Re: [tor-dev] compass: new group by options: by-contact, by-OS, by-version

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 The MyFamily lookup is also broken It actually works, I just expected to see more then an empty set when entering a torservers FP. -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVCztzAAoJEFv7XvVCELh04bIP/0a8ncpIKzAAJu6sjF+9y9Jo

[tor-dev] what capabilities does tor need for reloading?

not generate any tor debug loglines. What capability would one have to add to the list to make it work with CapabilityBoundingSet? thanks, Nusenu testing with: tor 0.2.6.4, jessie/systemd 215 [1] https://gitweb.torproject.org/tor.git/tree/contrib/dist/tor.service.in#n26 -BEGIN PGP SIGNATURE

Re: [tor-dev] what capabilities does tor need for reloading?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Nick, thanks for your answer. What capability would one have to add to the list to make it work with CapabilityBoundingSet? It probably depends on what's in your configuration. torrc file while testing: User debian-tor DataDirectory

Re: [tor-dev] what capabilities does tor need for reloading?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 so the somewhat obvious fix was to add CAP_KILL. after reading: man capabilities: Bypass permission checks for sending signals (see kill(2)). This includes use of the ioctl(2) KDSIGACCEPT operation. I'm not entirely sure since that sounds

Re: [tor-dev] what capabilities does tor need for reloading?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 'systemctl reload tor' fails due to hardening restrictions in tor's systemd service file [1]: CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE This configuration restricts not only the service (tor) but also the ExecReload

Re: [tor-dev] tor not starting with NoNewPrivileges = yes (systemd)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Zack Weinberg: On Tue, Mar 17, 2015 at 12:55 PM, Nusenu nus...@openmailbox.org wrote: I had: Log debug file /var/log/tor/log but it is not being written to. This is *probably* because one of the missing privileges is the ability to write

Re: [tor-dev] #14995: adding multi-instance support to debian packages

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I'll prepare a unit file for this and add it to the trac entry. a first version is there https://bugs.torproject.org/14995 Weasel wrote: Tor trac is not the place to discuss Debian packaging enhancements Right. In the specific case of

Re: [tor-dev] #14995: adding multi-instance support to debian packages

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 intrigeri: Nusenu wrote (16 Mar 2015 14:09:13 GMT) : many relay operators run multiple tor instances to overcome certain limitations. Currently the official deb packages do not come with an easy configurable way to run multiple tor instances

[tor-dev] tor not starting with NoNewPrivileges = yes (systemd)

, status=227/NO_NEW_PRIVILEGES) 2) and when actually starting the daemon thanks, Nusenu I'm testing with 0.2.5.10-1~d70.wheezy minimal test torrc used: User debian-tor DataDirectory /var/lib/tor Log debug file /var/log/tor/log [1] https://gitweb.torproject.org/tor.git/tree/contrib/dist/tor.service.in

Re: [tor-dev] tor not starting with NoNewPrivileges = yes (systemd)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Zack, thanks for your answer. Zack Weinberg: Could you please put Log debug /tmp/tor-startup.log I had: Log debug file /var/log/tor/log but it is not being written to. (I disabled ExecStartPre for now). in your torrc, try to start

[tor-dev] #14995: adding multi-instance support to debian packages (patch)

gets released. thanks! Nusenu [1] https://trac.torproject.org/projects/tor/ticket/14995 [2] https://github.com/nusenu/tor-multi-instance-initscripts/blob/master/debian/tor [3] https://trac.torproject.org/projects/tor/ticket/14996 https://lists.torproject.org/pipermail/tor-relays/2015-March/006605

[tor-dev] repo: TLS vs. GPG signed files (#12871)

/ certificate pinning for yum.) Could you elaborate on your issue regarding repo_gpgcheck not showing fingerprints? (It does show the gpg key fingerprint on a fc20 system after adding repo_gpgcheck=1 and running 'yum update' [3]). thanks for providing and maintaining the RPM repo, Nusenu [1] https

Re: [tor-dev] RPM: migration to systemd service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Ondrej Mikle: If possible, I'd like to avoid the if-defs. Do you perhaps have a tip how to make the spec file nice and have it work both with old startup script and systemd? Maybe some patch? I would not mind having clean separated

Re: [tor-dev] RPM: migration to systemd service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Ondrej Mikle: If possible, I'd like to avoid the if-defs. Do you perhaps have a tip how to make the spec file nice and have it work both with old startup script and systemd? Maybe some patch? I would not mind having clean separated

Re: [tor-dev] Tor API doc?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I've searched, but didn't find anything regarding how we can interact with Tor API (through the Administration Port). Would be nice if you could provide some link :). If you are talking about tor's ControlPort:

Re: [tor-dev] RPM: migration to systemd service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Nusenu: Hi Ondrej, I filed a bug regarding the rpm packages [1]: hardcoding config options in torctl. Please let me also know what you think about migrating to systemd. While reading fedora's tor.spec [1], I noticed #8368 [2] and the fact

[tor-dev] RPM: hardcoded config options in /usr/bin/torctl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Ondrej, I filed a bug regarding the rpm packages [1]: hardcoding config options in torctl. Please let me also know what you think about migrating to systemd. thanks! [1] https://trac.torproject.org/projects/tor/ticket/12834 -BEGIN PGP

<    1   2   3   4