[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #31070 [Community/Relays]: Add information about SELinux boolean tor_can_network_relay

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #31070 [Community/Relays]: Add information about SELinux boolean tor_can_network_relay
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 03 Jul 2019 22:05:35 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 Jul 2019 18:05:46 -0400
In-reply-to: <052.a9b3d7c9b1073ef5615ccab0fa46ed5c@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <052.a9b3d7c9b1073ef5615ccab0fa46ed5c@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31070: Add information about SELinux boolean tor_can_network_relay
-----------------------------------+------------------------
 Reporter:  crimson_king           |          Owner:  Nusenu
     Type:  enhancement            |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Community/Relays       |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  selinux, capabilities  |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------

Comment (by crimson_king):

 In addition, for exit relays we often serve a page explaining what Tor is.
 In order for the Tor process to have read access to this file and be able
 to serve it, we must setup the SELinux context for such file.

 This is how we do this. The flag ''-a'' means ''add''. The flag ''-e''
 copies the context from the torrc file and assigns it to the html file.
 {{{
 # semanage fcontext -a -e /etc/tor/torrc /etc/tor/tor-exit-notice.html
 }}}

 But in order for that to have any effect, ''restorecon'' needs to be
 executed on the html file. It will save the changes permanently.
 {{{
 # restorecon -v /etc/tor/tor-exit-notice.html
 }}}

 Then the Tor service needs to be restarted/reloaded.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31070#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #31070 [Community/Relays]: Add information about SELinux boolean tor_can_network_relay
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #28917 [Circumvention/Snowflake]: Delete the proxy opt-in cookie, don't set it to 0
Next by Author: Re: [tor-bugs] #26920 [Applications/Tor Browser]: Deploy Marionette as a Pluggable Transport
Previous by thread: [tor-bugs] #31070 [Community/Relays]: Add information about SELinux boolean tor_can_network_relay
Next by thread: Re: [tor-bugs] #31070 [Community/Relays]: Add information about SELinux boolean tor_can_network_relay
Index(es):
- Author
- Thread