On 05/15/2015 11:21 AM, intrigeri wrote:
> Hi Micah,
>
> Micah Lee wrote (15 May 2015 00:11:53 GMT) :
>> OnionShare recently stopped working in Tails
> Can you please be more specific wrt. what version of Tails worked for
> you, and what version stopped working?
I just tested a bunch of old versions of Tails in VMs and confirmed that
it last worked in 1.2.3 and stopped working in 1.3.
>
>> Specifically, OnionShare is able to connect to the Tor control port, but
>> when it tries to create a hidden service it now causes the entire tor
>> process to crash, and it looks like this is related to Tor sandbox
>> warnings. You can look at the issue on github to see the full tor logs,
>> but basically there are a handful of "sandbox_intern_string(): Bug: No
>> interned sandbox parameter found for /var/lib/tor/tmpBuBZmk" errors
>> (/var/lib/tor/tmpBuBZmk being the hidden service dir), ending with a
>> crash: "(Sandbox) Caught a bad syscall attempt (syscall open)".
> Looks like a bug in Tor sandbox rather than anything Tails-specific
> to me.
Agreed, but I haven't run into it anywhere except in Tails. Maybe this
is because all other platforms use the tor service from Tor Browser
rather than a system Tor, and that doesn't have sandboxing enabled or
something?
>> So I can find very little information about what's causing this or how
>> to fix it. Anyone here know?
> 0. Make sure there are no AppArmor-related messages for Tor in `sudo
> dmesg`. If there are, please report them to us.
There are no AppArmor errors.
> 1. Try without Tor sandboxing (configuring a bridge as documented via
> Tails Greeter + Tor Launcher should be enough, since we disable the
> sandbox when special Tor config is requested).
When I enable a bridge it doesn't cause the tor crash. So I think this
is a Tor sandbox issue.
However, onionshare fails for some other reason when a bridge is
enabled. I think this is an entirely separate issue, but I'm looking
into it.
> 2. If #1 confirmed that the only problem is caused by Tor sandboxing,
> report a bug on the Tor bug tracker: we don't maintain the Tor
> sandbox in Tails :)
Apparently tor immediately crashes in Tor Browser if you edit its torrc
and set "Sandbox 1". So now I'm testing using a system Tor in Debian,
not Tails, and I can confirm that starting a hidden service causes a
crash. I'll try to make a simpler piece of code that reproduces it and
open a tor bug.
--
Micah Lee
OpenPGP: 0B1491929806596254700155FD720AD9EBA34B1C