Hi William
William Kane:
Hi everyone,
Ever since I upgraded to tor version 0.4.5.6, enabling tor's built-in seccomp sandbox completely breaks tor, i.e. it gets killed by the kernel on start for a seccomp violation (fstat(..)) - sandboxing worked fine on 0.4.4.6, my system configuration did not change between the updates.
Tor itself usually fails with a Permission Denied error when a syscall fails due to seccomp. So, this is rather odd.
I figured this was happening because I do not grant the CAP_DAC_READ_SEARCH capability, but I'm not so sure anymore if that's the reason.
You should simply see a Permission Denied if the capability is the problem.
Would be great if you could get details about the failing call. If seccomp is involved, you should be able to get details like this:
• install package auditd • make sure auditd is running • crash Tor • find the syscall with `ausearch -ts recent -i`
Peter