FS#68322 - [community/tor] systemd service misconfigured for Tor.service
Attached to Project:
Arch Linux
Opened by Tommy Zhang (T-J-M) - Sunday, 18 October 2020, 12:03 GMT
Last edited by Doug Newgard (Scimmia) - Sunday, 18 October 2020, 12:14 GMT
Opened by Tommy Zhang (T-J-M) - Sunday, 18 October 2020, 12:03 GMT
Last edited by Doug Newgard (Scimmia) - Sunday, 18 October 2020, 12:14 GMT
|
Details
Description: The systemd.service file of
`/usr/lib/systemd/system/tor.service` has been misconfigured
with appropriate user omitted. This misconfiguration leads
to failures in starting the corresponding service.
Additional info: * package version(s): 0.4.4.5-4 * config and/or log files etc. The log of `Tor.service` from system journal: ``` Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.326 [notice] Tor 0.4.4.5 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1h, Zlib 1.2.11, Liblzma 5.2.5, and Libzstd 1.4.5. Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.326 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.326 [notice] Read configuration file "/etc/tor/torrc". Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.333 [warn] /var/lib/tor is not owned by this user (root, 0) but by tor (43). Perhaps you are running Tor as the wrong user? Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.333 [warn] Failed to parse/validate config: Couldn't access private data directory "/var/lib/tor" Oct 18 11:41:42 ArchPad tor[1681]: Oct 18 04:41:42.333 [err] Reading config failed--see warnings above. ``` Content of `/usr/lib/systemd/system/tor.service`: ``` # tor.service -- this systemd configuration file for Tor sets up a # relatively conservative, hardened Tor service. You may need to # edit it if you are making changes to your Tor configuration that it # does not allow. Package maintainers: this should be a starting point # for your tor.service; it is not the last point. [Unit] Description=Anonymizing overlay network for TCP After=syslog.target network.target nss-lookup.target [Service] Type=notify NotifyAccess=all ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config ExecStart=/usr/bin/tor -f /etc/tor/torrc ExecReload=/bin/kill -HUP ${MAINPID} KillSignal=SIGINT TimeoutSec=60 Restart=on-failure WatchdogSec=1m LimitNOFILE=32768 # Hardening PrivateTmp=yes PrivateDevices=yes ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ ReadWriteDirectories=-/var/lib/tor ReadWriteDirectories=-/var/log/tor NoNewPrivileges=yes CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH [Install] WantedBy=multi-user.target ``` Steps to reproduce: 1. Install/Upgrade community/tor package to the version above 2. Restart tor.service |
This task depends upon
Closed by Doug Newgard (Scimmia)
Sunday, 18 October 2020, 12:14 GMT
Reason for closing: Not a bug
Additional comments about closing: .pacnew files are important
Sunday, 18 October 2020, 12:14 GMT
Reason for closing: Not a bug
Additional comments about closing: .pacnew files are important
Comment by Tommy Zhang (T-J-M) -
Sunday, 18 October 2020, 12:04 GMT
Oops, it's not markdown here.