Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-16T01:26:59Zhttps://gitlab.torproject.org/legacy/trac/-/issues/16651Tor fails to build on OpenBSD 5.8 due to libevent config options2020-06-16T01:26:59ZteorTor fails to build on OpenBSD 5.8 due to libevent config optionsCan we apply the patch in this thread?
http://lists.nycbug.org/pipermail/tor-bsd/2015-July/000328.htmlCan we apply the patch in this thread?
http://lists.nycbug.org/pipermail/tor-bsd/2015-July/000328.htmlTor: 0.2.7.x-finalhttps://gitlab.torproject.org/legacy/trac/-/issues/27489add openfiles-max and kern.maxfiles settings for OpenBSD2020-06-13T17:35:11Znusenuadd openfiles-max and kern.maxfiles settings for OpenBSDhttps://trac.torproject.org/projects/tor/wiki/TorRelayGuide/OpenBSD
Cover the following settings:
* openfiles-max
* kern.maxfiles
https://github.com/torbsd/torbsd.github.io/blob/7c20dcfd1176d59d882f1d1a98ca4867976b514c/obsd-relays.md#i...https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/OpenBSD
Cover the following settings:
* openfiles-max
* kern.maxfiles
https://github.com/torbsd/torbsd.github.io/blob/7c20dcfd1176d59d882f1d1a98ca4867976b514c/obsd-relays.md#installation-and-configuration
ref
#26619Vinícius ZavamVinícius Zavamhttps://gitlab.torproject.org/legacy/trac/-/issues/27027TorRelayGuide/NetBSD: set ORPort to 443 where that works out of the box2020-06-13T17:35:10ZnusenuTorRelayGuide/NetBSD: set ORPort to 443 where that works out of the boxSo far we used 443 where that works out of the box, you don't seem to like that:
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/NetBSD?sfp_email=&sfph_mail=&action=diff&version=4&old_version=3
443 is a more likely reachabl...So far we used 443 where that works out of the box, you don't seem to like that:
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/NetBSD?sfp_email=&sfph_mail=&action=diff&version=4&old_version=3
443 is a more likely reachable port than 9001,
what is your motivation for changing it to 9001, especially since you are recommending people to set a random port? ("TRY A DIFFERENT PORT" should be explained) on a non-exit (likely guard) relay?Vinícius ZavamVinícius Zavamhttps://gitlab.torproject.org/legacy/trac/-/issues/27025TorRelayGuide/NetBSD steps result in installation of old tor version2020-06-13T17:35:09ZnusenuTorRelayGuide/NetBSD steps result in installation of old tor versionhttps://trac.torproject.org/projects/tor/wiki/TorRelayGuide/NetBSD
gives you an old tor version (0.3.3.7) which will be a problem if people use this as a foundation for bridgeshttps://trac.torproject.org/projects/tor/wiki/TorRelayGuide/NetBSD
gives you an old tor version (0.3.3.7) which will be a problem if people use this as a foundation for bridgesVinícius ZavamVinícius Zavamhttps://gitlab.torproject.org/legacy/trac/-/issues/27007create 'wiki/TorRelayGuide/NetBSD'2020-06-13T17:35:09ZVinícius Zavamcreate 'wiki/TorRelayGuide/NetBSD'I would like to have 'wiki/TorRelayGuide/NetBSD' available here;
attached to this ticket you can get my suggestions for this new page.
based on https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_configI would like to have 'wiki/TorRelayGuide/NetBSD' available here;
attached to this ticket you can get my suggestions for this new page.
based on https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_confighttps://gitlab.torproject.org/legacy/trac/-/issues/27006create 'wiki/TorRelayGuide/DragonFlyBSD'2020-06-13T17:35:08ZVinícius Zavamcreate 'wiki/TorRelayGuide/DragonFlyBSD'I would like to have 'wiki/TorRelayGuide/DragonFlyBSD' available here;
attached to this ticket you can get my suggestions for this new page.
based on https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_configI would like to have 'wiki/TorRelayGuide/DragonFlyBSD' available here;
attached to this ticket you can get my suggestions for this new page.
