Hi!
On 11.11.2016 14:14, Dennis Christ wrote:
I think the problem with CookieAuthentication was that the cookie file control_auth_cookie gets written to /var/lib/tor. This directory is only readable by user debian-tor and not even group readable. I have put CookieAuthFileGroupReadable 1 into the config file. But with my standard user which is in the debian-tor group i cannot access this file inside /var/lib/tor because the permissions of this directory are set up by tor on startup to 700.
Yes, you are right. But CookieAuthentication should work. You cannot query all of the connections without access to /var/lib/tor. You only will see circuits. I suggest to use "sudo -u debian-tor arm", if you like to use all of the arm pages. Otherwise you have to change the permissions. In my case, there is also the setgid flags on the directories (2700 drwx--S---).
Maybe i should have add that i do not use the debian init.d script to start up tor but a native systemd service file.
Me too
I think its a shame that debian switched to systemd but still relays on init.d scripts for so many services. So /etc/default/tor does not get used.
No, /etc/default/tor isn't used with systemd. Nevertheless there a some services which rely on System V init scripts. Sometimes it is a ugly mixture of both.
Regards,