Actually not - you are right Alexander! But then the question are:
- why do I need a user "_tor-tor" since the last update, when I didn’t need that before - why is it not self creating - what do I have to do - really creating "_tor-tor" with the same privileges as "_tor-tor2"?
Thanks
Paul
Am 06.08.2016 um 15:49 schrieb Alexander Dietrich:
The error message "Ungültiger Anwender „_tor-tor“" appears several times in your log, while there are no error messages about user "_tor-tor2". Does the first user exist?
Best regards, Alexander
PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB
On 2016-08-06 14:56, pa011 wrote:
Thank you Michael for your hint - corrected that, but still having that problem with main instance not running:
Aug 6 14:30:02 systemd-sysctl[142]: Failed to write '10 # to reboot after kernel panic' to '/proc/sys/kernel/panic': Invalid argument Aug 6 14:30:02 systemd[1]: systemd-sysctl.service: main process exited, code=exited, status=1/FAILURE Aug 6 14:30:02 systemd[1]: Failed to start Apply Kernel Variables. Aug 6 14:30:02 systemd[1]: Unit systemd-sysctl.service entered failed state. Aug 6 14:30:02 kbd[135]: Setting console screen modes. Aug 6 14:30:02 kbd[135]: setterm: $TERM ist nicht festgelegt. Aug 6 14:30:02 keyboard-setup[158]: Setting preliminary keymap...done. Aug 6 14:30:02 netfilter-persistent[277]: run-parts: executing /usr/share/netfilter-persistent/plugins.d/15-ip4tables start Aug 6 14:30:02 netfilter-persistent[277]: run-parts: executing /usr/share/netfilter-persistent/plugins.d/25-ip6tables start Aug 6 14:30:02 console-setup[220]: Setting up console font and keymap...done. Aug 6 14:30:02 networking[297]: Configuring network interfaces...done. Aug 6 14:30:02 rpcbind[399]: Starting rpcbind daemon.... Aug 6 14:30:02 rpc.statd[416]: Version 1.2.8 starting Aug 6 14:30:02 sm-notify[417]: Version 1.2.8 starting Aug 6 14:30:02 nfs-common[411]: Starting NFS common utilities: statd idmapd. Aug 6 14:30:02 atd[433]: Cannot change to /var/spool/cron/atjobs: No such file or directory Aug 6 14:30:02 install[431]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:02 sysstat[445]: Starting the system activity data collector: sadc.Aug 6 14:30:02 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:02 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:02 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:02 systemd[1]: atd.service: main process exited, code=exited, status=1/FAILURE Aug 6 14:30:02 systemd[1]: Unit atd.service entered failed state. Aug 6 14:30:02 sed[481]: DataDirectory /var/lib/tor-instances/tor2 Aug 6 14:30:02 sed[481]: PidFile /var/run/tor-instances/tor2/tor.pid Aug 6 14:30:02 sed[481]: RunAsDaemon 0 Aug 6 14:30:02 sed[481]: User _tor-tor2 Aug 6 14:30:02 sed[481]: SyslogIdentityTag tor2 Aug 6 14:30:02 sed[481]: ControlSocket /var/run/tor-instances/tor2/control GroupWritable RelaxDirModeCheck Aug 6 14:30:02 sed[481]: SocksPort unix:/var/run/tor-instances/tor2/socks WorldWritable Aug 6 14:30:02 sed[481]: CookieAuthentication 1 Aug 6 14:30:02 sed[481]: CookieAuthFileGroupReadable 1 Aug 6 14:30:02 sed[481]: CookieAuthFile /var/run/tor-instances/tor2/control.authcookie Aug 6 14:30:02 sed[481]: Log notice syslog Aug 6 14:30:03 acpid: starting up with netlink and the input layer Aug 6 14:30:03 acpid: 1 rule loaded Aug 6 14:30:03 acpid: waiting for events: event logging is off Aug 6 14:30:03 install[491]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.109 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.110 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.112 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.114 [notice] Read configuration file "/etc/tor/torrc". Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.116 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.117 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.117 [notice] Read configuration file "/var/run/tor-instances/tor2.defaults". Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.118 [notice] Read configuration file "/etc/tor/instances/tor2/torrc". Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.120 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.120 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.122 [notice] Not disabling debugger attaching for unprivileged users. Aug 6 14:30:03 tor[482]: Configuration was valid Aug 6 14:30:03 tor[489]: Aug 06 14:30:03.126 [notice] Not disabling debugger attaching for unprivileged users. Aug 6 14:30:03 tor[489]: Configuration was validAug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Read configuration file "/var/run/tor-instances/tor2.defaults". Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.222 [notice] Read configuration file "/etc/tor/instances/tor2/torrc". Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening Control listener on 127.0.0.1:9051 Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening OR listener on 0.0.0.0:443 Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening Directory listener on 0.0.0.0:80 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.230 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.235 [notice] Opening Socks listener on 127.0.0.1:0 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.236 [notice] Socks listener listening on port 38400. Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening Control listener on 127.0.0.1:9052 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening OR listener on 0.0.0.0:444 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening Directory listener on 0.0.0.0:81 Aug 6 14:30:03 Tor-tor2[500]: Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Aug 6 14:30:03 Tor-tor2[500]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 6 14:30:03 Tor-tor2[500]: Read configuration file "/var/run/tor-instances/tor2.defaults". Aug 6 14:30:03 Tor-tor2[500]: Read configuration file "/etc/tor/instances/tor2/torrc". Aug 6 14:30:03 Tor-tor2[500]: Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMemInQueues by hand. Aug 6 14:30:03 Tor-tor2[500]: Opening Socks listener on 127.0.0.1:0 Aug 6 14:30:03 Tor-tor2[500]: Socks listener listening on port 38400. Aug 6 14:30:03 Tor-tor2[500]: Opening Control listener on 127.0.0.1:9052 Aug 6 14:30:03 Tor-tor2[500]: Opening OR listener on 0.0.0.0:444 Aug 6 14:30:03 Tor-tor2[500]: Opening Directory listener on 0.0.0.0:81 Aug 6 14:30:03 Tor-tor2[500]: Not disabling debugger attaching for unprivileged users.Aug 6 14:30:03 install[503]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 Tor-tor2[500]: Parsing GEOIP IPv4 file /usr/share/tor/geoip. Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:03 Tor-tor2[500]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Aug 6 14:30:03 install[510]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:03 Tor-tor2[500]: Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from no$ Aug 6 14:30:03 Tor-tor2[500]: Your Tor server's identity key fingerprint is ' Aug 6 14:30:03 Tor-tor2[500]: Bootstrapped 0%: Starting Aug 6 14:30:03 install[517]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:04 systemd[1]: tor@tor.service start request repeated too quickly, refusing to start. Aug 6 14:30:04 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor).
Rgds
Paul
Am 06.08.2016 um 14:06 schrieb Michael Armbruster:
Hi Paul,
You have applied a wrong ExitPolicy entry somewhere in your torrc for the default instance.
You wrote
"ExitPolicy reject x.x.x.x/80"
though most probably you wanted to block the port 80 on a specific address, so you have to provide
"ExitPolicy reject x.x.x.x:80"
instead, with a colon, not a slash. The slash is there to block a specific address *range*. You can read more about subnets and the calculation for a bitmask here: https://en.wikipedia.org/wiki/Subnetwork
Best, Michael
On 2016-08-06 at 13:30, pa011 wrote:
I am inexperienced an have probably the same problem after upgrading to 0.2.8.6.
Even after reboot my second instance Tor-tor2 is running while the default service is exiting - syslog looks like this:
Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.744 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/etc/tor/torrc". Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.747 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Bad number of mask bits (80) on address range; rejecting. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Couldn't parse line "x.x.x.x/80". Dropping Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Malformed policy 'reject x.x.x.x/80'. Discarding entire policy list. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.752 [warn] Failed to parse/validate config: Error in ExitPolicy entry. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.752 [err] Reading config failed--see warnings above. Aug 6 12:11:33 systemd[1]: tor@default.service: control process exited, code=exited status=1 Aug 6 12:11:33 systemd[1]: Failed to start Anonymizing overlay network for TCP. Aug 6 12:11:33 systemd[1]: Unit tor@default.service entered failed state. Aug 6 12:11:33 systemd[1]: tor@default.service start request repeated too quickly, refusing to start. Aug 6 12:11:33 systemd[1]: Failed to start Anonymizing overlay network for TCP. Aug 6 12:11:33 systemd[1]: Unit tor@default.service entered failed state. Aug 6 12:11:38 Tor-tor2[492]: Bootstrapped 80%: Connecting to the Tor network Aug 6 12:11:38 Tor-tor2[492]: Signaled readiness to systemd Aug 6 12:11:38 Tor-tor2[492]: Opening Control listener on /var/run/tor-instances/tor2/control Aug 6 12:11:38 Tor-tor2[492]: Self-testing indicates your ORPort is reachable from the outside. Excellent. Aug 6 12:11:39 Tor-tor2[492]: Bootstrapped 85%: Finishing handshake with first hop Aug 6 12:11:39 Tor-tor2[492]: Bootstrapped 90%: Establishing a Tor circuit Aug 6 12:11:40 Tor-tor2[492]: Tor has successfully opened a circuit. Looks like client functionality is working. Aug 6 12:11:40 Tor-tor2[492]: Bootstrapped 100%: Done
Could somebody please give me a detailed hint what to do please?
Thanks Paul
Am 05.08.2016 um 20:27 schrieb tor relay:
So there is no way to disable the default instance using systemctl after all?
To answer my own question: systemctl mask tor@default disables the default instance for real.
..but I'm still curious why tor@default is a static unit (without [Install] section) https://bbs.archlinux.org/viewtopic.php?id=147964 _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays