Opened 7 years ago

Closed 7 years ago

#6796 closed defect (duplicate)

Untrusted tor in TorCloud stops new instances from working

Reported by: dogsbody Owned by: runa
Priority: High Milestone:
Component: Archived/Tor Cloud Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I have only tested this once using the following setup but I use Amazon AWS every day for a job so I'm pretty happy I didn't do anything wrong there.

I created a new Amazon AWS account (for the free tier) and followed the instructions to spin up a Normal bridge in the eu-west-1 Ireland Zone. The instance spun up without issue.

I was of course interested to see how much it would be used so I used the key to login via SSH and tried the two commands in the FAQ...

$ sudo cat /var/log/tor/log
cat: /var/log/tor/log: No such file or directory

$ sudo -u debian-tor arm
sudo: unknown user: debian-tor

... looking at the processes I could see TOR wasn't installed yet...

  523 ?        S      0:00 /bin/sh /etc/rc2.d/S99rc.local start
  529 ?        S      0:00 /bin/sh -e /etc/rc.local
  557 ?        S      0:00 /bin/bash /etc/ec2-prep.sh bridge
  778 ?        Sl     0:00 aptitude -y install tor tor-geoipdb tor-arm

.... I left it 10 hours to make sure I wasn't just being impatient but the install was still stuck at the same point.

I tried killing aptitude so that I could run it manually to see what the problem was. This action deletes /etc/ec2-prep.sh and reboots the instance. When it cane back I tried to run the command manually...

$ sudo aptitude -y install tor tor-geoipdb tor-arm
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
The following NEW packages will be installed:
  libevent-1.4-2{a} python-geoip{a} python-socksipy{a} python-torctl{a} tor tor-arm tor-geoipdb torsocks{a}
0 packages upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
Need to get 3,078kB of archives. After unpacking 9,336kB will be used.
WARNING: untrusted versions of the following packages will be installed!

Untrusted packages could compromise your system's security.
You should only proceed with the installation if you are certain that
this is what you want to do.

  tor-geoipdb tor-arm tor python-torctl

Do you want to ignore this warning and proceed anyway?
To continue, enter "Yes"; to abort, enter "No":

As you can see the script is waiting for user input.

As I see it there are two fixes...
1) Fix the untrusted element of the repo
2) Add --allow-untrusted to the aptitude command.
... I will leave that to you guys to fix.

I wanted to let you know ASAP as currently people maybe spinning up these instances in good faith and they aren't doing anything at all :-(

Keep up the great work

Child Tickets

Change History (2)

comment:1 Changed 7 years ago by arma

Runa: see https://lists.torproject.org/pipermail/tor-relays/2012-September/001611.html

Sounds like maybe you want the keyring deb too.

Unless that is you're not using deb.torproject.org, in which case, ignore this.

comment:2 Changed 7 years ago by runa

Resolution: duplicate
Status: newclosed

Duplicate of #6776, will update the images tomorrow.

Note: See TracTickets for help on using tickets.