search

subgraph / subgraph-os-issues

Subgraph OS issues repository
74 stars 9 forks source link

Consistent network issues #310

Open ghost opened 6 years ago

ghost commented 6 years ago

I really want to use Subgraph on a regular basis, but it seems like I run into the same issue every time. A few reboots after installing it, I lose Internet functionality. I did a fresh install this morning and now it's night time and I already have network troubles. The logs seem fine from what I can tell, but nothing works. I can't even ping anything, because I get "Destination Port Unreachable", even 127.0.0.1 with the firewall disabled. The most I've done is change my hostname (I've tried changing it back but it didn't make a difference), installed Tor Browser, and installed a few network-manager packages for OpenVPN that never worked. Any help would be greatly appreciated.

xmbwd commented 6 years ago

I am in the same boat -- except that I almost never get networking to work. I was wondering if there was some sort of setting I messed up, but this is on the liveUSB with an ethernet connection.

ghost commented 6 years ago

Glad to see that I'm not just going crazy. I've had issues in live as well, even on different computers. Sometimes Tor Bootstrapper never works, sometimes network-manager just decides it doesn't feel like routing any traffic. Subgraph is an OS that provides protection against network attacks, it kinda defeats the purpose of using it if you can't connect to the network.

xmbwd commented 6 years ago

I have also tried it on different computers. Ethernet and WiFi.

Kdzeko commented 6 years ago

It will be a very good OS in the future, i am sure. But now there are a very good intentions only from producers and it s to crongratulate them, But has too much bugs, some are too much relevant actions that we need for secure browser (openvpn or USB wifi adapters) I preffer continue user another linux distros at now, almost at the moment. Subgraph OS is a fantastic idea, for me this OS wll could be the best linux distro on anonymity and privacy internet, but still are very long from tails, kali, or qubes.

scottAnselmo commented 6 years ago

Same issue. I have no issue with connecting to WiFi, but Tor Browser stalls out and auto-closes when trying to find latest release and chat client can't connect to servers (but it throws an error pretty quickly about not being able to connect). This happens over WiFi or Ethernet. It's a 5 year old AMD gaming laptop (specs) so may be driver based issue?

I have no issues connecting to the internet and using applications with my Tails 3.2 live usb though. @dma are there any logs I can pull that may be of use to help you create a solution?

Edit: Using live usb created with Rufus 2.17, but that shouldn't matter.

dma commented 6 years ago

I suspect it's Tor failing to bootstrap.

Is system time set to the current time, UTC?

To change it, just open the 'Date & Time' gnome applet (or use CLI if you're more comfortable with that). Click on 'Activities', then type 'date' to start searching, and you'll see it. You can unlock the setting with your password and then change the time. The current time UTC at time of writing is Jan 6, 2018 02:19.

After you change this, Tor should wake up and start to bootstrap itself. You will see a little notification on your desktop indicating success.

This is culprit #1.

The log for Tor is in /var/log/tor/log.

** WE REALLY NEED TO FIX THIS. Maybe next ISO.

scottAnselmo commented 6 years ago

Alright thanks to you made some progress, was able to get a circuit, but there seems to be an issue with the launcher. It launches, but trying to enter anything in the URL or search for anything doesn't seem to induce anything, it just sits there:

Tor log:

Jan 06 03:51:59.000 [notice] Your system clock just jumped 25196 seconds forward; assuming established circuits no longer work.
Jan 06 03:52:03.000 [notice] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
Jan 06 03:52:03.000 [notice] Bootstrapped 45%: Asking for relay descriptors
Jan 06 03:52:03.000 [notice] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
Jan 06 03:52:03.000 [notice] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
Jan 06 03:52:03.000 [notice] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
Jan 06 03:52:03.000 [notice] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
Jan 06 03:52:04.000 [notice] Bootstrapped 50%: Loading relay descriptors
Jan 06 03:52:07.000 [notice] Bootstrapped 57%: Loading relay descriptors
Jan 06 03:52:07.000 [notice] Bootstrapped 64%: Loading relay descriptors
Jan 06 03:52:08.000 [notice] Bootstrapped 72%: Loading relay descriptors
Jan 06 03:52:12.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Jan 06 03:52:13.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Jan 06 03:52:13.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Jan 06 03:52:14.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Jan 06 03:52:14.000 [notice] Bootstrapped 100%: Done
Jan 06 04:27:33.000 [notice] New control connection opened.

