From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 07:15:53 2021 Received: (at submit) by debbugs.gnu.org; 15 Mar 2021 11:15:53 +0000 Received: from localhost ([127.0.0.1]:34958 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLlCT-0001Da-1O for submit@debbugs.gnu.org; Mon, 15 Mar 2021 07:15:53 -0400 Received: from lists.gnu.org ([209.51.188.17]:36822) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLlCQ-0001DR-W6 for submit@debbugs.gnu.org; Mon, 15 Mar 2021 07:15:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34350) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLlCQ-00046s-OX for guix-patches@gnu.org; Mon, 15 Mar 2021 07:15:50 -0400 Received: from mail-40138.protonmail.ch ([185.70.40.138]:26729) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLlCO-0004r6-In for guix-patches@gnu.org; Mon, 15 Mar 2021 07:15:50 -0400 Date: Mon, 15 Mar 2021 11:15:36 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1615806944; bh=O7QFE32VxVWAhPys/8DlwmSwWUZ7QJD1DdoFdoAJ/vU=; h=Date:To:From:Reply-To:Subject:From; b=oa+UWsBaBrn4zGjmRJ63o1z7EK47llWugOl8YB2r1x1cByz/xolXJwKuEeAe5jwgt Wp2OGuAlgqxZoPbZjAdFeme6cAouBYmo9n/XttLFZw3CeBYLdlWBsXmtUtp52JRok3 P9c7tEPbWmv5ZynjVyWy0yngGNOM/A8CI38myqBA= To: Guix Patches From: raid5atemyhomework Subject: [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch Received-SPF: pass client-ip=185.70.40.138; envelope-from=raid5atemyhomework@protonmail.com; helo=mail-40138.protonmail.ch X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.1 (/) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: raid5atemyhomework Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) Currently, if you set DataDirectoryGroupReadable 1 in your torrc, it will b= e respected only if tor is started up. If you reconfigure your OS without = restarting the tor service, the directory permissions are reset due to the = activation code being re-run and resetting the directory permissions. This change simply does not chmod if the directory already exists. Thanks raid5atemyhomework >From d6037c59e642eaafebe43996e7419e1b58fee616 Mon Sep 17 00:00:00 2001 From: raid5atemyhomework Date: Mon, 15 Mar 2021 19:10:01 +0800 Subject: [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. * gnu/services/networking.scm (tor-activation): Do not change permissions of tor data directory if it already exists. --- gnu/services/networking.scm | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 231a9f66c7..65d2d39f0b 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -881,10 +881,16 @@ HiddenServicePort ~a ~a~%" ;; of the "tor" group will be able to use the SOCKS socket. (chmod "/var/run/tor" #o750) - ;; Allow Tor to access the hidden services' directories. - (mkdir-p "/var/lib/tor") + ;; If the directory already exists, do not chmod it again; the user + ;; might have set "DataDirectoryGroupReadable 1" in the torrc. + ;; Without this check, a `guix system reconfigure` will cause the + ;; directory to lose group permissions until Tor is restarted, even + ;; if changes to the operating-system were unrelated to Tor. + (unless (file-exists? "/var/lib/tor") + (mkdir-p "/var/lib/tor") + ;; Allow only Tor and root to access the hidden services' director= ies. + (chmod "/var/lib/tor" #o700)) (chown "/var/lib/tor" (passwd:uid %user) (passwd:gid %user)) - (chmod "/var/lib/tor" #o700) ;; Make sure /var/lib is accessible to the 'tor' user. (chmod "/var/lib" #o755) -- 2.30.2 From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 12:35:46 2021 Received: (at 47155) by debbugs.gnu.org; 15 Mar 2021 16:35:46 +0000 Received: from localhost ([127.0.0.1]:36599 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLqC2-0008Lt-6e for submit@debbugs.gnu.org; Mon, 15 Mar 2021 12:35:46 -0400 Received: from xavier.telenet-ops.be ([195.130.132.52]:59846) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLqBz-0008Lj-RO for 47155@debbugs.gnu.org; Mon, 15 Mar 2021 12:35:45 -0400 Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d]) by xavier.telenet-ops.be with bizsmtp id ggbh2400J0mfAB401gbhR3; Mon, 15 Mar 2021 17:35:42 +0100 Message-ID: Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. From: Maxime Devos To: raid5atemyhomework , 47155@debbugs.gnu.org Date: Mon, 15 Mar 2021 17:35:19 +0100 In-Reply-To: References: Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-qdz/pac2YKpJviTbCaIA" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1615826142; bh=Haxsom1m3PwotUKl85Y6FTnM/8ZYqLkXEbpWqeNsxGs=; h=Subject:From:To:Date:In-Reply-To:References; b=ItGAi12VonYuqCoSAM6JfX6VFRYzmLcxZXN8IZrCJEH1yKckbfpPaRyuxHwqegdRv