Hi all. I generate* the packages that make up those UbuntuCore relays and bridges you hear about some time in here.
I intended it to be a low-friction way normal joes can help Tor. There have been a good number of volunteers.
The automatic-update system of Snap means the security update of a few days ago gives some population info through download stats.
About 2200+ machines updated to last week's release. Almost all are amd64, though a few percent are i386 or armhf. I don't know of any arm64 yet. They're mostly desktops and servers. I see several new downloads every day.
Judging from the new Atlas, about 800 are have checked in to try to join the consensus, and a little more than 100 are active at any time.
Some working details: The package has a kill-switch so that it no longer starts after a few months of staleness (if I'm ever hit by a bus). At first launch, Tor creates a key and the last two bits of the key determines the role of the instance, with a 1/4 chance of becoming a obfs4 bridge. The default bandwidth limit is a modest 4 megabits per second. Also by default, it tries to punch holes in NAT to make itself available for incoming connections, but I don't have a lot of confidence that is often successful.
I remain on this list and am always happy to answer questions or suggestions.
* http://bazaar.launchpad.net/~privacy-squad/+junk/tor-middle-relay-snap/files
Dear Chad, The last I read from nusenu a few months ago was that you have tor is running as root, which sort of wiped it off my radar. Is that still true? I do like your idea of democratizing tor relays so normal people can run them.
TIA,
--torix
Sent with [ProtonMail](https://protonmail.com) Secure Email.
Torix, that's still true. Snaps restrict syscalls so tightly that switching users is not possible.
- chad
On Tue, Dec 5, 2017 at 8:35 AM, Torix torix@protonmail.com wrote:
Chad MILLER:
Torix, that's still true. Snaps restrict syscalls so tightly that switching users is not possible.
Is it possible to start tor with a non-root user directly (without using tor's user parameter to drop privileges)?
Yes, but you must pre-configure tor's directories with the correct user and permissions. Tor has strict requirements for private key security.
If this doesn't work, let us know: there have been bugs in this code in the past.
-- Tim / teor
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------
teor:
Generally speaking tor supports it (FreeBSD does it) but my question was more towards Chad's tor snap package. Was your answer also for the snap?
thanks, nusenu
tor-relays@lists.torproject.org