On 12-03-18 09:34, nusenu wrote: >>> I recommend you use the service file shipped by fedora's tor package. >> >> That service file needs the same capabilities addition... > > If you want, I can look into this but I will need some more information: > * how do you install tor from what source (dnf install tor?)
I used the tor-0.3.2.10 source from the torproject site. I sued the spec and assorted source files from the src.rpm. I changed the user/group to _tor and built the rpm, then installed. > * what version do you use See above. > * your torrc configuration file Basic non-exit config, not even a hidden service. > * how do you start tor systemct start tor Recently (due to teh Fedora src rpm) I also noticed there is a tor-master service as well but I not yet understand the interaction. > * how does it fail if you do not modify the service file > (you did include the logs in your first email) Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.049 [notice] Tor 0.3.2.10 (git-31cc63deb69db819) running on Linux with Libevent 2.0.22-stable, OpenSSL 1.1.0g-fips, Zlib 1.2.11, Liblzma 5.2.3, and Libzst d 1.3.3. Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.049 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.049 [notice] Read configuration file "/usr/share/tor/defaults-torrc". Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.049 [notice] Read configuration file "/etc/tor/torrc". Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.059 [warn] You have asked to exclude certain relays from all positions in your circuits. Expect hidden services and other Tor features to be broken in unp redictable ways. Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Scheduler type KIST has been enabled. Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Opening Socks listener on 127.0.0.1:9050 Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Opening Control listener on 127.0.0.1:9051 Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Opening OR listener on 0.0.0.0:9001 Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Opening Extended OR listener on 127.0.0.1:0 Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Extended OR listener listening on port 38367. Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Opening Directory listener on 0.0.0.0:9030 Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [warn] You appear to lack permissions to change memory limits. Are you root? Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [warn] Unable to raise RLIMIT_MEMLOCK: Operation not permitted Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.060 [notice] Unable to lock all current and future memory pages: Cannot allocate memory Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.061 [warn] Failed to parse/validate config: DisableAllSwap failure. Do you have proper permissions? Mar 12 06:58:20 bla tor[28248]: Mar 12 06:58:20.061 [err] Reading config failed--see warnings above. Mar 12 06:58:20 bla systemd[1]: Failed to start Anonymizing overlay network for TCP. Mar 12 06:58:20 bla systemd[1]: tor.service: Failed with result 'protocol'. > ..but you probably will not need anything from tor-master.service directly. > Just use tor.service or in a mutli-instance case: tor@.service OK, that helps! Udo -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
