#27992: config DataDirectoryGroupReadable 1 is ignored ----------------------------------------+------------------------------ Reporter: needle8420 | Owner: (none) Type: defect | Status: new Priority: Low | Component: Core Tor/Tor Version: Tor: 0.3.5.2-alpha | Severity: Minor Keywords: DataDirectoryGroupReadable | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------------------+------------------------------ im trying to run zeronet over tor.
i need group access to the DataDirectory for cookie auth so /var/lib/tor should have file mode 0750 spoiler: see below for workarounds + bugfix when i run # d=$(date +"%F %T"); \ chmod 0750 /var/lib/tor; \ systemctl restart tor; sleep 2; \ journalctl -u tor --since="$d" \ | grep -i permissions; \ stat -c%a /var/lib/tor i always get Fixing permissions on directory /var/lib/tor 700 and datadir ends up with filemode 0700 so it is not accessible for other users in the tor group ... though in my torrc i set DataDirectoryGroupReadable 1 # usermod -a -G tor zeronet # sudo -u zeronet cat /var/lib/tor/control_auth_cookie cat: /var/lib/tor/control_auth_cookie: Permission denied the authcookie filemode is set correctly to 0640 with the config CookieAuthFileGroupReadable 1 -- workaround 1 run # chmod 0750 /var/lib/tor after starting tor workaround 2 add CacheDirectoryGroupReadable 1 to your torrc file workaround 3 add CacheDirectory = /var/lib/tor/cache to your torrc file if your cache dir should not be group readable why workaround 2 and 3? cos the error only happens if CacheDirectory == DataDirectory which is the default config -- bugfix in src/app/config/config.c add if (strcmp(options->KeyDirectory, options->DataDirectory) != 0) { and if (strcmp(options->CacheDirectory, options->DataDirectory) != 0) { around line 1570 and 1590 before calling check_and_create_data_directory ... and close the parentheses -- # cat /etc/tor/torrc Log notice syslog DataDirectory /var/lib/tor DataDirectoryGroupReadable 1 ControlPort 9051 CookieAuthentication 1 CookieAuthFileGroupReadable 1 CookieAuthFile /var/lib/tor/control_auth_cookie -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27992> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs