Hi,
I posted this message in tor-relays, but it seems to me (and another people) that dev mail-list is better channel to use.
Thanks!
-------- Original Message -------- Hi all,
From time to time my tor node (minibofh) stopped to work properly; since it's a tiny FreeBSD VPS, the root origin was some CPU over-consumption. I'm taking some actions to fix it (more swap, freeing CPU from another services... etc).
The FreeBSD tor port offers to you the tcmalloc compilation option, so I had some fun reading this interesting paper: http://goog-perftools.sourceforge.net/doc/tcmalloc.html
I recompiled the tor port but just using the tcmalloc option. Actually, now I got the google-perftool package and, obviously, the tcmalloc library:
mb# pkg_info | grep google google-perftools-1.8.3 Fast, multi-threaded malloc() and nifty performance analysi
mb# pkg_info -L google-perftools-1.8.3 | grep malloc.so /usr/local/lib/libtcmalloc.so /usr/local/lib/libtcmalloc.so.2
But, when I'm checking which libraries the tor binary is using, I get:
mb# ldd /usr/local/bin/tor /usr/local/bin/tor: libz.so.5 => /lib/libz.so.5 (0x281aa000) libm.so.5 => /lib/libm.so.5 (0x281bc000) libevent-2.0.so.6 => /usr/local/lib/event2/libevent-2.0.so.6 (0x2844e000) libssl.so.7 => /usr/local/lib/libssl.so.7 (0x28489000) libcrypto.so.7 => /usr/local/lib/libcrypto.so.7 (0x284d7000) libthr.so.3 => /lib/libthr.so.3 (0x281df000) libc.so.7 => /lib/libc.so.7 (0x28090000)
So... I understand that the tor binary is actually NOT using the new tcmalloc library.
Am I wrong?
PS. I adding a CC to tor FreeBSD port mantainer.
Hm. Tor itself doesn't have a tcmalloc compilation option, so whatever it's doing is something freebsd added. To debug this kind of thing, what I usually suggest is to rebuild and look carefully at which compiler and linker options are used in building Tor, and see if they include the appropriate options for tcmalloc.
Good luck,
On 08/06/2012 07:03 PM, Nick Mathewson wrote:
Hm. Tor itself doesn't have a tcmalloc compilation option, so whatever it's doing is something freebsd added. To debug this kind of thing, what I usually suggest is to rebuild and look carefully at which compiler and linker options are used in building Tor, and see if they include the appropriate options for tcmalloc.
Thanks for your answer Nick, but I don't get you: https://lists.torproject.org/pipermail/tor-commits/2008-February/008381.html
It seems tor has a configure option to support tcmalloc since 2008; I guess I could be wrong (again) but I understand that if the configure script supports the tcmalloc option is because, is some sense, the compilation will use as well the mentioned libraries.
So?
On Mon, Aug 6, 2012 at 2:06 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
On 08/06/2012 07:03 PM, Nick Mathewson wrote:
Hm. Tor itself doesn't have a tcmalloc compilation option, so whatever it's doing is something freebsd added. To debug this kind of thing, what I usually suggest is to rebuild and look carefully at which compiler and linker options are used in building Tor, and see if they include the appropriate options for tcmalloc.
Thanks for your answer Nick, but I don't get you: https://lists.torproject.org/pipermail/tor-commits/2008-February/008381.html
It seems tor has a configure option to support tcmalloc since 2008; I guess I could be wrong (again) but I understand that if the configure script supports the tcmalloc option is because, is some sense, the compilation will use as well the mentioned libraries.
Oops; I'd forgotten about that. That's what I get for answering email on vacation without checking the code.
I think my debugging advice still stands though:
To debug this kind of thing, what I usually suggest is to rebuild and look carefully at which compiler and linker options are used in building Tor, and see if they include the appropriate options for tcmalloc.
What line does the build process use when linking Tor?
yrs,
What line does the build process use when linking Tor?
