Debian Question posted in
The oficial documentation can be found here.

Tor not starting cleanly on boot – Debian

I’m running Debian 10 with bitcoind configured as a systemd service that accesses the tor service via localhost. Every reboot the bitcoind error log is filled with the following, and tor services seem to be stuck in a non-working state.

2020-11-18T03:38:30Z connect() to 127.0.0.1:9050 failed after select(): Connection refused (111)
2020-11-18T03:38:30Z connect() to 127.0.0.1:9050 failed after select(): Connection refused (111)
2020-11-18T03:38:31Z connect() to 127.0.0.1:9050 failed after select(): Connection refused (111)
2020-11-18T03:38:31Z connect() to 127.0.0.1:9050 failed after select(): Connection refused (111)

Upon startup systemctl status tor returns the following, indicating tor started successfully

tor.service - Anonymizing overlay network for TCP (multi-instance-master)
   Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
   Active: active (exited) since Tue 2020-11-17 19:54:04 PST; 4min 19s ago
  Process: 413 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 413 (code=exited, status=0/SUCCESS)

Nov 17 19:54:04 cryptoDaemon systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Nov 17 19:54:04 cryptoDaemon systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).

However tail -f /var/log/tor/notices.log indicates tor hasn’t started. There are no entries after the reboot.

If I restart tor.service with sudo systemctl restart tor the error immediately disappears and bitcoind starts to function over tor correctly. This indicates to me that the tor service itself is not starting properly after reboot.

After restarting the service /var/log/notices.log gets new entries:

Nov 17 20:02:22.000 [notice] Tor 0.3.5.10 opening log file.
Nov 17 20:02:22.875 [notice] We compiled with OpenSSL 1010104f: OpenSSL 1.1.1d  10 Sep 2019 and we are running with OpenSSL 1010107f: OpenSSL 1.1.1g  21 Apr 2020. These two versions should be binary compatible.
Nov 17 20:02:22.877 [notice] Tor 0.3.5.10 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1g, Zlib 1.2.11, Liblzma 5.2.4, and Libzstd 1.3.8.
Nov 17 20:02:22.877 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 17 20:02:22.877 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Nov 17 20:02:22.877 [notice] Read configuration file "/etc/tor/torrc".
Nov 17 20:02:22.881 [notice] You configured a non-loopback address '10.1.10.20:9050' for SocksPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Nov 17 20:02:22.881 [notice] Opening Socks listener on 127.0.0.1:9050
Nov 17 20:02:22.881 [notice] Opened Socks listener on 127.0.0.1:9050
Nov 17 20:02:22.881 [notice] Opening Control listener on 127.0.0.1:9051
Nov 17 20:02:22.881 [notice] Opened Control listener on 127.0.0.1:9051
Nov 17 20:02:22.881 [warn] Unable to make /var/lib/tor group-readable: Permission denied
Nov 17 20:02:22.881 [warn] Unable to make /var/lib/tor group-readable: Permission denied
Nov 17 20:02:22.000 [notice] Not disabling debugger attaching for unprivileged users.
Nov 17 20:02:22.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Nov 17 20:02:23.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Nov 17 20:02:23.000 [notice] Bootstrapped 0%: Starting
Nov 17 20:02:23.000 [notice] Starting with guard context "default"
Nov 17 20:02:23.000 [notice] Signaled readiness to systemd
Nov 17 20:02:24.000 [notice] Bootstrapped 10%: Finishing handshake with directory server
Nov 17 20:02:24.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Nov 17 20:02:24.000 [notice] Opening Control listener on /run/tor/control
Nov 17 20:02:24.000 [notice] Opened Control listener on /run/tor/control
Nov 17 20:02:24.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Nov 17 20:02:25.000 [notice] Bootstrapped 100%: Done

Further investigation reveals that tor is not starting at boot. /var/log/tor/debug.log is empty after reboot. I can even run systemctl start tor and it starts. systemctl start tor won’t mess with a service that is already started, so for some reason systemd isn’t starting tor, despite it being enabled. Just for fun I disabled with systemctl disable tor and re-enabled, but to no avail.

Any ideas why tor doesn’t start?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I also use this server as a Tor SOCKS proxy on the LAN using SOCKSPORT IP.OF.SERVER:9050 in torrc. disabling this and the associated SOCKSPolicy accept IP.OF.SERVER/24 fixed the issue. If anybody has any insight as to why tor behaves this way and doesn't log why, it'd be appreciated.


  2. 0

    I fixed it by overriding the systemd configuration for the tor service since i Need the tor Proxy to listen to an actual network interface.

    /etc/systemd/system/[email protected]/override.conf

    [Unit]
After=network.target nss-lookup.target network-online.target
Wants=network-online.target

    Easy way to create the file is systemctl edit [email protected]

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search