I'd really appreciate some clueful suggestions or help please - thank you. I'm not new to Tor; I have an existing relay I run, https://atlas.torproject.org/#details/ECC3599DDCFE44C3F28AE0C9DC5DE92847D360... , but I am unable to get a new Tor relay up and running on an entirely different VPS.
I am running on Ubuntu 16.04 Server on a VPS on https://box.cock.li/ . On first attempt I couldn't get a Tor relay running, so I started again from scratch, getting the VPS administrator to reprovision the VPS from scratch, to no avail.
I SSHed in as root, created a user and made it a sudoer, added public key etc. and disabled root admin. Then I SSHed in as the user, installed ntp and ufw, added ports 80 and 443 to ufw, added the Tor respository and key as per https://www.torproject.org/docs/debian.html.en#ubuntu. I installed tor, deb.torproject.org-keyring and arm, and edited torrc such that it reads:
SOCKSPort 0 RunAsDaemon 1 ORPort 443 Nickname kingqueencock ContactInfo ROT13 xvatdhrra@ybirf.qvpxvauvfna.hf DirPort 80 # what port to advertise for directory connections DirPortFrontPage /etc/tor/tor-exit-notice.html MyFamily ECC3599DDCFE44C3F28AE0C9DC5DE92847D3602B
then the "alternative Reduced-Reduced ExitPolicy" from https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
then sudo service tor restart.
For all I can gather, Tor isn't running. There are no files in /var/tor/log. ps aux | grep tor returns nothing other than the grep command. arm shows the "Welcome to the Tor network!" initial relay configuration screen, as does sudo -u debian-tor arm.
sudo service tor status ● tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2017-07-27 19:36:41 UTC; 3s ago Process: 9781 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 9781 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 512) CGroup: /system.slice/tor.service
Jul 27 19:36:41 localhost systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 27 19:36:41 localhost systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
root@localhost:/var/log/tor# ls -al total 8 drwxr-s--- 2 debian-tor adm 4096 Jul 27 19:29 . drwxr-xr-x 7 root root 4096 Jul 27 19:29 ..
The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user.
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
I don't know where that has come from, or if it's a problem. I have had a poke around in init.d and systemd but I am not an expert in those. I am beginning to wonder or suspect the Ubuntu installation image on the VPS may not be entirely clean... If I try to run arm as root, the "new relay" configuration wizard appears and when I quit the tor process isn't running.
I'm stuck. Any help very gratefully received.
Cheers
Doug
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Maybe you miss the option :
DataDirectory /var/lib/tor/data
?
On 07/27/2017 09:53 PM, King Queen wrote:
SOCKSPort 0 RunAsDaemon 1 ORPort 443 Nickname kingqueencock ContactInfo ROT13 xvatdhrra@ybirf.qvpxvauvfna.hf DirPort 80 # what port to advertise for directory connections DirPortFrontPage /etc/tor/tor-exit-notice.html MyFamily ECC3599DDCFE44C3F28AE0C9DC5DE92847D3602B
- -- Toralf PGP C4EACDDE 0076E94E
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 07/27/2017 09:53 PM, King Queen wrote:
root@localhost:/var/log/tor# ls -al
And something like this helps too :
Log info file /tmp/info.log
- -- Toralf PGP C4EACDDE 0076E94E
Hello Toralf,
Thank you, I've added DataDirectory /var/lib/tor/data and Log info file /tmp/info.log into torrc and did sudo service tor restart but /tmp/info.log is not being created.
Thanks
Doug
Thursday, July 27, 2017, 9:10:56 PM, you wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 07/27/2017 09:53 PM, King Queen wrote:
root@localhost:/var/log/tor# ls -al
And something like this helps too :
Log info file /tmp/info.log
Hi Doug, I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help: https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status
These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide).
For all I can gather, Tor isn"t running. The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user
It's being started by systemd on boot, as seen in the output of ps here:
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
That looks sane/typical to me, for what it's worth.
There are no files in/var/tor/log
Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
Hello,
Thanks for your support.
Doubtless you're right that the commands are out of date, in which case the instructions on torproject.org are out of date.
https://www.torproject.org/docs/debian.html.en I used Option 2 set for Xenial
then continuing from https://www.torproject.org/docs/tor-relay-debian.html.en step two
which has "service tor reload"
/var/log/syslog doesn't exist.
Thanks for the suggestions.
Doug
Thursday, July 27, 2017, 9:23:07 PM, you wrote:
Hi Doug,
I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help:
https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status
These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide).
For all I can gather, Tor isn"t running.
The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user
It's being started by systemd on boot, as seen in the output of ps here:
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
That looks sane/typical to me, for what it's worth.
There are no files in/var/tor/log
Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
Hello tor,
Just in case anybody else comes up with the same issue - Tor just doesn't do anything when installed from scratch on Ubuntu 16.04 - the bug is with apparmor. It's some variant on https://github.com/jlund/streisand/issues/782 and can be circumvented by running as root:
apt install apparmor-utils aa-complain system_tor systemctl restart tor
journalctl reveals the following:
Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP... Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 28 20:59:01 localhost systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.023 [notice] Tor 0.3.0.9 (git-100816d92ab5664d) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g-fips and Zlib 1.2.8. Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.026 [notice] Read configuration file "/etc/tor/torrc". Jul 28 20:59:02 localhost tor[6106]: Configuration was valid Jul 28 20:59:02 localhost audit[6114]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)" Jul 28 20:59:02 localhost systemd[6114]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Jul 28 20:59:02 localhost kernel: audit: type=1400 audit(1501275542.094:46): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)" Jul 28 20:59:02 localhost systemd[1]: Failed to start Anonymizing overlay network for TCP. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Unit entered failed state. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Failed with result 'exit-code'. Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Jul 28 20:59:02 localhost systemd[1]: Stopped Anonymizing overlay network for TCP.
Repeated several times.
Everything runs just fine after the aa-complain command.
Cheers
Doug
Thursday, July 27, 2017, 9:23:07 PM, you wrote:
Hi Doug,
I think the short story is that you're managing the service the wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help:
https://www.digitalocean.com/community/tutorials/systemd-essentials-working-...
sudo service tor restart sudo service tor status
These are now outdated commands, and so the results will not be what you expect, and the output of the latter will potentially be misleading. You need to use systemctl (check the above guide).
For all I can gather, Tor isn"t running.
The odd thing is if I reboot my VPS by sudo shutdown -r now and do ps aux | grep tor there is tor running as a root user
It's being started by systemd on boot, as seen in the output of ps here:
root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
That looks sane/typical to me, for what it's worth.
There are no files in/var/tor/log
Check in /var/log/syslog; I'm not sure why logs go there instead of /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
tor-relays@lists.torproject.org
-
King Queen -
tor -
Toralf Förster