Title: Issues Setting Up Tor Hidden Service on Fedora Post by: Raspigler on May 15, 2018, 12:32:56 AM I am setting up a bitcoin full node on my fedora 28 machine. I am setting it up to accept connections via my onion address and my ip address.
After installing tor Code: dnf install tor Code: vim /etc/tor/torrc Quote HiddenServiceDir /var/lib/tor/bitcoin-service/ Exit torrc file and then restart tor by HiddenServicePort 8333 127.0.0.1:8333 Code: systemctl restart tor.service Everything good until up to here. Now, I never had an issue when I'd set this up on Debian systems, but I'd also restart tor with Code: sudo /etc/init.d/tor restart Quote sudo: /etc/init.d/tor: command not found My understanding is that Code: systemctl restart tor.service Quote Job for tor.service failed because the control process exited with error code. See "systemctl status tor.service" and "cournalctl -xe" for details. Code: systemctl status tor.service Produces the log output: Quote tor.service - Anonymizing overlay network for TCP Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) . since Mon 2018-05-14 17:56:34 EDT; 1s ago Process: 19861 ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config (code=exited, status =1/FAILURE) localhost.localdomain systemd[1]: tor.service: Service hold-off time over, scheduling restart. localhost.localdomain systemd[1]: tor.service: Scheduled restart job, restart counter is at 5 localhost.localdomain systemd[1]: Stopped Anonymizing overlay network for TCP. localhost.localdomain systemd[1]: tor.service: Start request repeated too quickly. localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'. localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP. line 1-11/11 (END) And: Code: journalctl -xe Produces the log output: Quote Unit tor.service has begun starting up. localhost.localdomain tor [20336]: [notice] Tor 0.3.2.10 (git -31cc63deb69db819) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.0h-fips, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A. localhost.localdomain tor [20336]: [notice] Read configuration file "/usr/share/tor/defaults-torrc". localhost.localdomain tor [20336]: [notice] Read configuration file "/etc/tor/torrc". localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0 localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0 localhost.localdomain tor[20336] [warn] Directory /var/lib/tor/bitcoin-service/ cannot be read: Permission denied localhost.localdomain tor[20336] [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details. localhost.localdomain tor[20336] [err] Reading config failed --see warnings above. localhost.localdomain systemd[1]: tor.service: Control process exited, code=exited status=1 localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'. localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP. --Subject: unit tor.service has failed --Defined-By: systemd --Unit tor.service has failed line 1818-1840/1840 (END) I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran Code: dnf install tor Thanks in advance for any help Title: Re: Issues Setting Up Tor Hidden Service on Fedora Post by: Foxpup on May 15, 2018, 03:17:00 AM I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran Tor doesn't run as root; it runs as its own user, which should match the owner of /var/lib/tor/bitcoin-service/ (it has to, since it created the directory itself). That's not the problem; this is:Code: dnf install tor localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0 localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0 SELinux seems to be blocking Tor from accessing its own files. I don't know why this is the case or how to fix it. Hopefully someone who knows about SELinux can help. Title: Re: Issues Setting Up Tor Hidden Service on Fedora Post by: Raspigler on May 15, 2018, 03:23:36 AM Ah, what a coincidence, I just posted on (https://ask.fedoraproject.org/en/question/121126/issues-with-torservice/) that I found disabling SElinux solved this and was coming to post that here.
There's got to be a better way to fix this though... Title: Re: Issues Setting Up Tor Hidden Service on Fedora Post by: Raspigler on May 15, 2018, 03:31:22 AM It wasn't the code that you quoted that had me attempt disabling SElinux, rather these two posts:
(https://forums.fedoraforum.org/showthread.php?311925-Tor-Error) (https://bugzilla.redhat.com/show_bug.cgi?id=1357395) Looks like this has been an issue for a while (since at least 2016 from a quick search). Edit: grammar |