Problems with starting managed Obfsproxy server when installed via debian package and with Tor as service
On a Ubuntu 12.04 "precise" host, I have installed obfsproxy and upgraded tor via the debian packages. More specifically:
$> sudo apt-get install -y tor obfsproxy
...
$> which obfsproxy
/usr/bin/obfsproxy
$> obfsproxy --version
obfsproxy 0.1.4 (git-94ebc4c3edf1e3e5)
$> tor --version
[notice] Tor v0.2.3.22-rc (git-4a0c70a817797420) running on Linux.
[notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Tor version 0.2.3.22-rc (git-4a0c70a817797420).
I'm typically managing Tor via:
$> sudo service tor start|stop|status
My torrc
is:
$> grep -v "^#" /etc/tor/torrc | sed '/^$/d'
SocksPort 0
RunAsDaemon 1
User debian-tor
ORPort 8888
Nickname sricslbridge2
ExitPolicy reject *:* # no exits allowed
BridgeRelay 1
ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
After starting Tor, the following process is running. But the obfsproxy process is missing, because of the following log output:
$> ps axu | grep tor
107 2228 0.7 1.3 379396 53244 ? Sl 07:27 0:01 /usr/sbin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc --hush
...
$> ps axu | grep obfs
$> sudo grep obfs /var/log/tor/log
[warn] Could not launch managed proxy executable at '/usr/bin/obfsproxy' ('Permission denied').
When I turn Log
on via torrc
, the log output is slightly more verbose:
$> sudo grep -v "^#" /etc/tor/torrc | grep Log
Log debug file /var/log/tor/debug.log
$> sudo grep obfs /var/log/tor/debug.log
[info] launch_managed_proxy(): Managed proxy at '/usr/bin/obfsproxy' has spawned with PID '2423'.
[info] handle_proxy_line(): Got a line from managed proxy '/usr/bin/obfsproxy': (ERR: Failed to spawn background process - code 9/D)
[warn] Could not launch managed proxy executable at '/usr/bin/obfsproxy' ('Permission denied').
The reason I was thinking it has to do with my init script (although I don't think I changed it myself. It was probably installed with Tor 0.2.2.x originally), is that I tried to run multiple Tor processes controlled via init.d using the instructions here: [https://www.torservers.net/wiki/setup/server#multiple_tor_processes] And the effect was that obfsproxy did start using this alternative init script. However, I reverted back to the original init script because the stopping of multiple Tor processes didn't work and I realized that I only need one Tor process to support a regular and an obfuscated bridge.
In the hope that the permission required to start the managed obfsproxy had to do with write permissions in certain locations, I attempted: (but it didn't resolve the problem)
$> sudo chown -R debian-tor:adm /var/tor
$> sudo ls -la /var/tor
total 6816
drwx------ 3 debian-tor adm 4096 Sep 28 15:27 .
drwxr-xr-x 13 root root 4096 Sep 29 07:23 ..
-rw------- 1 debian-tor adm 16947 Sep 28 13:11 cached-certs
-rw------- 1 debian-tor adm 706188 Sep 28 13:11 cached-consensus
-rw------- 1 debian-tor adm 4237891 Sep 28 14:36 cached-descriptors
-rw------- 1 debian-tor adm 184873 Sep 28 14:38 cached-descriptors.new
-rw------- 1 debian-tor adm 594762 Sep 28 13:11 cached-microdesc-consensus
-rw------- 1 debian-tor adm 1172036 Sep 28 14:36 cached-microdescs
-rw------- 1 debian-tor adm 23655 Sep 28 14:36 cached-microdescs.new
-rw------- 1 debian-tor adm 60 Sep 28 14:36 fingerprint
drwx------ 2 debian-tor adm 4096 Sep 28 13:11 keys
-rw------- 1 debian-tor adm 0 Sep 28 14:36 lock
-rw------- 1 debian-tor adm 1510 Sep 28 15:27 state
$> sudo ls -la /var/run/tor
total 8
drwxr-s--- 2 debian-tor debian-tor 100 Sep 29 07:50 .
drwxr-xr-x 21 root root 700 Sep 29 07:49 ..
srw-rw---- 1 debian-tor debian-tor 0 Sep 29 07:50 control
-rw-r----- 1 debian-tor debian-tor 32 Sep 29 07:50 control.authcookie
-rw-r--r-- 1 debian-tor debian-tor 5 Sep 29 07:50 tor.pid
I'm attaching the short log
and the more detailed debug.log
. Also the init scripts tor
(which must have come with the first Tor installation) and tor.MULTIPLE
, which came from the commands below, are attached.
$> cd /etc/init.d
$> sudo mv tor tor.ORIG
$> sudo wget -O tor https://www.torservers.net/misc/config/initd-tor
$> sudo mv tor tor.MULTIPLE
$> sudo mv tor.ORIG tor
Thanks! Linda