Unable to get Tor exit relay to run - Ubuntu 16.04
I'd really appreciate some clueful suggestions or help please - thank you. I'm not new to Tor; I have an existing relay I run, https://atlas.torproject.org/#details/ECC3599DDCFE44C3F28AE0C9DC5DE92847D360... , but I am unable to get a new Tor relay up and running on an entirely different VPS. I am running on Ubuntu 16.04 Server on a VPS on https://box.cock.li/ . On first attempt I couldn't get a Tor relay running, so I started again from scratch, getting the VPS administrator to reprovision the VPS from scratch, to no avail. I SSHed in as root, created a user and made it a sudoer, added public key etc. and disabled root admin. Then I SSHed in as the user, installed ntp and ufw, added ports 80 and 443 to ufw, added the Tor respository and key as per https://www.torproject.org/docs/debian.html.en#ubuntu. I installed tor, deb.torproject.org-keyring and arm, and edited torrc such that it reads: SOCKSPort 0 RunAsDaemon 1 ORPort 443 Nickname kingqueencock ContactInfo ROT13 <xvatdhrra@ybirf.qvpxvauvfna.hf> DirPort 80 # what port to advertise for directory connections DirPortFrontPage /etc/tor/tor-exit-notice.html MyFamily ECC3599DDCFE44C3F28AE0C9DC5DE92847D3602B then the "alternative Reduced-Reduced ExitPolicy" from https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy then sudo service tor restart. For all I can gather, Tor isn't running. There are no files in /var/tor/log. ps aux | grep tor returns nothing other than the grep command. arm shows the "Welcome to the Tor network!" initial relay configuration screen, as does sudo -u debian-tor arm. sudo service tor status ● tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2017-07-27 19:36:41 UTC; 3s ago Process: 9781 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 9781 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 512) CGroup: /system.slice/tor.service Jul 27 19:36:41 localhost systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 27 19:36:41 localhost systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). root@localhost:/var/log/tor# ls -al total 8 drwxr-s--- 2 debian-tor adm 4096 Jul 27 19:29 . drwxr-xr-x 7 root root 4096 Jul 27 19:29 .. The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user. root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config I don't know where that has come from, or if it's a problem. I have had a poke around in init.d and systemd but I am not an expert in those. I am beginning to wonder or suspect the Ubuntu installation image on the VPS may not be entirely clean... If I try to run arm as root, the "new relay" configuration wizard appears and when I quit the tor process isn't running. I'm stuck. Any help very gratefully received. Cheers Doug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Maybe you miss the option : DataDirectory /var/lib/tor/data ? On 07/27/2017 09:53 PM, King Queen wrote:
SOCKSPort 0 RunAsDaemon 1 ORPort 443 Nickname kingqueencock ContactInfo ROT13 <xvatdhrra@ybirf.qvpxvauvfna.hf> DirPort 80 # what port to advertise for directory connections DirPortFrontPage /etc/tor/tor-exit-notice.html MyFamily ECC3599DDCFE44C3F28AE0C9DC5DE92847D3602B
Toralf PGP C4EACDDE 0076E94E -----BEGIN PGP SIGNATURE----- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWXpIdhccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpThQtAP4iN8KbvyiMdpKqeiUDeS2n54lP QJrttbjz9OMsiJNNhAD+MX0vIVIl6R+a90j0LJEf6uacZ8VsqmlQ1pcTSp/YGrA= =bzcc -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 07/27/2017 09:53 PM, King Queen wrote:
root@localhost:/var/log/tor# ls -al
And something like this helps too : Log info file /tmp/info.log - -- Toralf PGP C4EACDDE 0076E94E -----BEGIN PGP SIGNATURE----- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWXpI0BccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTv9nAP9w7W/YL4LNRr55RtSH5S5XUeaw hJ++vn1IJI1cf3i15gD7BnWNe1iwn0LfDbUhEhehEN7HU91RXEJAjctVq67adfU= =VPK3 -----END PGP SIGNATURE-----
Hello Toralf, Thank you, I've added DataDirectory /var/lib/tor/data and Log info file /tmp/info.log into torrc and did sudo service tor restart but /tmp/info.log is not being created. Thanks Doug Thursday, July 27, 2017, 9:10:56 PM, you wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 07/27/2017 09:53 PM, King Queen wrote:
root@localhost:/var/log/tor# ls -al
And something like this helps too :
Log info file /tmp/info.log
-- Best regards, King mailto:kingqueenits@gmail.com
Hi Doug, I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help: https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide). For all I can gather, Tor isn"t running. The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user It's being started by systemd on boot, as seen in the output of ps here: root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config That looks sane/typical to me, for what it's worth. There are no files in/var/tor/log Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
Hello, Thanks for your support. Doubtless you're right that the commands are out of date, in which case the instructions on torproject.org are out of date. https://www.torproject.org/docs/debian.html.en I used Option 2 set for Xenial then continuing from https://www.torproject.org/docs/tor-relay-debian.html.en step two which has "service tor reload" /var/log/syslog doesn't exist. Thanks for the suggestions. Doug Thursday, July 27, 2017, 9:23:07 PM, you wrote:
Hi Doug,
I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help:
https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status
These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide).
For all I can gather, Tor isn"t running.
The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user
It's being started by systemd on boot, as seen in the output of ps here:
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
That looks sane/typical to me, for what it's worth.
There are no files in/var/tor/log
Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
-- Best regards, King mailto:kingqueenits@gmail.com
Hello tor, Just in case anybody else comes up with the same issue - Tor just doesn't do anything when installed from scratch on Ubuntu 16.04 - the bug is with apparmor. It's some variant on https://github.com/jlund/streisand/issues/782 and can be circumvented by running as root: apt install apparmor-utils aa-complain system_tor systemctl restart tor journalctl reveals the following: Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP... Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 28 20:59:01 localhost systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.023 [notice] Tor 0.3.0.9 (git-100816d92ab5664d) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g-fips and Zlib 1.2.8. Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.026 [notice] Read configuration file "/etc/tor/torrc". Jul 28 20:59:02 localhost tor[6106]: Configuration was valid Jul 28 20:59:02 localhost audit[6114]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)" Jul 28 20:59:02 localhost systemd[6114]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Jul 28 20:59:02 localhost kernel: audit: type=1400 audit(1501275542.094:46): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)" Jul 28 20:59:02 localhost systemd[1]: Failed to start Anonymizing overlay network for TCP. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Unit entered failed state. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Failed with result 'exit-code'. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Jul 28 20:59:02 localhost systemd[1]: Stopped Anonymizing overlay network for TCP. Repeated several times. Everything runs just fine after the aa-complain command. Cheers Doug Thursday, July 27, 2017, 9:23:07 PM, you wrote:
Hi Doug,
I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help:
https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status
These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide).
For all I can gather, Tor isn"t running.
The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user
It's being started by systemd on boot, as seen in the output of ps here:
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
That looks sane/typical to me, for what it's worth.
There are no files in/var/tor/log
Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
-- Best regards, King mailto:kingqueenits@gmail.com
participants (3)
-
King Queen -
tor -
Toralf Förster