Tor 0.4.4.5-4 from community repo sets wrong permissions so the service not work out of the box?
The app that is using Tor returned error:
TorManager Disabling Tor, because error while accessing Tor proxy at port 127.0.0.1:9050: Error ([Errno 111] Connection refused)
Here is what i tried:
$ egrep “ControlPort |CookieAuth” /etc/tor/torrc
ControlPort 9051
CookieAuthentication 1
(uncommented, 90xx 90xx match)
$ systemctl restart tor
Job for tor.service failed because the control process exited with error code.
See “systemctl status tor.service” and “journalctl -xe” for details.
$ systemctl status tor
● tor.service - Anonymizing overlay network for TCP
Loaded: loaded (/usr/lib/systemd/system/tor.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2020-11-07 15:23:58 CET; 40s ago
Process: 459829 ExecStartPre=/usr/bin/tor -f /etc/tor/torrc --verify-config (code=exited, status=1/FAILURE)
lis 07 15:23:58 me systemd[1]: tor.service: Scheduled restart job, restart counter is at 5.
lis 07 15:23:58 me systemd[1]: Stopped Anonymizing overlay network for TCP.
lis 07 15:23:58 me systemd[1]: tor.service: Start request repeated too quickly.
lis 07 15:23:58 me systemd[1]: tor.service: Failed with result ‘exit-code’.
lis 07 15:23:58 me systemd[1]: Failed to start Anonymizing overlay network for TCP.
$ tor -f /etc/tor/torrc --verify-config
Nov 07 15:27:29.677 [notice] Tor 0.4.4.5 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1h, Zlib 1.2.11, Liblzma 5.2.5, and Libzstd 1.4.5.
Nov 07 15:27:29.677 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 07 15:27:29.677 [notice] Read configuration file “/etc/tor/torrc”.
Nov 07 15:27:29.682 [warn] Directory /var/lib/tor cannot be read: Permission denied
Nov 07 15:27:29.682 [warn] Failed to parse/validate config: Couldn’t access private data directory “/var/lib/tor”
Nov 07 15:27:29.682 [err] Reading config failed–see warnings above.
$ stat -c%a /var/lib/tor /var/lib/tor/control_auth_cookie
700
stat: cannot statx ‘/var/lib/tor/control_auth_cookie’: Permission denied
$ sudo chmod 750 /var/lib/tor
$ stat -c%a /var/lib/tor /var/lib/tor/control_auth_cookie
750
600
Folder and contents had tor:tor rights. And my user was part of the tor ($groups myusername) and computer reset was made (maybe it remembered session, so maybe not reloaded user rights or what)
$ tor -f /etc/tor/torrc --verify-config
Nov 07 15:40:36.747 [notice] Tor 0.4.4.5 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1h, Zlib 1.2.11, Liblzma 5.2.5, and Libzstd 1.4.5.
Nov 07 15:40:36.748 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 07 15:40:36.748 [notice] Read configuration file “/etc/tor/torrc”.
Nov 07 15:40:36.752 [warn] /var/lib/tor is not owned by this user (me, 1000) but by tor (43). Perhaps you are running Tor as the wrong user?
Nov 07 15:40:36.752 [warn] Failed to parse/validate config: Couldn’t access private data directory “/var/lib/tor”
Nov 07 15:40:36.752 [err] Reading config failed–see warnings above.
$ sudo chown -R root:root /var/lib/tor
(using nonrootuser:tor or nonrootuser:nonrootuser not worked)
$ tor -f /etc/tor/torrc --verify-config
Nov 07 15:54:44.861 [notice] Tor 0.4.4.5 running on Linux with Libevent 2.1.12-stable, OpenSSL 1.1.1h, Zlib 1.2.11, Liblzma 5.2.5, and Libzstd 1.4.5.
Nov 07 15:54:44.861 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 07 15:54:44.861 [notice] Read configuration file “/etc/tor/torrc”.
Configuration was valid
tor starts now (requiring sudo password)
but the app says:
Disabling Tor, because error while accessing Tor proxy at port 127.0.0.1:9050: Error ([Errno 13] Permission denied: ‘/var/lib/tor/control_auth_cookie’)
So i would have to run the app as root i guess. That doe snot look good. Please how to fix that permissions and why it does not work out of the box?
Thank you for help in advance.
UPDATE, SOLUTIONS:
if have same problem, try to make sure /etc/tor/torrc contains following:
User tor
ControlPort 9051
CookieAuthentication 1
DataDirectoryGroupReadable 1
CookieAuthFileGroupReadable 1
ExtORPortCookieAuthFileGroupReadable 1
CacheDirectoryGroupReadable 1
(if “ls -l /var/lib/tor” returns different use, like “debian-tor”, update the first variable “User tor” in above box to be “User debian-tor”)