[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Questions regarding arm on Debian



Hi!

On 11.11.2016 14:14, Dennis Christ wrote:

> I think the problem with CookieAuthentication was that the cookie file
> control_auth_cookie gets written
> to /var/lib/tor. This directory is only readable by user debian-tor and
> not even group readable. I have
> put CookieAuthFileGroupReadable 1 into the config file. But with my
> standard user which is in the debian-tor group i cannot
> access this file inside /var/lib/tor because the permissions of this
> directory are set up by tor on startup to 700.

Yes, you are right. But CookieAuthentication should work. You cannot
query all of the connections without access to /var/lib/tor. You only
will see circuits. I suggest to use "sudo -u debian-tor arm", if you
like to use all of the arm pages. Otherwise you have to change the
permissions. In my case, there is also the setgid flags on the
directories (2700 drwx--S---).

> Maybe i should have add that i do not use the debian init.d script to
> start up tor but a native systemd service file.

Me too

> I think its a shame that debian switched to systemd but still relays on
> init.d scripts for so many services. So /etc/default/tor does not get used.

No, /etc/default/tor isn't used with systemd. Nevertheless there a some
services which rely on System V init scripts. Sometimes it is a ugly
mixture of both.

Regards,

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays