-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The MyFamily lookup is also broken
It actually works, I just expected to see more then an empty set when
entering a torservers FP.
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVCztzAAoJEFv7XvVCELh04bIP/0a8ncpIKzAAJu6sjF+9y9Jo
not generate any tor debug loglines.
What capability would one have to add to the list to make it work with
CapabilityBoundingSet?
thanks,
Nusenu
testing with: tor 0.2.6.4, jessie/systemd 215
[1]
https://gitweb.torproject.org/tor.git/tree/contrib/dist/tor.service.in#n26
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Nick,
thanks for your answer.
What capability would one have to add to the list to make it work
with CapabilityBoundingSet?
It probably depends on what's in your configuration.
torrc file while testing:
User debian-tor
DataDirectory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
so the somewhat obvious fix was to add CAP_KILL.
after reading:
man capabilities:
Bypass permission checks for sending signals (see kill(2)). This
includes use of the ioctl(2) KDSIGACCEPT operation.
I'm not entirely sure since that sounds
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
'systemctl reload tor' fails due to hardening restrictions in tor's
systemd service file [1]:
CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE
This configuration restricts not only the service (tor) but also the
ExecReload
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Zack Weinberg:
On Tue, Mar 17, 2015 at 12:55 PM, Nusenu nus...@openmailbox.org
wrote:
I had:
Log debug file /var/log/tor/log
but it is not being written to.
This is *probably* because one of the missing privileges is the
ability to write
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I'll prepare a unit file for this and add it to the trac entry.
a first version is there
https://bugs.torproject.org/14995
Weasel wrote:
Tor trac is not the place to discuss Debian packaging
enhancements
Right. In the specific case of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
intrigeri:
Nusenu wrote (16 Mar 2015 14:09:13 GMT) :
many relay operators run multiple tor instances to overcome
certain limitations. Currently the official deb packages do not
come with an easy configurable way to run multiple tor
instances
, status=227/NO_NEW_PRIVILEGES)
2) and when actually starting the daemon
thanks,
Nusenu
I'm testing with
0.2.5.10-1~d70.wheezy
minimal test torrc used:
User debian-tor
DataDirectory /var/lib/tor
Log debug file /var/log/tor/log
[1]
https://gitweb.torproject.org/tor.git/tree/contrib/dist/tor.service.in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello Zack,
thanks for your answer.
Zack Weinberg:
Could you please put
Log debug /tmp/tor-startup.log
I had:
Log debug file /var/log/tor/log
but it is not being written to.
(I disabled ExecStartPre for now).
in your torrc, try to start
gets released.
thanks!
Nusenu
[1] https://trac.torproject.org/projects/tor/ticket/14995
[2]
https://github.com/nusenu/tor-multi-instance-initscripts/blob/master/debian/tor
[3] https://trac.torproject.org/projects/tor/ticket/14996
https://lists.torproject.org/pipermail/tor-relays/2015-March/006605
/ certificate pinning for yum.)
Could you elaborate on your issue regarding repo_gpgcheck not showing
fingerprints? (It does show the gpg key fingerprint on a fc20 system
after adding repo_gpgcheck=1 and running 'yum update' [3]).
thanks for providing and maintaining the RPM repo,
Nusenu
[1] https
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ondrej Mikle:
If possible, I'd like to avoid the if-defs. Do you perhaps have
a tip how to make the spec file nice and have it work both
with old startup script and systemd? Maybe some patch?
I would not mind having clean separated
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ondrej Mikle:
If possible, I'd like to avoid the if-defs. Do you perhaps have a
tip how to make the spec file nice and have it work both with
old startup script and systemd? Maybe some patch?
I would not mind having clean separated
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
I've searched, but didn't find anything regarding how we can
interact with Tor API (through the Administration Port).
Would be nice if you could provide some link :).
If you are talking about tor's ControlPort:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nusenu:
Hi Ondrej,
I filed a bug regarding the rpm packages [1]: hardcoding config
options in torctl.
Please let me also know what you think about migrating to systemd.
While reading fedora's tor.spec [1], I noticed #8368 [2] and the fact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Ondrej,
I filed a bug regarding the rpm packages [1]: hardcoding config
options in torctl.
Please let me also know what you think about migrating to systemd.
thanks!
[1] https://trac.torproject.org/projects/tor/ticket/12834
-BEGIN PGP
301 - 317 of 317 matches
Mail list logo