config DataDirectoryGroupReadable 1 is overridden if you set KeyDir == DataDir
im trying to run zeronet over tor.
i need group access to the DataDirectory for cookie auth so /var/lib/tor should have file mode 0750
spoiler: see below for workarounds + bugfix
when i run
d=$(date +"%F %T"); \
chmod 0750 /var/lib/tor;
systemctl restart tor; sleep 2;
journalctl -u tor --since="$d"
| grep -i permissions;
stat -c%a /var/lib/tor
i always get Fixing permissions on directory /var/lib/tor 700
and datadir ends up with filemode 0700 so it is not accessible for other users in the tor group
... though in my torrc i set DataDirectoryGroupReadable 1
usermod -a -G tor zeronet
sudo -u zeronet cat /var/lib/tor/control_auth_cookie
cat: /var/lib/tor/control_auth_cookie: Permission denied
the authcookie filemode is set correctly to 0640 with the config CookieAuthFileGroupReadable 1
--
workaround 1 run
chmod 0750 /var/lib/tor
after starting tor
workaround 2 add CacheDirectoryGroupReadable 1 to your torrc file
workaround 3 add CacheDirectory = /var/lib/tor/cache to your torrc file if your cache dir should not be group readable
why workaround 2 and 3?
cos the error only happens if CacheDirectory == DataDirectory which is the default config
--
bugfix
in src/app/config/config.c add if (strcmp(options->KeyDirectory, options->DataDirectory) != 0) { and if (strcmp(options->CacheDirectory, options->DataDirectory) != 0) { around line 1570 and 1590 before calling check_and_create_data_directory ... and close the parentheses
--
cat /etc/tor/torrc
Log notice syslog DataDirectory /var/lib/tor DataDirectoryGroupReadable 1 ControlPort 9051 CookieAuthentication 1 CookieAuthFileGroupReadable 1 CookieAuthFile /var/lib/tor/control_auth_cookie
Trac:
Username: needle8420