based on https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_confighttps://gitlab.torproject.org/legacy/trac/-/issues/27001update 'wiki/TorRelayGuide/OpenBSD'2020-06-13T17:35:08ZVinícius Zavamupdate 'wiki/TorRelayGuide/OpenBSD'suggestion to be used as 'wiki/TorRelayGuide/OpenBSD'
steps from https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_configsuggestion to be used as 'wiki/TorRelayGuide/OpenBSD'
steps from https://wiki.torbsd.org/doku.php?id=pt:guides_basic_relay_confighttps://gitlab.torproject.org/legacy/trac/-/issues/29140Tor privdrop on (Open)BSD fails to reclaim capabilities of "User".2020-06-13T15:37:05ZTracTor privdrop on (Open)BSD fails to reclaim capabilities of "User".As summary states. Should Tor need invocation as superuser it will fail claim the capabilities of the target "User" in torrc. One statement that is therefore affected is e.g. "DisableAllSwap 1" which would either require Tor running as r...As summary states. Should Tor need invocation as superuser it will fail claim the capabilities of the target "User" in torrc. One statement that is therefore affected is e.g. "DisableAllSwap 1" which would either require Tor running as root or raising of superuser capabilities (this was never tested however). Both alternatives are unattractive.
Regarding option with "DisableAllSwap" I will give pretty obvious pointers from your own GitHub repositories:
L1510 @ src/app/config/config.c
L220 @ src/lib/process/setuid.c
L316 @ src/lib/process/setuid.c
And here is kdump format of a ktrace of faulty execution:
```
28446 tor CALL setegid(1000<"user">)
28446 tor RET setegid 0
28446 tor CALL setgid(1000<"user">)
28446 tor RET setgid 0
28446 tor CALL setuid(1000<"user">)
28446 tor RET setuid 0
28446 tor CALL seteuid(1000<"user">)
28446 tor RET seteuid 0
28446 tor CALL setgid(0<"wheel">)
28446 tor RET setgid -1 errno 1 Operation not permitted
28446 tor CALL setegid(0<"wheel">)
28446 tor RET setegid -1 errno 1 Operation not permitted
28446 tor CALL setuid(0<"root">)
28446 tor RET setuid -1 errno 1 Operation not permitted
28446 tor CALL seteuid(0<"root">)
28446 tor RET seteuid -1 errno 1 Operation not permitted
```
P.S. This applies to 0.3.4.9 but also to 0.3.5.7.
P.P.S. I am sorry I did not take the time to patch this myself yes. For anyone interested in this these are great resources:
man 2 setuid
man 2 seteuid
man 2 setgid
man 2 setegid
man 2 getrlimit
man 2 setrlimit
**Trac**:
**Username**: RatherAnonymousOneTor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/27901Build fails on FreeBSD/mips, but succeeds when auroreconf is run before the b...2020-06-13T15:32:18Zyurivict271Build fails on FreeBSD/mips, but succeeds when auroreconf is run before the buildDiscussion: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231779#c8Discussion: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231779#c8Tor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/23272File group is wrong?2020-06-13T15:12:48Zyurivict271File group is wrong?Looking at db files:
# ls -l /var/db/tor/
total 23512
-rw------- 1 _tor _tor 18209 Jul 3 11:47 cached-certs
-rw------- 1 _tor _tor 2087391 Aug 18 14:37 cached-microdesc-consensus
-rw------- 1 _tor _tor 7966413 Aug 15 18:43 c...Looking at db files:
# ls -l /var/db/tor/
total 23512
-rw------- 1 _tor _tor 18209 Jul 3 11:47 cached-certs
-rw------- 1 _tor _tor 2087391 Aug 18 14:37 cached-microdesc-consensus
-rw------- 1 _tor _tor 7966413 Aug 15 18:43 cached-microdescs
-rw------- 1 _tor _tor 1794414 Aug 18 14:37 cached-microdescs.new
-rw------- 1 _tor _tor 32 Aug 18 11:58 control_auth_cookie
-rw------- 1 _tor _tor 0 Aug 18 12:12 lock
-rw------- 1 _tor _tor 14061 Aug 18 15:04 state
Shouldn't all files except control_auth_cookie be owned by wheel:_tor instead? Only control_auth_cookie needs to be read by others.
