Problems with starting managed Obfsproxy server when installed via debian package and with Tor as service
On a Ubuntu 12.04 "precise" host, I have installed obfsproxy and upgraded tor via the debian packages. More specifically:
$> sudo apt-get install -y tor obfsproxy
...
$> which obfsproxy
/usr/bin/obfsproxy
$> obfsproxy --version
obfsproxy 0.1.4 (git-94ebc4c3edf1e3e5)
$> tor --version
[notice] Tor v0.2.3.22-rc (git-4a0c70a817797420) running on Linux.
[notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Tor version 0.2.3.22-rc (git-4a0c70a817797420).I'm typically managing Tor via:
$> sudo service tor start|stop|statusMy torrc is:
$> grep -v "^#" /etc/tor/torrc | sed '/^$/d'
SocksPort 0
RunAsDaemon 1
User debian-tor
ORPort 8888
Nickname sricslbridge2
ExitPolicy reject *:* # no exits allowed
BridgeRelay 1
ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managedAfter starting Tor, the following process is running. But the obfsproxy process is missing, because of the following log output:
$> ps axu | grep tor
107 2228 0.7 1.3 379396 53244 ? Sl 07:27 0:01 /usr/sbin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc --hush
...
$> ps axu | grep obfs
$> sudo grep obfs /var/log/tor/log
[warn] Could not launch managed proxy executable at '/usr/bin/obfsproxy' ('Permission denied').When I turn Log on via torrc, the log output is slightly more verbose:
$> sudo grep -v "^#" /etc/tor/torrc | grep Log
Log debug file /var/log/tor/debug.log
$> sudo grep obfs /var/log/tor/debug.log
[info] launch_managed_proxy(): Managed proxy at '/usr/bin/obfsproxy' has spawned with PID '2423'.
[info] handle_proxy_line(): Got a line from managed proxy '/usr/bin/obfsproxy': (ERR: Failed to spawn background process - code 9/D)
[warn] Could not launch managed proxy executable at '/usr/bin/obfsproxy' ('Permission denied').The reason I was thinking it has to do with my init script (although I don't think I changed it myself. It was probably installed with Tor 0.2.2.x originally), is that I tried to run multiple Tor processes controlled via init.d using the instructions here: [https://www.torservers.net/wiki/setup/server#multiple_tor_processes] And the effect was that obfsproxy did start using this alternative init script. However, I reverted back to the original init script because the stopping of multiple Tor processes didn't work and I realized that I only need one Tor process to support a regular and an obfuscated bridge.
In the hope that the permission required to start the managed obfsproxy had to do with write permissions in certain locations, I attempted: (but it didn't resolve the problem)
$> sudo chown -R debian-tor:adm /var/tor
$> sudo ls -la /var/tor
total 6816
drwx------ 3 debian-tor adm 4096 Sep 28 15:27 .
drwxr-xr-x 13 root root 4096 Sep 29 07:23 ..
-rw------- 1 debian-tor adm 16947 Sep 28 13:11 cached-certs
-rw------- 1 debian-tor adm 706188 Sep 28 13:11 cached-consensus
-rw------- 1 debian-tor adm 4237891 Sep 28 14:36 cached-descriptors
-rw------- 1 debian-tor adm 184873 Sep 28 14:38 cached-descriptors.new
-rw------- 1 debian-tor adm 594762 Sep 28 13:11 cached-microdesc-consensus
-rw------- 1 debian-tor adm 1172036 Sep 28 14:36 cached-microdescs
-rw------- 1 debian-tor adm 23655 Sep 28 14:36 cached-microdescs.new
-rw------- 1 debian-tor adm 60 Sep 28 14:36 fingerprint
drwx------ 2 debian-tor adm 4096 Sep 28 13:11 keys
-rw------- 1 debian-tor adm 0 Sep 28 14:36 lock
-rw------- 1 debian-tor adm 1510 Sep 28 15:27 state
$> sudo ls -la /var/run/tor
total 8
drwxr-s--- 2 debian-tor debian-tor 100 Sep 29 07:50 .
drwxr-xr-x 21 root root 700 Sep 29 07:49 ..
srw-rw---- 1 debian-tor debian-tor 0 Sep 29 07:50 control
-rw-r----- 1 debian-tor debian-tor 32 Sep 29 07:50 control.authcookie
-rw-r--r-- 1 debian-tor debian-tor 5 Sep 29 07:50 tor.pidI'm attaching the short log and the more detailed debug.log. Also the init scripts tor (which must have come with the first Tor installation) and tor.MULTIPLE, which came from the commands below, are attached.
$> cd /etc/init.d
$> sudo mv tor tor.ORIG
$> sudo wget -O tor https://www.torservers.net/misc/config/initd-tor
$> sudo mv tor tor.MULTIPLE
$> sudo mv tor.ORIG torThanks! Linda