Geoip parsing fails on user accounts under windows
Tor can't parse the geoip file on limited accounts under windows, because the geoip file is not placed in the private folder of limited users during installation.
This affects relays.
The current workaround is to copy the file from "C:\Users[administrator]\AppData\Roaming\tor" to "C:\Users[limited user]\AppData\Roaming\tor"
Activity
changed milestone to %Tor: unspecified
I wonder what a better location for this file would be. Does somebody who knows Windows better have an idea about why it would be a bad idea to put the geoip with the rest of the Tor installation in C:\Program Files [(x86) on some machines]? Is it a bad idea?
I can imagine a user wanting to use their own geoip, so there is an argument for %APPDATA% at least taking precedence over C:\Program Files, but if no geoip is found there, it should fall back to the default location. (I will have to dig around a bit to find out if and how this is possible with the packaging tools.)
This affects all users (admins as well as limited users)
Add an option to all relay bundles: "Install for:" "- current installing admin" "-all users" then write the Geoip file to "C:\Users\Public", when the second option is used problably in a subdir \Tor\
C:\Users\Public is a folder (On Windows 7) where any user can read and write.
(When the option is not an option, the installer could place the Geoip file there always)
Since Tor can access this folder it could update it. (Whenever this other ticket should get implement it.
Quote: "why it would be a bad idea to put the geoip with the rest of the Tor installation in C:\Program Files [(x86) on some machines]? Is it a bad idea?"
My first guess was that Tor creates the file in %APPDATA%, but the installer place the file there. I thought about that, too. That was my first solution and I wanted to announce this to you. But Sebastian told me about a ticket which suggests to update the geoip file through Tor. It's a good idea to place it there, when only the installer should place the file there and when only the installer should update the file.
"C:\Users\Public" allows the installer to place it there and Tor(.exe) could update it as well. The only disadvantage I currently see is that any user could modify or delete the geoip file.
It appears that the windows installer of Tor is able to detect whenever as user runs a 32bit or 64bit windows. Since it selects "Program Files (x86)) automatically.
While "C:\Users\Public" is present on Vista and Windows 7 (Don't know about Windows8) it's not under Windows XP there it is "C:\Documents and settings\All Users
Trac:
Summary: Geoip parsing fails on limited user accounts under windows to Geoip parsing fails on user accounts under windows
Keywords: limited user deleted, N/A added
See #5359 (closed) for (likely) another case of this bug.
-
And #5653 (moved) for another. We really need to fix this bug.
The default install location on Linux is /usr/share/tor/, which is used as shared non-writable data, if I'm not mistaken. The equivalent for Windows would be "C:\ProgramData\tor" (Vista/Win7) or "C:\Documents and Settings\All Users\Application Data\tor" (XP)
For the NSIS installer, this seems to be done like:
SetShellVarContext all SetOutPath $APPDATA File "geoip"This requires a change in tor to read the file using CSIDL_COMMON_APPDATA.
Created a branch that moves geoip to Common AppData. When I figured out how to officially create packages I will test this on Windows 7, but it's paramount that it be tested on XP as well. The geoip file should be installed to "C:\Documents and Settings\All Users\Application Data\tor\geoip"
Putting it up for review so that someone can test it on XP (and Win7)
Branch bug4347 in my personal repo. It's based on maint-0.2.2, I hope that's correct. If not, do let me know.
Trac:
Status: new to needs_review
Looks at least superficially good to me, but I don't know Windows as well as others. You're right that it needs testing on XP too.
I'd also like to make sure this won't break TBB at all; I don't know how TBB goes about making sure that this file is found correctly.
Also, in the long term, perhaps we should have the default be to search the likeliest locations rather than looking in just one. But maybe that's not necessary. Either way, we shouldn't do that for 0.2.2.x.
Putting this in the Tor 0.2.2.x milestone for now. I think maybe it belongs here, since not being able to get geoip data can be a security issue for some people, and since this is windows-only code.
Trac:
Milestone: N/A to Tor: 0.2.2.x-final-
Replying to nickm:
I'd also like to make sure this won't break TBB at all; I don't know how TBB goes about making sure that this file is found correctly.
Hopefully by explicitly having a 'geoipfile' line in its torrc.
I've got one in my Linux TBB at least.
Putting this in the Tor 0.2.2.x milestone for now.
Makes sense.
I made a test package with Shondoit's patch (as well as his patch for #3757 (closed)) and put it here:
https://archive.torproject.org/tor-package-archive/technology-preview/tor-0.2.2.36-win32-test.exe
09b8adb621c5ebb6df8e04bf2371b005cd9787893df6e193763d67f73bac3821 tor-0.2.2.36-win32-test.exe
I don't have a limited user account or access to WinXP so if people who have either/both of those could test and report back I'd appreciate it.
Replying to ubjective:
To resolve the issue for Server 2008, just copy the Tor folder which has geoip in it from c:\users\administrator\appdata\local to c:\users\administrator\appdata\roaming. Manually copying is not the solution. Especially not for the end-user.
Also, we have a possible fix which is still under review.
Trac:
Status: accepted to needs_review