NYUNrqTBsJxr199fzL1eB8mXzT4Z+cuUjkB3asy0jw7kU6OW/b1l+MvaS4GE2dy7tN nWguiWQNq4WPjAr/17dH1XmKXdm4Ah5PsJi52gNdA0ekVGdbR/Ee3VV7Orpz87KK8x /JkDYUgziW9barXXm6WwHeg2uy2a625CN027FrUATt5RNb4FhGntVb5f7vzwftyXng kdX8UVRyJhIFZ+KoL7Md1JWlV9ksL7YWlYbEeBFG0cS75nS7LiwYJOQN3j7TkvzdTp 7wvzhCDaHVL9w== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47155 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-qdz/pac2YKpJviTbCaIA Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, 2021-03-15 at 11:15 +0000, raid5atemyhomework via Guix-patches via = wrote: > Currently, if you set DataDirectoryGroupReadable 1 in your torrc, What are the reasons for setting DataDirectoryGroupReadable 1? > it will be respected only if tor is started up. IIUC, tor will adjust the permissions of the directory to make it group readable (while Guix' activation code creates the directory group-unreadable). > If you reconfigure your OS without restarting the tor service, > the directory permissions are reset due to the activation code being > re-run and resetting the directory permissions. >=20 > This change simply does not chmod if the directory already exists. I believe it would be more transparent to introduce a (data-directory-group-readable? #t/#f), with #f as default, to tor-configuration (adjusting tor-configuration->torrc) and change the permission bits passed to chmod appropriately. (Documentation & reproducible system configuration & one integrated system (in the software sense) and all that) Greetings, Maxime. --=-qdz/pac2YKpJviTbCaIA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iI0EABYIADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYE+MxxccbWF4aW1lZGV2 b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7i8rAQDnfcVXyhtefxIJYr7MI1J1yPUo Km9Q7+oxivLBt6LEQAEA8zrxUKFQhXNAfyCVu6esCCUGjes2fRUREDSaDnpbAQw= =67Ed -----END PGP SIGNATURE----- --=-qdz/pac2YKpJviTbCaIA-- From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 19:42:59 2021 Received: (at 47155) by debbugs.gnu.org; 15 Mar 2021 23:42:59 +0000 Received: from localhost ([127.0.0.1]:37543 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLwrS-00057n-TF for submit@debbugs.gnu.org; Mon, 15 Mar 2021 19:42:59 -0400 Received: from mail4.protonmail.ch ([185.70.40.27]:39894) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLwrQ-00057a-F8 for 47155@debbugs.gnu.org; Mon, 15 Mar 2021 19:42:57 -0400 Date: Mon, 15 Mar 2021 23:42:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1615851769; bh=QQTuc+sWycI3X+QPwHC20+MTCTqyjZ11Nk6bFvf5qVQ=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=b+ue8yYjTMa285KilqX20ILeRSVcEzdDJ0JvAw10/HH0DO85ha6/Ltpct7AVq2olW svNQ+zjwI4ND7zk6ydYyEGd6r4OiYubBU1PWASg+Jkl0KHrqm9JGNxh0nMtH2z29Ri VhIY1d/ix+glxsYHKdbSoE+zGyXoSfy3i1xlZOEQ= To: Maxime Devos From: raid5atemyhomework Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: raid5atemyhomework Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) > On Mon, 2021-03-15 at 11:15 +0000, raid5atemyhomework via Guix-patches vi= a wrote: > > > Currently, if you set DataDirectoryGroupReadable 1 in your torrc, > > What are the reasons for setting DataDirectoryGroupReadable 1? > When using cookie-based authentication, the cookie file is traditionally pl= aced in the data directory. If the directory is not accessible from group,= then only the `tor` user can access the cookie and control `tor`. With th= is option, the cookie can be accessed by members of the `tor` group. > > it will be respected only if tor is started up. > > IIUC, tor will adjust the permissions of the directory to make it > group readable (while Guix' activation code creates the directory > group-unreadable). Correct. However, when doing a `guix system reconfigure`, the activation c= ode will be called again, which changes the directory back to group unreada= ble, without restarting tor. `tor` itself will only set the permissions wh= en it starts up, and will ignore the permissions while running. > > > If you reconfigure your OS without restarting the tor service, > > the directory permissions are reset due to the activation code being > > re-run and resetting the directory permissions. > > This change simply does not chmod if the directory already exists. > > I believe it would be more transparent to introduce a > (data-directory-group-readable? #t/#f), with #f as default, > to tor-configuration (adjusting tor-configuration->torrc) > and change the permission bits passed to chmod appropriately. > > (Documentation & reproducible system configuration & one integrated > system (in the software sense) and