Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Current version broken in Tails #179

Closed
micahflee opened this issue May 14, 2015 · 7 comments
Closed

Current version broken in Tails #179

micahflee opened this issue May 14, 2015 · 7 comments
Labels
blocked bug

Comments

@micahflee
Copy link
Collaborator

In Tails when you start the server it launches a separate root process. In the current version in Tails it gives the error "Unknown error with Tails root process".
@micahflee micahflee added the bug label May 14, 2015
@micahflee micahflee added this to the 0.7 milestone May 14, 2015
@micahflee
Copy link
Collaborator Author

Here's the crash:

amnesia@amnesia:~$ echo "test" > test.txt
amnesia@amnesia:~$ onionshare test.txt 
Connecting to Tor control port to set up hidden service on port 47042.
Executing: ['/usr/bin/sudo', '--', '/usr/bin/onionshare', '47042']
[sudo] password for amnesia: 
Traceback (most recent call last):
  File "/usr/bin/onionshare", line 29, in <module>
    onionshare.main()
  File "/usr/lib/python2.7/dist-packages/onionshare/onionshare.py", line 290, in main
    app.start_hidden_service()
  File "/usr/lib/python2.7/dist-packages/onionshare/onionshare.py", line 106, in start_hidden_service
    stdout = p.stdout.read(22) # .onion URLs are 22 chars long
KeyboardInterrupt
amnesia@amnesia:~$ sudo -- /usr/bin/onionshare 47042
[sudo] password for amnesia: 
Traceback (most recent call last):
  File "/usr/bin/onionshare", line 29, in <module>
    onionshare.main()
  File "/usr/lib/python2.7/dist-packages/onionshare/onionshare.py", line 258, in main
    tails_root()
  File "/usr/lib/python2.7/dist-packages/onionshare/onionshare.py", line 237, in tails_root
    app.start_hidden_service(False, True)
  File "/usr/lib/python2.7/dist-packages/onionshare/onionshare.py", line 165, in start_hidden_service
    self.controller.set_options(hsdic2list(hsdic))
  File "/usr/lib/python2.7/dist-packages/stem/control.py", line 1859, in set_options
    response = self.msg(query)
  File "/usr/lib/python2.7/dist-packages/stem/control.py", line 469, in msg
    raise exc
stem.SocketClosed: Received empty socket content.
amnesia@amnesia:~$

Here's the tor log during the crash:

May 14 23:09:32.000 [notice] New control connection opened from 127.0.0.1.
May 14 23:09:32.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/tmpBuBZmk
May 14 23:09:32.000 [notice] Tor 0.2.6.7 (git-c1a17aafcc854762) opening log file.
May 14 23:09:32.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/tmpBuBZmk
May 14 23:09:32.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/tmpBuBZmk
May 14 23:09:32.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/tmpBuBZmk/private_key
May 14 23:09:33.000 [warn] sandbox_intern_string(): Bug: No interned sandbox parameter found for /var/lib/tor/tmpBuBZmk/private_key.tmp

============================================================ T= 1431644973
(Sandbox) Caught a bad syscall attempt (syscall open)
/usr/bin/tor(+0x143019)[0xf767b019]
/lib/i386-linux-gnu/libc.so.6(__open64+0x45)[0xf71b8815]
/lib/i386-linux-gnu/libc.so.6(__open64+0x45)[0xf71b8815]
/usr/bin/tor(tor_open_cloexec+0x57)[0xf7662eb7]

@micahflee
Copy link
Collaborator Author

This looks like an upstream Tor bug. I've confirmed that this happens only happens when tor is in sandbox mode, which is now the default setting for Tails (but not for Tor Browser -- in fact tor crashes immediately when running Tor Browser if it's in sandbox mode). Here's the docs for sandbox mode:

Sandbox 0|1
If set to 1, Tor will run securely through the use of a syscall sandbox. Otherwise the sandbox will be disabled. The option is currently an experimental feature. (Default: 0)

I'm about to build a simpler script to reproduce this and open an upstream tor bug.

@micahflee
Copy link
Collaborator Author

Here's the upstream tor bug: https://trac.torproject.org/projects/tor/ticket/16106

I've changed this issue to blocked because I don't think it can get resolved until it gets fixed upstream, or unless Tails decides to run Tor unsandboxed.

@micahflee micahflee removed this from the 0.7 milestone May 18, 2015
@micahflee
Copy link
Collaborator Author

I'm removing the 0.7 milestone from here because I want to go ahead and release 0.7, and hopefully this is just an upstream bug anyway so there won't be any code changes in onionshare to resolve it.

@micahflee
Copy link
Collaborator Author

It looks like the reason the sandbox crashes is because it's trying to read/write from a place in the filesystem it's not allowed to. Tor might fix the bug so that this throws a warning instead of crashing. But now this issue is blocked until I can implement #178, so that I can start a HS without needing to access the filesystem. And that issue can't be complete and released until Tor 0.2.7.1 is stable and released as part of Tor Browser.

@austin987
Copy link

Tor Browser bundle is now at 5.0.2, which ships with Tor 0.2.7.7.

@micahflee
Copy link
Collaborator Author

Merging with #220

@micahflee micahflee mentioned this issue Nov 20, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@micahflee @austin987