Merge remote-tracking branch 'teor/bug21122'

  o Minor bugfixes (documentation):

    - Update the tor manual page to document every option that can not be

      changed while tor is running. Fixes bug 21122; bugfix on multiple tor

      versions.

    file readable by the default GID. (Default: 0)

[[DataDirectory]] **DataDirectory** __DIR__::

    Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)

    Store working data in DIR. Can not be changed while tor is running.

    (Default: @LOCALSTATEDIR@/lib/tor)

[[DataDirectoryGroupReadable]] **DataDirectoryGroupReadable** **0**|**1**::

    If this option is set to 0, don't allow the filesystem group to read the

    not supported. We believe that this feature works on modern Gnu/Linux

    distributions, and that it should work on *BSD systems (untested). This

    option requires that you start your Tor as root, and you should use the

    **User** option to properly reduce Tor's privileges. (Default: 0)

    **User** option to properly reduce Tor's privileges.

    Can not be changed while tor is running. (Default: 0)

[[DisableDebuggerAttachment]] **DisableDebuggerAttachment** **0**|**1**::

   If set to 1, Tor will attempt to prevent basic debugging attachment attempts

[[Sandbox]] **Sandbox** **0**|**1**::

    If set to 1, Tor will run securely through the use of a syscall sandbox.

    Otherwise the sandbox will be disabled. The option is currently an

    experimental feature. (Default: 0)

    experimental feature. Can not be changed while tor is running.

    When the Sandbox is 1, the following options can not be changed when tor

    is running:

    Address

    ConnLimit

    CookieAuthFile

    DirPortFrontPage

    ExtORPortCookieAuthFile

    Logs

    ServerDNSResolvConfFile

    Tor must remain in client or server mode (some changes to ClientOnly and

    ORPort are not allowed).

    (Default: 0)

[[Socks4Proxy]] **Socks4Proxy** __host__[:__port__]::

    Tor will make all OR connections through the SOCKS 4 proxy at host:port

[[PidFile]] **PidFile** __FILE__::

    On startup, write our PID to FILE. On clean shutdown, remove

    FILE.

    FILE. Can not be changed while tor is running.

[[ProtocolWarnings]] **ProtocolWarnings** **0**|**1**::

    If 1, Tor will log with severity \'warn' various cases of other parties not

[[RunAsDaemon]] **RunAsDaemon** **0**|**1**::

    If 1, Tor forks and daemonizes to the background. This option has no effect

    on Windows; instead you should use the --service command-line option.

    Can not be changed while tor is running.

    (Default: 0)

[[LogTimeGranularity]] **LogTimeGranularity** __NUM__::

[[SyslogIdentityTag]] **SyslogIdentityTag** __tag__::

    When logging to syslog, adds a tag to the syslog identity such that

    log entries are marked with "Tor-__tag__".  (Default: none)

    log entries are marked with "Tor-__tag__". Can not be changed while tor is

    running. (Default: none)

[[SafeLogging]] **SafeLogging** **0**|**1**|**relay**::

    Tor can scrub potentially sensitive strings from log messages (e.g.

[[User]] **User** __Username__::

    On startup, setuid to this user and setgid to their primary group.

    Can not be changed while tor is running.

[[KeepBindCapabilities]] **KeepBindCapabilities** **0**|**1**|**auto**::

    On Linux, when we are started as root and we switch our identity using

    try to retain our ability to bind to low ports.  If this value is 1, we

    try to keep the capability; if it is 0 we do not; and if it is **auto**,

    we keep the capability only if we are configured to listen on a low port.

    Can not be changed while tor is running.

    (Default: auto.)

[[HardwareAccel]] **HardwareAccel** **0**|**1**::

    If non-zero, try to use built-in (static) crypto hardware acceleration when

    available. (Default: 0)

    available. Can not be changed while tor is running. (Default: 0)

[[AccelName]] **AccelName** __NAME__::

    When using OpenSSL hardware crypto acceleration attempt to load the dynamic

    engine of this name. This must be used for any dynamic hardware engine.

    Names can be verified with the openssl engine command.

    Names can be verified with the openssl engine command. Can not be changed

    while tor is running.

[[AccelDir]] **AccelDir** __DIR__::

    Specify this option if using dynamic hardware acceleration and the engine

    implementation library resides somewhere other than the OpenSSL default.

    Can not be changed while tor is running.

[[AvoidDiskWrites]] **AvoidDiskWrites** **0**|**1**::

    If non-zero, try to write to disk less frequently than we would otherwise.

    NUM must be between 1 and 1000, inclusive.  Note that the configured

    bandwidth limits are still expressed in bytes per second: this

    option only affects the frequency with which Tor checks to see whether

    previously exhausted connections may read again. (Default: 100 msec)

    previously exhausted connections may read again.

    Can not be changed while tor is running. (Default: 100 msec)

[[TrackHostExits]] **TrackHostExits** __host__,__.domain__,__...__::

    For each value in the comma separated list, Tor will track recent

    HiddenServiceSingleHopMode requires HiddenServiceNonAnonymousMode to be set

    to 1. Since a Single Onion service is non-anonymous, you can not configure

    a SOCKSPort on a tor instance that is running in

    **HiddenServiceSingleHopMode**.

    **HiddenServiceSingleHopMode**. Can not be changed while tor is running.

    (Default: 0)

[[HiddenServiceNonAnonymousMode]] **HiddenServiceNonAnonymousMode** **0**|**1**::

    non-anonymous HiddenServiceSingleHopMode. Enables direct connections in the

    server-side hidden service protocol.  If you are using this option,

    you need to disable all client-side services on your Tor instance,

    including setting SOCKSPort to "0".

    (Default: 0)

    including setting SOCKSPort to "0". Can not be changed while tor is

    running. (Default: 0)

TESTING NETWORK OPTIONS

-----------------------