all that) Possibly. Thanks raid5atemyhomework From debbugs-submit-bounces@debbugs.gnu.org Sat Mar 27 02:38:30 2021 Received: (at 47155) by debbugs.gnu.org; 27 Mar 2021 06:38:30 +0000 Received: from localhost ([127.0.0.1]:43212 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ2ac-0002OE-DF for submit@debbugs.gnu.org; Sat, 27 Mar 2021 02:38:30 -0400 Received: from mail-40137.protonmail.ch ([185.70.40.137]:45072) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ2aF-0002NL-Ba for 47155@debbugs.gnu.org; Sat, 27 Mar 2021 02:38:29 -0400 Date: Sat, 27 Mar 2021 06:37:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1616827079; bh=QCqxXg930Tup3KSq7nOtIa+NCR6M/jYrXrlrnMpLDbw=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=vNxMx90F2NItkYtJ0EVTZxOXpP/T1Hg4N66omELIhHmnZSXIfVQ6E8TdzxeCJx1br cP0LZV37cWxwPDAv/S5eqYFuXl3ci8K56lgL8MZYzo4Q79q1EaWG6a4SB15WeBti26 wcPAK4XOf4w8tGiLzGN9uSyv/Dce3z3I7n8g+RCA= To: Maxime Devos From: raid5atemyhomework Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: raid5atemyhomework Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > > If you reconfigure your OS without restarting the tor service, > > the directory permissions are reset due to the activation code being > > re-run and resetting the directory permissions. > > This change simply does not chmod if the directory already exists. > > I believe it would be more transparent to introduce a > (data-directory-group-readable? #t/#f), with #f as default, > to tor-configuration (adjusting tor-configuration->torrc) > and change the permission bits passed to chmod appropriately. > > (Documentation & reproducible system configuration & one integrated > system (in the software sense) and all that) But really though, the primary reason for this is to use the "cookie" authe= ntication scheme with a control port on 9051. This is supported by most da= emons, as the "control unix socket" (that is currently supported by `contro= l-socket?` option) seems to be relatively new (Tor 0.2.7.1). This requires adding: ControlPort 9051 CookieAuthentication 1 CookieAuthFileGroupReadable 1 DataDirectoryGroupReadable 1 In https://issues.guix.gnu.org/46549 which implements `control-socket?` the= author expressed doubt as to the safety of this mechanism. Looking at the= Tor manpage regarding `ControlPort`: ``` Note: unless you also specify one or more of HashedControlPassword or Cooki= eAuthentication, setting this option will cause Tor to allow any process on= the local host to control it. (Setting both authentication methods means either metho= d is sufficient to authenticate to Tor.) This option is required for many T= or controllers; most use the value of 9051. ``` Basically, this is safe as long as you use *either* `HashedControlPassword`= *or* `CookieAuthentication` *or* both; in the case of `CookieAuthenticatio= n` only users with read access to the cookie file can access it. Nearly ev= ery daemon that needs control access over Tor (usually to set up their own = hidden service using their own privkey) expects `CookieAuthentication` and = reads from `/var/lib/tor/control_auth-_cookie`, which requires that `/var/l= ib/tor` be readable (else it can't look up the filename). It becomes just = as safe as the control-unix-socket option, as that is similarly gated by fi= le permissions. Note in particular that Bitcoin Core supports `ControlPort` and not `Contro= lSocket`, so this is needed for Bitcoin Core support. From what I can see = more daemons support `ControlPort` than `ControlSocket`. Thanks raid5atemyhomework >From d9bea7635594654e1e631e4db55422c511f0220a Mon Sep 17 00:00:00 2001 From: raid5atemyhomework Date: Sat, 27 Mar 2021 14:29:31 +0800 Subject: [PATCH] gnu: Add 'control-port?' setting to Tor. * gnu/services/networking.scm (tor-configuration): Add `control-port?` fiel= d. (tor-configuration->torrc): Support `control-port?` field. (tor-activation): Allow group access to data directory if `control-port?`. * doc/guix.texi (Networking Services)[Tor]: Describe new `control-port?` fi= eld. --- doc/guix.texi | 13 +++++++++++++ gnu/services/networking.scm | 24 +++++++++++++++++++++--- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index c23d044ff5..a9c8f930be 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -87,6 +87,7 @@ Copyright @copyright{} 2020 Daniel Brooks@* Copyright @copyright{} 2020 John Soo@* Copyright @copyright{} 2020 Jonathan Brielmaier@* Copyright @copyright{} 2020 Edgar Vincent@* +Copyright @copyright{} 2021 raid5atemyhomework@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -16676,6 +16677,18 @@ If @code{#t}, Tor will listen for control commands= on the UNIX domain socket @file{/var/run/tor/control-sock}, which will be made writable by members o= f the @code{tor} group. +@item @code{control-port?