Hi again Nick,
I have no idea, but I guess I could do the next:
1. Stop the tor service 2. deinstall the present port 3. Check the tcmalloc option is enabled 4. install the port and redirect all the output to a log file
$ /usr/local/etc/rc.d/tor stop $ cd /usr/ports/security/tor $ make deinstall $ make showconfig $ make install >& /tmp/tor_freebsd_port.log
and send to you the log.
What do you think?
On Wed, Aug 8, 2012 at 4:26 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
What line does the build process use when linking Tor?
Hi again Nick,
I have no idea, but I guess I could do the next:
- Stop the tor service
- deinstall the present port
- Check the tcmalloc option is enabled
- install the port and redirect all the output to a log file
$ /usr/local/etc/rc.d/tor stop $ cd /usr/ports/security/tor $ make deinstall $ make showconfig $ make install >& /tmp/tor_freebsd_port.log
and send to you the log.
What do you think?
Sounds pretty involved! Is there really no way to recompile software from a freebsd port without uninstalling it?
On 8/8/12, Nick Mathewson nickm@alum.mit.edu wrote:
On Wed, Aug 8, 2012 at 4:26 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
What line does the build process use when linking Tor?
Hi again Nick,
I have no idea, but I guess I could do the next:
- Stop the tor service
- deinstall the present port
- Check the tcmalloc option is enabled
- install the port and redirect all the output to a log file
$ /usr/local/etc/rc.d/tor stop $ cd /usr/ports/security/tor $ make deinstall $ make showconfig $ make install >& /tmp/tor_freebsd_port.log
and send to you the log.
What do you think?
Sounds pretty involved! Is there really no way to recompile software from a freebsd port without uninstalling it?
Remove (or move) the port's ‘work’ directory and run ‘make’.
(You can't easily *install* an upgraded or recompiled FreeBSD port or package without removing the old one, though.)
Robert Ransom
Here is the log:
===> Installing for tor-0.2.2.37 ===> tor-0.2.2.37 depends on file: /usr/local/lib/libcrypto.so.7 - found ===> tor-0.2.2.37 depends on shared library: event-2.0 - found ===> tor-0.2.2.37 depends on shared library: tcmalloc - found ===> Generating temporary packing list ===> Checking if security/tor already installed ===> Creating users and/or groups. Using existing group `_tor'. Using existing user `_tor'. Making install in src Making install in common Making install in or cc -DHAVE_CONFIG_H -I. -I../.. -DSHARE_DATADIR=""/usr/local/share"" -DLOCALSTATEDIR=""/usr/local/var"" -DBINDIR=""/usr/local/bin"" -I../../src/common -I/usr/local/include/event2 -I/usr/local/include -I/usr/local/include -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -MT tor_main.o -MD -MP -MF .deps/tor_main.Tpo -c -o tor_main.o tor_main.c mv -f .deps/tor_main.Tpo .deps/tor_main.Po cc -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -L/usr/local/lib -L/usr/local/lib/event2 -rpath=/usr/local/lib -pie -Wl,-z,relro -Wl,-z,now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent-2.0 -lssl -lcrypto -pthread cc -DHAVE_CONFIG_H -I. -I../.. -DSHARE_DATADIR=""/usr/local/share"" -DLOCALSTATEDIR=""/usr/local/var"" -DBINDIR=""/usr/local/bin"" -I../../src/common -I/usr/local/include/event2 -I/usr/local/include -I/usr/local/include -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -MT tor_main.o -MD -MP -MF .deps/tor_main.Tpo -c -o tor_main.o tor_main.c mv -f .deps/tor_main.Tpo .deps/tor_main.Po test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -s -o root -g wheel -m 555 tor '/usr/local/bin' Making install in test Making install in tools test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -s -o root -g wheel -m 555 tor-resolve tor-gencert '/usr/local/bin' Making install in win32 Making install in config test -z "/usr/local/etc/tor" || /usr/local/bin/gmkdir -p "/usr/local/etc/tor" install -o root -g wheel -m 444 torrc.sample '/usr/local/etc/tor' test -z "/usr/local/share/tor" || /usr/local/bin/gmkdir -p "/usr/local/share/tor" install -o root -g wheel -m 444 geoip '/usr/local/share/tor' Making install in doc test -z "/usr/local/man/man1" || /usr/local/bin/gmkdir -p "/usr/local/man/man1" install -o root -g wheel -m 444 tor.1 