Tor Service
Hello Guix! I added Tor Service with Default Configuration to my system config. I also added the user to Tor group. When I configured my browser to use localhost's tor port as proxy, I got error "proxy is refusing connection". When I check tor service with "herd status" as root, tor wasn't running. When I did "herd start tor", I am getting error "service tor failed to start". I have been asked to provide output of "dmesg", which I have attached with this email. NOTE TO CHRIS: I have started this new thread for clarity. :) Thank you! Regards, RG. dmesg_log Description: Binary data
Re: Tor Service
Hi, "Raghav Gururajan" skribis: > When I check tor service with "herd status" as root, tor wasn't running. When > I did "herd start tor", I am getting error "service tor failed to start". Does /var/log/messages contain additional hints? Thanks, Ludo’.
Re: Tor Service
> Does /var/log/messages contain additional hints? Will look into it and get back to you. :-) Regards, RG.
Re: Tor Service
>> Does /var/log/messages contain additional hints? > > Will look into it and get back to you. :-) Apr 23 19:55:57 localhost Tor[1]: Tor 0.3.4.11 (git-4fd31340f3355342) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.0.2p, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8. Apr 23 19:55:57 localhost Tor[1]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Apr 23 19:55:57 localhost Tor[1]: Read configuration file "/gnu/store/a3gvm19f541951x0b84d3a71v5sxk9h2-torrc". Apr 23 19:55:57 localhost Tor[1]: Scheduler type KIST has been enabled. Apr 23 19:55:57 localhost Tor[1]: Opening Socks listener on 127.0.0.1:9050 Apr 23 19:55:57 localhost Tor[1]: Parsing GEOIP IPv4 file /gnu/store/0mnwmb670xxzqanqbamjmli7nm0dlpyn-tor-0.3.4.11/share/tor/geoip. Apr 23 19:55:57 localhost Tor[1]: Parsing GEOIP IPv6 file /gnu/store/0mnwmb670xxzqanqbamjmli7nm0dlpyn-tor-0.3.4.11/share/tor/geoip6. Apr 23 19:55:57 localhost Tor[1]: Bootstrapped 0%: Starting Apr 23 19:55:57 localhost Tor[1]: Starting with guard context "default" Apr 23 15:55:58 localhost shepherd[1]: Service tor has been started. Apr 23 15:55:58 localhost shepherd[1]: Service iptables has been started. Apr 23 19:55:58 localhost Tor[1]: Bootstrapped 5%: Connecting to directory server Apr 23 19:55:58 localhost Tor[1]: Bootstrapped 10%: Finishing handshake with directory server Apr 23 19:55:59 localhost Tor[1]: Bootstrapped 15%: Establishing an encrypted directory connection Apr 23 19:55:59 localhost Tor[1]: Bootstrapped 20%: Asking for networkstatus consensus Apr 23 19:55:59 localhost Tor[1]: Bootstrapped 25%: Loading networkstatus consensus Apr 23 19:56:05 localhost Tor[1]: I learned some more directory information, but not enough to build a circuit: We have no usable consensus. Apr 23 19:56:06 localhost Tor[1]: Bootstrapped 40%: Loading authority key certs Apr 23 19:56:06 localhost Tor[1]: The current consensus has no exit nodes. Tor can only build internal paths, such as paths to onion services. Apr 23 19:56:06 localhost Tor[1]: Bootstrapped 45%: Asking for relay descriptors for internal paths Apr 23 19:56:06 localhost Tor[1]: I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 0/6712, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint bw, and 100% of end bw (no exits in consensus) = 0% of path bw.) Apr 23 19:56:07 localhost Tor[1]: Bootstrapped 50%: Loading relay descriptors for internal paths Apr 23 19:56:08 localhost Tor[1]: The current consensus contains exit nodes. Tor can build exit and internal paths. Apr 23 19:56:09 localhost Tor[1]: Bootstrapped 56%: Loading relay descriptors Apr 23 19:56:09 localhost Tor[1]: Bootstrapped 64%: Loading relay descriptors Apr 23 19:56:09 localhost Tor[1]: Bootstrapped 70%: Loading relay descriptors Apr 23 19:56:09 localhost Tor[1]: Bootstrapped 80%: Connecting to the Tor network Apr 23 19:56:10 localhost Tor[1]: Bootstrapped 85%: Finishing handshake with first hop Apr 23 19:56:10 localhost Tor[1]: Bootstrapped 90%: Establishing a Tor circuit Apr 23 19:56:11 localhost Tor[1]: Tor has successfully opened a circuit. Looks like client functionality is working. Apr 23 19:56:11 localhost Tor[1]: Bootstrapped 100%: Done [...] Apr 23 20:06:25 localhost Tor[1]: Catching signal TERM, exiting cleanly. The above repeats on every boot. Regards, RG.
