Default tor in debian, unable to use

[vidalia]

I am packaging vidalia in a ubuntu and debian. If the user install tor with the distro package /var/lib/tor is owned by debian-tor with permission 700. When vidalia try to run tor it start with the user that run vidalia permissions, so tor can't access to /var/lib/tor and die.

May 01 15:39:18:377 [Warning] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor"

If vidalia start with tor already running she works but:

May 02 17:05:54:568 [Warning] write_configuration_file(): Couldn't rename "/etc/tor/torrc" to "/etc/tor/torrc.orig.1": Permission denied

because /etc/tor is owned by root.

So its impossible to use vidalia in a debian like system with default tor. I thinks that vidalia must start/stop tor trought /etc/init.d/tor script.

[edmanm]

Since 0.0.8, Vidalia should default to starting its own Tor using -f ~/.vidalia/torrc to avoid that problem.

  o When Vidalia starts its own Tor process, it will now default to starting it
    with a "-f ~/.vidalia/torrc", to avoid permissions conflicts when running
    Tor as a user that does not have write access to the default torrc. The
    torrc used when starting Tor is still configurable.

If you change the setting in Settings->Advanced->Tor Configuration File, then Vidalia will start Tor with the specified configuration file. If you leave that field blank, Tor will look in its platform default torrc location (e.g., /etc/tor/torrc).

Also note that simply using /etc/init.d/tor start isn't entirely sufficient, since the Debian Tor package (sensibly) does not enable a control port by default.

[vidalia]

Right, in Debian Tor the user must enable control port in /etc/tor/torrc, done.

As prev say, if I start tor trought vidalia i get the following error:

May 04 19:22:20:329 [Warning] /var/lib/tor is not owned by this user (pippo, 1000) but by debian-tor (116). Perhaps you are running Tor as the wrong user? May 04 19:22:20:330 [Warning] Failed to parse/validate config: Couldn't access/create private data directory "/var/lib/tor" May 04 19:22:20:330 [Error] tor_init(): Reading config failed--see warnings above. For usage, try -h.

because /var/lib/tor is owned by debian-tor with 700. So vidalia is unable to start tor.

[vidalia]

So, without your help, vidalia cant be packaged for debian and ubuntu because it's unable to start. I'am sorry.

[edmanm]

In the meantime, what if the Debian package for Vidalia just included a torrc in ~/.vidalia/torrc that uses a different DataDirectory, like ~/.tor/?

[vidalia]

This is a dirty solution not compliant with debian policy. Because if i do this: 1- there is 2 tor configuration file in each system 2- tor data and log direcorty must be .tor 3- and if tor is already running? it starts at every boot. So i think that vidalia must use /etc/init.d script and the user must be warned that if he would use vidalia must edit /etc/tor/torrc

[vidalia]

Do you plan to fix this bug?

[edmanm]

Yes. (Submitting a patch would help move things along. :)

[vidalia]

I think that for a developer that known the application can be very easy write a patch to call init.d script instead of tor ;)

[edmanm]

You seem to be making the assumption that simply having Vidalia call /etc/init.d/tor start will magically make Vidalia work perfectly on Debian.

The standard Tor package on Debian (wisely) cannot write to its torrc, by default. When the user uses Vidalia to make some changes to their Tor configuration, Tor will be unable to write to its torrc and the user ends up with some warning messages in their logs.

Plus, there is still the problem with Tor not having an open control port. One suggestion recently was to let Tor have an open ControlSocket on Debian by default, such that only users in a particular group can connect to it and talk to Tor. This means Vidalia will be able to talk to Tor by default, but only if the Vidalia user has the appropriate privileges. This also means that Vidalia won't try to run Tor as the current user, which is a good change.

[vidalia]

Replying to edmanm:

Plus, there is still the problem with Tor not having an open control port. One suggestion recently was to let Tor have an open ControlSocket on Debian by default, such that only users in a particular group can connect to it and talk to Tor. This means Vidalia will be able to talk to Tor by default, but only if the Vidalia user has the appropriate privileges. This also means that Vidalia won't try to run Tor as the current user, which is a good change.

Writing that the user must enable control port to use vidalia in README.Debian isn't a problem and is the right(TM) debian way.