[tor-dev] tor#16518: Read-Only Filesystem Error opening tor lockfile in 0.2.6.9 but not 0.2.5.12
aexlfowley at web.de
aexlfowley at web.de
Thu Jul 9 13:24:49 UTC 2015
> On Tue, 07 Jul 2015, aexlfowley at web.de wrote:
>> After upgrading from 0.2.5.12 (git-3731dd5c3071dcba) to 0.2.6.9
>> (git-145b2587d1269af4) an error occured.
>> I'm on Debian Jessie (stable) on an AMD Athlon 64 X2. Tor won't start
>> and these are the last lines in log:
>> [warn] Couldn't open "/media/cRAID/Tor/lock" for locking: Read-only file
>> teor thinks that I "could be experiencing an issue with the tor sandbox
>> and not getting the right paths
>> or, tor is running with insufficient permissions"
> I'd assume that's the protection settings enabled in Tor's service file.
> See /lib/systemd/system/tor.service and the systemd.exec(5) manpage.
> You can override these by making your own
> /etc/systemd/system/tor.service file.
> | .''`. ** Debian **
> Peter Palfrader | : :' : The universal
> http://www.palfrader.org/ | `. `' Operating System
> | `- http://www.debian.org/
> aexlfowley at web.de wrote (08 Jul 2015 17:57:24 GMT) :
>> (Both packages for 0.2.5.12 and 0.2.6.9 contain an apparmor profile.
>> Only change and new line is
>> /usr/bin/obfs4proxy PUx,
>> in /etc/apparmor.d/abstracions/tor)
> FTR, the systemd unit file in Debian sid's 0.2.6.9-1 doesn't enable
> the AppArmor profile (yet), so I doubt AppArmor has anything to do
> with this problem (aa-status will tell you).
> However, it has:
> ... which explains why /media/cRAID/Tor/lock isn't writable.
> So you'll want to add what is called a "drop-in override file" in
> systemd's terminology (that can be created e.g. with `systemctl
> edit'), that adds a ReadWriteDirectories= directive pointing to the
> directory you want.
Correct. I edited /lib/systemd/system/tor.service and added
and now 0.2.6.9 is running.
I'm not entirely sure how to create my own
/etc/systemd/system/tor.service so I leave it at that.
(Trying out 'systemctl edit' I get "Unknown operation 'edit'." BTW.)
Thank you all!
More information about the tor-dev