Re: Tor Service
It appears the tor service starts and bootstraps well, but no idea why it stops after that. :-(
Re: Tor Service
Hi, "Raghav Gururajan" skribis: > Apr 23 15:55:58 localhost shepherd[1]: Service tor has been started. > [...] > Apr 23 19:56:11 localhost Tor[1]: Bootstrapped 100%: Done > [...] > Apr 23 20:06:25 localhost Tor[1]: Catching signal TERM, exiting cleanly. The Tor daemon received SIGTERM 10 minutes (or even 5 hours?) after it had been started, so something must have happened. Is there anything else in the log that could be useful in that interval? Thanks, Ludo’.
Re: Tor Service
> The Tor daemon received SIGTERM 10 minutes (or even 5 hours?) after it > had been started, so something must have happened. Is there anything > else in the log that could be useful in that interval? > Nope! There was nothing related to tor in that interval. :-(
Re: Tor Service
> > The Tor daemon received SIGTERM 10 minutes (or even 5 hours?) after it > > had been started, so something must have happened. Is there anything > > else in the log that could be useful in that interval? > > > > Nope! There was nothing related to tor in that interval. :-( I figured out why the Tor Service got TERM Signal out of no where. It is because of "tlp-service-type". I made a fresh re-install of guix system few days ago. I was enabling services one-by-one and was checking tor service with herd status. As soon as I enable "tlp-service-type", tor stopped working. How to prevent "tlp" from messing with "tor" or any other services??? Thanks! Regards, RG.
Re: Tor Service
Raghav Gururajan writes: >> > The Tor daemon received SIGTERM 10 minutes (or even 5 hours?) after it >> > had been started, so something must have happened. Is there anything >> > else in the log that could be useful in that interval? >> > >> >> Nope! There was nothing related to tor in that interval. :-( > > I figured out why the Tor Service got TERM Signal out of no where. It is > because > of "tlp-service-type". I made a fresh re-install of guix system few days ago. > I > was enabling services one-by-one and was checking tor service with herd > status. > As soon as I enable "tlp-service-type", tor stopped working. How to prevent > "tlp" from messing with "tor" or any other services??? Can you share a system configuration that reproduces this failure? signature.asc Description: PGP signature
Re: Tor Service
> Can you share a system configuration that reproduces this failure?
Sure, please find the following system config:
(use-modules
(gnu)
(gnu system nss))
(use-service-modules
networking
xorg
desktop
pm)
(use-package-modules
certs
gnome)
(operating-system
(host-name "hostname")
(timezone "Zone/SubZone")
(locale "ab_XY.1234")
(keyboard-layout
(keyboard-layout
"xy"
"altgr-intl"))
(bootloader
(bootloader-configuration
(bootloader
(bootloader
(inherit grub-bootloader)
(installer #~(const #t
(keyboard-layout keyboard-layout)))
(mapped-devices
(list
(mapped-device
(source
(uuid "luks-uuid"))
(target "partname")
(type luks-device-mapping
(file-systems
(append
(list
(file-system
(device
(file-system-label "fsname"))
(mount-point "/")
(type "ext4")
(dependencies mapped-devices)))
%base-file-systems))
(users
(append
(list
(user-account
(name "username")
(comment "Full Name")
(group "users")
(supplementary-groups '("wheel" "netdev" "audio" "video"
"lp" "cdrom" "tape" "kvm" "tor"
%base-user-accounts))
(packages
(append
(list
nss-certs
gvfs)
%base-packages))
(services
(append
(list
(extra-special-file "/usr/bin/env"
(file-append coreutils "/bin/env"))
(service tor-service-type)
(set-xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout)))
(service gnome-desktop-service-type)
(service tlp-service-type))
%desktop-services))
(name-service-switch %mdns-host-lookup-nss))
Systemwide TOR Service
Hello everyone, I'm going to reiterate, because I finally know how to ask this question. Does anybody know how to configure the systemwide TOR service you can include when installing the system? So that it's actually usable and visible to IceCat and such? Thanks in advance! -- Bezpiecznie wysłane za pomocą serwisu Tutanota. Otrzymaj już dziś swoją szyfrowaną, wolną od reklam skrzynkę mailową! https://tutanota.com
Re: Systemwide TOR Service
In your system configuration, include the following to your list of services: (service tor-service-type) Reconfigure and enjoy! Note that if you checked to include tge tor service when installing the system, it's already running. See tor-service-type on https://guix.gnu.org/manual/devel/en/html_node/Networking-Services.html#Networking-Services for more information. Tor is listening as a socks5 proxy on port 9050 on your machine. To configure icecat to use it, go to the network settings, proxy. You'll use the SOCKSv5 proxy setting. Hostname is localhost, and port is 9050. Check "proxy DNS when using SOCKSv5" to prevent leaks from your dns queries. You can check you are connected through tor by going to check.torproject.org. To make other applications use tor, configure them to use the socks proxy, or use torsocks when invoking them. HTH! On 2020年8月20日 16:00:12 GMT-04:00, "julia.galaman--- via" wrote: >Hello everyone, > >I'm going to reiterate, because I finally know how to ask this >question. > >Does anybody know how to configure the systemwide TOR service you can >include when installing the system? So that it's actually usable and >visible to IceCat and such? > >Thanks in advance! > > >-- >Bezpiecznie wysłane za pomocą serwisu Tutanota. Otrzymaj już dziś >swoją szyfrowaną, wolną od reklam skrzynkę mailową! >https://tutanota.com
Re: Systemwide TOR Service
I believe that you want to use the tor-service-type. Take a look at the guix manual services section. That should give you all the info you need. -- Joshua Branson Sent from Emacs and Gnus
tor bridges in tor service
Hi guix! Is there a way to use tor bridges with tor service? As I know, there is the obfs4 package on debian which used to do this. Found nothing like this in guix packages. Maybe somebody has this issue or even uses tor service with bridges and has an example of config.