tor-resolve.1 torify.1 tor-gencert.1 '/usr/local/man/man1' Making install in contrib Making install in suse test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -o root -g wheel -m 555 torify '/usr/local/bin' test -z "/usr/local/etc/tor" || /usr/local/bin/gmkdir -p "/usr/local/etc/tor" install -o root -g wheel -m 444 tor-tsocks.conf.sample '/usr/local/etc/tor' ===> Installing rc.d startup script(s) /bin/mkdir -p /var/run/tor /usr/sbin/chown -R _tor:_tor /var/run/tor /usr/bin/touch /var/log/tor /usr/sbin/chown _tor:_tor /var/log/tor /bin/mkdir -p /var/db/tor/data /usr/sbin/chown -R _tor:_tor /var/db/tor /bin/chmod -R 700 /var/db/tor /bin/cat /usr/ports/security/tor/work/pkg-message ================================================================================ To enable the tor server, set tor_enable="YES" in your /etc/rc.conf and edit /usr/local/etc/tor/torrc. Note that the rc.subr script overrides many torrc options and is tunable: see /usr/local/etc/rc.d/tor for details. To use the torify script, install the net/torsocks port. After removing the package, or updating to a new version, users may need to delete all files in /var/db/tor. ============================================================================
Is plain to see the script is checking if the tcmalloc is there, but more than that... I cannot see the compiler itself is calling the mentioned library.
On Wed, Aug 8, 2012 at 7:09 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
Here is the log:
===> Installing for tor-0.2.2.37 ===> tor-0.2.2.37 depends on file: /usr/local/lib/libcrypto.so.7 - found ===> tor-0.2.2.37 depends on shared library: event-2.0 - found ===> tor-0.2.2.37 depends on shared library: tcmalloc - found
So here's the line that makes Tor:
cc -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -L/usr/local/lib -L/usr/local/lib/event2 -rpath=/usr/local/lib -pie -Wl,-z,relro -Wl,-z,now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent-2.0 -lssl -lcrypto -pthread
and yeah, there's no tcmalloc there.
This is a little strange; when I try it with Tor master, I get (removing my pile of warning options):
gcc -g -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -fwrapv -fPIE -Wall -fno-strict-aliasing -ltcmalloc -pie -z relro -z now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent -lssl -lcrypto -lpthread -lrt -ldl
[...]
Is plain to see the script is checking if the tcmalloc is there, but more than that... I cannot see the compiler itself is calling the mentioned library.
Can you see what arguments are being passed to configure, and what configure does with them? Is the freebsd build process passing --with-tcmalloc to the configure script?
On 08/09/2012 01:43 AM, Nick Mathewson wrote:
On Wed, Aug 8, 2012 at 7:09 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
Here is the log:
===> Installing for tor-0.2.2.37 ===> tor-0.2.2.37 depends on file: /usr/local/lib/libcrypto.so.7 - found ===> tor-0.2.2.37 depends on shared library: event-2.0 - found ===> tor-0.2.2.37 depends on shared library: tcmalloc - found
So here's the line that makes Tor:
cc -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -L/usr/local/lib -L/usr/local/lib/event2 -rpath=/usr/local/lib -pie -Wl,-z,relro -Wl,-z,now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent-2.0 -lssl -lcrypto -pthread
and yeah, there's no tcmalloc there.
Nice. Maybe we're skipping something obvious, because I remember perfectly that google-perftools package was installed when I configure the port to use tcmalloc.
Still, it seems not using it at all.
This is a little strange; when I try it with Tor master, I get (removing my pile of warning options):
gcc -g -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -fwrapv -fPIE -Wall -fno-strict-aliasing -ltcmalloc -pie -z relro -z now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent -lssl -lcrypto -lpthread -lrt -ldl
[...]
Is plain to see the script is checking if the tcmalloc is there, but more than that... I cannot see the compiler itself is calling the mentioned library.
Can you see what arguments are being passed to configure, and what configure does with them? Is the freebsd build process passing --with-tcmalloc to the configure script?
