-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
The friend was upgrading from Tor 0.2.3.x to Tor 0.2.4.16-rc. I do not know whether he used a tarball but I think it likely he used the Tor 'experimental' repos as his VPS is Debian-family, and he said "I couldn't keep the old config"; thus debconf likely presented him with a choice, he accepted the new config, edited as far down as he needed to turn relaying on, and that's it.
Since the default exit policy is for a relay to be an exit (without, even, the benefit of ReducedExitPolicy), his VPS was shut down in about a day as he'd unknowingly turned himself into an exit node.
Partial user error, and partial - as he would argue and so would I - bad defaults. This guy is a software engineer who had a derp moment. I wonder how many less tech-savvy users may make the same mistake and then have a bad time and never relay again (or be subject to law enforcement action, particularly in hostile countries).
David Carlson:
I am confused by this thread. In fact, the specific downloaded file that the OP is referring to is not named, nor is it mentioned whether it was installed 'as-is' or with a modified configuration. Then a follow-up message refers to TBB, which is not even a relay package. David C