Package: tor Version: 0.2.9.15-1 Severity: normal Dear Maintainer,
I installed Tor on my machine and haven't made any change to its config yet, as far as I know. But when I start it, AppArmor seems to stop it right at the start. More specifically, I get: # /etc/init.d/tor stop [ ok ] Stopping tor (via systemctl): tor.service. # /etc/init.d/tor start [ ok ] Starting tor (via systemctl): tor.service. # /etc/init.d/tor status tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2018-07-12 11:03:03 EDT; 2min 39s ago Process: 6842 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 6842 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 4915) Memory: 0B CPU: 0 CGroup: /system.slice/tor.service Jul 12 11:03:03 faina systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 12 11:03:03 faina systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). # and `journalctl -f` on the "start" part gives me: Jul 12 11:03:03 faina systemd[1]: Starting Anonymizing overlay network for TCP... Jul 12 11:03:03 faina systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master). Jul 12 11:03:04 faina tor[6862]: Jul 12 11:03:04.973 [notice] Tor 0.2.9.15 (git-2dc1a1a2abab5403) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f and Zlib 1.2.8. Jul 12 11:03:04 faina tor[6862]: Jul 12 11:03:04.974 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jul 12 11:03:04 faina tor[6862]: Jul 12 11:03:04.974 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Jul 12 11:03:04 faina tor[6862]: Jul 12 11:03:04.974 [notice] Read configuration file "/etc/tor/torrc". Jul 12 11:03:05 faina tor[6862]: Configuration was valid Jul 12 11:03:05 faina audit[6873]: AVC apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6873 comm="(tor)" Jul 12 11:03:05 faina kernel: audit: type=1400 audit(1531407785.239:26): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="system_tor" pid=6873 comm="(tor)" Jul 12 11:03:05 faina systemd[6873]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Jul 12 11:03:05 faina systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Jul 12 11:03:05 faina systemd[1]: Failed to start Anonymizing overlay network for TCP. Jul 12 11:03:05 faina systemd[1]: tor@default.service: Unit entered failed state. Jul 12 11:03:05 faina systemd[1]: tor@default.service: Failed with result 'exit-code'. Jul 12 11:03:05 faina systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Jul 12 11:03:05 faina systemd[1]: Stopped Anonymizing overlay network for TCP. repeated 5 times. I do see some tor-related file in /etc, tho: # find /etc/apparmor* -name '*tor*' /etc/apparmor.d/abstractions/tor /etc/apparmor.d/local/system_tor /etc/apparmor.d/system_tor # What am I doing wrong? Stefan -- System Information: Debian Release: 9.4 APT prefers stable APT policy: (990, 'stable'), (50, 'testing') Architecture: armhf (armv7l) Kernel: Linux 4.15.0-rc2+ (SMP w/2 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages tor depends on: ii adduser 3.115 ii init-system-helpers 1.48 ii libc6 2.24-11+deb9u3 ii libevent-2.0-5 2.0.21-stable-3 ii libgcc1 1:6.3.0-18+deb9u1 ii libssl1.1 1.1.0f-3+deb9u2 ii libsystemd0 232-25+deb9u2 ii lsb-base 9.20161125 ii zlib1g 1:1.2.8.dfsg-5 Versions of packages tor recommends: ii logrotate 3.11.0-0.1 pn tor-geoipdb <none> pn torsocks <none> Versions of packages tor suggests: pn apparmor-utils <none> pn mixmaster <none> pn obfs4proxy <none> pn obfsproxy <none> ii socat 1.7.3.1-2+deb9u1 pn tor-arm <none> pn torbrowser-launcher <none> -- no debconf information