Comments (12)
These will be a problem if /etc/tor/torrc.d/* is used and there's a file /etc/tor/torrc.d/one.conf as well as /etc/tor/torrc.d/one.conf~ (kate backup file) or other extensions such as /etc/tor/torrc.d/one.conf.dpkg-old. This would lead to unexpected results.
Ok, I see, but this include line depends on the user or if inserted by the OS such as Whonix.
Ah. Didn't consider yet. So that part would have to be ported / moved to this repository too. Or Whonix would have to do this suggestion using some sort of "plug-in".
This can be added again, anyway, one liner detecting Whonix won't break anything.
from onionwash.
From now on I will refer to anon-verify and torrc-parser as the same script, because I already merged them locally.
The script does not understand %include
with globs ->
Configuration was valid
ERROR: invalid file: '/etc/tor/torrc.d/*.conf'
It also does not parse the folder and files inside it.
The parsing order is correct, but the indication of the file is repeated after the first included file:
see:
===> Start parsing file /usr/share/tor/tor-service-defaults-torrc
===> Done parsing file /usr/share/tor/tor-service-defaults-torrc
===> Start parsing file /etc/tor/torrc
===> Start parsing folder: /etc/tor/torrc.d
===> Start parsing file /etc/tor/torrc.d/control.conf
===> Done parsing file /etc/tor/torrc.d/control.conf
===> Done parsing folder : /etc/tor/torrc.d/control.conf
===> Done parsing file /etc/tor/torrc.d/control.conf
on:
The Tor configuration files are parsed in such order:
===> Start parsing file /usr/share/tor/tor-service-defaults-torrc
DataDirectory /var/lib/tor
PidFile /run/tor/tor.pid
RunAsDaemon 1
User debian-tor
ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck
ControlSocketsGroupWritable 1
SocksPort unix:/run/tor/socks WorldWritable
SocksPort 9050
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /run/tor/control.authcookie
Log notice syslog
===> Done parsing file /usr/share/tor/tor-service-defaults-torrc
===> Start parsing file /etc/tor/torrc
#%include /etc/tor/torrc.d/*.conf
%include /etc/tor/torrc.d
===> Start parsing folder: /etc/tor/torrc.d
===> Start parsing file /etc/tor/torrc.d/control.conf
ControlPort 9071
===> Done parsing file /etc/tor/torrc.d/control.conf
===> Done parsing folder : /etc/tor/torrc.d/control.conf
SocksPort 9050 IsolateDestAddr IsolateDestPort
ControlPort 9051
CookieAuthentication 1
#HashedControlPassword 16:
===> Done parsing file /etc/tor/torrc.d/control.conf
=====================================================================
from onionwash.
extraneous files needed?
Just used .config
to try it out and it recommends a whonix command.
/===================================================================\
| Extraneous Tor Configuration Files |
\===================================================================/
1 files are do not end with file extension '.conf':
/etc/tor/torrc.d/z.config
These should be probably removed. To do so, run:
sudo systemctl restart anon-gw-anonymizer-config.service
Even though I purposefully set %include /etc/tor/torrc.d/*.config
. So it should not have failed.
The problem is that it is not being analyzed.
Edit:
exclued the extraneous verification, because it is not correct and hardcoded.
- incorrect problem: it is not evaluating the glob to be match and dismiss extraneous files, it is using a hardcode.
- hardcoded problem: someone can genuinely use
file.torrc
not.conf
.
It can be added again on a later date if these things are corrected.
Edit:
It would be better to get all files from like it is done here
https://github.com/nyxnor/tor-ctrl/blob/fd6c4888368ca0152a711159ce67727ba3fd0a41/usr/bin/tor-ctrl#L143
as they are processed the order tor will do when it starts
this way, we can mark if folder is being parsed and there is more files in the forder than being parsed by tor, this can be marked as extraneous.
from onionwash.
The script does not understand
%include
with globs ->Configuration was valid ERROR: invalid file: '/etc/tor/torrc.d/*.conf'
Tor cannot do that yet either? -> Parse only .torrc files in torrc.d directory
It also does not parse the folder and files inside it.