} (default: @code{#f}) +Whether or not to provide a ``control port'' by which Tor can be controlle= d +to, for instance, dynamically instantiate tor onion services. This is mor= e +commonly supported by Tor controllers than using a UNIX domain socket as +above. If @code{#t}, Tor will listen for authenticated control commands o= ver +the control port 9051. In order to authenticate to this port, Tor control= lers +need to read the cookie file at @file{/var/lib/tor/control_auth_cookie}, w= hich +will be made readable by members of the @code{tor} group. + +This can be set to a number instead, which will make Tor listen for contro= l +commands over the specified port number rather than the default 9051. + @end table @end deftp diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 231a9f66c7..a4fbeaadfe 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -747,7 +747,9 @@ demand."))) (socks-socket-type tor-configuration-socks-socket-type ; 'tcp or 'unix (default 'tcp)) (control-socket? tor-control-socket-path - (default #f))) + (default #f)) + (control-port? tor-control-port? + (default #f))) ; #f | #t | number (define %tor-accounts ;; User account and groups for Tor. @@ -770,7 +772,8 @@ demand."))) "Return a 'torrc' file for CONFIG." (match config (($ tor config-file services - socks-socket-type control-socket?) + socks-socket-type control-socket? + control-port?) (computed-file "torrc" (with-imported-modules '((guix build utils)) @@ -795,6 +798,16 @@ UnixSocksGroupWritable 1\n" port)) ControlSocket unix:/var/run/tor/control-sock GroupWritable RelaxDirModeChe= ck ControlSocketsGroupWritable 1\n" port)) + (when #$control-port? + (format port + "\ +ControlPort ~a +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +DataDirectoryGroupReadable 1\n" + #$(if (eq? control-port? #t) + 9051 + control-port?))) (for-each (match-lambda ((service (ports hosts) ...) @@ -884,7 +897,12 @@ HiddenServicePort ~a ~a~%" ;; Allow Tor to access the hidden services' directories. (mkdir-p "/var/lib/tor") (chown "/var/lib/tor" (passwd:uid %user) (passwd:gid %user)) - (chmod "/var/lib/tor" #o700) + ;; Allow Tor controllers to access the cookie file if control-port? + ;; By default this is where Tor puts the cookie file, and most Tor + ;; controllers expect this file location (and not on `/var/run/tor`)= . + (chmod "/var/lib/tor" #$(if (tor-control-port? config) + #o750 + #o700)) ;; Make sure /var/lib is accessible to the 'tor' user. (chmod "/var/lib" #o755) -- 2.31.0 From debbugs-submit-bounces@debbugs.gnu.org Sat Mar 27 05:46:15 2021 Received: (at 47155) by debbugs.gnu.org; 27 Mar 2021 09:46:15 +0000 Received: from localhost ([127.0.0.1]:43430 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ5WI-0000sR-OF for submit@debbugs.gnu.org; Sat, 27 Mar 2021 05:46:15 -0400 Received: from michel.telenet-ops.be ([195.130.137.88]:33278) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ5WF-0000sF-Uq for 47155@debbugs.gnu.org; Sat, 27 Mar 2021 05:46:13 -0400 Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d]) by michel.telenet-ops.be with bizsmtp id lMm92400M0mfAB406MmAM9; Sat, 27 Mar 2021 10:46:10 +0100 Message-ID: <2385f734152be7ed5351bc07dcc7d77e5f22efd0.camel@telenet.be> Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. From: Maxime Devos To: raid5atemyhomework Date: Sat, 27 Mar 2021 10:45:43 +0100 In-Reply-To: References: Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-lCWnRI3LDRRvbPsKTXdj" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1616838370; bh=tFQ9regymkfZTtvyZjDVTA2f9CzSrjLAk5IEN0Qc1ws=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=jpmRkSFzOi+crZ99TjiasCgcVsTOgBJsd0GhxBf4ilEQCDu918UB4FtOzgAC8wM8V DHckjKHWyOehO3t4q8ydmyZ+sufGcw2nqguqr7ROTZXIL+egE6GqaN1PCJS+m+NV2m jsCaO/aGwumCWTMFdBBIcKAOg65qSiOeJQwVJLmnylJzOEQi8XGyHPzEW0b/WdBLrM lm81bZKDjJrcTsTXUgGHMKfRF+34Tgn09JJLHn7YmjlTwfwXYxhSUOlp5PyvMNXne6 QHS3yO+XSufHMgTuFBWcDVkpmDo7JYhygA0GuDLXEU5EtUxnotwL742juMNr1/ax7f 6H8FILu7Zz20w== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-lCWnRI3LDRRvbPsKTXdj Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, 2021-03-27 at 06:37 +0000, raid5atemyhomework wrote: > > > If you reconfigure your OS without restarting the tor service, > > > the directory permissions are reset due to the activation code being > > > re-run and resetting the directory permissions. > > > This change simply does not chmod if the directory already exists. > >=20 > > I believe it would be more transparent to introduce a > > (data-directory-group-readable? #t/#f), with #f as default, > > to tor-configuration (adjusting tor-configuration->torrc) > > and change the permission bits passed to chmod appropriately. > >=20 > > (Documentation & reproducible system configuration & one integrated > > system (in the software sense) and all that) >=20 > But really though, the primary reason for this is to use the "cookie" > authentication scheme with a control port on 9051. This is supported > by most daemons, as the "control unix socket" (that is currently supporte= d > by `control-socket?