/var/run/tor/control socket not created because of /var/run/tor permission issue

Using Tor 0.2.8.6 from deb.torproject.org, /var/run/tor/control is no longer created because of a permission issue. As a manual workaround, sudo chmod --recursive 700 /var/run/tor works.

The symptom in Tor's log is the following:

Aug 03 17:36:33.000 [warn] Permissions on directory /var/run/tor are too permissive.

Rather than 755 Tor's /lib/systemd/system/tor@default.service should use 700. I.e. rather than using:

ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor

/lib/systemd/system/tor@default.service should use:

ExecStartPre=/usr/bin/install -Z -m 02700 -o debian-tor -g debian-tor -d /var/run/tor