Problems starting tor service ....
William A. Mahaffey III
wam at hiwaay.net
Sat Sep 27 18:14:47 UTC 2014
On 09/27/14 13:11, William A. Mahaffey III wrote:
> On 09/27/14 12:55, William A. Mahaffey III wrote:
>> On 09/27/14 10:20, Ian Smith wrote:
>>> In freebsd-questions Digest, Vol 538, Issue 11, Message: 6
>>> On Sat, 27 Sep 2014 06:43:16 +0200 Polytropon <freebsd at edvax.de> wrote:
>>>
>>> > The important information is this:
>>> >
>>> > On Fri, 26 Sep 2014 22:19:07 -0500, William A. Mahaffey III wrote:
>>> > > # tor_enable (bool): Set it to "YES" to enable tor.
>>> Default: NO
>>> > > # tor_conf (str): Points to your torrc file.
>>> > > # Default: /usr/local/etc/tor/torrc
>>> > > # tor_user (str): Tor daemon user. Default: _tor
>>> > > # tor_datadir (str): Tor datadir. Default: /var/db/tor
>>> > > # tor_logfile (str): Tor log file. Default: /var/log/tor
>>> > > # tor_loglevel (str): Tor log severity level. Default: notice
>>> >
>>> > Here, /var/db/tor has to be a directory accessible by the tor
>>> > user, and /var/log/tor has to be a file. Probably those have
>>> > to be present (as the following lines list them as required).
>>>
>>> Likely. I wonder why the installation didn't - or couldn't? - touch
>>> its
>>> logfile? syslogd needs files to preexist, assuming it's using syslog?
>>>
>>> > Check /usr/local/etc/tor/torrc if it makes any changes to the
>>> > default settings (shouldn't be, but have a look).
>>> >
>>> >
>>> >
>>> > > Sep 26 22:17:54.000 [warn] Couldn't open file for 'Log notice
>>> file
>>> > > /var/log/tor': Permission denied
>>> >
>>> > This seems to indicate that the file is present, but not
>>> > accessible. Check permissions and owner (should be "_tor"
>>> > with an underscore).
>>>
>>> Not necessarily; it could indicate permission denied to create a new
>>> file in /var/log (needing root)? presumably tor is running as _tor?
>>> Or it may have tried to open it for append? Just guessing around ..
>>>
>>> William, have you tried just ? # touch /var/log/tor
>>>
>>> If tor wants to write to that file directly, as _tor:_tor and not root,
>>> you'd likely need to # chown _tor:_tor /var/log/tor as well.
>>
>> *Boooooyah* !!!! We have a winner !!!!
>>
>> [root at kabini1, /etc, 12:50:24pm] 458 % touch /var/log/tor
>> [root at kabini1, /etc, 12:50:29pm] 459 % chown _tor:_tor /var/log/tor
>> [root at kabini1, /etc, 12:50:39pm] 460 % ( lltr10 /var/log/ ; date )
>> -rw-r----- 1 root wheel 815 Sep 27 00:00 maillog.0.bz2
>> -rw------- 1 root wheel 580 Sep 27 03:02 mount.today
>> -rw------- 1 root wheel 757 Sep 27 03:02 ipfw.today
>> -rw------- 1 root wheel 5254 Sep 27 04:00 cron.0.bz2
>> -rw-r----- 1 root wheel 4267 Sep 27 04:55 maillog
>> -rw------- 1 root wheel 43802 Sep 27 05:34 auth.log
>> -rw-r----- 1 root wheel 1448 Sep 27 07:00 sendmail.st.0
>> -rw-r----- 1 root wheel 0 Sep 27 07:00 sendmail.st
>> -rw------- 1 root wheel 14287 Sep 27 12:50 cron
>> -rw-r--r-- 1 _tor _tor 0 Sep 27 12:50 tor
>> Sat Sep 27 12:50:44 CDT 2014
>> [root at kabini1, /etc, 12:50:44pm] 461 % service tor start
>> Starting tor.
>> Sep 27 12:50:55.845 [notice] Tor v0.2.4.23 (git-598c61362f1b3d3e)
>> running on FreeBSD with Libevent 2.0.21-stable and OpenSSL
>> 0.9.8za-freebsd.
>> Sep 27 12:50:55.845 [notice] Tor can't help you if you use it wrong!
>> Learn how to be safe at
>> https://www.torproject.org/download/download#warning
>> Sep 27 12:50:55.846 [notice] Read configuration file
>> "/usr/local/etc/tor/torrc".
