info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#808296: tor: Latest version doesn't start
46 views
Skip to first unread message
Michael Meskes
Dec 18, 2015, 12:50:04 PM12/18/15
to
Package: tor
Version: 0.2.7.6-1
Severity: normal
On a fresh unstable installation tor refuses to do anything. The situation
seems to be different from #802521, hence a new bug report. If it turns out to
be the same bug, feel free to merge.
Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Dez 18 13:16:08 feivel systemd[1356]: t...@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Main process exited, code=exited, status=231/APPARMOR
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Unit entered failed state.
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Failed with result 'exit-code'.
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Service hold-off time over, scheduling restart.
Manually downgrading to 0.2.5.12-1 solved the problem for now.
Michael
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.4.0-rc4-next-20151211-1.g34634ae-vanilla (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages tor depends on:
ii adduser 3.113+nmu3
ii libc6 2.21-4
ii libevent-2.0-5 2.0.21-stable-2+b1
ii libseccomp2 2.2.3-2
ii libssl1.0.0 1.0.2d-1
ii lsb-base 9.20150917
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages tor recommends:
ii logrotate 3.8.7-2
ii tor-geoipdb 0.2.5.12-1
ii torsocks 2.1.0-1
Versions of packages tor suggests:
pn apparmor-utils <none>
pn mixmaster <none>
pn obfsproxy <none>
pn polipo | privoxy <none>
pn socat <none>
pn tor-arm <none>
pn xul-ext-torbutton <none>
-- no debconf information
Version: 0.2.7.6-1
Severity: normal
On a fresh unstable installation tor refuses to do anything. The situation
seems to be different from #802521, hence a new bug report. If it turns out to
be the same bug, feel free to merge.
Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Dez 18 13:16:08 feivel systemd[1356]: t...@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Main process exited, code=exited, status=231/APPARMOR
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Unit entered failed state.
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Failed with result 'exit-code'.
Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Service hold-off time over, scheduling restart.
Manually downgrading to 0.2.5.12-1 solved the problem for now.
Michael
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.4.0-rc4-next-20151211-1.g34634ae-vanilla (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages tor depends on:
ii adduser 3.113+nmu3
ii libc6 2.21-4
ii libevent-2.0-5 2.0.21-stable-2+b1
ii libseccomp2 2.2.3-2
ii libssl1.0.0 1.0.2d-1
ii lsb-base 9.20150917
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages tor recommends:
ii logrotate 3.8.7-2
ii tor-geoipdb 0.2.5.12-1
ii torsocks 2.1.0-1
Versions of packages tor suggests:
pn apparmor-utils <none>
pn mixmaster <none>
pn obfsproxy <none>
pn polipo | privoxy <none>
pn socat <none>
pn tor-arm <none>
pn xul-ext-torbutton <none>
-- no debconf information
Peter Palfrader
Dec 18, 2015, 3:50:03 PM12/18/15
to
On Fri, 18 Dec 2015, Michael Meskes wrote:
> On a fresh unstable installation tor refuses to do anything. The situation
> seems to be different from #802521, hence a new bug report. If it turns out to
> be the same bug, feel free to merge.
>
> Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
> Dez 18 13:16:08 feivel systemd[1356]: t...@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Main process exited, code=exited, status=231/APPARMOR
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Unit entered failed state.
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Failed with result 'exit-code'.
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Service hold-off time over, scheduling restart.
>
> Manually downgrading to 0.2.5.12-1 solved the problem for now.
Can you tell me more about the system? My guess is, this is an lxc
> On a fresh unstable installation tor refuses to do anything. The situation
> seems to be different from #802521, hence a new bug report. If it turns out to
> be the same bug, feel free to merge.
>
> Dez 18 13:16:08 feivel tor[1349]: Dec 18 13:16:08.001 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
> Dez 18 13:16:08 feivel systemd[1356]: t...@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Main process exited, code=exited, status=231/APPARMOR
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Unit entered failed state.
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Failed with result 'exit-code'.
> Dez 18 13:16:08 feivel systemd[1]: t...@default.service: Service hold-off time over, scheduling restart.
