search

globaleaks / globaleaks-whistleblowing-software

GlobaLeaks is free, open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
https://www.globaleaks.org
Other
1.23k stars 269 forks source link

Server shuts down due to issues with TOR #3966

Closed flashlight4 closed 9 months ago

flashlight4 commented 9 months ago

What version of GlobaLeaks are you using?

4.14.6

Server Distributor ID: Ubuntu Description: Ubuntu 22.04.3 LTS Release: 22.04 Codename: jammy Linux meldestelle-10-23-nbg 5.15.0-91-generic #101-Ubuntu SMP Tue Nov 14 13:29:11 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux

What browser(s) are you seeing the problem on?

All

What operating system(s) are you seeing the problem on?

macOS

Describe the issue

After updating to 4.14.6 the service restart concurrently. For a short time the service is up and running and then the service tries to restart. Querying the status via $systemctl status globaleaks shows following: `● globaleaks.service - LSB: Start the GlobaLeaks server. Loaded: loaded (/lib/systemd/system/globaleaks.service; enabled; vendor preset: enabled) Active: activating (start) since Sat 2024-01-20 15:01:01 CET; 1min 26s ago Process: 712 ExecStart=/etc/init.d/globaleaks start (code=exited, status=0/SUCCESS) Tasks: 7 (limit: 9116) Memory: 249.1M CPU: 6.096s CGroup: /system.slice/globaleaks.service ├─817 /usr/bin/python3 /usr/bin/globaleaks --ip=:: --working-path=/var/globaleaks/ └─823 /usr/sbin/tor -f /dev/null/non-existant-on-purpose --ignore-missing-torrc DataDirectory /tmp/tortmpl3dlh8sg SOCKSPort 9999 ControlPort unix:/var/globaleaks/tmp/tor_control CookieAuthent>

Jan 20 15:01:01 meldestelle-10-23-nbg systemd[1]: Starting LSB: Start the GlobaLeaks server.... Jan 20 15:01:02 meldestelle-10-23-nbg globaleaks[712]: Starting GlobaLeaks daemon globaleaks Jan 20 15:01:02 meldestelle-10-23-nbg globaleaks[712]: Starting ... Jan 20 15:01:02 meldestelle-10-23-nbg globaleaks[712]: * Enabling Globaleaks Network Sandboxing... Jan 20 15:01:02 meldestelle-10-23-nbg globaleaks[712]: ...done. Jan 20 15:01:03 meldestelle-10-23-nbg globaleaks[712]: ...done. Jan 20 15:01:03 meldestelle-10-23-nbg systemd[1]: globaleaks.service: Can't open PID file /var/globaleaks/globaleaks.pid (yet?) after start: Operation not permitted`

Trying to mitigated the problem quickly by touching the file /var/globaleaks/globaleaks.pid manully results in a deletion of the file while the concurrent restarts.

