Bitcoin Forum
August 18, 2018, 02:30:45 PM *
News: Latest stable version of Bitcoin Core: 0.16.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Issues Setting Up Tor Hidden Service on Fedora  (Read 32 times)
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 12:32:56 AM
Merited by Foxpup (2)
 #1

I am setting up a bitcoin full node on my fedora 28 machine. I am setting it up to accept connections via my onion address and my ip address.

After installing tor
Code:
dnf install tor
I enter into my torrc file
Code:
vim /etc/tor/torrc
and enter:

Quote
HiddenServiceDir /var/lib/tor/bitcoin-service/
HiddenServicePort 8333 127.0.0.1:8333
Exit torrc file and then restart tor by
Code:
systemctl restart tor.service

Everything good until up to here. Now, I never had an issue when I'd set this up on Debian systems, but I'd also restart tor with
Code:
sudo /etc/init.d/tor restart
but when I do this on Fedora, I get the error
Quote
sudo: /etc/init.d/tor: command not found

My understanding is that
Code:
systemctl restart tor.service
is the proper way to restart tor on Fedora.  However, this produces the following error:

Quote
Job for tor.service failed because the control process exited with error code. See "systemctl status tor.service" and "cournalctl -xe" for details.

Code:
systemctl status tor.service

Produces the log output:

Quote
tor.service - Anonymizing overlay network for TCP

Loaded: loaded (/usr/lib/systemd/system/tor.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) . since Mon 2018-05-14 17:56:34 EDT; 1s ago
Process: 19861 ExecStartPre=/usr/bin/tor --runasdaemon 0 --defaults-torrc /usr/share/tor/defaults-torrc -f /etc/tor/torrc --verify-config (code=exited, status =1/FAILURE)

localhost.localdomain systemd[1]: tor.service: Service hold-off time over, scheduling restart.
localhost.localdomain systemd[1]: tor.service: Scheduled restart job, restart counter is at 5
localhost.localdomain systemd[1]: Stopped Anonymizing overlay network for TCP.
localhost.localdomain systemd[1]: tor.service: Start request repeated too quickly.
localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'.
localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP.
line 1-11/11 (END)

And:
Code:
journalctl -xe

Produces the log output:

Quote
Unit tor.service has begun starting up.

localhost.localdomain tor [20336]: [notice] Tor 0.3.2.10 (git -31cc63deb69db819) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.0h-fips, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
localhost.localdomain tor [20336]: [notice] Read configuration file "/usr/share/tor/defaults-torrc".
localhost.localdomain tor [20336]: [notice] Read configuration file "/etc/tor/torrc".
localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0
localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0
localhost.localdomain tor[20336] [warn] Directory /var/lib/tor/bitcoin-service/ cannot be read: Permission denied
localhost.localdomain tor[20336] [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details.
localhost.localdomain tor[20336] [err] Reading config failed --see warnings above.
localhost.localdomain systemd[1]: tor.service: Control process exited, code=exited status=1
localhost.localdomain systemd[1]: tor.service: Failed with result 'exit-code'.
localhost.localdomain systemd[1]: Failed to start Anonymizing overlay network for TCP.

--Subject: unit tor.service has failed
--Defined-By: systemd
--Unit tor.service has failed
line 1818-1840/1840 (END)

I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran
Code:
dnf install tor
I was still running as root, so I don't understand the permission denied.

Thanks in advance for any help
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1534602645
Hero Member
*
Offline Offline

Posts: 1534602645

View Profile Personal Message (Offline)

Ignore
1534602645
Reply with quote  #2

1534602645
Report to moderator
1534602645
Hero Member
*
Offline Offline

Posts: 1534602645

View Profile Personal Message (Offline)

Ignore
1534602645
Reply with quote  #2

1534602645
Report to moderator
Foxpup
Legendary
*
Offline Offline

Activity: 2282
Merit: 1097



View Profile
May 15, 2018, 03:17:00 AM
Merited by Jet Cash (1)
 #2

I don't understand why I'm getting the permission denied error for /var/lib/tor/bitcoin-service/ but I assume that's a big part of the error. But since I had just ran
Code:
dnf install tor
I was still running as root, so I don't understand the permission denied.
Tor doesn't run as root; it runs as its own user, which should match the owner of /var/lib/tor/bitcoin-service/ (it has to, since it created the directory itself). That's not the problem; this is:

localhost.localdomain audit [20336]: AVC avc: denied { dacreadsearch } for pid=20336 comm="tor" capability=2 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemrtort:s0 tclass=capability permissive=0
localhost.localdomain audit [20336]: AVC avc: denied {dacoverride } for pid=20336 comm="tor" capability=1 scontext=systemu:systemr:tort:s0 tcontext=systemu:systemr:tort:s0 tcpmtext=systemu:systemr:tort:s0 tclass=capability permissive=0

SELinux seems to be blocking Tor from accessing its own files. I don't know why this is the case or how to fix it. Hopefully someone who knows about SELinux can help.

Will pretend to do unverifiable things (while actually eating an enchilada-style burrito) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 03:23:36 AM
 #3

Ah, what a coincidence, I just posted on (https://ask.fedoraproject.org/en/question/121126/issues-with-torservice/) that I found disabling SElinux solved this and was coming to post that here.

There's got to be a better way to fix this though...
Raspigler
Newbie
*
Offline Offline

Activity: 4
Merit: 2


View Profile
May 15, 2018, 03:31:22 AM
 #4

It wasn't the code that you quoted that had me attempt disabling SElinux, rather these two posts:

(https://forums.fedoraforum.org/showthread.php?311925-Tor-Error)

(https://bugzilla.redhat.com/show_bug.cgi?id=1357395)

Looks like this has been an issue for a while (since at least 2016 from a quick search).


Edit:  grammar
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!