[Tor-BSD] FreeBSD permissions issues

Vinícius Zavam egypcio at googlemail.com
Wed Nov 18 10:34:26 EST 2015

2015-11-18 12:04 GMT-03:00, George Rosamond <george at ceetonetechnology.com>:
> Vinícius Zavam:
>> 2015-11-18 7:18 GMT-03:00, Fabian Keil <freebsd-listen at fabiankeil.de>:
>>> "N.J. Thomas" <njt at ayvali.org> wrote:
>>>> * Pete Wright <pete at nomadlogic.org> [2015-11-17 14:23:13-0800]:
>>>>>> Has anyone else noticed the same? Am I doing something wrong with my
>>>>>> install, or does this need to be fixed?
>> I think that https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203014
>> updates that. No?
> ... too much snipping...
> Without going through the diffs, I think the log issue is critical.
>>>>> on my end this info is already included in the pkg-message.in file
>>>>> which
>>>>> should get printed to stdout when installing the pkg.
>> Some of the details and small typos related to "files/pkg-message.in"
>> and "files/tor.in" were patched, for both versions available at the
>> FreeBSD Ports Collection on that bug report.
>>>> Ugh, serves me right for ignoring this during installation.
>>>> I guess my next question is, if is this something that can be automated?
>>> Yes. The port's ElectroBSD version does it in the rc script like this
>>> (patch
>>> 4):
>>> https://www.fabiankeil.de/sourcecode/electrobsd/tor-devel-
>> The line/information about randomizing IP ID was removed by this
>> patch. Why? This can be worst than "pre-setting" directories, I think.
> Yeah, so I submitted that originally... it was unclear if it *really*
> mattered to be honest, but I still find it perplexing that FreeBSD
> doesn't enable random IP IDs by default.  I know it has some relevance
> to NFS/UDP, but every other OS figured it out.
>>>> Is there any particular reason this is a manual step?
>>> That's a question you should probably ask the maintainer.
>> Well, I am not the maintainer, but... "pkg-message.in" provides the
>> user a warning and gives it some settings/commands to follow within
>> certain conditions. If the user can't (do not want to) read that...
>> I'm (not) sorry.
>>> The PR history of the tor ports suggests that you may have to
>>> wait a while for a response, though.
>>> Fabian
>> IMHO, there's no need to automate every single piece of code or
>> configuration to give the users/admins even less responsibilities to
>> setup a relay or use tor. // Yes; less responsibilities. That's my
>> point of view.
>> PS: Keeping up backups for your relay(s) key(s) is a MUST. Do you
>> think the port should do that for you too?
> To me the keys issue matters, but I think correction configuration and
> working out of the box (therefore creating a correctly permissioned log
> file) matters even more.

If I am not wrong, the last patches, pointed at the FreeBSD's
Bugzilla, are doing that. You can start the daemon and it will be
logging to file /var/log/tor.

> if it doesn't work on startup without the installing user setting up the
> log file, it's broken IMHO.

Works out of the box.

But... if someone follows the TDP's how-to to setup a FreeBSD relay,
the defaults on https://torbsd.github.io/torrc.txt will point
/var/log/tor.log as log file (we will be writing the same info into
two different files). Again, here the user should interact with the
relay's config file.

Vinícius Zavam

More information about the Tor-BSD mailing list