-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I understand.
In Debian, if installed via apt-get, Tor will run under user debian-tor. If you create the hidden service directory in /home/user/Documents, this doesn't give the permissions to the user running Tor, which is as I said 'debian-tor' and not 'user'. Please follow up below and see comments inline: On 8/12/2015 11:18 PM, MaQ wrote: > Yes, running Tor 0.2.6.10.'Do you see there files like > cached-microdesc-consensus, lock, state, etc.?' Files do exist in > /var/lib/tor. The pertinent torrc: > > 'HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 > 127.0.0.1:80' > > The '/var/lib/tor' by default is limited to root. I did some tests > deleting 'hidden_service' to regenerate new .onion addresses. All > fine. > OK, this is normal. > The normal 'user' of system can't access '/var/lib/tor'. I changed > permissions of folder. Tor wouldn't generate new hidden_services > files or connect. I created a new folder 'hidden_service' in > user's '/home/user/Documents' and changed torrc to > '/home/user/Documents/hidden_service'. Tor wouldn't generate new > hidden_services files or connect. > Tor cannot generate new hidden service files in /home/user/Documents/hidden_service because this is owned by 'user' and Tor is run by 'debian-tor'. Do this: leave in torrc: HiddenServiceDir /home/user/Documents/hidden_service And run these commands: chown -R debian-tor:debian-tor /home/user/Documents/hidden_service chown -R debian-tor:debian-tor /home/user/Documents/hidden_service/* > Changed everything back, back to normal... What I'm trying to do is > have a fresh OS, that when a new user starts for first time, a > unique .onion address is generated for them and it is easily > displayed on a start page, without them having to fish around in > files or having to use editor, terminal, etc. > This won't work unless Tor is also started/reloaded (so it'll generate the hidden service files), and you need to add each time entries in torrc for each user for this to happen: HiddenServiceDir /home/user1/Documents/hidden_service/ HiddenServicePort 80 127.0.0.1:80 # or whatever you use HiddenServiceDir /home/user2/Documents/hidden_service/ HiddenServicePort 80 127.0.0.1:80 # or whatever you use You also need to change the owner of all hidden_service folders for each user to debian-tor using the commands above. > (On another note, the tor lists has been the quickest > response/most helpful for a novice, that I've encountered. Thank > you all.) > > ---------- > > Hi, > > If you installed from deb.torproject.org I assume you are using > Tor 0.2.6.10, correct? (run # tor --version to check this). > > Please explain once again what you did, I don't exactly > understand. Have you restored a hidden service for which you had > backups of private_key and hostname files? Or did you leave Tor to > create a new hidden service? What do you mean by 'set-up a > directory in user's Documents folder'? > > If you have installed via apt, your datadirectory should be > /var/lib/tor, unless you didn't change it by modifying torrc. Do > you see there files like cached-microdesc-consensus, lock, state, > etc.? Also, the username who should run Tor on your system is > debian-tor. > > Please provide more details and torrc entries. > > On 8/10/2015 11:49 PM, MaQ wrote: >> I tried a couple of things. >> >> Gave complete permissions to user at >> /var/lib/tor/hidden_services/hostname recursively AND >> >> set-up a directory in user's Documents folder. >> >> In both instances Tor would not make a connection. Had to revert >> all settings back to only allowing files to be placed with root >> restrictions in /var/lib/tor/ (torrc was correctly set to best >> of knowledge in both instances). >> >> I'm using Debian, Tor was installed from apt repositories using >> instructions from torproject.org, with adding line to >> sources.list and keyring, etc. >> >> Need user to have access to hostname file. >> >> Did read something about differences in privileges depending if >> using apt or downloading tarball? >> >> What is solution? > > tor-talk-requ...@lists.torproject.org: >> Re: [tor-talk] Problem with where hidden_services able to be >> placed/permissions. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJVy97FAAoJEIN/pSyBJlsRaggH/j/UWNoRRQ+BVI9W0314H8mL 93QA4fZ/m1g5uBdDD3sWXTkMcPViXe9xGIFgwb3wKLvM9SEIMGk+qqCs4P8fdFfC BTiSWjY7NQB0lAINH3LkPosMeZgwudkq6lXNnTlsdGNJP9E6YteS9Pr8t/rJ2YAr VKqstsNfbROsDRCfdBwcmTUPSYRnAWlNIM8gCvgb9yKdeobpoMac32Uig45GCdKB 1tnSPR1Z3YyWrjeOfsfrGT7n594Pl4BAVegObIXrNA+Ot33VOijgOaAVR2Hm3Fxd vzsaQbRyBGLHI+FL8Sm/aqQVFY9/9JXPjMFURzOAR7q9Y3mY+okCDw60UTPvY0o= =UOoW -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