Syslog:

Jan  6 04:49:03 localhost oz-daemon[1352]: 2018/01/06 04:49:03 Launch message received. Path: /usr/bin/torbrowser-launcher Name:  Pwd: /home/user Args: []
Jan  6 04:49:03 localhost oz-daemon[1352]: 2018/01/06 04:49:03 Execution request from uid 1000, gid 1000
Jan  6 04:49:03 localhost oz-daemon[1352]: 2018/01/06 04:49:03 Found running sandbox for `torbrowser-launcher`, running program there
Jan  6 04:49:03 localhost oz-daemon[1352]: 2018/01/06 04:49:03 [torbrowser-launcher] Run program message received: &{Args:[] Pwd:/home/user Path:/usr/bin/torbrowser-launcher}
Jan  6 04:49:03 localhost oz-daemon[1352]: 2018/01/06 04:49:03 [torbrowser-launcher] Enabling seccomp whitelist for: /usr/bin-oz/torbrowser-launcher
Jan  6 04:49:03 localhost torbrowser.desktop[3156]: ok received from application launch request
Jan  6 04:49:04 localhost oz-daemon[1352]: 2018/01/06 04:49:04 [torbrowser-launcher] Child process pid=432 exited from init with status 0
Jan  6 04:49:04 localhost oz-daemon[1352]: 2018/01/06 04:49:04 [torbrowser-launcher] Child process pid=433 exited from init with status -1
Jan  6 04:49:05 localhost oz-daemon[1352]: 2018/01/06 04:49:05 [torbrowser-launcher] Child process pid=310 exited from init with status 0
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) Launching './Browser/start-tor-browser --detach'...
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) Tor Browser Launcher
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) By Micah Lee, licensed under MIT
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) version 0.2.8
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) https://github.com/micahflee/torbrowser-launcher
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] (stdout) Refreshing local keyring...
Jan  6 04:49:09 localhost oz-daemon[1352]: 2018/01/06 04:49:09 [torbrowser-launcher] Child process pid=405 exited from init with status 0
Jan  6 04:49:10 localhost kernel: [ 3581.573516] grsec: denied resource overstep by requesting 2048 for RLIMIT_NOFILE against limit 1024 for /usr/lib/xorg/Xorg[Xorg:1612] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/lib/gdm3/gdm-x-session[gdm-x-session:1610] uid/euid:1000/1000 gid/egid:1000/1000
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server) 2018-01-06 04:49:10,939 Error during encoding:
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server) Traceback (most recent call last):
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server)   File "/usr/lib/python2.7/dist-packages/xpra/server/source.py", line 2100, in encode_loop
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server)     fn_and_args[0](*fn_and_args[1:])
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server)   File "/usr/lib/python2.7/dist-packages/xpra/server/window/window_source.py", line 561, in compress_and_send_window_icon
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server)     assert wrapper.datatype in ("premult_argb32", "png")
Jan  6 04:49:10 localhost oz-daemon[1352]: 2018/01/06 04:49:10 [torbrowser-launcher] (xpra-server) AssertionError

On a side note, syslog is pretty noisy with NAUTILUS failed line (last line below) which it spams incessantly:

Jan  6 04:11:17 localhost org.gnome.Nautilus[1621]: sys:1: PyGIWarning: Nautilus was imported without specifying a version first. Use gi.require_version('Nautilus', '3.0') before import to ensure that the right version gets loaded.
Jan  6 04:11:17 localhost dbus[1145]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service'
Jan  6 04:11:17 localhost systemd[1]: Starting Hostname Service...
Jan  6 04:11:18 localhost nautilus[2464]: nautilus_menu_provider_get_background_items: assertion 'NAUTILUS_IS_MENU_PROVIDER (provider)' failed

It looks like this is potentially being looked into by the Nautilus devs.

dma commented 6 years ago

Oh, that's a simple problem to fix:

sudo paxrat -c /etc/paxrat/paxrat_tbl.conf

Tor Browser Launcher has some major issues in SGOS. We're going to have to replace it. Distributing Tor Browser as a Debian-derived distro is challenging, that's why we have it.

BTW, there's a Chromium browser that's sandboxed with clearnet access. You can install it like so:

sudo apt-get install chromium

When you run it, it will exit directly (i.e. no Tor).

scottAnselmo commented 6 years ago

Hmm, I seem to be having some problems give the exit status 1 running the sudo paxrat line:

2018/01/08 01:09:35 Reading config from: /etc/paxrat/paxrat_tbl.conf
2018/01/08 01:09:35 Setting 'm' PaX flags via paxctl on /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/plugin-container
2018/01/08 01:09:35 [-c -m /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/plugin-container]
exit status 1
2018/01/08 01:09:35 [-v /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/plugin-container]

2018/01/08 01:09:35 - PaX flags: -----m-x-e-- [/home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/plugin-container]
    MPROTECT is disabled
    RANDEXEC is disabled
    EMUTRAMP is disabled

