fteproxy does not work on Debian stretch / document fteproxy usage on Debian stretch
Using fteproxy on Debian stretch isn't straight easy. So far no luck.
From /lib/systemd/system/tor@default.service
, the AppArmor profile gets into the way.
AppArmorProfile=system_tor
Also the other systemd hardening results in.
Could not launch managed proxy executable at '/usr/bin/fteproxy' ('Permission denied').
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/proc
ReadWriteDirectories=-/var/lib/tor
ReadWriteDirectories=-/var/log/tor
ReadWriteDirectories=-/var/run
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_OVERRIDE
Even with all of that disabled, Tor does not successfully bootstrap.
Feb 11 06:26:01.000 [notice] Bootstrapped 5%: Connecting to directory server
Feb 11 06:26:01.000 [notice] Bootstrapped 10%: Finishing handshake with directory server
Feb 11 06:26:01.000 [warn] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 6; recommendation warn; host redacted at IP:PORT)
Feb 11 06:26:01.000 [warn] 6 connections have failed:
I guess my torrc config is fine. Copied that part over from TBB to system Tor /etc/tor/torrc.
UseBridges 1
ClientTransportPlugin fte exec /usr/bin/fteproxy --managed
Bridge fte IP:PORT redacted
Any hints what I am doing wrong? (Not in a censored area. TBB without bridges as well as fteproxy works for me. Debian stretch system Tor with Debian fteproxy packages does not work for me.)
I am asking for Whonix integration purposes.