Closed hellais closed 11 years ago
Hmmm. Yes, I suppose when creating a directory for Tor to run in, we'll want to set it to the user it'll drop to -- one short-tern solution is to put "User root" into the config you pass to launch_tor() -- that is, config.User = 'root' or config.User = pwd.getpwuid(os.geteuid()).pw_name -- but I suppose doing something similar automagically might be worthwhile? Or, at least checking and throwing a more-useful error message before trying to launch tor?
lukaslueg committed a fix which makes launch_tor() change ownership of the tempdir to whatever "config.User" is (if specified). Does this work for your use-case?
I'm closing this as I don't know of a more-useful solution than the one implemented. @hellais if you need something more (or different) please re-open.
When doing launch_tor as root I get the following error:
unexpected error in processEnded Traceback (most recent call last): File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/abstract.py", line 291, in readConnectionLost self.connectionLost(reason) File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 275, in connectionLost self.proc.childConnectionLost(self.name, reason) File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 911, in childConnectionLost self.maybeCallProcessEnded() File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 924, in maybeCallProcessEnded _BaseProcess.maybeCallProcessEnded(self) --- ---
File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/_baseprocess.py", line 60, in maybeCallProcessEnded
proto.processEnded(Failure(reason))
File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/txtorcon-0.7-py2.6.egg/txtorcon/torconfig.py", line 322, in processEnded
raise RuntimeError('\n'.join(self.stdout) + "\n\nTor exited with error-code %d" % status.value.exitCode)
exceptions.RuntimeError: Dec 09 05:38:06.295 [notice] Tor v0.2.2.39 (git-2f7e71c2e896772f). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
Dec 09 05:38:06.296 [notice] Initialized libevent version 1.4.13-stable using method epoll. Good.
Dec 09 05:38:06.296 [notice] Opening Socks listener on 127.0.0.1:5974
Dec 09 05:38:06.296 [notice] Opening Control listener on 127.0.0.1:18445
Dec 09 05:38:06.296 [warn] /tmp/tortmpNJRBUn is not owned by this user (debian-tor, 106) but by root (0). Perhaps you are running Tor as the wrong user?
Dec 09 05:38:06.296 [warn] Failed to parse/validate config: Couldn't access/create private data directory "/tmp/tortmpNJRBUn"
Dec 09 05:38:06.296 [err] Reading config failed--see warnings above.
I believe this has to do with the fact that Tor runs as a reduced privilege user when doing mktmp as root the permissions on these files are set to be root and not of the user under which tor runs.
I am not sure what the most clean solution to this problem is.