Asking the log file globaleaks.log shows the following lines who are repeating according to the continous restart efforts: 2024-01-20 07:52:37+0100 [-] [E] Exception while running Tor 2024-01-20 07:52:37+0100 [-] Traceback (most recent call last): 2024-01-20 07:52:37+0100 [-] File "/usr/lib/python3/dist-packages/globaleaks/services/service.py", line 25, in run 2024-01-20 07:52:37+0100 [-] yield self.operation() 2024-01-20 07:52:37+0100 [-] twisted.internet.error.ConnectionLost: Connection to the other side was lost in a non-clean fashion: Connection lost. 2024-01-20 07:52:37+0100 [-] [E] exception mail suppressed for exception (<class 'twisted.internet.error.ConnectionLost'>) [reason: special exception] 2024-01-20 07:52:37+0100 [-] Stopping factory <Site object at 0xffff9062d420> 2024-01-20 07:52:37+0100 [-] Server Shut Down. 2024-01-20 07:52:45+0100 [-] twistd 22.1.0 (/usr/bin/python3 3.10.12) starting up. 2024-01-20 07:52:45+0100 [-] reactor class: twisted.internet.epollreactor.EPollReactor. 2024-01-20 07:52:46+0100 [-] [E] Found an already initialized database version: 67 2024-01-20 07:52:47+0100 [-] Starting factory <Site object at 0xffff8b0319f0> 2024-01-20 07:52:47+0100 [-] [E] Failed to initialize Tor connection; error: Tor control port not open on /var/globaleaks/tmp/tor_control; waiting for Tor to become available 2024-01-20 07:52:47+0100 [-] GlobaLeaks is now running and accessible at the following urls: 2024-01-20 07:52:47+0100 [-] - [HTTPS]: https://meldestelle.ngardedata.com 2024-01-20 07:52:47+0100 [-] - [Tor]: http://tihc36wxldntjbik5qj5wblxartil5lxiprnss74rc3ft2xjkcqdveqd.onion 2024-01-20 07:52:47+0100 [-] Starting factory _HTTP11ClientFactory(<function HTTPConnectionPool._newConnection..quiescentCallback at 0xffff890560e0>, <twisted.internet.endpoints._WrapperEndpoint object at 0xffff890a4d60>) 2024-01-20 07:52:47+0100 [-] Stopping factory _HTTP11ClientFactory(<function HTTPConnectionPool._newConnection..quiescentCallback at 0xffff890560e0>, <twisted.internet.endpoints._WrapperEndpoint object at 0xffff890a4d60>) 2024-01-20 07:57:44+0100 [-] Stopping factory <Site object at 0xffff8b0319f0> 2024-01-20 07:57:44+0100 [-] Server Shut Down.

My first guess of the problem with Version 4.14.6 reads like:

  1. Repeated Tor Connection Problems: The error messages [E] Exception while running Tor and twisted.internet.error.ConnectionLost: Connection to the other side was lost in a non-clean fashion: Connection lost. indicate that the GlobaLeaks server is repeatedly having trouble maintaining a stable connection with Tor. These issues seem to recur at regular intervals, which could suggest an ongoing network or configuration problem.

  2. Issues with the Tor Control Port: The repeated messages about the unavailable Tor control port (Failed to initialize Tor connection; error: Tor control port not open on /var/globaleaks/tmp/tor_control) suggest that the server is having difficulties establishing a connection via the specified control port. This could point to a misconfiguration of Tor or a permissions issue accessing the relevant files.

  3. Successful Connection and Service Initialization: Despite the recurring problems, there are entries indicating that a successful connection to Tor was made (Successfully connected to Tor control port) and the onion service was initialized (Initialization of onion-service... completed.). This shows that the server is functioning properly at least some of the time.

  4. Server Starts and Shutdowns: The log entries show several instances where the GlobaLeaks server starts and then shuts down (Starting factory , Server Shut Down.). This could indicate instability or configuration issues causing the server not to run continuously.

  5. Database Status: The message about an already initialized database (Found an already initialized database version: 67) is normal and indicates that the database was previously initialized in an earlier run.

In summary, the main issue appears to be the unstable connection to Tor and potential configuration problems. The fact that the server occasionally establishes a connection and then loses it again suggests that the basic configuration might be correct, but there could be intermittent network issues or problems with the Tor installation itself. A detailed review of the Tor configuration and network environment might be necessary to resolve the issue.

Proposed solution

No response

evilaliv3 commented 9 months ago

Thank you @flashlight4

In relation to Tor we are not aware of issues actually.

But in relation to the log that you are reported i notice a bug on the PID file specific of release 4.14.16 where we have moved the PID file to /dev/shm/globaleaks/globaleaks.pid

I'm going to issue a bugfixed release 4.14.17

flashlight4 commented 9 months ago

Thank you @evilaliv3 , after update zu 4.14.7 the system keeps working calmly and with healthy service status. Thanks for Your quick response and efforts!