#25803: Infinite restart loop when daemon crashes
----------------------------------------------+----------------------------
 Reporter:  tiejohg2sahth                     |          Owner:  (none)
     Type:  defect                            |         Status:  new
 Priority:  Medium                            |      Milestone:  Tor:
                                              |  unspecified
Component:  Core Tor/Tor                      |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:  systemd, tor-relay, security-low  |  Actual Points:
Parent ID:                                    |         Points:  0.1
 Reviewer:                                    |        Sponsor:
----------------------------------------------+----------------------------

Comment (by teor):

 Replying to [comment:4 arma]:
 > Replying to [comment:3 teor]:
 > > It doesn't make sense to restart in any of the listed failure modes:
 >
 > I haven't learned much about systemd yet, so please ignore this if you
 have a better handle on things, but: in the past one of Tor's transient
 failure modes was that the system would start it before the system had set
 up its IP addresses (especially true with the world of ipv6), or before
 the system had set up its network interfaces, and if it just gave up right
 then, the system Tor would stay down. So retrying some times, especially
 at first boot, used to make sense.

 It still does, see #25182.

 Here's what I suggest we do:

 Restart after 60 seconds, rather than 0.1 seconds. Slowing the restart
 rate limits automated exploitation, and increases the likelihood that the
 network will be available.
 {{{
 RestartSec=60
 }}}

 We could also avoid restarting when Tor crashes, or exits badly. We would
 need to work out a list of signals and exit statuses that should prevent a
 restart. For example:
 {{{
 RestartPreventExitStatus= 1 6 SIGABRT SIGSEGV
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25803#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Reply via email to