[Whonix-devel] #25173 [Core Tor/Tor]: No Control Socket when DisableNetwork and User options are set
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Feb 7 21:31:36 CET 2018
#25173: No Control Socket when DisableNetwork and User options are set
------------------------------+------------------------------
Reporter: iry | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: unspecified
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+------------------------------
To successfully reproduce this, we need:
0. set DisableNetwork to 1
1. use User option as part of the Tor configuration
2. run sudo Tor from a different user in a different group
Here are the specific steps to reproduce it. I tested it on Debian
Stretch but it should be distribution independent:
user at host:~$ cat /home/user/my.torrc
DataDirectory /tmp/tor
ControlSocket /tmp/tor/control.sock
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /tmp/tor/control.authcookie
SocksPort unix:/tmp/tor/socks.sock
user at host:~$ sudo /usr/bin/install -Z \
-m 02755 -o debian-tor \
-g debian-tor -d /tmp/tor
user at host:~$ ls -ld /tmp/tor/; ls -l /tmp/tor/
drwxr-s--- 2 debian-tor debian-tor 40 Feb 3 18:19 /tmp/tor/
total 0
user at host:~$ sudo /usr/bin/tor \
-f /home/user/my.torrc \
--User debian-tor \
--DisableNetwork 1
There should be control.sock, but not:
user at host:~$ ls -ld /tmp/tor/; sudo ls -l /tmp/tor/
drwx--S--- 2 debian-tor debian-tor 100 Feb 3 20:00 /tmp/tor/
total 8
-rw-r----- 1 debian-tor debian-tor 32 Feb 3 20:00 control.authcookie
-rw------- 1 debian-tor debian-tor 0 Feb 3 20:00 lock
-rw------- 1 debian-tor debian-tor 215 Feb 3 20:00 state
To let Tor really open the control.sock, we need to reload Tor (yes,
even though we just start it):
user at host:~$ ps -A | grep tor
863 ? 00:00:00 xenstore-watch
927 ? 00:00:04 tor-controlport
11851 pts/0 00:00:00 tor
user at host:~$ sudo /bin/kill -HUP 11851
user at host:~$ ls -ld /tmp/tor/; sudo ls -l /tmp/tor/
drwx--S--- 2 debian-tor debian-tor 120 Feb 3 20:01 /tmp/tor/
total 8
-rw-r----- 1 debian-tor debian-tor 32 Feb 3 20:01 control.authcookie
srw-rw---- 1 debian-tor debian-tor 0 Feb 3 20:01 control.sock
-rw------- 1 debian-tor debian-tor 0 Feb 3 20:01 lock
-rw------- 1 debian-tor debian-tor 215 Feb 3 20:01 state
I guess the reason Yawning was not able to reproduce it is because User
option was not set:
user at host:~$ sudo -u debian-tor \
/usr/bin/tor -f /home/user/my.torrc \
--DisableNetwork 1
[notice] Opening Control listener on /tmp/tor/control.sock
I was thinking Tor fixing /tmp/tor/ to 2700 may be the reason, but then
I cannot explain why this will work with /tmp/tor/ set to 2700:
user at host:~$ sudo /usr/bin/tor \
-f /home/user/my.torrc \
--User debian-tor \
--DisableNetwork 0
[notice] Opening Control listener on /tmp/tor/control.sock
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25173>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the Whonix-devel
mailing list