>> Sep 27 12:50:55.862 [notice] Opening Socks listener on 127.0.0.1:9050
>> [root at kabini1, /etc, 12:50:55pm] 462 % lsof -n | grep 'tor '
>> lsof: WARNING: compiled for FreeBSD release 9.1-RELEASE-p17; this is
>> 9.3-RELEASE.
>> tor 96609 _tor cwd VDIR 0,102 512 1444677 /var/db/tor
>> tor 96609 _tor rtd VDIR 0,102 1024 2 /
>> tor 96609 _tor txt VREG 0,166 1843232 807031
>> /usr/local/bin/tor
>> tor 96609 _tor 0u VCHR 0,17 0t0 17 /dev/null
>> tor 96609 _tor 1u VCHR 0,17 0t0 17 /dev/null
>> tor 96609 _tor 2u VCHR 0,17 0t0 17 /dev/null
>> tor 96609 _tor 3u KQUEUE
>> 0xfffffe0162ec6000 count=1659658296,
>> state=0x937e7200
>> tor 96609 _tor 4u IPv4
>> 0xfffffe018622b000 0t0 TCP
>> 192.168.0.27:35653->154.35.32.5:https (ESTABLISHED)
>> tor 96609 _tor 5u IPv4
>> 0xfffffe0179838b70 0t0 TCP 127.0.0.1:9050 (LISTEN)
>> tor 96609 _tor 6w VREG 0,102 3714 1284867 /var/log/tor
>> tor 96609 _tor 7u VREG 0,102 0 1444680 / (/dev/ada0p3)
>> tor 96609 _tor 8u IPv4
>> 0xfffffe01869843d0 0t0 TCP
>> 192.168.0.27:17723->188.95.247.140:https (ESTABLISHED)
>> tor 96609 _tor 9u IPv4
>> 0xfffffe01a69f5000 0t0 TCP
>> 192.168.0.27:24371->72.76.188.254:https (ESTABLISHED)
>> tor 96609 _tor 10u IPv4
>> 0xfffffe0175a017a0 0t0 TCP
>> 192.168.0.27:31120->195.154.123.82:9001 (ESTABLISHED)
>> [root at kabini1, /etc, 12:51:42pm] 464 % service tor status
>> tor is not running.
>> [root at kabini1, /etc, 12:51:59pm] 465 %
>>
>> That last detail is a bit odd ....
>>
>>> Again, it seems odd - well, broken - if the install didn't arrange
>>> that.
>>>
>>> cheers, Ian
>>>
>>
>> That's mostly what I was getting at, installer problem .....
>>
>
> FWIW, /var/run/tor/ doesn't get created either, needed for
> /var/run/tor/tor.pid :-/ ....
>
Furthermore, it doesn't seem to find the right version of OpenSSL to run
w/. I hadn't explicitly installed OpenSSL, & the 1st time I got tor to
start, it groused about my 'old' version:
[root at kabini1, /etc, 1:12:30pm] 505 % tail -50 /var/log/tor
Sep 27 12:50:56.000 [notice] Parsing GEOIP IPv6 file
/usr/local/share/tor/geoip6.
Sep 27 12:50:56.000 [warn] OpenSSL version from headers does not match
the version we're running with. If you get weird crashes, that might be
why. (Compiled with 90819f: OpenSSL 0.9.8y 5 Feb 2013; running with
9081af: OpenSSL 0.9.8za-freebsd 5 Jun 2014).
Sep 27 12:50:56.000 [notice] Your OpenSSL version seems to be
0.9.8za-freebsd. We recommend 1.0.0 or later.
Sep 27 12:50:57.000 [notice] Bootstrapped 5%: Connecting to directory
server.
Sep 27 12:50:57.000 [notice] Bootstrapped 10%: Finishing handshake with
directory server.
Sep 27 12:50:57.000 [notice] We weren't able to find support for all of
the TLS ciphersuites that we wanted to advertise. This won't hurt
security, but it might make your Tor (if run as a client) more easy for
censors to block.
Sep 27 12:50:57.000 [notice] To correct this, use a more recent OpenSSL,
built without disabling any secure ciphers or features.
Sep 27 12:50:57.000 [notice] Bootstrapped 15%: Establishing an encrypted
directory connection.
Sep 27 12:50:57.000 [notice] Bootstrapped 20%: Asking for networkstatus
consensus.
Sep 27 12:50:57.000 [notice] Bootstrapped 25%: Loading networkstatus
consensus.
Sep 27 12:50:59.000 [notice] I learned some more directory information,
but not enough to build a circuit: We have no usable consensus.
Sep 27 12:50:59.000 [notice] Bootstrapped 40%: Loading authority key certs.
Sep 27 12:51:00.000 [notice] Bootstrapped 45%: Asking for relay descriptors.
