[Whonix-devel] python-stem might mess up permissions in /var/lib/tor folder?
adrelanos at riseup.net
Sat Jun 11 15:59:08 CEST 2016
It doesn't chown, but it also does not write into /var/lib/tor at all?
> Hi Patrick. Naturally I don't have information on either your script
> or system setup but nope, Stem doesn't chown anything. The only caveat
> I can think of is that if you run launch_tor_with_config() with a
> really, really old version of tor then stem will write a torrc to disk
> but that's about it.
> Cheers! -Damian
> On Fri, Jun 10, 2016 at 2:05 PM, Patrick Schleizer <adrelanos at riseup.net> wrote:
>> Hello Damian,
>> I would very much appreciate your help. I may have a misunderstanding of
>> how python-stem works or perhaps found a bug. It is race condition
>> happening in Qubes-Whonix related to backups. I might be able to
>> reproduce it in plain Debian, but perhaps you already know what is going
>> on here.
>> Steps to reproduce:
>> sudo su
>> service tor at default stop
>> rm /var/lib/tor/*
>> run a small python-stem based script  as user "user":
>> /usr/lib/anon-shared-helper-scripts/tor_bootstrap_check.py 127.0.0.1 9050 1
>> Unexpected behavior:
>> sudo ls -la /var/lib/tor
>> total 10988
>> drwx--S--- 3 sdwdate kvm 4096 Jun 10 20:28 .
>> drwxr-xr-x 50 root root 4096 Jun 10 20:50 ..
>> -rw------- 1 sdwdate kvm 20442 Jun 5 05:14 cached-certs
>> -rw------- 1 sdwdate kvm 1405911 Jun 10 20:25 cached-microdesc-consensus
>> -rw------- 1 sdwdate kvm 7440585 Jun 6 19:11 cached-microdescs
>> -rw------- 1 sdwdate kvm 2359137 Jun 10 20:25 cached-microdescs.new
>> -rw------- 1 sdwdate kvm 0 Jun 10 18:58 lock
>> -rw------- 1 sdwdate kvm 3535 Jun 10 20:28 state
>> drwxrwsr-x 2 sdwdate kvm 4096 Jun 10 18:31 .tor
>> Why of everything it picks sdwdate:kvm as owner:group is a mystery to
>> me. Folder /var/lib/tor/.tor is entirely undesired. Worse are the messed
>> up folder permissions.
>> python-stem should not result in changes in the file system? It should
>> just connect to Tor using ControlPort / ControlSocket? How can these
>> permission issues be avoided?
>> By answering to this mail, your reply will be shown on the whonix-devel
>> public mailing list for others to profit from it.
More information about the Whonix-devel