Bitcoin Forum
November 20, 2018, 09:00:49 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Issues Setting Up Tor Hidden Service on Fedora  (Read 46 times)
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 12:32:56 AM
Merited by Foxpup (2)
 #1

I am setting up a bitcoin full node on my fedora 28 machine. I am setting it up to accept connections via my onion address and my ip address.

After installing tor
Code:
dnf install tor
I enter into my torrc file
Code:
vim /etc/tor/torrc
and enter:

Quote
HiddenServiceDir /var/lib/tor/bitcoin-service/
HiddenServicePort 8333 127.0.0.1:8333
Exit torrc file and then restart tor by
Code:
systemctl restart tor.service

Everything good until up to here. Now, I never had an issue when I'd set this up on Debian systems, but I'd also restart tor with
Code:
sudo /etc/init.d/tor restart
but when I do this on Fedora, I get the error
Quote
sudo: /etc/init.d/tor: command not found

My understanding is that
Code:
systemctl restart tor.service
is the proper way to restart tor on Fedora.  However, this produces the following error:

Quote
Job for tor.service failed because the control process exited with error code. See "systemctl status tor.service" and "cournalctl -xe" for details.

Code:
systemctl status tor.service

Produces the log output:

Quote
tor.service - Anonymizing overlay network for TCP

Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) . since Mon 2018-05-14 17:56:34 EDT; 1s ago
Process: 19861 ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config (code=exited, status =1/FAILURE)

localhost.localdomain systemd[1]: tor.service: Service hold-off time over, scheduling restart.
localhost.localdomain systemd[1]: tor.service: Scheduled restart job, restart counter is at 5
localhost.localdomain systemd[1]: Stopped Anonymizing overlay network for TCP.
localhost.localdomain systemd[1]: tor.service: Start request repeated too quickly.
localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'.
localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP.
line 1-11/11 (END)

And:
Code:
journalctl -xe

Produces the log output:

Quote
Unit tor.service has begun starting up.

localhost.localdomain tor [20336]: [notice] Tor 0.3.2.10 (git -31cc63deb69db819) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.0h-fips, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
localhost.localdomain tor [20336]: [notice] Read configuration file "/usr/share/tor/defaults-torrc".
localhost.localdomain tor [20336]: [notice] Read configuration file "/etc/tor/torrc".
localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0
localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0
localhost.localdomain tor[20336] [warn] Directory /var/lib/tor/bitcoin-service/ cannot be read: Permission denied
localhost.localdomain tor[20336] [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details.
localhost.localdomain tor[20336] [err] Reading config failed --see warnings above.
localhost.localdomain systemd[1]: tor.service: Control process exited, code=exited status=1
localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'.
localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP.

--Subject: unit tor.service has failed
--Defined-By: systemd
--Unit tor.service has failed
line 1818-1840/1840 (END)

I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran
Code:
dnf install tor
I was still running as root, so I don't understand the permission denied.

Thanks in advance for any help
1542704449
Hero Member
*
Offline Offline

Posts: 1542704449

View Profile Personal Message (Offline)

Ignore
1542704449
Reply with quote  #2

1542704449
Report to moderator
1542704449
Hero Member
*
Offline Offline

Posts: 1542704449

View Profile Personal Message (Offline)

Ignore
1542704449
Reply with quote  #2

1542704449
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Foxpup
Legendary
*
Offline Offline

Activity: 2366
Merit: 1187



View Profile
May 15, 2018, 03:17:00 AM
Merited by Jet Cash (1)
 #2

I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran
Code:
dnf install tor
I was still running as root, so I don't understand the permission denied.
Tor doesn't run as root; it runs as its own user, which should match the owner of /var/lib/tor/bitcoin-service/ (it has to, since it created the directory itself). That's not the problem; this is:

localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0
localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0

SELinux seems to be blocking Tor from accessing its own files. I don't know why this is the case or how to fix it. Hopefully someone who knows about SELinux can help.

Will pretend to do unverifiable things (while actually eating an enchilada-style burrito) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 03:23:36 AM
 #3

Ah, what a coincidence, I just posted on (https://ask.fedoraproject.org/en/question/121126/issues-with-torservice/) that I found disabling SElinux solved this and was coming to post that here.

There's got to be a better way to fix this though...
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 03:31:22 AM
 #4

It wasn't the code that you quoted that had me attempt disabling SElinux, rather these two posts:

(https://forums.fedoraforum.org/showthread.php?311925-Tor-Error)

(https://bugzilla.redhat.com/show_bug.cgi?id=1357395)

Looks like this has been an issue for a while (since at least 2016 from a quick search).


Edit:  grammar
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!