search

meejah / txtorcon

Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction.
http://fjblvrw2jrxnhtg67qpbzi45r7ofojaoo3orzykesly2j3c2m3htapid.onion/
MIT License
250 stars 72 forks source link

Problems when running launch tor as root #26

Closed hellais closed 11 years ago

hellais commented 11 years ago

When doing launch_tor as root I get the following error:

unexpected error in processEnded Traceback (most recent call last): File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/abstract.py", line 291, in readConnectionLost self.connectionLost(reason) File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 275, in connectionLost self.proc.childConnectionLost(self.name, reason) File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 911, in childConnectionLost self.maybeCallProcessEnded() File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/process.py", line 924, in maybeCallProcessEnded _BaseProcess.maybeCallProcessEnded(self) --- --- File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/twisted/internet/_baseprocess.py", line 60, in maybeCallProcessEnded proto.processEnded(Failure(reason)) File "/home/ooni/.virtualenvs/ooniprobe/lib/python2.6/site-packages/txtorcon-0.7-py2.6.egg/txtorcon/torconfig.py", line 322, in processEnded raise RuntimeError('\n'.join(self.stdout) + "\n\nTor exited with error-code %d" % status.value.exitCode) exceptions.RuntimeError: Dec 09 05:38:06.295 [notice] Tor v0.2.2.39 (git-2f7e71c2e896772f). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Dec 09 05:38:06.296 [notice] Initialized libevent version 1.4.13-stable using method epoll. Good. Dec 09 05:38:06.296 [notice] Opening Socks listener on 127.0.0.1:5974 Dec 09 05:38:06.296 [notice] Opening Control listener on 127.0.0.1:18445 Dec 09 05:38:06.296 [warn] /tmp/tortmpNJRBUn is not owned by this user (debian-tor, 106) but by root (0). Perhaps you are running Tor as the wrong user? Dec 09 05:38:06.296 [warn] Failed to parse/validate config: Couldn't access/create private data directory "/tmp/tortmpNJRBUn" Dec 09 05:38:06.296 [err] Reading config failed--see warnings above.

I believe this has to do with the fact that Tor runs as a reduced privilege user when doing mktmp as root the permissions on these files are set to be root and not of the user under which tor runs.

I am not sure what the most clean solution to this problem is.

meejah commented 11 years ago

Hmmm. Yes, I suppose when creating a directory for Tor to run in, we'll want to set it to the user it'll drop to -- one short-tern solution is to put "User root" into the config you pass to launch_tor() -- that is, config.User = 'root' or config.User = pwd.getpwuid(os.geteuid()).pw_name -- but I suppose doing something similar automagically might be worthwhile? Or, at least checking and throwing a more-useful error message before trying to launch tor?

meejah commented 11 years ago

lukaslueg committed a fix which makes launch_tor() change ownership of the tempdir to whatever "config.User" is (if specified). Does this work for your use-case?

meejah commented 11 years ago

I'm closing this as I don't know of a more-useful solution than the one implemented. @hellais if you need something more (or different) please re-open.