2018/01/08 01:09:35 exit status 1
2018/01/08 01:09:35 Setting 'm' PaX flags via paxctl on /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/firefox
2018/01/08 01:09:35 [-c -m /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/firefox]
exit status 1
2018/01/08 01:09:35 [-v /home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/firefox]

2018/01/08 01:09:35 - PaX flags: -----m-x-e-- [/home/user/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/firefox]
    MPROTECT is disabled
    RANDEXEC is disabled
    EMUTRAMP is disabled

2018/01/08 01:09:35 exit status 1

Can't seem to install Chromium either:


Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package chromium

syslog when trying to run Tor Browser after running the paxrat line (Tor Browser will say 'Connecting...' forever in the tab title):

Jan  8 01:13:06 localhost oz-daemon[1540]: 2018/01/08 01:13:06 Execution request from uid 1000, gid 1000
Jan  8 01:13:06 localhost oz-daemon[1540]: 2018/01/08 01:13:06 Found running sandbox for `torbrowser-launcher`, running program there
Jan  8 01:13:06 localhost oz-daemon[1540]: 2018/01/08 01:13:06 [torbrowser-launcher] Run program message received: &{Args:[] Pwd:/home/user Path:/usr/bin/torbrowser-launcher}
Jan  8 01:13:06 localhost oz-daemon[1540]: 2018/01/08 01:13:06 [torbrowser-launcher] Enabling seccomp whitelist for: /usr/bin-oz/torbrowser-launcher
Jan  8 01:13:06 localhost torbrowser.desktop[3406]: ok received from application launch request
Jan  8 01:13:07 localhost oz-daemon[1540]: 2018/01/08 01:13:07 [torbrowser-launcher] Child process pid=618 exited from init with status 0
Jan  8 01:13:07 localhost oz-daemon[1540]: 2018/01/08 01:13:07 [torbrowser-launcher] Child process pid=619 exited from init with status -1
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) Launching './Browser/start-tor-browser --detach'...
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) Tor Browser Launcher
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) By Micah Lee, licensed under MIT
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) version 0.2.8
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) https://github.com/micahflee/torbrowser-launcher
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] (stdout) Refreshing local keyring...
Jan  8 01:13:12 localhost oz-daemon[1540]: 2018/01/08 01:13:12 [torbrowser-launcher] Child process pid=590 exited from init with status 0
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 Starting connection #6
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 connection received unix:@ -> unix:/var/run/roflcoptor/tbb.socket
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 Starting connection #7
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 connection received unix:@ -> unix:/var/run/roflcoptor/tbb.socket
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 Closed client connection from: unix:/var/run/roflcoptor/tbb.socket
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 EOF
Jan  8 01:13:13 localhost roflcoptor[1370]: 2018/01/08 01:13:13 Closing connection #7
Jan  8 01:13:13 localhost kernel: [ 5498.073261] grsec: denied resource overstep by requesting 2048 for RLIMIT_NOFILE against limit 1024 for /usr/lib/xorg/Xorg[Xorg:1807] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/lib/gdm3/gdm-x-session[gdm-x-session:1805] uid/euid:1000/1000 gid/egid:1000/1000
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server) 2018-01-08 01:13:14,017 Error during encoding:
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server) Traceback (most recent call last):
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server)   File "/usr/lib/python2.7/dist-packages/xpra/server/source.py", line 2100, in encode_loop
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server)     fn_and_args[0](*fn_and_args[1:])
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server)   File "/usr/lib/python2.7/dist-packages/xpra/server/window/window_source.py", line 561, in compress_and_send_window_icon
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server)     assert wrapper.datatype in ("premult_argb32", "png")
Jan  8 01:13:14 localhost oz-daemon[1540]: 2018/01/08 01:13:14 [torbrowser-launcher] (xpra-server) AssertionError
ghost commented 6 years ago

@dma Yes, one of the issues I had was Tor Bootstrap failing to start, however I ensured that my time zone was set correctly and it still did not start. I'll happily give another go at Subgraph and try to reproduce my issues in the upcoming week. It will be especially interesting to see how it works with a freshly installed WiFi card. It's an interesting distro concept that I would happily use on a regular basis if it was more reliable :)

dma commented 6 years ago

@sanecito are you running SGOS in live mode?

The paxrat command should work.

Regarding Chromium, just do an apt-get update first, then apt-get install chromium.

scottAnselmo commented 6 years ago

Correct, using a live usb w/ live mode. Not sure if there's anything else that I can pull that may be use in helping?

Should have realized to run apt-get update first, chromium is at least working now so I can now proceed with testing the Monero package at least once I've dealt with all the boost and qt dependencies.

Just now saw there's an 'After Installing' in the Download page where it looks like this would have all been already covered, so thanks for helping and repeating yourself. :)

Hopefully the steps here at least help those of us who missed them on the website.