FreeBSD 11.1Tor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/23250tor-0.3.0.10: test failure on NetBSD2020-06-13T15:12:44ZTractor-0.3.0.10: test failure on NetBSDWhen running the self tests on NetBSD, there is one problem:
```
===> Testing for tor-0.3.0.10
/usr/bin/make check-TESTS check-local
PASS: src/test/test
PASS: src/test/test-slow
PASS: src/test/test-memwipe
PASS: src/test/test_workqueue...When running the self tests on NetBSD, there is one problem:
```
===> Testing for tor-0.3.0.10
/usr/bin/make check-TESTS check-local
PASS: src/test/test
PASS: src/test/test-slow
PASS: src/test/test-memwipe
PASS: src/test/test_workqueue
PASS: src/test/test_keygen.sh
PASS: src/test/test-timers
SKIP: src/test/fuzz_static_testcases.sh
PASS: src/test/test_zero_length_keys.sh
PASS: src/test/test_workqueue_cancel.sh
SKIP: src/test/test_workqueue_efd.sh
SKIP: src/test/test_workqueue_efd2.sh
PASS: src/test/test_workqueue_pipe.sh
PASS: src/test/test_workqueue_pipe2.sh
PASS: src/test/test_workqueue_socketpair.sh
SKIP: src/test/test_switch_id.sh
PASS: src/test/test_ntor.sh
FAIL: src/test/test_bt.sh
============================================================================
Testsuite summary for tor 0.3.0.10
============================================================================
# TOTAL: 17
# PASS: 12
# SKIP: 4
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
============================================================================
See ./test-suite.log
============================================================================
```
The test log:
```
# less ./src/test/test_bt.sh.log
OK
[1] Abort trap (core dumped) "${builddir:-.}/... |
Done "${PYTHON:-pytho...
BAD
============================================================ T= 1502824395
Tor died: Caught signal 11
0x73c0a4bd <crash_handler+0x73c00041> at ./src/test/test-bt-cl
[1] Abort trap (core dumped) "${builddir:-.}/... |
Done(1) "${PYTHON:-pytho...
-158318
FAIL src/test/test_bt.sh (exit status: 1)
```
**Trac**:
**Username**: wizTor: unspecifiedDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/21581Make test-network.sh use sh (or bash when it's available)2020-06-13T15:06:47ZteorMake test-network.sh use sh (or bash when it's available)test-network.sh doesn't work very well with non-bash /bin/sh.
But we can't do #19699 in 0.3.0, so we need a workaround until then.
This is a bugfix on #21562.test-network.sh doesn't work very well with non-bash /bin/sh.
But we can't do #19699 in 0.3.0, so we need a workaround until then.
This is a bugfix on #21562.Tor: 0.3.0.x-finalhttps://gitlab.torproject.org/legacy/trac/-/issues/17038Provide scripts to set up transparent proxying, where supported2020-06-13T14:48:59ZTracProvide scripts to set up transparent proxying, where supportedSetting up a transparent TOR proxy is quite complicated when it comes to firewall rules (e.g. IPTables). Any configuration slip breaks the anonymity.
So I suggest to add the options '[Trans{Local|MiddleBox}](uploads/TransProxyLocal)IPv{...Setting up a transparent TOR proxy is quite complicated when it comes to firewall rules (e.g. IPTables). Any configuration slip breaks the anonymity.
So I suggest to add the options '[Trans{Local|MiddleBox}](uploads/TransProxyLocal)IPv{4|6}' to torrc which automagically configure a transparent TOR proxy with all necessary settings (e.g. IPTables rules, system resolver set-up with .onion).
**Trac**:
**Username**: renneTor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/3794tor-chroot scripts2020-06-13T14:12:38ZJacob Appelbaumtor-chroot scriptsI've written some scripts that help chroot a Tor - it's useful for chrooting a git build of Tor or for using the Tor binaries that are provided by Debian.
I'd like them to go into contrib/ so that they don't bit rot in a lonely repo; a ...I've written some scripts that help chroot a Tor - it's useful for chrooting a git build of Tor or for using the Tor binaries that are provided by Debian.
I'd like them to go into contrib/ so that they don't bit rot in a lonely repo; a lot of this was inspired by sjm's work on the topic but I had to cobble it together via email, wiki and other web servers.
How can I get the code into contrib?Tor: 0.3.4.x-finalNick MathewsonNick Mathewson