[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Unable to get Tor exit relay to run - Ubuntu 16.04
Hello tor,
Just in case anybody else comes up with the same issue - Tor just
doesn't do anything when installed from scratch on Ubuntu 16.04 - the
bug is with apparmor. It's some variant on
https://github.com/jlund/streisand/issues/782 and can be circumvented
by running as root:
apt install apparmor-utils
aa-complain system_tor
systemctl restart tor
journalctl reveals the following:
Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP...
Jul 28 20:59:01 localhost systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Jul 28 20:59:01 localhost systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).
Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.023 [notice] Tor 0.3.0.9 (git-100816d92ab5664d) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g-fips and Zlib 1.2.8.
Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.025 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Jul 28 20:59:02 localhost tor[6106]: Jul 28 20:59:02.026 [notice] Read configuration file "/etc/tor/torrc".
Jul 28 20:59:02 localhost tor[6106]: Configuration was valid
Jul 28 20:59:02 localhost audit[6114]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)"
Jul 28 20:59:02 localhost systemd[6114]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR
Jul 28 20:59:02 localhost kernel: audit: type=1400 audit(1501275542.094:46): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6114 comm="(tor)"
Jul 28 20:59:02 localhost systemd[1]: Failed to start Anonymizing overlay network for TCP.
Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Unit entered failed state.
Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Failed with result 'exit-code'.
Jul 28 20:59:02 localhost systemd[1]: tor@default.service: Service hold-off time over, scheduling restart.
Jul 28 20:59:02 localhost systemd[1]: Stopped Anonymizing overlay network for TCP.
Repeated several times.
Everything runs just fine after the aa-complain command.
Cheers
Doug
Thursday, July 27, 2017, 9:23:07 PM, you wrote:
> Hi Doug,
> I think the short story is that you're managing the service the
> wrong (old) way. Ubuntu moved to systemd as of 15.04. This should help:
> https://www.digitalocean.com/community/tutorials/systemd-essentials-working-with-services-units-and-the-journal
>> sudo service tor restart
>> sudo service tor status
> These are now outdated commands, and so the results will not be
> what you expect, and the output of the latter will potentially be
> misleading. You need to use systemctl (check the above guide).
>> For all I can gather, Tor isn"t running.
>> The odd thing is if I reboot my VPS by sudo shutdown -r now
>> and do ps aux | grep tor there is tor running as a root user
> It's being started by systemd on boot, as seen in the output of ps here:
>> root 435 0.0 0.5 44760 5716 ? Ss 19:40 0:00 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config
> That looks sane/typical to me, for what it's worth.
>> There are no files in/var/tor/log
> Check in /var/log/syslog; I'm not sure why logs go there instead of
> /var/log/tor, but it may be another artifact of Ubuntu's switch to systemd.
>
--
Best regards,
King mailto:kingqueenits@xxxxxxxxx
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays