subject:"\[tor\-relays\] Raspberry Pi \+ Raspbian GNU\/Linux 8.0 \(jessie\) \+ bind errors"

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-06 Thread Kurt Besig

On 1/5/2017 6:50 PM, Roger Dingledine wrote:
> On Thu, Jan 05, 2017 at 06:38:23PM -0800, Kurt Besig wrote:
>> I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
>> to start unless I sudo. When I attempt to start tor as a non-privileged
>> user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
>> Opening OR listener on 0.0.0.0:443
>> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
>> Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
>> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
>>  Ideas on best method to bind these ports to tor on startup as non-root?
> 
> If you're using the deb, it's actually intended to be started as root
> ("service tor start"), and it drops privileges once it binds to the ports.
> 
> Using the deb init script is also smart because it does things like fixing
> "ulimit -n" for you so it doesn't default to 1024 (which is way too low
> for a useful relay).
> 
> If you want to use iptables rules to do forwarding instead, check out
> https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#HowcanImakemyrelayaccessibletopeoplestuckbehindrestrictivefirewalls
> 
> (We haven't moved that faq entry to the main faq because the deb just
> handles it for you.)
> 
> (All of this might be a lie for Raspbian. I hope not though.)
> 
> --Roger
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
What a great community, all terrific suggestions to my problem. I tried
easy first, Roger's suggestion, and voila! A check of /var/log/tor/log
indicates all is well. Sometimes simple is best. Now let's see if the
relay's descriptor gets published and what bw adjustments are necessary.
One of our more vocal ops and all her questioning got me interested in
trying out an inexpensive alternative, so we'll see what opinions,
questions, suggestions, I come up with. :-)

Thanks again.




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-06 Thread Alexander Dietrich

On a Pi 3 the official packages seem to work, so you can simply follow
the instructions on the Tor website:
https://www.torproject.org/docs/debian.html.en

Use "Option two" and ignore the "Raspbian is not Debian" paragraph.

Best regards,
Alexander

---
PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB 

On 2017-01-06 06:37, Petrusko wrote:

> Hey,
> Tor from Raspbian Repo is not very updated... v0.2.5...
> On a RPi, I usually build Tor Stable from source. No problem about using 
> ports >1024 in my case.
> 
> * Some dependencies required... (sorry, I don't remember which ones...)
> 
> * Add source repo in your /etc/apt/sources.list
> At the bottom of the file :
> 
>> #TOR stable - pour building from source
>> deb-src http://deb.torproject.org/torproject.org jessie main
> 
> * Compil Tor from source with a script, in my home folder (for example):
> nano tor-compil.sh
> I use "root" user.
> --
> 
>> #!/bin/bash
>> # init
>> function pause(){
>> read -p "$*"
>> }
>> mkdir ~/debian-packages
>> cd ~/debian-packages
>> rm * -R
>> apt-get source tor
>> cd tor-*
>> debuild -rfakeroot -uc -us
>> cd ..
>> pause 'Press [Enter] key to continue... Installation TOR'
>> dpkg -i tor_*.deb tor-*.deb
>> 
>> exit 0
> --
> 
> Then chmod +x tor-compil.sh
> 
>> ./tor-compil.sh
> Hope it will help!
> 
> Le 06/01/2017 à 03:38, Kurt Besig a écrit : 
> 
>> I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
>> to start unless I sudo. When I attempt to start tor as a non-privileged
>> user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
>> Opening OR listener on 0.0.0.0:443
>> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
>> Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
>> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
>> Ideas on best method to bind these ports to tor on startup as non-root?
>> 
>> Thanks
> 
> -- 
> Petrusko
> C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-05 Thread Petrusko


  
  
Hey,
Tor from Raspbian Repo is not very updated... v0.2.5...
On a RPi, I usually build Tor Stable from source. No problem about
using ports >1024 in my case.

* Some dependencies required... (sorry, I don't remember which
ones...)

* Add source repo in your /etc/apt/sources.list
At the bottom of the file :
#TOR stable - pour building from source
  deb-src http://deb.torproject.org/torproject.org jessie main


* Compil Tor from source with a script, in my home folder (for
example):
nano tor-compil.sh
I use "root" user.
--
#!/bin/bash
  # init
  function pause(){
     read -p "$*"
  }
  mkdir ~/debian-packages
  cd ~/debian-packages
  rm * -R
  apt-get source tor
  cd tor-*
  debuild -rfakeroot -uc -us
  cd ..
  pause 'Press [Enter] key to continue... Installation TOR'
  dpkg -i tor_*.deb tor-*.deb
  
  exit 0

--

Then chmod +x tor-compil.sh
./tor-compil.sh

Hope it will help!


Le 06/01/2017 à 03:38, Kurt Besig a
  écrit :


  I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
to start unless I sudo. When I attempt to start tor as a non-privileged
user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
Opening OR listener on 0.0.0.0:443
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
 Ideas on best method to bind these ports to tor on startup as non-root?

Thanks


-- 
Petrusko
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
  




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-05 Thread grarpamp

On Thu, Jan 5, 2017 at 9:38 PM, Kurt Besig  wrote:
>  Ideas on best method to bind these ports to tor on startup as non-root?

It's an ancient unix security trust thing (today aka: lol).
Anything uid != 0 is denied bind to 0~1023.
So you can't without tricks.
Linux probably has some knob like FreeBSD's...
 sysctl net.inet.ip.portrange.reserved{low,high}
If not, FreeBSD can also probably run fine on your Pi.
You could also run NAT to redir low ports to high ports.
Or hack the kernel to remove the limit.
Or see the tor manpage and choose ports greater
than 1023 for your relay service.
Or the deb bits Roger hinted at.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-05 Thread Roger Dingledine

On Thu, Jan 05, 2017 at 06:38:23PM -0800, Kurt Besig wrote:
> I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
> to start unless I sudo. When I attempt to start tor as a non-privileged
> user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
> Opening OR listener on 0.0.0.0:443
> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
> Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
> Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
>  Ideas on best method to bind these ports to tor on startup as non-root?

If you're using the deb, it's actually intended to be started as root
("service tor start"), and it drops privileges once it binds to the ports.

Using the deb init script is also smart because it does things like fixing
"ulimit -n" for you so it doesn't default to 1024 (which is way too low
for a useful relay).

If you want to use iptables rules to do forwarding instead, check out
https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#HowcanImakemyrelayaccessibletopeoplestuckbehindrestrictivefirewalls

(We haven't moved that faq entry to the main faq because the deb just
handles it for you.)

(All of this might be a lie for Raspbian. I hope not though.)

--Roger

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-05 Thread Kurt Besig

I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
to start unless I sudo. When I attempt to start tor as a non-privileged
user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
Opening OR listener on 0.0.0.0:443
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
 Ideas on best method to bind these ports to tor on startup as non-root?

Thanks

sorry for the dup..



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

2017-01-05 Thread Kurt Besig

I just installed tor on a Raspberry Pi 3 Model B and can't get a relay
to start unless I sudo. When I attempt to start tor as a non-privileged
user I get a permissions error: Opening Jan 05 18:33:35.929 [notice]
Opening OR listener on 0.0.0.0:443
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:443: Permission denied
Jan 05 18:33:35.930 [notice] Opening Directory listener on 0.0.0.0:80
Jan 05 18:33:35.930 [warn] Could not bind to 0.0.0.0:80: Permission denied
 Ideas on best method to bind these ports to tor on startup as non-root?

Thanks



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

[tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

[tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

7 matches

Site Navigation

Mail list logo

Footer information