Opened 8 years ago

Closed 8 years ago

#4586 closed enhancement (fixed)

Include Arm in Tor Cloud image

Reported by: james21 Owned by: runa
Priority: Medium Milestone:
Component: Archived/Tor Cloud Version:
Severity: Keywords:
Cc: atagar Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It would be useful to have Arm set up and ready to go in the Tor Cloud image.

Child Tickets

Change History (10)

comment:1 Changed 8 years ago by runa

Cc: atagar added

It would be great, but tor-arm is currently not available in Ubuntu Lucid. I'm Cc-ing the arm developer, I'm sure he can comment on this.

comment:2 Changed 8 years ago by atagar

but tor-arm is currently not available in Ubuntu Lucid

Citation needed. :P
https://launchpad.net/ubuntu/lucid/+source/tor-arm

Arm is located in Mavrick/Lucid backports, then the main repo in Natty on up. Let me know if there's anything from arm that could make the cloud image better.

Cheers! -Damian

comment:3 in reply to:  2 Changed 8 years ago by runa

Replying to atagar:

but tor-arm is currently not available in Ubuntu Lucid

Citation needed. :P
https://launchpad.net/ubuntu/lucid/+source/tor-arm

I did a quick search on packages.ubuntu.com and didn't think about including backports. Sorry.

Arm is located in Mavrick/Lucid backports, then the main repo in Natty on up. Let me know if there's anything from arm that could make the cloud image better.

The next question is; what does it take to get arm up and running? Last time I used arm was on the DreamPlug for the Torouter project, and I remember having some problems running it as non-root.

comment:4 Changed 8 years ago by atagar

The next question is; what does it take to get arm up and running?

https://gitweb.torproject.org/arm.git/blob/HEAD:/README#l21

I remember having some problems running it as non-root

There's a few things that commonly run into permission gotchas...

  • reading the authentication cookie requires membership in tor's group
  • getting connection data (for instance, from proc or netstat) often requires that you're running as the tor user
  • writing to the torrc requires that you... well, have write permissions to the torrc

To deal with these I run arm as the tor user, and for the last I simply avoid using the torrc supplied with the deb.

Iirc the trouble that you were running into was that tor's deb configures the torrc to only have write permissions from root because they only want it hand edited (personally I think that's dumb, but oh well). A hack was added to allow an alternative torrc for vidalia, but that was later deemed to be a mistake so the same hack doesn't exist for arm. As you discovered back then this means that SAVECONF fails unless you're running tor as root, and arm can't write directly unless it's running as root.

This said, arm can monitor and configure the tor process just fine - it just can't save those configuration changes. Also, Jake spent quite a while coming up with a setuid workaround which is available with arm's most recent version, though not enabled by default.

I wouldn't recommend using the Ubuntu archives unless you can't avoid it. Ubuntu's policy leads to a lot of stale software and arm is no exception - the copy in the Lucid repo is 1.4.0 which is around a year out of date.

Cheers! -Damian

comment:5 in reply to:  4 ; Changed 8 years ago by runa

Replying to atagar:

Replying to runa:

I remember having some problems running it as non-root

There's a few things that commonly run into permission gotchas...

  • reading the authentication cookie requires membership in tor's group
  • getting connection data (for instance, from proc or netstat) often requires that you're running as the tor user
  • writing to the torrc requires that you... well, have write permissions to the torrc

To deal with these I run arm as the tor user, and for the last I simply avoid using the torrc supplied with the deb.

Ok. So we can include arm in the new images and update the FAQ with a "How do I run arm?"-section.

This said, arm can monitor and configure the tor process just fine - it just can't save those configuration changes. Also, Jake spent quite a while coming up with a setuid workaround which is available with arm's most recent version, though not enabled by default.

Does arm display bridge statistics, such as client numbers? If so, this can be the new #4228.

I wouldn't recommend using the Ubuntu archives unless you can't avoid it. Ubuntu's policy leads to a lot of stale software and arm is no exception - the copy in the Lucid repo is 1.4.0 which is around a year out of date.

We can pull it from deb.tpo, that's not a problem.

comment:6 in reply to:  5 ; Changed 8 years ago by james21

Replying to runa:

Does arm display bridge statistics, such as client numbers? If so, this can be the new #4228.

It shows the current number of users connected as well as bandwidth used over time. I found it immensely satisfying to see my node transferring gigabytes of data and its current activity. While it may not meet all the requirements of #4228, it may adhere to the spirit. If we still need statistics such as client numbers over time, this can become an Arm enhancement rather than a Tor Cloud one.

comment:7 in reply to:  6 Changed 8 years ago by runa

Replying to james21:

Replying to runa:

Does arm display bridge statistics, such as client numbers? If so, this can be the new #4228.

It shows the current number of users connected as well as bandwidth used over time. I found it immensely satisfying to see my node transferring gigabytes of data and its current activity. While it may not meet all the requirements of #4228, it may adhere to the spirit. If we still need statistics such as client numbers over time, this can become an Arm enhancement rather than a Tor Cloud one.

It's more a "want" than "need", but yes, it would be great to see client numbers over time as part of arm.

I'll close #4228 and point to this ticket, and I will include arm the next time I publish new images (which will be whenever Canonical decides to publish new images, my guess is in a month or two).

comment:8 Changed 8 years ago by runa

Status: newaccepted

comment:9 Changed 8 years ago by atagar

So we can include arm in the new images and update the FAQ with a "How do I run arm?"-section.

Sounds good. Suggesting "sudo -u debian-tor arm" will take care of the first couple. If you're using the most recent version then iirc I've fixed the exception handling when failing to issue a SAVECONF so that should already give a clear message that their permissions are to blame (might want to double check that).

Does arm display bridge statistics, such as client numbers?

The most recent version does via a new dialog when the user presses 'c' on the second page (connections). It shows client usage by locale as a bar graph (pity I didn't take a screenshot...).

I doubt most users even know this feature exists. ;)

We can pull it from deb.tpo, that's not a problem.

Unfortunately nope...
https://trac.torproject.org/projects/tor/ticket/3391

Dererk sounded close to adding it, and said that he'd update that ticket. However, it looks like he forgot the later.

I found it immensely satisfying to see my node transferring gigabytes of data and its current activity.

Glad you like it! Let me know if there's anything more you'd like from it.

While it may not meet all the requirements of #4228, it may adhere to the spirit.

Actually, it does cover everything except the pools idea - from #4228...

  • how many clients are using it

Stats for the life of the arm process, prepopulated with the last day's values via 'GETINFO status/clients-seen', are in the client usage dialog I mentioned.

  • which pool the bridge ended up in

This isn't easily available at the moment. However, a long term project for arm is subscribing to distilled display statistics that are too costly to fetch ourselves (for instance whois/rdns lookups for all relays). This could be expanded to include bridge pool assignments...
https://trac.torproject.org/projects/tor/wiki/doc/arm#CircuitDetails

That said, I won't be getting to this any time soon. It might make a good GSoC project.

Cheers! -Damian

comment:10 Changed 8 years ago by runa

Resolution: fixed
Status: acceptedclosed

Fixed in ec2-prep.sh, need to update the images.

Note: See TracTickets for help on using tickets.