[tor-relays] Questions regarding arm on Debian
Roger Dingledine
arma at mit.edu
Sun Nov 13 02:00:30 UTC 2016
On Fri, Nov 11, 2016 at 02:14:01PM +0100, Dennis Christ wrote:
> I think the problem with CookieAuthentication was that the cookie
> file control_auth_cookie gets written
> to /var/lib/tor. This directory is only readable by user debian-tor
> and not even group readable. I have
> put CookieAuthFileGroupReadable 1 into the config file. But with my
> standard user which is in the debian-tor group i cannot
> access this file inside /var/lib/tor because the permissions of this
> directory are set up by tor on startup to 700.
Right, this is not the way you should be doing it.
My /usr/share/tor/tor-service-defaults-torrc file has these lines in it:
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /var/run/tor/control.authcookie
So you shouldn't be needing to add any lines to your /etc/tor/torrc
file.
> Maybe i should have add that i do not use the debian init.d script
> to start up tor but a native systemd service file.
> I think its a shame that debian switched to systemd but still relays
> on init.d scripts for so many services. So /etc/default/tor does not
> get used.
This sounds bad too. In fact, it sounds like one of those "you broke
the package, and now you get to keep both pieces" situations. :)
I believe that the Tor deb, including the one intended for jessie,
should work with systemd well:
https://gitweb.torproject.org/debian/tor.git/tree/debian/changelog?id=debian-tor-0.2.8.9-1
Am I mistaken?
That said, be sure you're using a recent Tor deb:
https://www.torproject.org/docs/debian
and not the ancient Tor 0.2.5.x in vanilla jessie.
--Roger
More information about the tor-relays
mailing list