for a "signal" pipe... ^C
I didn't find any special requirement for the user who runs snowflake-client from the documentation, so it would be extremely helpful and appreciated if you could share some insights on this problem. :) Best Regards, iry -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzKSpZKlpRovTotu+oUtNvG3N1TwFAlseXpcACgkQoUtNvG3N 1Tx/fBAAvnl84inklNYJ4N0QRz9X9FAtmTlTTb4mrtW+WM36oaDEFigSZeha7pmw er+oV1hG1SlHf6iel2i6YyUXAi7r6YURqlv0fFtLMaelfAIda/ywEMwVsJ19VHzn qPPEADQVY4c55KuOgkhCMSTxGUn2wXbM+PpFf/WTaZ40gjPOjucUXUxlhwj6X6EX wTBiUEq2yjs4xyWSfgOinFuoPqLG5Hfx/z+1ZSyL2R0yeeK1kSiB5kD90mwfOeKq EM32xbYLy4OmQQ3cABHB2mn0wDaS8E2t22sHXhPNANdJTdM/ztcjI7BZjNMUz1Ig aQEVpLE2yvVQu4O3nyThLnH/b08z4a6oVVE7JQpG9rmLfoFuUbJ6vTF+l6nQTJOY mnkiL6RwGVerm612OXFOLBpHSBbToEX12tqqjC569s/OExcFzHpiiTg22HcOYab/ YSu4zUTX23wRBQhOkBQ7EL+idHGK7lwGN5d0Y45H7cwOoIXwXTu3ff1e6yjuT9Bx Pc+tlkw7vJGB5jhFuW9EYvjrWDklbpR7HZ7TTSkDvGvzXUkAZnCzyBAnePxwQbid 45Vwsn7QCFISsZdXCS53RPoVPbNGcSQTyWn4gv/U37Fb/pZ1LYYAJFcNOl5HB8fl nhXL9D7Mey/79n3hepChBUXpaNeHX9J+7R91A8tUjzz9irmhU8o= =Aie4 -----END PGP SIGNATURE-----