Sure.
mb# pwd && make showconfig /usr/ports/security/tor ===> The following configuration options are available for tor-0.2.2.37: BUFFREELISTS=on: Freelists for buffer RAM GMAKE=off: Parallel build safety via GNU make INSTR_DOWNLOADS=off: Instrument downloads for analysis TCMALLOC=on: Use the tcmalloc memory allocation library THREADS=on: Threading support TRANSPARENT=on: Transparent proxy support ===> Use 'make config' to modify these settings
mb# cat Makefile # ports collection makefile for: tor-devel # Date created: 2005.10.20 # Whom: peter.thoenen@yahoo.com # # $FreeBSD: ports/security/tor/Makefile,v 1.83 2012/06/29 00:38:55 bf Exp $ #
PORTNAME= tor DISTVERSION= 0.2.2.37 CATEGORIES= security net ipv6 MASTER_SITES= https://www.torproject.org/dist/ \ ftp://ftp.bit.nl/mirror/tor/ \ http://cyberside.net.ee/tor/ \ http://ftp.bit.nl/mirror/tor/ \ http://mirror.hessmo.com/tor/dist/ \ http://mirror.host4site.co.il/torproject.org/dist/ \ http://mirror.open-networx.org/torproject.org/dist/ \ http://mirror.tor.hu/dist/ \ https://mirror.torland.me/torproject.org/dist/ \ http://mirrors.chaos-darmstadt.de/tor-mirror/dist/ \ http://onion.anonymo.us.org/dist/ \ http://theonionrouter.com/dist/ \ http://tor.amorphis.eu/dist/ \ http://tor.askapache.com/dist/ \ http://tor.beme-it.de/dist/ \ http://tor.blingblingsquad.net/dist/ \ http://tor.borgmann.tv/dist/ \ http://tor.ccc.de/dist/ \ http://tor.cyberarmy.at/dist/ \ http://tor.dont-know-me.at/dist/ \ http://tor.factor.cc/dist/ \ http://tor.homosu.net/dist/ \ http://tor.idnr.ws/dist/ \ http://tor.myrl.net/dist/ \ http://tor.kamagurka.org/dist/ \ http://tor.searchprivate.com/dist/ \ http://tor.spline.de/dist/ \ http://tor.taiga-san.net/dist/ \ http://tor.unregistered.eu/dist/ \ http://tor.vesta.nu/dist/ \ http://tordistua.reactor-xg.kiev.ua/ \ http://torproj.xpdm.us/dist/ \ https://torproject.antagonism.org/dist/ \ https://torproject.crypto.is/dist/ \ http://torproject.is/dist/ \ http://torproject.jcsh.it/dist/ \ http://torproject.nwlinux.us/dist/ \ http://torproject.ph3x.at/dist/ \ http://torua.reactor-xg.kiev.ua/dist/ \ https://www.coevoet.nl/tor/dist/ \ http://www.oignon.net/dist/ \ http://www.torproject.nl/dist/ \ http://www.torproject.org.in/dist/ \ http://www.torproject.org.nyud.net/dist/ \ http://www.torproject.us/dist/ \ http://www.torservers.net/mirrors/torproject.org/dist/
MAINTAINER= bf@FreeBSD.org COMMENT= An anonymizing overlay network for TCP
LICENSE= BSD LICENSE_FILE= ${WRKSRC}/LICENSE
LIB_DEPENDS= event-2.0:${PORTSDIR}/devel/libevent2
GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc \ --enable-linker-hardening CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include/event2 -I${LOCALBASE}/include" \ TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/event2" \ TOR_LIBEVENT_LIBS="-levent-2.0"
OPTIONS_DEFINE= BUFFREELISTS GMAKE INSTR_DOWNLOADS TCMALLOC THREADS TRANSPARENT