>
> Manually downgrading to 0.2.5.12-1 solved the problem for now.
container. Am I right? If not, what's the kernel? Some other kind of
virtualization going on?
weasel
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
https://www.palfrader.org/ | `. `' Operating System
| `- https://www.debian.org/
Michael Meskes
Dec 18, 2015, 4:10:04 PM12/18/15
to
> Can you tell me more about the system? My guess is, this is an lxc
> container. Am I right? If not, what's the kernel? Some other kind of
Nope, Debian unstable on a new laptop. However, the kernel is *not* a
> container. Am I right? If not, what's the kernel? Some other kind of
Debian one. The laptop needs the latest development version to enable
touchpad and the like. Could any kernel feature make a difference? If so
which?
> virtualization going on?
No, just a straight desktop usage.
But is tor supposed to not work in virtualization?
Michael
--
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Meskes at (Debian|Postgresql) dot Org
Jabber: michael.meskes at gmail dot com
VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Peter Palfrader
Dec 18, 2015, 5:10:03 PM12/18/15
to
On Fri, 18 Dec 2015, Michael Meskes wrote:
> > Can you tell me more about the system? My guess is, this is an lxc
> > container. Am I right? If not, what's the kernel? Some other kind of
>
> Nope, Debian unstable on a new laptop. However, the kernel is *not* a
> Debian one. The laptop needs the latest development version to enable
> touchpad and the like. Could any kernel feature make a difference? If so
> which?
>
> > virtualization going on?
>
> No, just a straight desktop usage.
>
> But is tor supposed to not work in virtualization?
It's supposed to work, but depending on what your virtualization looks
> > container. Am I right? If not, what's the kernel? Some other kind of
>
> Nope, Debian unstable on a new laptop. However, the kernel is *not* a
> Debian one. The laptop needs the latest development version to enable
> touchpad and the like. Could any kernel feature make a difference? If so
> which?
>
> > virtualization going on?
>
> No, just a straight desktop usage.
>
> But is tor supposed to not work in virtualization?
like, systemd's apparmor support gets confused.
o Do you have CONFIG_SECURITY_APPARMOR in your kernel?
o (Is apparmor installed? not sure that's relevant.)
o Does tor work if you disable the apparmor config in the service file:
mkdir /etc/systemd/system/t...@default.service.d/
(echo "[Service]"; echo "AppArmorProfile=") > /etc/systemd/system/t...@default.service.d/override.conf
systemctl daemon-reload
Cheers,
Michael Meskes
Dec 18, 2015, 6:40:03 PM12/18/15
to
> o Do you have CONFIG_SECURITY_APPARMOR in your kernel?
michael@feivel:~$ grep CONFIG_SECURITY_APPARMOR
/boot/config-4.4.0-rc4-next-20151211-1.g34634ae-vanilla
CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
CONFIG_SECURITY_APPARMOR_HASH=y
> o (Is apparmor installed? not sure that's relevant.)
> o Does tor work if you disable the apparmor config in the service file:
>
> mkdir /etc/systemd/system/t...@default.service.d/
> (echo "[Service]"; echo "AppArmorProfile=") > /etc/systemd/system/t...@default.service.d/override.conf
> systemctl daemon-reload
intrigeri
Dec 19, 2015, 1:40:02 AM12/19/15
to
Hi,
Michael Meskes wrote (18 Dec 2015 18:33:50 GMT) :
> That seems to solve it.tor's working now.
Cool. It would be interesting to see the corresponding AppArmor denial
logs, if any.
https://wiki.debian.org/AppArmor/Debug might be helpful.
Cheers!
--
intrigeri
Michael Meskes wrote (18 Dec 2015 18:33:50 GMT) :
> That seems to solve it.tor's working now.
logs, if any.
https://wiki.debian.org/AppArmor/Debug might be helpful.
Cheers!
--
intrigeri
Michael Meskes
Dec 19, 2015, 6:10:04 PM12/19/15
to
> Cool. It would be interesting to see the corresponding AppArmor denial
> logs, if any.
>
> https://wiki.debian.org/AppArmor/Debug might be helpful.
No DENIED message in any log file.
> logs, if any.
>
> https://wiki.debian.org/AppArmor/Debug might be helpful.
0 new messages