[tor-bugs] #31781 [Internal Services/Tor Sysadmin Team]: ping on new VMs
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Oct 10 15:54:40 UTC 2019
#31781: ping on new VMs
-------------------------------------------------+-------------------------
Reporter: weasel | Owner: anarcat
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by anarcat):
I audited all the machines accessible through Cumin, and found the
following machines without proper caps set:
* crm-ext-01.torproject.org
* crm-int-01.torproject.org
* gitlab-01.torproject.org
* hetzner-hel1-01.torproject.org
* hetzner-nbg1-01.torproject.org
* oo-hetzner-03.torproject.org
It's strange, because they also didn't have the `getcap` binary (from the
`libcap2-bin`) package was also missing. So I ran this everywhere:
{{{
apt install libcap2-bin; getcap /bin/ping | grep -q . || apt install
--reinstall iputils-ping; getcap /bin/ping
}}}
Particularly interesting are `hetzner-hel1-01.torproject.org` and
`hetzner-nbg1-01.torproject.org` because they were setup using the Hetzner
cloud stuff, so our install procedure is broken there as well.
So, long story short, remaining todo is:
1. document the workaround in the ganeti installer
2. ship the new package in Debian, get it to stable
3. fix the hetzner-cloud installer or at least add a node to check it
4. check the other installers
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31781#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list