cwtch.im
/
cwtch
16
20
Fork 16
Code Issues 10 Pull Requests 2 Releases 163 Wiki Activity

Unix group membership / permissions on control cookie can cause a panic #87

New Issue
Closed
opened 2018-07-03 14:58:29 +00:00 by GBHC · 1 comment
GBHC commented 2018-07-03 14:58:29 +00:00
Contributor
Copy Link

OS: Fedora

torrc
ControlPort 9051
ControlSocket /run/tor/control
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFile /run/tor/control.authcookie
CookieAuthFileGroupReadable 1

Unix User groups;
docker, USERNAME

ls -l /run/
drwxr-x---. 2 toranon toranon 100 Jul 3 15:08 tor

Panic
cwtch [test]> new-profile test /tmp/test.profile
** WARNING: PASSWORDS CANNOT BE RECOVERED! **
Enter a password to encrypt the profile:
Re-enter password:
New profile created for test
panic: failed to read COOKIEFILE: open /run/tor/control.authcookie: permission denied

goroutine 15 [running]:
log.Panic(0xc420223fb8, 0x1, 0x1)
	/usr/lib/golang/src/log/log.go:322 +0xc0
cwtch.im/cwtch/app.(*Application).NewProfile.func1(0x9c29a0)
/home/REDACT/sourcecode/GoWorkDir/src/cwtch.im/cwtch    /app/app.go:29 +0x8b
created by cwtch.im/cwtch/app.(*Application).NewProfile
/home/REDACT/sourcecode/GoWorkDir/src/cwtch.im/cwtch/app/app.go:31 +0x123
exit status 2

User resolution:

Afer sudo usermod -G toranon all works as expected

**OS:** Fedora **torrc** ControlPort 9051 ControlSocket /run/tor/control ControlSocketsGroupWritable 1 CookieAuthentication 1 CookieAuthFile /run/tor/control.authcookie CookieAuthFileGroupReadable 1 **Unix User groups;** docker, USERNAME **ls -l /run/** drwxr-x---. 2 toranon toranon 100 Jul 3 15:08 tor **Panic** cwtch [test]> new-profile test /tmp/test.profile ** WARNING: PASSWORDS CANNOT BE RECOVERED! ** Enter a password to encrypt the profile: Re-enter password: New profile created for test panic: failed to read COOKIEFILE: open /run/tor/control.authcookie: permission denied goroutine 15 [running]: log.Panic(0xc420223fb8, 0x1, 0x1) /usr/lib/golang/src/log/log.go:322 +0xc0 cwtch.im/cwtch/app.(*Application).NewProfile.func1(0x9c29a0) /home/REDACT/sourcecode/GoWorkDir/src/cwtch.im/cwtch /app/app.go:29 +0x8b created by cwtch.im/cwtch/app.(*Application).NewProfile /home/REDACT/sourcecode/GoWorkDir/src/cwtch.im/cwtch/app/app.go:31 +0x123 exit status 2 **User resolution:** Afer `sudo usermod -G toranon` all works as expected
dan commented 2018-11-21 22:42:58 +00:00
Owner
Copy Link

we don't quite have proscribed run instructions for all users.
I think the new bine/tormanager patch cleans this up a little tho
also containers for the server

