Hi Danny-- On Mon 2016-08-29 15:00:50 -0400, Danny Horne wrote:
> I've just spent several hours trying to get Tor running as a service > (under systemd) for sks. > > Here's some relevant logs (the directories exist under toranon user / > group) - > > Aug 29 18:46:16 marconi tor: Aug 29 18:46:16.566 [warn] Directory > /var/lib/tor/hidden_service/sks/ cannot be read: Permission denied > Aug 29 18:46:16 marconi tor: Aug 29 18:46:16.566 [warn] Failed to > parse/validate config: Failed to configure rendezvous options. See logs for > details. what are the permissions on /var/lib/tor/hidden_service/sks ? On a debian system, those directories should probably be owned by the debian-tor user account. It probably depends on what User is specified in torrc or how tor is compiled. > Here's the relevant bit of /etc/tor/torrc > > HiddenServiceDir /var/lib/tor/hidden_service/sks/ > HiddenServicePort 80 164.132.220.24:80 > HiddenServicePort 11371 164.132.220.24:11371 Just to be clear, i hope this is pointing at the reverse HTTP proxy. we don't recomend offering direct SKS access to the public network: https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering > When using this command (as root) it creates the necessary files and > runs, but won't run under systemd > > /usr/bin/tor --runasdaemon 0 --defaults-torrc > /usr/share/tor/defaults-torrc -f /etc/tor/torrc > > Here's a few links whose solutions I tried (without success) > > http://superuser.com/questions/998850/tor-hidden-service-settings-failing-to-allow-tor-service-to-start-on-centos-fedo > > https://bugzilla.redhat.com/show_bug.cgi?id=1279222 you don't mention what your systemd service file looks like, or what operating sytsem you're using. On debian, tor runs via a systemd generator, but you can control the default system-wide tor service with: systemctl status tor@default systemctl start tor@default systemctl stop tor@default etc. Please write back to the list if you have more details you want to share. Thanks for offering sks over tor! hth, --dkg
signature.asc
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel