Your message dated Sat, 12 Aug 2017 10:04:15 +0000 with message-id <e1dgthd-0006va...@fasolo.debian.org> and subject line Bug#862993: fixed in tor 0.3.1.5-alpha-1 has caused the Debian Bug report #862993, regarding tor: Does not start with AppArmor enabled and hidden service directory owned by non-root to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 862993: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862993 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: tor Version: 0.3.0.7-1 Severity: normal I see this: systemd[1]: Starting Anonymizing overlay network for TCP... tor[25760]: May 19 19:42:30.363 [notice] Tor 0.3.0.7 (git-4e55cb9db769b11c) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0e and Zlib 1.2 tor[25760]: May 19 19:42:30.363 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download tor[25760]: May 19 19:42:30.364 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". tor[25760]: May 19 19:42:30.364 [notice] Read configuration file "/etc/tor/torrc". tor[25760]: Configuration was valid tor[25763]: May 19 19:42:30.557 [notice] Tor 0.3.0.7 (git-4e55cb9db769b11c) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0e and Zlib 1.2 tor[25763]: May 19 19:42:30.557 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download tor[25763]: May 19 19:42:30.557 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". tor[25763]: May 19 19:42:30.557 [notice] Read configuration file "/etc/tor/torrc". tor[25763]: May 19 19:42:30.560 [warn] Directory /var/lib/tor/hidden_service_onioncat cannot be read: Permission denied tor[25763]: May 19 19:42:30.560 [warn] Checking service directory /var/lib/tor/hidden_service_onioncat failed. tor[25763]: May 19 19:42:30.560 [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details. tor[25763]: May 19 19:42:30.560 [err] Reading config failed--see warnings above. systemd[1]: tor@default.service: Main process exited, code=exited, status=1/FAILURE Adding this line: capability dac_read_search, … to the AppArmor profile fixed this problem. /var/lib/tor/hidden_service_onioncat is only readable by debian-tor; I suspect that Tor might try to access it as root before changing uid. Cheers, -- intrigeri
--- End Message ---
--- Begin Message ---Source: tor Source-Version: 0.3.1.5-alpha-1 We believe that the bug you reported is fixed in the latest version of tor, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 862...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Peter Palfrader <wea...@debian.org> (supplier of updated tor package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 06 Aug 2017 20:57:47 +0200 Source: tor Binary: tor tor-geoipdb Architecture: source Version: 0.3.1.5-alpha-1 Distribution: experimental Urgency: medium Maintainer: Peter Palfrader <wea...@debian.org> Changed-By: Peter Palfrader <wea...@debian.org> Description: tor - anonymizing overlay network for TCP tor-geoipdb - GeoIP database for Tor Closes: 862993 867547 Changes: tor (0.3.1.5-alpha-1) experimental; urgency=medium . * New upstream version. * Update apparmor profile: replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH to match the systemd capability bounding set changed with 0.3.0.4-rc-1. This change will allow tor to start again under apparmor if hidden services are configured. Patch by intrigeri. (closes: #862993) * Remove tor-dbg binary package. Nowadays Debian's toolchain automatically builds packages containing debugging symbols. The new tor-dbgsym package will end up in the debian-debug archive. This tor-dbgsym package will Replace/Confict with tor-dbg versions prior to 0.3.1.5-alpha for now, but as we keep providing backported builds for older suites, and since those keep the tor-dbg package for now, we'll likely keep increasing this version in future releases. (closes: #867547) * The dbgsym migration options require debhelper >= 9.20160114; update build dependency list accordingly. Checksums-Sha1: dc1123c6d9a201e0fcbf497980e495fdd8ab22f2 1843 tor_0.3.1.5-alpha-1.dsc e662ab1ce5fae6f82cf16d379d64350dead5a6e5 5997514 tor_0.3.1.5-alpha.orig.tar.gz 090ee097432da53657d51863dbd5d07f00ad2ef0 47427 tor_0.3.1.5-alpha-1.diff.gz Checksums-Sha256: d1f220144b565a0985e27c5de2b48d9d7341f704e0365c77c7a9882b87d73bcb 1843 tor_0.3.1.5-alpha-1.dsc 04281b87e8b97517ba52232cd58de06a816f5a136b9b7a7316be878b36df8313 5997514 tor_0.3.1.5-alpha.orig.tar.gz 89df174edbacc742dfa366a92c37c46d75387dbf44b96f10311a5f231ade6a91 47427 tor_0.3.1.5-alpha-1.diff.gz Files: 1ff96c67bd7861da3218c7848ea0c127 1843 net optional tor_0.3.1.5-alpha-1.dsc 138b80f8b365225f8aa080388ef565a7 5997514 net optional tor_0.3.1.5-alpha.orig.tar.gz b0e0080d2062d55da17dba6f275180d0 47427 net optional tor_0.3.1.5-alpha-1.diff.gz -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEs4PXhajJL968BgN2hgLIIDhyMx8FAlmOCxIACgkQhgLIIDhy Mx9DYAf9Hf0eXFxUB33XYjkAxIfS9oH6toAcldcBlMeMRfe1pLuKmvINNiEs6m/R S9+aIMkPNimmmRbTIh2vzXFwwnU0WSbtHpZafwCDShbfR58QifUddprLNFjzf/dA lkw1Pb+Fatgq0KEL92SPwbfKI+/jooiN2Y2/YB15VuorAos4JmyY28mDiuXhMsw9 NBAfF2CD5aTMxC2uMjRPNC9nNhjSQ+VDVWQ/VC6zIEf3SmZmscPdKNfCAZzETyX5 /c9t9Y5Fi06Y62e7DgL8F9iIYgY0dd6M+MAQGqU0B6NZS6evKrbIvLCevzHFvcak eEn/vr7VmKz8iIPP0dJDZsHO1trL5w== =Acoa -----END PGP SIGNATURE-----
--- End Message ---
