Opened 3 years ago

Last modified 2 years ago

#18457 new defect

continues to start on unix socket open errors

Reported by: weasel Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.8.1-alpha
Severity: Normal Keywords: regression tor-client startup unix-socket needs-analysis
Cc: Actual Points:
Parent ID: Points: medium
Reviewer: Sponsor:

Description

On 0.2.8.x, Tor will no longer fail to start when it cannot open a unix SocksPort and user switching is enabled.

weasel@defiant:~$ sudo -H -i /usr/sbin/tor DataDirectory /home/weasel/.tor User weasel SocksPort unix:/home/weasel/test/socks
Mar 01 18:29:11.507 [notice] Tor v0.2.8.1-alpha (git-75e920591fe94bf6) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1k and Zlib 1.2.8.
Mar 01 18:29:11.508 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mar 01 18:29:11.508 [notice] This version is not a stable Tor release. Expect more bugs than usual.
Mar 01 18:29:11.508 [notice] Read configuration file "/etc/tor/torrc".
Mar 01 18:29:11.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Mar 01 18:29:11.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Mar 01 18:29:11.000 [notice] Bootstrapped 0%: Starting
Mar 01 18:29:11.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Mar 01 18:29:12.000 [warn] Permissions on directory /home/weasel/test are too permissive.
Mar 01 18:29:12.000 [warn] Before Tor can create a SOCKS socket in "/home/weasel/test/socks", the directory "/home/weasel/test" needs to exist, and to be accessible only by the user account that is running Tor.  (On some Unix systems, anybody who can list a socket can connect to it, so Tor is being careful.)
Mar 01 18:29:12.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Mar 01 18:29:13.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Mar 01 18:29:13.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Mar 01 18:29:13.000 [notice] Bootstrapped 100%: Done
^C

(there is no socket when it's running)

Without user switching:

weasel@defiant:~$ /usr/sbin/tor DataDirectory /home/weasel/.tor User weasel SocksPort unix:/home/weasel/test/socks     
Mar 01 18:30:38.444 [notice] Tor v0.2.8.1-alpha (git-75e920591fe94bf6) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1k and Zlib 1.2.8.
Mar 01 18:30:38.444 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mar 01 18:30:38.444 [notice] This version is not a stable Tor release. Expect more bugs than usual.
Mar 01 18:30:38.444 [notice] Read configuration file "/etc/tor/torrc".
Mar 01 18:30:38.449 [warn] Permissions on directory /home/weasel/test are too permissive.
Mar 01 18:30:38.449 [warn] Before Tor can create a SOCKS socket in "/home/weasel/test/socks", the directory "/home/weasel/test" needs to exist, and to be accessible only by the user account that is running Tor.  (On some Unix systems, anybody who can list a socket can connect to it, so Tor is being careful.)
Mar 01 18:30:38.449 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
Mar 01 18:30:38.449 [err] Reading config failed--see warnings above.

For comparison, 0.2.7.x:

drwxr-xr-x 2 weasel weasel 4096 Mar  1 18:17 test/
weasel@defiant:~$ sudo -H -i /usr/sbin/tor DataDirectory /home/weasel/.tor User weasel SocksPort unix:/home/weasel/test/socks
Mar 01 18:27:21.782 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1k and Zlib 1.2.8.
Mar 01 18:27:21.782 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mar 01 18:27:21.782 [notice] Read configuration file "/etc/tor/torrc".
Mar 01 18:27:21.787 [warn] Permissions on directory /home/weasel/test are too permissive.
Mar 01 18:27:21.787 [warn] Before Tor can create a SOCKS socket in "/home/weasel/test/socks", the directory "/home/weasel/test" needs to exist, and to be accessible only by the user account that is running Tor.  (On some Unix systems, anybody who can list a socket can connect to it, so Tor is being careful.)
Mar 01 18:27:21.787 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
Mar 01 18:27:21.787 [err] Reading config failed--see warnings above.

Child Tickets

Change History (9)

comment:1 Changed 3 years ago by nickm

Keywords: regression added
Priority: MediumHigh

comment:2 Changed 3 years ago by nickm

Milestone: Tor: 0.2.8.x-finalTor: 0.2.9.x-final

These seem like features, or like other stuff unlikely to be possible this month. Bumping them to 0.2.9

comment:3 Changed 3 years ago by nickm

Points: medium

comment:4 Changed 3 years ago by nickm

Priority: HighMedium

comment:5 Changed 3 years ago by isabela

Milestone: Tor: 0.2.9.x-finalTor: 0.2.???

tickets market to be removed from milestone 029

comment:6 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:7 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:8 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:9 Changed 2 years ago by nickm

Keywords: tor-client startup unix-socket needs-analysis added
Note: See TracTickets for help on using tickets.