[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: PHP coder needs Tor details

To: or-talk@xxxxxxxxxxxxx
Subject: Re: PHP coder needs Tor details
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Tue, 13 Feb 2007 09:37:51 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 13 Feb 2007 09:39:55 -0500
In-reply-to: <741862.71287.qm@web51613.mail.yahoo.com>
References: <741862.71287.qm@web51613.mail.yahoo.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.8 (X11/20061115)

Now all this works well when I perform it like a root, but when I want nobody(apache) to parse file.php that is calling Tor will not work. I know why - nobody doesn't have a permission for that.

'nobody' is just another user in FreeBSD .. just one that has a '::' in /etc/passwd and '/bin/false' as a shell. Doesn't mean you can't run something as that user .. you just have to ensure that 'nobody' can write to the pidfile and logfiles (if any), and read the config files.

You only need to be 'root' to start a program if that program needs to bind to a port below 1024.

If I can't find Tor dir on my server how am I suppose to chmod it?

FreeBSD's ports will install stuff to standard places. If you want to chroot it, you've got to do a manual install (compile from source). That's not particularly hard, but it's not for the novice, since you've got to ensure you've got copies of any libraries you'd need in the appropriate places.

run 'ldd /path/to/tor' and you'll see what libraries it requires. All that "stuff" needs to be under your chroot dir.

To shorten... How do I allow nobody to utilize Tor (It can already do that but I must start it like a root and stop it like a root)

Ensure that 'nobody' can read $base/etc/torrc .. as any UNIX admin will tell you, 95% of the "it won't run" problems are permissions issues.

Try 'sudo -u nobody /path/to/tor' and see what croaks.

PS: Why after I start Tor like a root by typing "tor" in command line it start and then I simply can't issue ANY command to my server, whatever I type in command line and press enter it is like I am typing some text in a word(or nano for a unix)?

Because TOR is running in the foreground in that terminal. If you want to background the process, put a '&' after the command .. eg:

'/path/to/tor &'

You can also do a CONTROL+Z (pause) and then issue the command 'bg 1' to background it in the current terminal. If you want it back in the foreground, do 'fg 1'.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University

Follow-Ups:
- Re: PHP coder needs Tor details
  - From: qbitspline

References:
- Re: PHP coder needs Tor details
  - From: Mr. Blue

Prev by Author: Re: PHP coder needs Tor details
Next by Author: Re: PHP coder needs Tor details
Previous by thread: Re: PHP coder needs Tor details
Next by thread: Re: PHP coder needs Tor details
Index(es):
- Author
- Thread