AppArmor conflict that prevents recursive %include option of torrc working in /etc/tor/
Summary
AppArmor profile prevents recursive use of %include option in /etc/tor/
Steps to reproduce:
- Create folder
/etc/tor/rc.d
- Add file
/etc/tor/rc.d/example.rc
with the following content:Nickname example
- Replace Nickname in
/etc/tor/torrc
with%include /etc/tor/rc.d
(sed -i 's/Nickname/d' && echo "%include /etc/tor/rc.d" >> /etc/tor/torrc
)
What is the current bug behavior?
If you use the function %include
in the torrc Tor can no longer be started
What is the expected behavior?
I created the folder /etc/tor/rc.d/
and moved parts of the configuration from the file /etc/tor/torrc
to it. Expected is the regular function as if all parameters are in the torrc
itself.
From the manual:
Configuration options can be imported from files or folders using the %include option with the value being a path. This path
can have wildcards. Wildcards are expanded first, then sorted using lexical order. Then, for each matching file or folder, the
following rules are followed: if the path is a file, the options from the file will be parsed as if they were written where the
%include option is. If the path is a folder, all files on that folder will be parsed following lexical order. Files starting
with a dot are ignored. Files in subfolders are ignored. The %include option can be used recursively. New configuration files
or directories cannot be added to already running Tor instance if Sandbox is enabled.
Environment
- Which version of Tor are you using? Run
tor --version
to get the version if you are unsure.
Tor version 0.4.6.9.
Tor is running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1k, Zlib 1.2.11, Liblzma 5.2.5, Libzstd 1.4.8 and Glibc 2.31 as libc.
Tor compiled with GCC version 10.2.1
- Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.
Linux 01.nur.exit.tor.loki.tel 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux
- Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.
APT-Sources: https://deb.torproject.org/torproject.org bullseye/main amd64 Packages
Relevant logs and/or screenshots
Logs are not created, this is part of the problem.
Possible fixes
Edit line 27 in /etc/apparmor.d/abstractions/tor from /etc/tor/* r,
to /etc/tor/** r,