BUFFREELISTS_DESC= Freelists for buffer RAM GMAKE_DESC= Parallel build safety via GNU make INSTR_DOWNLOADS_DESC= Instrument downloads for analysis TCMALLOC_DESC= Use the tcmalloc memory allocation library TRANSPARENT_DESC= Transparent proxy support
OPTIONS_DEFAULT= BUFFREELISTS THREADS TRANSPARENT
USE_OPENSSL= yes
USE_RC_SUBR= tor SUB_FILES= pkg-message
GROUPS = _tor USERS= _tor
CONFLICTS= tor-devel-[0-9]*
MANCOMPRESSED= no MAN1= tor.1 tor-resolve.1 torify.1 tor-gencert.1
.include <bsd.port.options.mk>
.if ${PORT_OPTIONS:MGMAKE} USE_GMAKE= yes .else MAKE_JOBS_UNSAFE= yes .endif
.if ( (${OSVERSION} >= 703100 && ${OSVERSION} < 800000) || \ (${OSVERSION} >= 800500 && ${OSVERSION} < 900000) || \ (${OSVERSION} >= 900003) ) && !defined(USE_GCC) && empty(CC:T:M*gcc4*) CONFIGURE_ARGS+= --enable-gcc-hardening .endif
.if ( ${OSVERSION} < 704000 || \ (${OSVERSION} >= 800000 && ${OSVERSION} < 801500) || \ (${OSVERSION} >= 900000 && ${OSVERSION} < 900011) ) WITH_OPENSSL_PORT= yes .endif
.if ${PORT_OPTIONS:MBUFFREELISTS} CONFIGURE_ARGS+= --enable-buf-freelists .else CONFIGURE_ARGS+= --disable-buf-freelists .endif
.if ${PORT_OPTIONS:MINSTR_DOWNLOADS} CONFIGURE_ARGS+= --enable-instrument-downloads .else CONFIGURE_ARGS+= --disable-instrument-downloads .endif
.if ${PORT_OPTIONS:MTCMALLOC} CONFIGURE_ARGS+= --with-tcmalloc LIB_DEPENDS+= tcmalloc:${PORTSDIR}/devel/google-perftools .endif
.if ${PORT_OPTIONS:MTHREADS} CONFIGURE_ARGS+= --enable-threads CFLAGS+= ${PTHREAD_CFLAGS} .else CONFIGURE_ARGS+= --disable-threads .endif
.if ${PORT_OPTIONS:MTRANSPARENT} CONFIGURE_ARGS+= --enable-transparent .else CONFIGURE_ARGS+= --disable-transparent .endif
post-patch: @${MV} ${WRKSRC}/contrib/tor-tsocks.conf \ ${WRKSRC}/contrib/tor-tsocks.conf.sample @${REINPLACE_CMD} -e "s|tor-tsocks.conf|tor-tsocks.conf.sample|g" \ ${WRKSRC}/contrib/Makefile.in @${REINPLACE_CMD} -e '|^install-data-am:|s|install-docDATA||' \ ${WRKSRC}/doc/Makefile.in @${REINPLACE_CMD} -e "s|-ltcmalloc|${LOCALBASE}/lib/libtcmalloc.so|" \ ${WRKSRC}/configure
post-configure: @${FIND} -X ${WRKSRC} -type f -name Makefile | ${XARGS} ${REINPLACE_CMD} -e \ "s|-lpthread|${PTHREAD_LIBS}|g" @${REINPLACE_CMD} -e '|^nodist_man_MANS =|s|$$|${MAN1}|' \ ${WRKSRC}/doc/Makefile
post-install: ${MKDIR} /var/run/tor ${CHOWN} -R _tor:_tor /var/run/tor ${TOUCH} /var/log/tor ${CHOWN} _tor:_tor /var/log/tor ${MKDIR} /var/db/tor/data ${CHOWN} -R _tor:_tor /var/db/tor ${CHMOD} -R 700 /var/db/tor ${CAT} ${PKGMESSAGE}
check regression-test test: build @( cd ${BUILD_WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE} \ ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} check )
.include <bsd.port.mk>
BTW, I sent this thread to the supposed FreeBSD port mantainer and another guy (I found him using freshports.org). No answer at all (yet).
On Thu, Aug 9, 2012 at 6:04 AM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
Can you see what arguments are being passed to configure, and what configure does with them? Is the freebsd build process passing --with-tcmalloc to the configure script?
