On 1/5/2017 6:50 PM, Roger Dingledine wrote:
On Thu, Jan 05, 2017 at 06:38:23PM -0800, Kurt Besig wrote:
I just installed tor on a Raspberry Pi 3 Model B and can't get a relay to start unless I sudo. When I attempt to start tor as a non-privileged user I get a permissions error: Opening Jan 05 18:33:35.929 [notice] Opening OR listener on 0.0.0.0:443 Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80 Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied Ideas on best method to bind these ports to tor on startup as non-root?
If you're using the deb, it's actually intended to be started as root ("service tor start"), and it drops privileges once it binds to the ports.
Using the deb init script is also smart because it does things like fixing "ulimit -n" for you so it doesn't default to 1024 (which is way too low for a useful relay).
If you want to use iptables rules to do forwarding instead, check out https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#HowcanImakemyrelaya...
(We haven't moved that faq entry to the main faq because the deb just handles it for you.)
(All of this might be a lie for Raspbian. I hope not though.)
--Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
What a great community, all terrific suggestions to my problem. I tried easy first, Roger's suggestion, and voila! A check of /var/log/tor/log indicates all is well. Sometimes simple is best. Now let's see if the relay's descriptor gets published and what bw adjustments are necessary. One of our more vocal ops and all her questioning got me interested in trying out an inexpensive alternative, so we'll see what opinions, questions, suggestions, I come up with. :-)
Thanks again.