[tor-bugs] #19426 [- Select a component]: meek-client on ubuntu requires apparmor profile adjustment for system_tor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 16 03:03:03 UTC 2016
#19426: meek-client on ubuntu requires apparmor profile adjustment for system_tor
--------------------------------------+-----------------
Reporter: 6h72Q484AddGha8H | Owner:
Type: enhancement | Status: new
Priority: Low | Milestone:
Component: - Select a component | Version:
Severity: Minor | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
--------------------------------------+-----------------
meek-client
$ apt-cache policy tor
tor:
Installed: 0.2.7.6-1ubuntu1
$ apt-cache policy meek-client
meek-client:
Installed: 0.20+git20151006-1
Candidate: 0.20+git20151006-1
Version table:
*** 0.20+git20151006-1 500
500 https://people.debian.org/~infinity0/apt unstable/contrib
amd64 Packages
$ dmesg | tail -n 1
[ 2553.433359] audit: type=1400 audit(1466045658.589:84):
apparmor="DENIED" operation="open" profile="system_tor"
name="/proc/sys/net/core/somaxconn" pid=7983 comm="meek-client"
requested_mask="r" denied_mask="r" fsuid=117 ouid=0
You need to add the following to your config at
/etc/apparmor.d/system_tor:
/proc/sys/net/core/somaxconn r,
This allows meek-client to read the procfs setting when called by tor.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19426>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list