Sep 27 12:51:00.000 [notice] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we
have 0/6239, and can only build 0% of likely paths. (We have 0% of
guards bw, 0% of midpoint bw, and 0% of exit bw.)
Sep 27 12:51:00.000 [notice] Bootstrapped 50%: Loading relay descriptors.
Sep 27 12:51:04.000 [notice] Bootstrapped 51%: Loading relay descriptors.
Sep 27 12:51:05.000 [notice] Bootstrapped 53%: Loading relay descriptors.
Sep 27 12:51:08.000 [notice] Bootstrapped 55%: Loading relay descriptors.
Sep 27 12:51:08.000 [notice] Bootstrapped 56%: Loading relay descriptors.
Sep 27 12:51:08.000 [notice] Bootstrapped 58%: Loading relay descriptors.
Sep 27 12:51:09.000 [notice] Bootstrapped 60%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 61%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 63%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 65%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 67%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 68%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 70%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 72%: Loading relay descriptors.
Sep 27 12:51:10.000 [notice] Bootstrapped 73%: Loading relay descriptors.
Sep 27 12:51:11.000 [notice] Bootstrapped 75%: Loading relay descriptors.
Sep 27 12:51:14.000 [notice] Bootstrapped 77%: Loading relay descriptors.
Sep 27 12:51:16.000 [notice] We now have enough directory information to
build circuits.
Sep 27 12:51:16.000 [notice] Bootstrapped 80%: Connecting to the Tor
network.
Sep 27 12:51:16.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Sep 27 12:51:16.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Sep 27 12:51:16.000 [notice] Bootstrapped 100%: Done.
... but obviously got done starting. I installed OpenSSL & after a
couple of abortive attempts at restarting (related to no /var/run/tor
dir, posted earlier):
Sep 25 09:10:20 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 25 09:18:41 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 26 17:15:01 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 26 17:20:24 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 26 22:07:40 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 26 22:17:54 kabini1 last message repeated 2 times
Sep 27 13:04:56 kabini1 pkg: openssl-1.0.1_15 installed
Sep 27 13:05:20 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
Sep 27 13:05:55 kabini1 wam: /usr/local/etc/rc.d/tor: WARNING: failed to
start tor
I got this upon restart (from /var/log/tor):
Sep 27 12:51:16.000 [notice] Bootstrapped 80%: Connecting to the Tor
network.
Sep 27 12:51:16.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Sep 27 12:51:16.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Sep 27 12:51:16.000 [notice] Bootstrapped 100%: Done.
Sep 27 13:10:50.000 [notice] Catching signal TERM, exiting cleanly.
Sep 27 13:10:51.000 [notice] Tor 0.2.4.23 (git-598c61362f1b3d3e) opening
log file.
Sep 27 13:10:51.000 [notice] Parsing GEOIP IPv4 file
/usr/local/share/tor/geoip.
Sep 27 13:10:51.000 [notice] Parsing GEOIP IPv6 file
/usr/local/share/tor/geoip6.
Sep 27 13:10:51.000 [warn] OpenSSL version from headers does not match
the version we're running with. If you get weird crashes, that might be
why. (Compiled with 90819f: OpenSSL 0.9.8y 5 Feb 2013; running with
9081af: OpenSSL 0.9.8za-freebsd 5 Jun 2014).
Sep 27 13:10:51.000 [notice] Your OpenSSL version seems to be
0.9.8za-freebsd. We recommend 1.0.0 or later.
Sep 27 13:10:52.000 [notice] We now have enough directory information to
build circuits.
Sep 27 13:10:52.000 [notice] Bootstrapped 80%: Connecting to the Tor
network.
Sep 27 13:10:53.000 [notice] Bootstrapped 85%: Finishing handshake with
first hop.
Sep 27 13:10:53.000 [notice] We weren't able to find support for all of
the TLS ciphersuites that we wanted to advertise. This won't hurt
security, but it might make your Tor (if run as a client) more easy for
censors to block.
Sep 27 13:10:53.000 [notice] To correct this, use a more recent OpenSSL,
built without disabling any secure ciphers or features.
Sep 27 13:10:54.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
Sep 27 13:10:55.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Sep 27 13:10:55.000 [notice] Bootstrapped 100%: Done.
i.e. it is still using the old OpenSSL .... No biggie (& possibly pilot
error), but seems a bit off ....
--
William A. Mahaffey III
----------------------------------------------------------------------
"The M1 Garand is without doubt the finest implement of war
ever devised by man."
-- Gen. George S. Patton Jr.
More information about the freebsd-questions
mailing list