` option) seems to be relatively new (Tor 0.2.7.1). >=20 > This requires adding: >=20 > ControlPort 9051 > CookieAuthentication 1 > CookieAuthFileGroupReadable 1 > DataDirectoryGroupReadable 1 >=20 > In https://issues.guix.gnu.org/46549 which implements `control-socket?` t= he > author expressed doubt as to the safety of this mechanism. Looking at th= e Tor > manpage regarding `ControlPort`: >=20 > ``` > Note: unless you also specify one or more of HashedControlPassword or Coo= kieAuthentication, > setting this option will cause Tor to allow any process on the local > host to control it. (Setting both authentication methods means either met= hod is sufficient > to authenticate to Tor.) This option is required for many Tor controllers= ; most use > the value of 9051. > ``` >=20 > Basically, this is safe as long as you use *either* `HashedControlPasswor= d` *or* > `CookieAuthentication` *or* both; in the case of `CookieAuthentication` o= nly users > with read access to the cookie file can access it. Nearly every daemon t= hat needs > control access over Tor (usually to set up their own hidden service using= their own > privkey) expects `CookieAuthentication` and reads from `/var/lib/tor/cont= rol_auth-_cookie`, > which requires that `/var/lib/tor` be readable (else it can't look up the= filename). It > becomes just as safe as the control-unix-socket option, as that is simila= rly gated by > file permissions. I believe this addresses the security concerns Christopher Lemmer Webber ha= d. > Note in particular that Bitcoin Core supports `ControlPort` and not `Cont= rolSocket`, so > this is needed for Bitcoin Core support. From what I can see more daemon= s support > `ControlPort` than `ControlSocket`. Ok, but take a look at . Maybe its out of date though: This patch looks good to me, except for some minor aesthetic issues in the = commit message. I ran "make system-check TESTS=3Dtor" with this patch, which succeeded. > Thanks > raid5atemyhomework >=20 >=20 > From d9bea7635594654e1e631e4db55422c511f0220a Mon Sep 17 00:00:00 2001 > From: raid5atemyhomework > Date: Sat, 27 Mar 2021 14:29:31 +0800 > Subject: [PATCH] gnu: Add 'control-port?' setting to Tor. >=20 > * gnu/services/networking.scm (tor-configuration): Add `control-port?` fi= eld. > (tor-configuration->torrc): Support `control-port?` field. > (tor-activation): Allow group access to data directory if `control-port?`= . > * doc/guix.texi (Networking Services)[Tor]: Describe new `control-port?` = field. Usually we `quote', 'quote', "quote" or =E2=80=98quote=E2=80=99, but never = `quote`. I recommend 'quote', as in commit 43937666ba6975b6c847be8e67cecd781ce27049 Author: Ludovic Court=C3=A8s Date: Fri Mar 19 14:23:57 2021 +0100 download: 'tls-wrap' treats premature TLS termination as EOF. =20 This is a backport of Guile commit 076276c4f580368b4106316a77752d69c8f1494a. =20 * guix/build/download.scm (tls-wrap)[read!]: Wrap 'get-bytevector-n!' call in 'catch' and handle 'error/premature-termination' GnuTLS errors. Greetings, Maxime. --=-lCWnRI3LDRRvbPsKTXdj Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iI0EABYIADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYF7+xxccbWF4aW1lZGV2 b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7g1VAQCiugoKSfkGK54AZqLsxSO6zEgB ECwVm8uW2dPTJWUUiwEApymmyQFu52SHhXKK9zWYa7YBaXw180cwfrfg/2pb3go= =hCEt -----END PGP SIGNATURE----- --=-lCWnRI3LDRRvbPsKTXdj-- From debbugs-submit-bounces@debbugs.gnu.org Sat Mar 27 07:06:57 2021 Received: (at 47155) by debbugs.gnu.org; 27 Mar 2021 11:06:58 +0000 Received: from localhost ([127.0.0.1]:43487 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ6mP-0005Cb-FE for submit@debbugs.gnu.org; Sat, 27 Mar 2021 07:06:57 -0400 Received: from mail4.protonmail.ch ([185.70.40.27]:62407) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ6mM-0005CM-V8 for 47155@debbugs.gnu.org; Sat, 27 Mar 2021 