Hi there!
I took the advantage of some family time to update my Tor Relay to the latest RPi Raspbian release (based on Debian Stretch).
The Pi does nothing else than running a Tor node, so no 'customized' configuration or settings are necessary / applied at all.
Even after installation of the latest tor package (as usual: apt-get install tor) everything looked fine... until I encountered, that the tor daemon failed to launch automatically.
Doing some investigation, I found this [0] info reporting an issue with the systemd setup of Tor on latest Debian / Unbutu and followed the proposed procedure: After renaming 'tor.service' and a 'sudo systemctl daemon-reload' the system then tried to launch the 'tor@default' service - named being 'the correct one'. So far so fine.
The BIG YET is, that the daemon now fails to finish it's starting sequence. More precisely, a minute (or less) after bootstrapping reaches 100%, the daemon receives (out of nothing!) an interrupt - and the cycle restarts:
Dec 28 11:27:03.000 [notice] Bootstrapped 100%: Done
Dec 28 11:27:03.000 [notice] Now checking whether ORPort 83.135.233.73:9001 and DirPort 83.135.233.73:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success)
Dec 28 11:27:11.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent.
Dec 28 11:27:16.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
Dec 28 11:27:25.000 [notice] Performing bandwidth self-test...done.
Dec 28 11:27:58.000 [warn] Permissions on directory /var/run/tor are too permissive.
Dec 28 11:27:58.000 [warn] Before Tor can create a control socket in "/var/run/tor/control", the directory "/var/run/tor" needs to exist, and to be accessible only by the user and group account that is running Tor. (On some Unix systems, anybody who can list a socket can connect to it, so Tor is being careful.)
Dec 28 11:28:49.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now.
Dec 28 11:29:19.000 [notice] Clean shutdown finished. Exiting.
Dec 28 11:29:22.000 [notice] Tor 0.3.1.9 (git-727d3f1b5e6eeda7) opening log file.
Dec 28 11:29:22.883 [notice] Tor 0.3.1.9 (git-727d3f1b5e6eeda7) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma N/A, and Libzstd N/A.
Before, there's only the one warning that looks a bit strange - but (to my guessing) should have nothing to do with the issue encountered:
Dec 28 11:27:58.000 [warn] Permissions on directory /var/run/tor are too permissive.
Dec 28 11:27:58.000 [warn] Before Tor can create a control socket in "/var/run/tor/control", the directory "/var/run/tor" needs to exist, and to be accessible only by the user and group account that is running Tor. (On some Unix systems, anybody who can list a socket can connect to it, so Tor is being careful.)
Above that, 'service tor@default status' gives a status that is different from what I've seen so far:
● tor@default.service - Anonymizing overlay network for TCP
Loaded: loaded (/lib/systemd/system/tor@default.service; static; vendor preset: enabled)
Active: activating (start) since Thu 2017-12-28 11:23:48 CET; 32s ago
Process: 1078 ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify
Process: 1076 ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor (code=exited, status=0/SUCCESS)
Main PID: 1082 (tor)
CGroup: /system.slice/system-tor.slice/tor@default.service
└─1082 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
I used to get an 'active (running) since ...' status, whereas now it stays at 'activating (start) since ...' - which technically is correct!
Therefore - I need some help:
1) Can someone confirm that the Tor systemd configuration is broken as [0] states?
2) If 1) is confirmed, is the solution offered by [0] the right way to solve the issue?
3) What else shall I do? If already described somewhere, a link will be highly appreciated.
Thank you for your support!
Best regards, Ralph