search

mynodebtc / mynode

The easiest way to run Bitcoin and Lightning!
Other
647 stars 146 forks source link

Tor stops with an config error after update to mynode v0.2.44 #592

Open seberm opened 2 years ago

seberm commented 2 years ago

Describe the bug A tor service (tor@default.service) is not running after the update to mynode v0.2.44. This is causing other services (e.g. lnd) to fail.

Expected behavior Service is running without any problems.

MyNode hardware (please complete the following information):

Additional context As you can see from the logs, it is failing because of obsolete config option (HiddenServiceAuthorizeClient). Also, the onion services of version 2 are not supported anymore.

$ sudo journalctl -fu tor@default
...
Nov 03 06:36:41 mynode systemd[1]: Starting Anonymizing overlay network for TCP...
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.968 [notice] Tor 0.4.6.8 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma 5.2.4, Libzstd 1.3.8 and Glibc 2.28 as libc.
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.968 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.969 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.969 [notice] Read configuration file "/etc/tor/torrc".
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.971 [warn] Skipping obsolete configuration option "HiddenServiceAuthorizeClient".
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.972 [warn] Onion services version 2 are obsolete. Please see https://blog.torproject.org/v2-deprecation-timeline for more details and for instructions on how to transition to version 3.
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.972 [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details.
Nov 03 06:36:41 mynode tor[9466]: Nov 03 06:36:41.972 [err] Reading config failed--see warnings above.
Nov 03 06:36:41 mynode systemd[1]: tor@default.service: Control process exited, code=exited, status=1/FAILURE
Nov 03 06:36:41 mynode systemd[1]: tor@default.service: Failed with result 'exit-code'.
Nov 03 06:36:41 mynode systemd[1]: Failed to start Anonymizing overlay network for TCP.
Nov 03 06:36:42 mynode systemd[1]: tor@default.service: Service RestartSec=100ms expired, scheduling restart.
Nov 03 06:36:42 mynode systemd[1]: tor@default.service: Scheduled restart job, restart counter is at 5.
Nov 03 06:36:42 mynode systemd[1]: Stopped Anonymizing overlay network for TCP.

So, the fix must be in this file, lines 249-253:

I would suggest remove these lines completely probably together with whole /var/lib/tor/mynode_btc_v2/ directory.

Thanks

tehelsper commented 2 years ago

You're right - it looks like the repo updated tor and now it exits with a failure if it sees any reference to v2 in the config file.

As a workaround for now, you can update the /etc/tor/torrc file and change these lines to comment them out or delete them.

# Hidden Service for myNode (BTC) v2
#HiddenServiceDir /var/lib/tor/mynode_btc_v2/
#HiddenServiceVersion 2
#HiddenServiceAuthorizeClient stealth mynode
#HiddenServicePort 8332 127.0.0.1:8332

I'll try to get an update out soon that removes the v2 tor service.

tehelsper commented 2 years ago

New update (v0.2.45) is out with a fix, but a typical upgrade may fail since tor is having issues. You may need to do the above workaround or use a different path to resolve.

Possible resolutions:

seberm commented 2 years ago

Hello @tehelsper , thanks for such a quick fix! The workaround is working fine, I've been running it since yesterday alredy.

I'll try to update to v0.2.45 today.

Thanks, Ota

bensig commented 2 years ago

I am still unable to run tor even after making these changes. I should note that tor was recently upgraded to tor (0.4.6.8-1~d10.buster+1) on my debian install just before this error began.

For example, when I run the start command that I found in the systemd service tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config

I get the following error:

Nov 04 02:15:23.627 [notice] Tor 0.4.6.8 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma 5.2.4, Libzstd 1.3.8 and Glibc 2.28 as libc.
Nov 04 02:15:23.627 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 04 02:15:23.627 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Nov 04 02:15:23.627 [notice] Read configuration file "/etc/tor/torrc".
Nov 04 02:15:23.628 [warn] /var/lib/tor/mynode/ is not owned by this user (debian-tor, 109) but by root (0). Perhaps you are running Tor as the wrong user?
Nov 04 02:15:23.628 [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details.
Nov 04 02:15:23.628 [err] Reading config failed--see warnings above.

Tor runs fine with just /etc/tor/torrc so I believe that the error I'm seeing is related to this config file /usr/share/tor/tor-service-defaults-torrc

Contents are unchanged from default mynode repo:

DataDirectory /var/lib/tor
PidFile /run/tor/tor.pid
RunAsDaemon 1
User debian-tor

ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck
ControlSocketsGroupWritable 1
SocksPort unix:/run/tor/socks WorldWritable
SocksPort 9050

CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /run/tor/control.authcookie

Log notice syslog

Directory /var/lib/tor has the following permissions:

drwx--S--- 11 debian-tor debian-tor 4096 Nov  3 03:26 .
drwxr-xr-x 44 root       root       4096 Nov  3 02:04 ..
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_btc
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_btcpay
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_electrs
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_lnbits
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_lnd
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_lndhub
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_sphinx
drwx--S---  3 root       debian-tor 4096 Nov  3 03:26 mynode_ssh
bensig commented 2 years ago

I was able to get tor running again by updating ownership on the entire DataDirectory - this might not be a great idea, but it was the only way I was able to get this running on tor 0.4.6.8-1~d10.buster+1

chown -R debian-tor /var/lib/tor/*

tehelsper commented 2 years ago

@bensig Yeah, that issue seems a bit different. I'm not sure how it happened for you on a single folder, but there's already a script that does this at startup to make sure it's owned properly: chown debian-tor:debian-tor /var/lib/tor

I can probably just make it recursive to prevent this in the future with a "-R"

tehelsper commented 2 years ago

Also, it appears the latest tor version was pushed to the repo on the evening of 10/31. Any upgrades between 10/31 and 11/3 may be affected by this issue.

Sorry for the inconvenience. I knew tor v2 was being deprecated, but I didn't know tor would exit with an error if it saw old tor v2 config.

Again, here are the two simplest workarounds.

sudo wget https://raw.githubusercontent.com/mynodebtc/mynode/master/rootfs/standard/etc/tor/torrc -O /etc/tor/torrc
sudo systemctl restart tor@default.service

or

sudo wget https://raw.githubusercontent.com/mynodebtc/mynode/master/rootfs/standard/etc/tor/torrc -O /etc/tor/torrc
sudo mynode-reboot