Opened 4 years ago

Last modified 14 months ago

#11970 reopened defect

`[err] sandbox_getaddrinfo(): Bug: (Sandbox) failed to get address localhost!`

Reported by: alphawolf Owned by: nickm
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.5.4-alpha
Severity: Normal Keywords: sandbox tor-relay needs-insight
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Built from git, but using Debian init.d scripts, and configure options. Sandbox appears to cause a crash when the logs are rotated. (The following coincides with the time the logs are normally rotated):

May 15 06:25:02.000 [notice] Received reload signal (hup). Reloading config and resetting internal state.
May 15 06:25:02.000 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
May 15 06:25:02.000 [notice] Read configuration file "/etc/tor/torrc".
May 15 06:25:02.000 [err] sandbox_getaddrinfo(): Bug: (Sandbox) failed to get address localhost!
May 15 06:25:02.000 [warn] Couldn't parse address '"localhost:9050"' for SocksPort
May 15 06:25:02.000 [warn] Failed to parse/validate config: Invalid SocksPort/SocksListenAddress configuration
May 15 06:25:02.000 [err] Reading config failed--see warnings above. For usage, try -h.
May 15 06:25:02.000 [warn] Restart failed (config error?). Exiting.

/usr/share/tor/tor-service-defaults-torrc:

DataDirectory /var/lib/tor
PidFile /var/run/tor/tor.pid
RunAsDaemon 1
User debian-tor

ControlSocket /var/run/tor/control
ControlSocketsGroupWritable 1

CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /var/run/tor/control.authcookie

Log notice file /var/log/tor/log

torrc:

SocksPort localhost:9050
SocksPort 192.168.108.51:9100

SocksPolicy accept 127.0.0.1
SocksPolicy accept 192.168.108.0/24
SocksPolicy reject *

ORPort 443 NoListen
ORPort 9001 NoAdvertise

Nickname PrivateJoker

RelayBandwidthRate 128 KB
RelayBandwidthBurst 172 KB
BandwidthRate 128 KB
BandwidthBurst 172 KB

DirPort 80 NoListen
DirPort 9030 NoAdvertise
DirReqStatistics 0
DirPortFrontPage /etc/tor/tor-exit-notice.html

ExitPolicy reject *:*

AvoidDiskWrites 1
NumCPUs 2
FastFirstHopPK 0
ShutdownWaitLength 60
SafeSocks 1
ProtocolWarnings 1
WarnUnsafeSocks 1
HeartbeatPeriod 3 hours
TLSECGroup P256
DisableAllSwap 1
DisableDebuggerAttachment 1
Sandbox 1

Child Tickets

Change History (24)

comment:1 Changed 4 years ago by alphawolf

Update: SIGHUP will cause this every time if SocksPort localhost:9050 is set. Changing this to SocksPort 127.0.0.1:9050 prevents the issue.

comment:2 Changed 4 years ago by alphawolf

After changing SocksPort as stated above, relay is still running after 24 hours. However, tor is using the log file that was rotated, instead of the fresh log file.

log -> log.1

tor is using log.1, instead of log. When sandbox is not enabled, tor switches to the new log file appropriately. I'll open a new bug report for this if desired.

comment:3 Changed 4 years ago by nickm

I'll open a new bug report for this if desired.

Yes, please. :)

comment:4 Changed 4 years ago by nickm

Owner: set to nickm
Status: newassigned

comment:5 Changed 4 years ago by nickm

HHm. This one will probably require a rethinking of how sandbox_getaddrinfo() works. That's okay; sandbox_getaddrinfo() doesn't make much sense as it stands.

What needs to happen is that, when the sandbox is not yet turned on, it should getaddrinfo() and cache the result. When the sandbox is turned on, it should look at the cache.

comment:6 Changed 4 years ago by nickm

Status: assignedneeds_review

I have a fix for this in my branch "bug11970". The patch is nontrivial and could use a quick code review.

comment:7 Changed 4 years ago by alphawolf

Fix works as advertised with no apparent side-effects. (Tested only, not a code review)

comment:8 Changed 4 years ago by nickm

Keywords: 025-triaged added

Calling 0.2.5-triaged since it's yet another sandbox thing.

comment:9 Changed 4 years ago by andrea

This patch looks okay to me; we're entirely sure we never want to getaddrinfo() anything new after we enable sandboxing? (I have to learn my way around all this new sandboxing code so I have a clearer notion of when that happens).

comment:10 in reply to:  9 Changed 4 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Replying to andrea:

This patch looks okay to me; we're entirely sure we never want to getaddrinfo() anything new after we enable sandboxing? (I have to learn my way around all this new sandboxing code so I have a clearer notion of when that happens).

It's not that we never _want_ to getaddrinfo() anything new: it's that attempting to do so will inevitably fail, since the getaddrinfo() code usually wants to open some files that we can't permit.

I looked the code over again too, and modulo one issue (b883b8d1a5edbccbc38c) it looked okay to me too. Merged!

comment:11 Changed 4 years ago by dgoulet

I just updated my relay with 0.2.5.8-rc (Debian package) and hit this issue.

15:01:49 [ERR] sandbox_getaddrinfo(): Bug: (Sandbox) failed to get address <MY_RELAY_HOSTNAME>! [29 duplicates hidden]

Does not look like the relay is malfunctionning but still the duplicates continue to pile up :).

comment:12 Changed 4 years ago by nickm

Resolution: fixed
Status: closedreopened

Hm. Is this hostname the same one as gethostname would return, or is it set in an Address option, or what?

comment:13 Changed 4 years ago by dgoulet

The "Address" option in my torrc but I confirm that I can resolve it from the machine running the relay.

comment:14 Changed 3 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.7.x-final

comment:15 Changed 3 years ago by nickm

Keywords: 027-triaged-1-out added

Marking triaged-out items from first round of 0.2.7 triage.

comment:16 Changed 3 years ago by nickm

Milestone: Tor: 0.2.7.x-finalTor: 0.2.???

Make all non-needs_review, non-needs_revision, 027-triaged-1-out items belong to 0.2.???

comment:17 Changed 21 months ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:18 Changed 20 months ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:19 Changed 15 months ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:20 Changed 15 months ago by nickm

Keywords: 025-triaged removed

remove an old triage keyword.

comment:21 Changed 15 months ago by nickm

Keywords: 027-triaged-in added

comment:22 Changed 15 months ago by nickm

Keywords: 027-triaged-in removed

comment:23 Changed 15 months ago by nickm

Keywords: 027-triaged-1-out removed

comment:24 Changed 14 months ago by nickm

Keywords: tor-relay needs-insight added
Severity: Normal
Note: See TracTickets for help on using tickets.