Working example needed to extend tor-service with file-like object
Hi, I'm trying to extend tor-service locally. I have read the documentation, but I really don't get at this moment how file-like objects can be included in the service. The documentation right now might have good intentions, and I do understand how each part works isolated, but for combining parts and get it working I'm afraid this is demands too much of someone who either just started with guile or has gathered some experience but not so deep. Can someone give a working example for the tor-service? I volunteer to improve the documentation if I can get something out of this. Thanks
Re: Working example needed to extend tor-service with file-like object
Hi!
ng0 skribis:
> Can someone give a working example for the tor-service?
> I volunteer to improve the documentation if I can get something
> out of this.
I have something like this:
(services (cons* (lsh-service #:root-login? #t
#:interfaces '("127.0.0.1"))
(tor-hidden-service "ssh"
'((22 "127.0.0.1:22")
(80 "127.0.0.1:80")))
…))
That makes a hidden service to talk to my SSH and HTTP services.
HTH!
Ludo’.
Re: Working example needed to extend tor-service with file-like object
Hi,
l...@gnu.org (Ludovic Courtès) writes:
> Hi!
>
> ng0 skribis:
>
>> Can someone give a working example for the tor-service?
>> I volunteer to improve the documentation if I can get something
>> out of this.
>
> I have something like this:
Thanks, but there's a misunderstanding in terms what I needed
help with I think.
Our default config (torrc) is not so pleasant (well, it's
intentional minimal). I have torrc values, unrelated to
hidden-service, I need to add. Like, exclude certain countries
etc. For this I want to understand how a file-like object would
look like in the context of (services) in config.scm, so I can be
sure I apply the correct thing.
> (services (cons* (lsh-service #:root-login? #t
> #:interfaces '("127.0.0.1"))
>
>(tor-hidden-service "ssh"
>'((22 "127.0.0.1:22")
> (80 "127.0.0.1:80")))
>…))
>
> That makes a hidden service to talk to my SSH and HTTP services.
>
> HTH!
>
> Ludo’.
>
Re: Working example needed to extend tor-service with file-like object
ng0 skribis: > Our default config (torrc) is not so pleasant (well, it's > intentional minimal). I have torrc values, unrelated to > hidden-service, I need to add. Like, exclude certain countries > etc. For this I want to understand how a file-like object would > look like in the context of (services) in config.scm, so I can be > sure I apply the correct thing. Oh, well: (tor-service (plain-file "tor.conf" "OptionOne Foo\nOptionTwo Bar\n“)) or: (tor-service (local-file "../my-tor.conf")) HTH, Ludo’.
Re: Working example needed to extend tor-service with file-like object
l...@gnu.org (Ludovic Courtès) writes: > ng0 skribis: > >> Our default config (torrc) is not so pleasant (well, it's >> intentional minimal). I have torrc values, unrelated to >> hidden-service, I need to add. Like, exclude certain countries >> etc. For this I want to understand how a file-like object would >> look like in the context of (services) in config.scm, so I can be >> sure I apply the correct thing. > > Oh, well: > > (tor-service (plain-file "tor.conf" "OptionOne Foo\nOptionTwo Bar\n“)) > > or: > > (tor-service (local-file "../my-tor.conf")) > > HTH, > Ludo’. > Oh! So I am thinking way too complicated in how things are supposed to be written. Damn... Many thanks!