07:06:56 -0400 Date: Sat, 27 Mar 2021 11:06:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1616843207; bh=yxSF17ouXL6N71U9mxCLv6AgIKb0xeD9f4U8jyPxrVw=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=e9oZoxjYDLHTZPaPo/KkSxsAbjDd0c67M1tQZQC+ERXLQ1qMn6e7Ayw5gTOG11Uh+ +FajCHgzoI7eZIseHCJQyPAGA593m7dUxgrPDkWnm86305pJM812meHc+frElFqw3M ZIZ2pMIMpRJtJv+jC5afKTR/sWDc/nn+uLBvyqbQ= To: Maxime Devos From: raid5atemyhomework Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: In-Reply-To: <2385f734152be7ed5351bc07dcc7d77e5f22efd0.camel@telenet.be> References: <2385f734152be7ed5351bc07dcc7d77e5f22efd0.camel@telenet.be> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: raid5atemyhomework Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Hello Maxime, > > Note in particular that Bitcoin Core supports `ControlPort` and not `Co= ntrolSocket`, so > > this is needed for Bitcoin Core support. From what I can see more daemo= ns support > > `ControlPort` than `ControlSocket`. > > Ok, but take a look at > https://gitlab.torproject.org/legacy/trac/-/wikis/doc/bitcoin. > Maybe its out of date though: https://blog.torproject.org/tor-heart-crypt= ocurrencies The issue is already known, and is mitigated by use of e.g. JoinMarket and = Wasabi Wallet, when used with proper care to disentangle public coin addres= ses from your own spending. In my particular case, use of Tor is not for pseudonymity (though if you wa= nt I can provide a coin address for Bitcoin and you can try donating to it = and see if you can track me using the described technique, so you can try s= eeing if it actually works against an expert user of Bitcoin), but rather a= s a replacement for my lack of a public IP address --- instead of using a p= ublic IP address (which my ISP is much too stupid to provide to me unless I= get a ***much*** higher tier of paid support) I use a Tor hidden service t= o allow other users to connect to my node. > > Thanks > > raid5atemyhomework > > From d9bea7635594654e1e631e4db55422c511f0220a Mon Sep 17 00:00:00 2001 > > From: raid5atemyhomework raid5atemyhomework@protonmail.com > > Date: Sat, 27 Mar 2021 14:29:31 +0800 > > Subject: [PATCH] gnu: Add 'control-port?' setting to Tor. > > > > - gnu/services/networking.scm (tor-configuration): Add `control-port?= ` field. > > (tor-configuration->torrc): Support `control-port?` field. > > (tor-activation): Allow group access to data directory if `control-= port?`. > > > > - doc/guix.texi (Networking Services)[Tor]: Describe new `control-por= t?` field. > > Usually we`quote', 'quote', "quote" or =E2=80=98quote=E2=80=99, but never= `quote`. > I recommend 'quote', as in > > commit 43937666ba6975b6c847be8e67cecd781ce27049 > Author: Ludovic Court=C3=A8s ludo@gnu.org > Date: Fri Mar 19 14:23:57 2021 +0100 > > download: 'tls-wrap' treats premature TLS termination as EOF. > > This is a backport of Guile commit > 076276c4f580368b4106316a77752d69c8f1494a. > > * guix/build/download.scm (tls-wrap)[read!]: Wrap 'get-bytevector-n!' > call in 'catch' and handle 'error/premature-termination' GnuTLS errors. Okay. Thaks raid5atemyhomework >From d9bea7635594654e1e631e4db55422c511f0220a Mon Sep 17 00:00:00 2001 From: raid5atemyhomework Date: Sat, 27 Mar 2021 14:29:31 +0800 Subject: [PATCH] gnu: Add 'control-port?' setting to Tor. * gnu/services/networking.scm (tor-configuration): Add 'control-port?' fiel= d. (tor-configuration->torrc): Support 'control-port?' field. (tor-activation): Allow group access to data directory if 'control-port?'. * doc/guix.texi (Networking Services)[Tor]: Describe new 'control-port?' fi= eld. --- doc/guix.texi | 13 +++++++++++++ gnu/services/networking.scm | 24 +++++++++++++++++++++--- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index c23d044ff5..a9c8f930be 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -87,6 +87,7 @@ Copyright @copyright{} 2020 Daniel Brooks@* Copyright @copyright{} 2020 John Soo@* Copyright @copyright{} 2020 Jonathan Brielmaier@* Copyright @copyright{} 2020 Edgar Vincent@* +Copyright @copyright{} 2021 raid5atemyhomework@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -16676,6 +16677,18 @@ If @code{#t}, Tor will listen for control commands= on the UNIX domain socket @file{/var/run/tor/control-sock}, which will be made writable by members o= f the @code{tor} group. +@item @code{control-port?