[SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

giuscri · 2014-05-20 10:25:02

Hello,

I'm trying to run a tor relay on my arch linux box. Trying to launch the tor daemon, here's the log via

$ systemctl status tor.service
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Tor v0.2.4.21 (git-505962724c05445f) running on Linux with Libevent 2.0.21-stable and OpenSSL 1.0.1g.
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Read configuration file "/etc/tor/torrc".
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.909 [notice] Opening Socks listener on 127.0.0.1:9050
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.909 [notice] Opening OR listener on 0.0.0.0:9798
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [notice] Closing partially-constructed Socks listener on 127.0.0.1:9050
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [notice] Closing partially-constructed OR listener on 0.0.0.0:9798
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Failed to parse/validate config: Failed to init Log options. See logs for details.
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [err] Reading config failed--see warnings above.
May 20 11:53:10 arch systemd[1]: tor.service: main process exited, code=exited, status=255/n/a
May 20 11:53:10 arch systemd[1]: Unit tor.service entered failed state.

Why the tor daemon cannot write into /var/log/tor/debug.log ?

Here's my /etc/group

root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin
adm:x:4:root,daemon,nue
tty:x:5:
disk:x:6:root
lp:x:7:daemon
mem:x:8:
kmem:x:9:
wheel:x:10:root,nue
ftp:x:11:
mail:x:12:
uucp:x:14:
log:x:19:root
utmp:x:20:
locate:x:21:
rfkill:x:24:
smmsp:x:25:
http:x:33:
games:x:50:
lock:x:54:
uuidd:x:68:
dbus:x:81:
network:x:90:
video:x:91:
audio:x:92:
optical:x:93:
floppy:x:94:
storage:x:95:
scanner:x:96:
power:x:98:
nobody:x:99:
users:x:100:
systemd-journal:x:190:
nue:x:1000:
avahi:x:84:
lxdm:x:121:
polkitd:x:102:
git:x:999:
transmission:x:169:
vboxusers:x:108:
tor:x:43:
mysql:x:89:

Last edited by giuscri (2014-05-20 12:18:56)

Kartious · 2014-05-20 10:51:38

giuscri wrote:

May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied

Have you tried running sudo or as root ? Or given your user the permissions to do so?

Last edited by Kartious (2014-05-20 10:52:29)

giuscri · 2014-05-20 11:04:21

Kartious wrote:

Have you tried running sudo or as root ? Or given your user the permissions to do so?

I've tried to start the daemon as root but yet the output is the same

Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied

Maybe it's the process start by systemctl that has not the right permissions?

Kartious · 2014-05-20 11:13:47

Can you open the file by manually editing it ?

I would also look at ls -l /var/log/tor/ as well

giuscri · 2014-05-20 11:29:12

Kartious wrote:

Can you open the file by manually editing it ?

Yes ... as super user (sudo vim /var/log/tor/debug.log)

Kartious wrote:

I would also look at ls -l /var/log/tor/ as well

Here's the output

$ ls -la /var/log/tor
total 4
-rw-r--r-- 1 root root 4 May 20 13:19 /var/log/tor/debug.log

SidK · 2014-05-20 11:35:29

You must have modified your torrc to print to that log file. systemd starts the service as the tor user (see /usr/lib/systemd/system/tor.service). So if if you want to log to a file the tor user must have write access to it. By default however tor it set to log to the journal, which doesn't require any special permissions.

giuscri · 2014-05-20 11:52:51

SidK wrote:

You must have modified your torrc to print to that log file. systemd starts the service as the tor user (see /usr/lib/systemd/system/tor.service). So if if you want to log to a file the tor user must have write access to it. By default however tor it set to log to the journal, which doesn't require any special permissions.

Yes. I did edit the torrc file since I wanted the log to be store in that file. Indeed

...
## Logs go to stdout at level "notice" unless redirected by something
## else, like one of the below lines. You can have as many Log lines as
## you want.
##
## We advise using "notice" in most cases, since anything more verbose
## may provide sensitive information to an attacker who obtains the logs.
##
## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
#Log notice file /var/log/tor/notices.log
## Send every possible message to /var/log/tor/debug.log
Log debug file /var/log/tor/debug.log
## Use the system log instead of Tor's logfiles
Log notice syslog
## To send all messages to stderr:
#Log debug stderr
...

I missed the file systemd uses to choose who's the process owner.

Course, I could edit /usr/lib/systemd/system/tor.service such that root will become the process owner; or, I could add the user I use everyday in the root group, then change the permission of /var/log/tor/debug.log such that it will be writable also for the folks in the root group.

Yet they both seems to be a bit unsafe ...

What is the best choice, to you guys?

Thanks,

giuscri · 2014-05-20 12:17:54

Ops, I googled and I found a trick here; that is, simply changing the ownership of /var/log/tor. Hence

chown tor:tor /var/log/tor

Now launching the daemon works, and the /var/log/tor/debug.log is correctly written.

Adding [SOLVED] to the main post title.

Thanks to everyone,

Last edited by giuscri (2014-05-20 12:20:40)

SidK · 2014-05-20 12:20:05

Neither. The tor service *should* run as the tor user. Can't you simply chown tor:tor /var/log/tor/debug.log ? You run tor using systemd, correct? If you start it manually as your own user, then you should probably use a configuration file and a log file inside $HOME/.config/tor

edit: I see you already solved it. good.

Last edited by SidK (2014-05-20 12:23:41)

Arch Linux

#1 2014-05-20 10:25:02

[SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#2 2014-05-20 10:51:38

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#3 2014-05-20 11:04:21

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#4 2014-05-20 11:13:47

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#5 2014-05-20 11:29:12

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#6 2014-05-20 11:35:29

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#7 2014-05-20 11:52:51

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#8 2014-05-20 12:17:54

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

#9 2014-05-20 12:20:05

Re: [SOLVED]Couldn't open file for 'Log debug file /var/log/tor/debug.log'

Board footer