The parsing order is correct, but the indication of the file is repeated after the first included file: see:
Sorry, I didn't see what is repeated?
from onionwash.
Tor cannot do that yet either?
tested now
[notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
[notice] Read configuration file "/etc/tor/torrc".
[notice] Processing configuration path "/etc/tor/torrc.d/*.torrc" at recursion level 1.
[notice] Including configuration file "/etc/tor/torrc.d/example.torrc".
Sorry, I didn't see what is repeated?
Local problem, never mind.
from onionwash.
extraneous files needed?
These will be a problem if /etc/tor/torrc.d/*
is used and there's a file /etc/tor/torrc.d/one.conf
as well as /etc/tor/torrc.d/one.conf~
(kate backup file) or other extensions such as /etc/tor/torrc.d/one.conf.dpkg-old
. This would lead to unexpected results. Therefore Parse only .torrc files in torrc.d directory is important. (Though, I'd prefer .conf
instead of .torrc
but never mind.)
sudo systemctl restart anon-gw-anonymizer-config.service
Ah. Didn't consider yet. So that part would have to be ported / moved to this repository too. Or Whonix would have to do this suggestion using some sort of "plug-in".
hardcoded problem: someone can genuinely use file.torrc not .conf.
I don't think this kind of flexibility is useful for any user. One file extension should be recommended. That's how most applications with .d
folders are implemented.
from onionwash.
Whonix is not using *.conf
?
- https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/torrc.d/95_whonix.conf
- https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/tor/torrc.anondist
Because using %include /etc/tor/torrc.d/*.conf
on the torrc and then running anon-verify (upstream) does not read the files inside the folder:
[notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
[notice] Read configuration file "/etc/tor/torrc".
[notice] Processing configuration path "/etc/tor/torrc.d/*.conf" at recursion level 1.
[notice] Including configuration file "/etc/tor/torrc.d/control.conf".
Configuration was valid
ERROR: invalid file: '/etc/tor/torrc.d/*.conf'
/===================================================================\
| Used Tor Configuration Files |
\===================================================================/
2 files are used as Tor configuration files:
/usr/share/tor/tor-service-defaults-torrc /etc/tor/torrc
...
===> Start parsing file /etc/tor/torrc
%include /etc/tor/torrc.d/*.conf
Fixed now
Adrelanos, extraneous files were added but different.
It evaluates the %include
- if it is
%include /etc/tor/torrc.d/
, then all files from that directory will be used torrc - if it is
%include /etc/tor/torrc.d/*.conf
, then all files mathing the expression will be considered, and every other file inside that directory that did not match before will be considered extraneous.
This is better for portability and I think Whonix should use *.conf
in the default config to be more precise.
from onionwash.
Removing this
## TODO: $anon_verify_report_html is used by systemcheck
## we need to find a way to merge it with $anon_verify_report
tor_verify_config_output_html="$(/usr/libexec/msgcollector/br_add "${tor_verify_config_output}")"
# shellcheck disable=SC2034,2154
anon_verify_report_html="<p>Tor Config Check Result:
<br></br><b>Your Tor config files contain at least one error.</b></p>
...
...
and the rest of html
Because it appears it was never used by systemcheck: https://github.com/Whonix/systemcheck/search?q=anon-verify
from onionwash.
keeping this issue open for some time and if no error is found, will close it.
from onionwash.
tor_verify_config_output_html
Confirmed.
from onionwash.
Only "problem" I found is related to cosmetics. If the the include has an extesion or wildcard, it will parse through it correctly, but wont show the line Start parsing folder
, because the wildcard is expanded on the for loop and it pass directly as the file names.
This does not affect the result, it is just the appearance.
from onionwash.
No problems found. Only one noticeable difference that the parsing takes 1 second more, which I don't know what is causing this.
from onionwash.
Related Issues (9)
- Warning about `zstd` HOT 1
- dependency HOT 2
- GUI HOT 1
- verifying one config or all HOT 3
- imrove vitor with sudoedit rules HOT 3
- outreach HOT 11
- hardening vitor HOT 2
- start menu entries HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from onionwash.