} (default: @code{#f}) +Whether or not to provide a ``control port'' by which Tor can be controlle= d +to, for instance, dynamically instantiate tor onion services. This is mor= e +commonly supported by Tor controllers than using a UNIX domain socket as +above. If @code{#t}, Tor will listen for authenticated control commands o= ver +the control port 9051. In order to authenticate to this port, Tor control= lers +need to read the cookie file at @file{/var/lib/tor/control_auth_cookie}, w= hich +will be made readable by members of the @code{tor} group. + +This can be set to a number instead, which will make Tor listen for contro= l +commands over the specified port number. + @end table @end deftp diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 231a9f66c7..a4fbeaadfe 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -747,7 +747,9 @@ demand."))) (socks-socket-type tor-configuration-socks-socket-type ; 'tcp or 'unix (default 'tcp)) (control-socket? tor-control-socket-path - (default #f))) + (default #f)) + (control-port? tor-control-port? + (default #f))) ; #f | #t | number (define %tor-accounts ;; User account and groups for Tor. @@ -770,7 +772,8 @@ demand."))) "Return a 'torrc' file for CONFIG." (match config (($ tor config-file services - socks-socket-type control-socket?) + socks-socket-type control-socket? + control-port?) (computed-file "torrc" (with-imported-modules '((guix build utils)) @@ -795,6 +798,16 @@ UnixSocksGroupWritable 1\n" port)) ControlSocket unix:/var/run/tor/control-sock GroupWritable RelaxDirModeChe= ck ControlSocketsGroupWritable 1\n" port)) + (when #$control-port? + (format port + "\ +ControlPort ~a +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +DataDirectoryGroupReadable 1\n" + #$(if (eq? control-port? #t) + 9051 + control-port?))) (for-each (match-lambda ((service (ports hosts) ...) @@ -884,7 +897,12 @@ HiddenServicePort ~a ~a~%" ;; Allow Tor to access the hidden services' directories. (mkdir-p "/var/lib/tor") (chown "/var/lib/tor" (passwd:uid %user) (passwd:gid %user)) - (chmod "/var/lib/tor" #o700) + ;; Allow Tor controllers to access the cookie file if control-port? + ;; By default this is where Tor puts the cookie file, and most Tor + ;; controllers expect this file location (and not on `/var/run/tor`)= . + (chmod "/var/lib/tor" #$(if (tor-control-port? config) + #o750 + #o700)) ;; Make sure /var/lib is accessible to the 'tor' user. (chmod "/var/lib" #o755) -- 2.31.0 From debbugs-submit-bounces@debbugs.gnu.org Sat Mar 27 08:14:00 2021 Received: (at 47155) by debbugs.gnu.org; 27 Mar 2021 12:14:01 +0000 Received: from localhost ([127.0.0.1]:43521 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ7pI-0000RI-L7 for submit@debbugs.gnu.org; Sat, 27 Mar 2021 08:14:00 -0400 Received: from laurent.telenet-ops.be ([195.130.137.89]:55932) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQ7pE-0000R2-9T for 47155@debbugs.gnu.org; Sat, 27 Mar 2021 08:13:59 -0400 Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d]) by laurent.telenet-ops.be with bizsmtp id lQDu240010mfAB401QDuwe; Sat, 27 Mar 2021 13:13:54 +0100 Message-ID: <62b096ded17719c7aa79bbc0c5f80bdd5d7f5e68.camel@telenet.be> Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. From: Maxime Devos To: raid5atemyhomework Date: Sat, 27 Mar 2021 13:13:42 +0100 In-Reply-To: References: <2385f734152be7ed5351bc07dcc7d77e5f22efd0.camel@telenet.be> Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-QKQzipZUhVKwvE8IwoWg" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21; t=1616847234; bh=mI01YQAwxO3+RK4OQN4WTdS5rbD22JJS8yhD/EmNauU=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=mlQhqB+3iIV27sSgXj/sJK18bAMNA7c9AkhtpVVFzeIMvcFN34xDzifwxFPDXdRpN MhftSw+Y6dEuQ+fPndsm4fBC9gTNr2U10Bi412Z1awP8Ip3FwnCD+ZLDPkegrwOCUL zZ73TIy1K6Qc83SY1mjyp4qAZXNuuvXMBs9dRwnp10QHi9qkQJ+wmF048Cw6mASyqE Q5LImWL+adyEErWIbcHDcWLgvhwYXqDdVzcUWWvC0Zm9LzwLbTT84fIWIiMmxckpiP n71Ach6fq3qN00kX0fTUg0UW6PAWHjNbywubjDMbGlUddoyTTYSL7tUsMyRpToI4lN 3Eh1qBNYtlz2A== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-QKQzipZUhVKwvE8IwoWg Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sat, 2021-03-27 at 11:06 +0000, raid5atemyhomework wrote: > Hello Maxime, >=20 >=20 > > > Note in particular that Bitcoin Core supports `ControlPort` and not `= ControlSocket`, so > > > this is needed for Bitcoin Core support. From what I can see more dae= mons support > > > `ControlPort` than `ControlSocket`. > >=20 > > Ok, but take a look at > > https://gitlab.torproject.org/legacy/trac/-/wikis/doc/bitcoin. > > Maybe its out of date though: https://blog.torproject.org/tor-heart-cry= ptocurrencies >=20 > The issue is already known, and is mitigated by use of e.g. JoinMarket an= d Wasabi Wallet, when used with proper care to disentangle public coin addr= esses from