we don't quite have proscribed run instructions for all users. I think the new bine/tormanager patch cleans this up a little tho also containers for the server
dan closed this issue 2018-11-21 22:42:58 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
ep
offline-messages
acl-v2
overlays
android_file_download_fix
hybridgroups
enhanced-permissions
settings
post-stable-fixes
fixups
stable-blockers
search
crForceDisconn
server-update
conversation_search
fixCR
deletecontactfix
startupbugs
font-setting
events
handleStatus
fuzzbot
code-fixes
fixpanic
autodownload
esi
eventhooks
autobindings
contactRetryDisconn
priority
createProfileAttr
serverAccept
connectionLogic
fixdeletep2
cached_tokens
indents_and_tools
go_update
protocl_engine_shutdown_fix
timeout_fixes_tokens
fixShutdown
networkAfterOnline
surface-tokens
updateDrone
thread_works
file_sharing_fixes
cbump
emitVer
cleanAndNoDupImport
filesharing-persist
mgroups
tapir-gc
winExport
perf
plugins
healthTime
parseScope
send
sendRetId
nc
import_export
state
profile_images
fastercwtch
tapir0.5
sender_side_previews
hash
1.7conn
1.6_conn
fixAcceptBlock
storage_engine_refactor
publicname
v0.27.0
v0.26.3
v0.26.2
v0.26.1
v0.26.0
v0.25.1
v0.25.0
v0.24.5
v0.24.4
v0.24.3
v0.24.2
v0.24.1
v0.24.0
v0.23.1
v0.23.0
v0.22.2
v0.22.1
v0.22.0
v0.21.0
v0.20.8
v0.20.7
v0.20.6
v0.20.5
v0.20.4
v0.20.3
v0.20.2
v0.20.1
v0.20.0
v0.19.7
v0.19.6
v0.19.5
v0.19.4
v0.19.3
v0.19.2
v0.19.1
v0.19.0
v0.18.10
v0.18.9
v0.18.8
v0.18.7
v0.18.6
v0.18.5
v0.18.4
v0.18.3
v0.18.2
v0.18.1
v0.18.0
v0.17.3
v0.17.2
v0.17.1
v0.17.0
v0.16.8
v0.16.7
v0.16.6
v0.16.5
v0.16.4
v0.16.3
v0.16.2
v0.16.1
v0.16.0
v0.15.2
v0.15.1
v0.15.0
v0.14.19
v0.14.18
v0.14.17
v0.14.16
v0.14.15
v0.14.14
v0.14.13
v0.14.12
v0.14.11
v0.14.10
v0.14.9
v0.14.8
v0.14.7
v0.14.6
v0.14.5
v0.14.4
v0.14.3
v0.14.2
v0.14.1
v0.14.0
v0.13.3
v0.13.2
v0.13.1
v0.13.0
v0.12.2
v0.12.1
v0.12.0
v0.11.2
v0.11.1
v0.11.0
v0.10.0
v0.9.2
v0.9.1
v0.9.0
v0.8.12
v0.8.11
v0.8.10
v0.8.9
v0.8.8
v0.8.7
v0.8.6
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.0
v0.7.6
v0.7.5
v0.7.4
v0.7.3
v0.7.2
v0.7.1
v0.7.0
v0.6.10
v0.6.9
v0.6.8
v0.6.7
v0.6.6
v0.6.5
v0.6.4
v0.6.3
v0.6.2
v0.6.1
v0.6.0
v0.5.1
v0.5.0
v0.4.11
v0.4.10
v0.4.9
v0.4.8
v0.4.7
v0.4.6
v0.4.5
v0.4.4
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.16
v0.3.15
v0.3.14
v0.3.13
v0.3.12
v0.3.11
v0.3.10
v0.3.9
v0.3.8
v0.3.7
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.1-pr-1
v0.2.1-pr
v0.2.0
v0.2
Labels
Clear labels   
applications

   
BLOCKED

   
bug

   
design

   
duplicate

   
enhancement

   
fixed?

   
funding-needed

   
help wanted

   
infrastructure

   
invalid

   
payments

   
qubes

   
question

   
ready-for-implementation

   
refactor

   
spam

   
tapir-server

   
testing

   
tor

   
wontfix
No Label
applications
BLOCKED
bug
design
duplicate
enhancement
fixed?
funding-needed
help wanted
infrastructure
invalid
payments
qubes
question
ready-for-implementation
refactor
spam
tapir-server
testing
tor
wontfix
Milestone
Clear milestone
No items
No Milestone
Halloween
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch#87
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?