[tor-relays] A bug or a feature ?

[Daniel Winzen]

When tor is starting up, it binds the configured ports as root and then
drops user privileges to run as another user e.g. debian-tor by default
on debian systems. This user has no privileges to bind reserved ports
lower than 1024. When changing the configuration, it will fail to reload
due to missing privileges.

Regards,
Daniel

On 18/09/18 14:28, livak wrote:
> The ORPort option of torrc was changed fom 9030 to 80,
> the relay was sent a HUP signal:
> 
> kill -HUP [PID]
> 
> and exited with:
> 
> Sep 18 07:59:04.000 [notice] Received reload signal (hup). Reloading
> config and resetting internal state.
> Sep 18 07:59:04.000 [notice] Read configuration file
> "/usr/share/tor/tor-service-defaults-torrc".
> Sep 18 07:59:04.000 [notice] Read configuration file "/etc/tor/torrc".
> Sep 18 07:59:04.000 [notice] Opening Directory listener on 0.0.0.0:80
> Sep 18 07:59:04.000 [warn] Could not bind to 0.0.0.0:80: Permission denied
> Sep 18 07:59:04.000 [notice] Closing no-longer-configured Directory
> listener on 0.0.0.0:9030
> Sep 18 07:59:04.000 [warn] Failed to parse/validate config: Failed to
> bind one of the listener ports.
> Sep 18 07:59:04.000 [err] Reading config failed--see warnings above. For
> usage, try -h.
> Sep 18 07:59:04.000 [warn] Restart failed (config error?). Exiting.
> 
> When the relay was manually restarted and it successfully ran.
> 
> Can it be considered a bug ?
> 
> Livak
> 
> 
> Sent with ProtonMail <https://protonmail.com> Secure Email.
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180918/bc2a4346/attachment.sig>