[tor-relays] Running tor-arm under restricted user [WAS: Relay down, "rejected", help]

Michael Wolf mikewolf at riseup.net
Sun Apr 20 06:59:29 UTC 2014

On 4/19/2014 4:50 PM, Michael Wolf wrote:
> It's worth noting that, under Debian (Jessie, others?), arm will be
> unable to read tor's logs if you run it as your user.  The default group
> for /var/log/tor is 'adm'.  You'll have to:
> $ sudo chgrp -R debian-tor /var/log/tor
> This will make the logs readable to you (and arm), but unreadable to any
> system monitoring tools that use the adm group.

Apparently arm is also unable to read the bandwidth history, as
/var/lib/tor has the setgid bit set, but not group read or execute.  Is
there any reason for setgid to be set on this directory?  This is not
something I would have done.

-- Mike

More information about the tor-relays mailing list