Sure.
mb# pwd && make showconfig
Hm. Does all that stuff actually say which options *were* passed to the configure script? It seems as though --with-tcmalloc *should* have been passed on the command line to configure, but I'm not at all sure which of that tells me which arguments *were* passed to configure.
Have a look near the top of "config.log" (please don't send the whole file; it will be enormous) -- there should be a part that says what command line configure got.
yrs,
On 08/09/2012 04:54 PM, Nick Mathewson wrote:
On Thu, Aug 9, 2012 at 6:04 AM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
Can you see what arguments are being passed to configure, and what configure does with them? Is the freebsd build process passing --with-tcmalloc to the configure script?
Sure.
mb# pwd && make showconfig
Hm. Does all that stuff actually say which options *were* passed to the configure script? It seems as though --with-tcmalloc *should* have been passed on the command line to configure, but I'm not at all sure which of that tells me which arguments *were* passed to configure.
Well, still the same forcing the configure tcmalloc argument to the make install command:
mb# make WITH_TCMALLOC=1 install ===> Installing for tor-0.2.2.37 ===> tor-0.2.2.37 depends on file: /usr/local/lib/libcrypto.so.7 - found ===> tor-0.2.2.37 depends on shared library: event-2.0 - found ===> tor-0.2.2.37 depends on shared library: tcmalloc - found ===> Generating temporary packing list ===> Checking if security/tor already installed ===> Creating users and/or groups. Using existing group `_tor'. Using existing user `_tor'. Making install in src Making install in common Making install in or cc -DHAVE_CONFIG_H -I. -I../.. -DSHARE_DATADIR=""/usr/local/share"" -DLOCALSTATEDIR=""/usr/local/var"" -DBINDIR=""/usr/local/bin"" -I../../src/common -I/usr/local/include/event2 -I/usr/local/include -I/usr/local/include -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -MT tor_main.o -MD -MP -MF .deps/tor_main.Tpo -c -o tor_main.o tor_main.c mv -f .deps/tor_main.Tpo .deps/tor_main.Po cc -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -L/usr/local/lib -L/usr/local/lib/event2 -rpath=/usr/local/lib -pie -Wl,-z,relro -Wl,-z,now -o tor tor_main.o ./libtor.a ../common/libor.a ../common/libor-crypto.a ../common/libor-event.a -lz -lm -levent-2.0 -lssl -lcrypto -pthread cc -DHAVE_CONFIG_H -I. -I../.. -DSHARE_DATADIR=""/usr/local/share"" -DLOCALSTATEDIR=""/usr/local/var"" -DBINDIR=""/usr/local/bin"" -I../../src/common -I/usr/local/include/event2 -I/usr/local/include -I/usr/local/include -O2 -pipe -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fstack-protector-all -fwrapv -fPIE -Wstack-protector --param ssp-buffer-size=1 -Wall -fno-strict-aliasing -MT tor_main.o -MD -MP -MF .deps/tor_main.Tpo -c -o tor_main.o tor_main.c mv -f .deps/tor_main.Tpo .deps/tor_main.Po test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -s -o root -g wheel -m 555 tor '/usr/local/bin' Making install in test Making install in tools test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -s -o root -g wheel -m 555 tor-resolve tor-gencert '/usr/local/bin' Making install in win32 Making install in config test -z "/usr/local/etc/tor" || /usr/local/bin/gmkdir -p "/usr/local/etc/tor" install -o root -g wheel -m 444 torrc.sample '/usr/local/etc/tor' test -z "/usr/local/share/tor" || /usr/local/bin/gmkdir -p "/usr/local/share/tor" install -o root -g wheel -m 444 geoip '/usr/local/share/tor' Making install in doc test -z "/usr/local/man/man1" || /usr/local/bin/gmkdir -p "/usr/local/man/man1" install -o root -g wheel -m 444 tor.1 tor-resolve.1 torify.1 tor-gencert.1 '/usr/local/man/man1' Making install in contrib Making install in suse test -z "/usr/local/bin" || /usr/local/bin/gmkdir -p "/usr/local/bin" install -o root -g wheel -m 555 torify '/usr/local/bin' test -z "/usr/local/etc/tor" || /usr/local/bin/gmkdir -p "/usr/local/etc/tor" install -o root -g wheel -m 444 tor-tsocks.conf.sample '/usr/local/etc/tor' ===> Installing rc.d startup script(s) /bin/mkdir -p /var/run/tor /usr/sbin/chown -R _tor:_tor /var/run/tor /usr/bin/touch /var/log/tor /usr/sbin/chown _tor:_tor /var/log/tor /bin/mkdir -p /var/db/tor/data /usr/sbin/chown -R _tor:_tor /var/db/tor /bin/chmod -R 700 /var/db/tor /bin/cat /usr/ports/security/tor/work/pkg-message ================================================================================ To enable the tor server, set tor_enable="YES" in your /etc/rc.conf and edit /usr/local/etc/tor/torrc. Note that the rc.subr script overrides many torrc options and is tunable: see /usr/local/etc/rc.d/tor for details. To use the torify script, install the net/torsocks port. After removing the package, or updating to a new version, users may need to delete all files in /var/db/tor. ================================================================================ ===> Correct pkg-plist sequence to create group(s) and user(s) ===> Compressing manual pages for tor-0.2.2.37 ===> Registering installation for tor-0.2.2.37 ===> SECURITY REPORT: This port has installed the following files which may act as network servers and may therefore pose a remote security risk to the system. /usr/local/bin/tor-resolve /usr/local/bin/tor-gencert /usr/local/bin/tor
This port has installed the following startup scripts which may cause these network services to be started at boot time. /usr/local/etc/rc.d/tor
If there are vulnerabilities in these programs there may be a security risk to the system. FreeBSD makes no guarantee about the security of ports included in the Ports Collection. Please type 'make deinstall' to deinstall the port if this is a concern.
For more information, and contact details about the security status of this software, see the following webpage: http://torproject.org/
mb# ldd /usr/local/bin/tor /usr/local/bin/tor: libz.so.5 => /lib/libz.so.5 (0x281aa000) libm.so.5 => /lib/libm.so.5 (0x281bc000) libevent-2.0.so.6 => /usr/local/lib/event2/libevent-2.0.so.6 (0x2844e000) libssl.so.7 => /usr/local/lib/libssl.so.7 (0x28489000) libcrypto.so.7 => /usr/local/lib/libcrypto.so.7 (0x284d7000) libthr.so.3 => /lib/libthr.so.3 (0x281df000) libc.so.7 => /lib/libc.so.7 (0x28090000)
Have a look near the top of "config.log" (please don't send the whole file; it will be enormous) -- there should be a part that says what command line configure got.
I guess is /usr/ports/security/tor/work/tor-0.2.2.37/config.log
Well, in here I see:
This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake.
It was created by configure, which was generated by GNU Autoconf 2.69. Invocation command line was
$ ./configure --with-openssl-dir=/usr/local --disable-asciidoc --enable-linker-hardening --enable-gcc-hardening --enable-buf-freelists --disable-instrument-downloads --enable-threads --enable-transparent --prefix=/usr/local --mandir=/usr/local/man --infodir=/usr/local/info/ --build=i386-portbld-freebsd8.1
## --------- ## ## Platform. ## ## --------- ##
hostname = mb uname -m = i386 uname -r = 8.1-RELEASE uname -s = FreeBSD uname -v = FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
/usr/bin/uname -p = i386 /bin/uname -X = unknown
/bin/arch = unknown /usr/bin/arch -k = unknown /usr/convex/getsysinfo = unknown /usr/bin/hostinfo = unknown /bin/machine = unknown /usr/bin/oslevel = unknown /bin/universe = unknown
PATH: /sbin PATH: /bin PATH: /usr/sbin PATH: /usr/bin PATH: /usr/games PATH: /usr/local/sbin PATH: /usr/local/bin PATH: /root/bin
So, actually I cannot see the tcmalloc is used by configure.