your own spending. > [...] Ok. > but rather as a replacement for my lack of a public IP address --- inste= ad of > using a public IP address (which my ISP is much too stupid to provide to = me unless I get a > ***much*** higher tier of paid support) I use a Tor hidden service to all= ow other users to > connect to my node. Makes sense. I know that use case, though myself I have a public IP addres= s at no additional cost (at least if I disable the firewall or poke holes thr= ough it). Probably not a static IP though. The revised patch looks good to me, but I'm no committer. Greetings, Maxime. --=-QKQzipZUhVKwvE8IwoWg Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iI0EABYIADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYF8hdhccbWF4aW1lZGV2 b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7lHbAQD/+MmdR0nVpzmS94HaCW3YBC2C YrkVoRWOXUj1kuX7ngD/cGIWEQjtr+qQF7W0IpCmv6NoBFPXwxpATtAKDIh8lww= =i3qw -----END PGP SIGNATURE----- --=-QKQzipZUhVKwvE8IwoWg-- From debbugs-submit-bounces@debbugs.gnu.org Fri Jul 23 11:07:50 2021 Received: (at 47155) by debbugs.gnu.org; 23 Jul 2021 15:07:50 +0000 Received: from localhost ([127.0.0.1]:44299 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1m6wmE-0003nt-2C for submit@debbugs.gnu.org; Fri, 23 Jul 2021 11:07:50 -0400 Received: from mail-40135.protonmail.ch ([185.70.40.135]:13558) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1m6wmC-0003nh-MY for 47155@debbugs.gnu.org; Fri, 23 Jul 2021 11:07:49 -0400 Date: Fri, 23 Jul 2021 15:07:32 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1627052862; bh=0EKU79L6rGiK8XhzJaYyUmUMOCs1OV/nwQuMN50Hjno=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=u6xt+v067iVQXbtf/Bdkss5jOu7sFCFHhKwi3JXZyQEUdH1Kv8mFxq8/+EZwKupnt imue0hCAFlukd7ayrvjJf6A3/5ev7PJAUN0elhj7irpbhth6PBds/AKbEhcRNEueoc o2ju8xW32W2blyZUXbOH6DqgD+ot9wEAdidvomJo= To: Maxime Devos From: raid5atemyhomework Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: <8xOEgJA-rlx-1caFyLD1FhRsSqlSCDIqyOZSPfuXMLwlzTZNY6NJuNKpyQPW5I1Giwr9qmZIXYKnaKXdmE2TI25EgX9jJgXHAY5VrYKaEQ0=@protonmail.com> In-Reply-To: <62b096ded17719c7aa79bbc0c5f80bdd5d7f5e68.camel@telenet.be> References: <2385f734152be7ed5351bc07dcc7d77e5f22efd0.camel@telenet.be> <62b096ded17719c7aa79bbc0c5f80bdd5d7f5e68.camel@telenet.be> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 47155 Cc: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: raid5atemyhomework Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Bump. From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 27 06:53:09 2022 Received: (at 47155) by debbugs.gnu.org; 27 Dec 2022 11:53:09 +0000 Received: from localhost ([127.0.0.1]:54834 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pA8W5-0008Vv-7L for submit@debbugs.gnu.org; Tue, 27 Dec 2022 06:53:09 -0500 Received: from mail-4317.proton.ch ([185.70.43.17]:59599) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pA8W1-0008VN-IR for 47155@debbugs.gnu.org; Tue, 27 Dec 2022 06:53:07 -0500 Date: Tue, 27 Dec 2022 11:52:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jeandudey.tech; s=protonmail; t=1672141978; x=1672401178; bh=p1XYQY5qPbJJ7bLmtXg6KZkp+ZZYbLAN1YR1qstWWzA=; h=Date:To:From:Cc:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=bOVKRsadZROzgRXmtp0BqLL/qf4Iq04tyN9Lu29Per3z+K+IrS37t+dbcsuT6Ebax qUr55/hVCmGZIWUy2EpwGnXO9g9Q3AehCJSPW2JT84RTJAKBA+1OoTDgGown4b/bAA RqNcxA4TNmglv0yRil5gOMe3+E92TnfyJsRFNhztYtOGduWn8MyDArFrBtzlBFyK9W 7WU7wfCDldtwYa+cIXQ8Ag4O/EioffO7Qu/Cf7F0kHXkAyhLfkJJG10vph4cUQW31F tOuy5MG6vFvAAqwOSaH1Qgl0n/1jhNBVfNKJ75yYOss1Pj43UJd3DxIYEJcIsFkip/ h1OqP4ypuDy1g== To: "47155@debbugs.gnu.org" <47155@debbugs.gnu.org> From: Jean Pierre De Jesus DIAZ Subject: Re: [bug#47155] [PATCH] gnu: Respect DataDirectoryGroupReadable option of tor. Message-ID: Feedback-ID: 20187791:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 47155 Cc: "raid5atemyhomework@protonmail.com" , Maxime Devos X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) >+ (when #$control-port? >+ (format port >+ "\ >+ControlPort ~a >+CookieAuthentication 1 >+CookieAuthFileGroupReadable 1 >+DataDirectoryGroupReadable 1\n" Maybe instead of a port, we can have separate options for `control-port', and `cookie-authentication?'. As IIUC cookie authentication can still be used with a control UNIX domain socket. >+ #$(if (eq? control-port? #t) >+ 9051 >+ control-port?))) As a side note, the `if' can be removed and the port put in place into the string directly. But would prefer an option in the configuration record for the control port. =E2=80=94 Jean-Pierre De Jesus DIAZ