Yes that is what i tried to do. But it does not work in my case.
$ arm
[Errno 13] Permission denied: '/var/lib/tor/control_auth_cookie'
Even if my user is in the group debian-tor the user has no right to
access /var/lib/tor.
$ ls -l /var/lib | grep tor
drwx--S--- 4 debian-tor debian-tor 4096 Nov 12 12:38 tor
Am 12.11.2016 um 10:33 schrieb Louie Cardone-Noott:
> On Fri, 11 Nov 2016, at 07:16 PM, diffusae wrote:
>> Yes, you are right. But CookieAuthentication should work. You cannot
>> query all of the connections without access to /var/lib/tor. You only
>> will see circuits. I suggest to use "sudo -u debian-tor arm", if you
>> like to use all of the arm pages. Otherwise you have to change the
>> permissions. In my case, there is also the setgid flags on the
>> directories (2700 drwx--S---).
> Sorry not fully read the correspondence here but perhaps a tidier option
> might be the one recommended on the tor website[1] of doing
>
> sudo adduser $USER debian-tor
>
> The alternative of running as the debian-tor user is a 'bad idea', see
> [2] from last July
>
> [1] https://www.torproject.org/docs/tor-relay-debian.html.en#after
> [2]
> https://lists.torproject.org/pipermail/tor-relays/2016-July/009608.html
Hi
You could just modify the systemd service file for tor, with something like
ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor
ExecStartPre=/usr/bin/install -Z -m 02750 -o debian-tor -g debian-tor -d /var/log/tor
Cheers
Seb