On Fri, Aug 10, 2012 at 10:14 AM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
On 08/09/2012 04:54 PM, Nick Mathewson wrote:
Have a look near the top of "config.log" (please don't send the whole file; it will be enormous) -- there should be a part that says what command line configure got.
I guess is /usr/ports/security/tor/work/tor-0.2.2.37/config.log
Well, in here I see:
This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake.
It was created by configure, which was generated by GNU Autoconf 2.69. Invocation command line was
$ ./configure --with-openssl-dir=/usr/local --disable-asciidoc --enable-linker-hardening --enable-gcc-hardening --enable-buf-freelists --disable-instrument-downloads --enable-threads --enable-transparent --prefix=/usr/local --mandir=/usr/local/man --infodir=/usr/local/info/ --build=i386-portbld-freebsd8.1
Yup. No --with-tcmalloc there. For whatever reason, the freebsd build process didn't pass --with-tcmalloc to configure.
If the ports maintainer isn't being responsive, maybe some other freebsd people could have a look? If the build process is telling Tor the wrong stuff, then that is almost certainly something going wrong with the build process.
Yup. No --with-tcmalloc there. For whatever reason, the freebsd build process didn't pass --with-tcmalloc to configure.
If the ports maintainer isn't being responsive, maybe some other freebsd people could have a look? If the build process is telling Tor the wrong stuff, then that is almost certainly something going wrong with the build process.
I will try again to contact them.
On 08/10/2012 04:56 PM, Jordi Espasa Clofent wrote:
Yup. No --with-tcmalloc there. For whatever reason, the freebsd build process didn't pass --with-tcmalloc to configure.
If the ports maintainer isn't being responsive, maybe some other freebsd people could have a look? If the build process is telling Tor the wrong stuff, then that is almost certainly something going wrong with the build process.
I will try again to contact them.
FYI: http://lists.freebsd.org/pipermail/freebsd-ports/2012-August/077433.html
Let see if someone is taking care of this one.
Well, finally it seems a Tor configure.in bug/problem:
http://lists.freebsd.org/pipermail/freebsd-ports/2012-August/077440.html
So.. I guess it has to be fixed by some tor dev then.
On Fri, Aug 10, 2012 at 6:21 PM, Jordi Espasa Clofent jespasac@minibofh.org wrote:
Well, finally it seems a Tor configure.in bug/problem:
http://lists.freebsd.org/pipermail/freebsd-ports/2012-August/077440.html
So.. I guess it has to be fixed by some tor dev then.
Very interesting. That first stanza is indeed wrongly placed. But when you move it, does it start working?
And why does it seem that ./configure is not getting the --with-tcmalloc option at all?
Very interesting. That first stanza is indeed wrongly placed. But when you move it, does it start working?
I tried a couple of things without success. So, what code should be placed in where?
And why does it seem that ./configure is not getting the --with-tcmalloc option at all?
No idea.
That's really strange. With a non-modified configure.in (which means that is containing this misplaced stanza), I did:
# cd /usr/ports/security/tor/ # make deinstall # make clean # make install
and... voilá:
mb# ldd /usr/local/bin/tor /usr/local/bin/tor: libtcmalloc.so.2 => /usr/local/lib/libtcmalloc.so.2 (0x2844e000) libz.so.5 => /lib/libz.so.5 (0x281aa000) libm.so.5 => /lib/libm.so.5 (0x281bc000) libevent-2.0.so.6 => /usr/local/lib/event2/libevent-2.0.so.6 (0x284b6000) libssl.so.7 => /usr/local/lib/libssl.so.7 (0x284f1000) libcrypto.so.7 => /usr/local/lib/libcrypto.so.7 (0x2853f000) libthr.so.3 => /lib/libthr.so.3 (0x281df000) libc.so.7 => /lib/libc.so.7 (0x28090000) libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x286a1000) libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x281f4000)
So it seems the 'make clean' did some magic. According to man ports(7):
clean Remove the expanded source code. This recurses to dependencies unless NOCLEANDEPENDS is defined.
Should I understand it was some 'expanded source code' which was breaking my local ports tree?
-
Jordi Espasa Clofent -
Nick Mathewson -
Nick Mathewson -
Robert Ransom