[tor-bugs] #13716 [Tor bundles/installation]: Tor daemon apparmor profile breaks bridge restarts on Ubuntu 14.04
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 10 02:15:24 UTC 2014
#13716: Tor daemon apparmor profile breaks bridge restarts on Ubuntu 14.04
--------------------------------------+-----------------------
Reporter: vladtsyrklevich | Owner: erinn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor bundles/installation | Version:
Keywords: obfsproxy apparmor | Actual Points:
Parent ID: | Points:
--------------------------------------+-----------------------
As intrigeri noted here
https://trac.torproject.org/projects/tor/ticket/9460#comment:13 a new
apparmor mediation for signals in 14.04 breaks tor being able to kill
obfsproxy on restart (meaning it comes up without obfsproxy since the old
process continues holding on to the open port.) Example syslog:
type=1400 audit(1415580423.404:19): apparmor="DENIED" operation="signal"
profile="system_tor" pid=4514 comm="tor" requested_mask="send"
denied_mask="send" signal=term peer="unconfined"
He also mentioned that adding the correct rule would break Debian, so an
Ubuntu-specific fix was needed.
The rule that needs to be added is:
signal (send) set=("term") peer="unconfined",
Not sure if the easiest path is to wait out Debian upgrading, updating
Ubuntu packages, or adding an Ubuntu specific install line in Tor's apt
package
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13716>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list