[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] update tor-doc, recommend running server as a separate user

To: or-cvs@freehaven.net
Subject: [or-cvs] update tor-doc, recommend running server as a separate user
From: arma@seul.org (Roger Dingledine)
Date: Tue, 21 Sep 2004 18:12:29 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Tue, 21 Sep 2004 18:12:52 -0400
Reply-to: or-dev@freehaven.net
Sender: owner-or-cvs@freehaven.net

Update of /home/or/cvsroot/doc
In directory moria.mit.edu:/home2/arma/work/onion/cvs/doc

Modified Files:
	tor-doc.html 
Log Message:
update tor-doc, recommend running server as a separate user


Index: tor-doc.html
===================================================================
RCS file: /home/or/cvsroot/doc/tor-doc.html,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- tor-doc.html	11 Sep 2004 18:16:18 -0000	1.11
+++ tor-doc.html	21 Sep 2004 22:12:27 -0000	1.12
@@ -223,14 +223,15 @@
 but we want it available for burst traffic.</p>
 
 <p>(The Tor server doesn't need to be run as root, and doesn't
-need any special system permissions or kernel mods. If you're
-the paranoid sort, feel free to <a
+need any special system permissions or kernel mods. You should probably
+run it as its own user though, especially if you run an identd service
+too. If you're the paranoid sort, feel free to <a
 href="http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot";>put it
 into a chroot jail</a>.)</p>
 
 <p>First, copy torrc.sample to torrc (by default it's in
 /usr/local/etc/tor/), and edit the middle part. Create the DataDirectory,
-and make sure it's owned by whoever will be running tor. Fix your system
+and make sure it's owned by the uid/gid that will be running tor. Fix your system
 clock so it's not too far off. Make sure name resolution works. Open a
 hole in your firewall so outsiders can connect to your ORPort.</p>
 
@@ -242,11 +243,6 @@
 if there's any problem.  Also describe what kind of connectivity the new
 server will have. If possible, PGP sign your mail.</p>
 
-<p>NOTE: You won't be able to use tor as a client or server
-in this configuration until you've been added to the directory
-and can authenticate to the other nodes. (This is no longer the case
-for 0.0.8 and after.)</p>
-
 <p>Once your fingerprint has been approved, you can click <a
 href="http://moria.seul.org:9031/";>here</a> or <a
 href="http://62.116.124.106:9030/";>here</a> and look at the
@@ -319,7 +315,7 @@
 <li>4a: Edit src/or/config.c and change the default_dirservers_string array
 so that it reflects the contents of the new dirservers file instead
 of the old one. Be sure to get the quotes and newlines and semicolons
-right. (This step sucks. We plan to have it solved by the release of 0.0.8.)
+right. (This step sucks. We plan to have it solved by the release of 0.0.9.)
 <li>4b: Replace the dirservers file in your sandbox (in src/config/)
 with the one from step 3.
 <li>4c: edit configure.in, change the AM_INIT_AUTOMAKE(tor, 0.0.8)

Prev by Author: [or-cvs] bugfix: when a resolve fails for a begin request, actually ...
Next by Author: [or-cvs] update readme similarly
Previous by thread: [or-cvs] Attach dummy resolve connections to a circuit *before* call...
Next by thread: [or-cvs] update readme similarly
Index(es):
- Author
- Thread