You are not logged in.
Hello,
I'm trying to run a tor relay on my arch linux box. Trying to launch the tor daemon, here's the log via
$ systemctl status tor.service
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Tor v0.2.4.21 (git-505962724c05445f) running on Linux with Libevent 2.0.21-stable and OpenSSL 1.0.1g.
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.877 [notice] Read configuration file "/etc/tor/torrc".
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.909 [notice] Opening Socks listener on 127.0.0.1:9050
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.909 [notice] Opening OR listener on 0.0.0.0:9798
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [notice] Closing partially-constructed Socks listener on 127.0.0.1:9050
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [notice] Closing partially-constructed OR listener on 0.0.0.0:9798
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Failed to parse/validate config: Failed to init Log options. See logs for details.
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [err] Reading config failed--see warnings above.
May 20 11:53:10 arch systemd[1]: tor.service: main process exited, code=exited, status=255/n/a
May 20 11:53:10 arch systemd[1]: Unit tor.service entered failed state.
Why the tor daemon cannot write into /var/log/tor/debug.log ?
Here's my /etc/group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin
adm:x:4:root,daemon,nue
tty:x:5:
disk:x:6:root
lp:x:7:daemon
mem:x:8:
kmem:x:9:
wheel:x:10:root,nue
ftp:x:11:
mail:x:12:
uucp:x:14:
log:x:19:root
utmp:x:20:
locate:x:21:
rfkill:x:24:
smmsp:x:25:
http:x:33:
games:x:50:
lock:x:54:
uuidd:x:68:
dbus:x:81:
network:x:90:
video:x:91:
audio:x:92:
optical:x:93:
floppy:x:94:
storage:x:95:
scanner:x:96:
power:x:98:
nobody:x:99:
users:x:100:
systemd-journal:x:190:
nue:x:1000:
avahi:x:84:
lxdm:x:121:
polkitd:x:102:
git:x:999:
transmission:x:169:
vboxusers:x:108:
tor:x:43:
mysql:x:89:
Last edited by giuscri (2014-05-20 12:18:56)
Offline
May 20 11:53:10 arch tor[21726]: May 20 11:53:10.000 [warn] Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied
Have you tried running sudo or as root ? Or given your user the permissions to do so?
Last edited by Kartious (2014-05-20 10:52:29)
Offline
Have you tried running sudo or as root ? Or given your user the permissions to do so?
I've tried to start the daemon as root but yet the output is the same
Couldn't open file for 'Log debug file /var/log/tor/debug.log': Permission denied
Maybe it's the process start by systemctl that has not the right permissions?
Offline
Can you open the file by manually editing it ?
I would also look at ls -l /var/log/tor/ as well
Offline
Can you open the file by manually editing it ?
Yes ... as super user (sudo vim /var/log/tor/debug.log)
I would also look at ls -l /var/log/tor/ as well
Here's the output
$ ls -la /var/log/tor
total 4
-rw-r--r-- 1 root root 4 May 20 13:19 /var/log/tor/debug.log
Offline
You must have modified your torrc to print to that log file. systemd starts the service as the tor user (see /usr/lib/systemd/system/tor.service). So if if you want to log to a file the tor user must have write access to it. By default however tor it set to log to the journal, which doesn't require any special permissions.
Offline
You must have modified your torrc to print to that log file. systemd starts the service as the tor user (see /usr/lib/systemd/system/tor.service). So if if you want to log to a file the tor user must have write access to it. By default however tor it set to log to the journal, which doesn't require any special permissions.
Yes. I did edit the torrc file since I wanted the log to be store in that file. Indeed
...
## Logs go to stdout at level "notice" unless redirected by something
## else, like one of the below lines. You can have as many Log lines as
## you want.
##
## We advise using "notice" in most cases, since anything more verbose
## may provide sensitive information to an attacker who obtains the logs.
##
## Send all messages of level 'notice' or higher to /var/log/tor/notices.log
#Log notice file /var/log/tor/notices.log
## Send every possible message to /var/log/tor/debug.log
Log debug file /var/log/tor/debug.log
## Use the system log instead of Tor's logfiles
Log notice syslog
## To send all messages to stderr:
#Log debug stderr
...
I missed the file systemd uses to choose who's the process owner.
Course, I could edit /usr/lib/systemd/system/tor.service such that root will become the process owner; or, I could add the user I use everyday in the root group, then change the permission of /var/log/tor/debug.log such that it will be writable also for the folks in the root group.
Yet they both seems to be a bit unsafe ...
What is the best choice, to you guys?
Thanks,
Offline
Ops, I googled and I found a trick here; that is, simply changing the ownership of /var/log/tor. Hence
chown tor:tor /var/log/tor
Now launching the daemon works, and the /var/log/tor/debug.log is correctly written.
Adding [SOLVED] to the main post title.
Thanks to everyone,
Last edited by giuscri (2014-05-20 12:20:40)
Offline
Neither. The tor service *should* run as the tor user. Can't you simply chown tor:tor /var/log/tor/debug.log ? You run tor using systemd, correct? If you start it manually as your own user, then you should probably use a configuration file and a log file inside $HOME/.config/tor
edit: I see you already solved it. good.
Last edited by SidK (2014-05-20 12:23:41)
Offline