Ubuntu
tor package

ubuntu server minimal vm install tor service wont start

Bug #1598960 reported by Jigsaw52
18
This bug affects 4 people
Affects Status Importance Assigned to Milestone
tor (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

The tor daemon fails to start after clean minimal VM install.

Steps to reproduce:

1 - Install Ubuntu Server 16.04 64bits, choosing the minimal VM install in install menu (F4 key).
2 - Install tor package.
3 - Reboot.

After reboot the tor daemon will not be running.

The following lines can be found on /var/log/syslog:

Jul 4 14:26:00 ubuntu tor[543]: Jul 04 14:26:00.737 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g-fips and Zlib 1.2.8.
Jul 4 14:26:00 ubuntu tor[543]: Jul 04 14:26:00.738 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jul 4 14:26:00 ubuntu tor[543]: Jul 04 14:26:00.739 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Jul 4 14:26:00 ubuntu tor[543]: Jul 04 14:26:00.740 [notice] Read configuration file "/etc/tor/torrc".
Jul 4 14:26:00 ubuntu tor[543]: Configuration was valid
Jul 4 14:26:00 ubuntu kernel: [ 12.835111] audit: type=1400 audit(1467656760.832:2): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined"name="system_tor" pid=555 comm="(tor)"
Jul 4 14:26:00 ubuntu systemd[555]: <email address hidden>: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory
Jul 4 14:26:00 ubuntu systemd[1]: <email address hidden>: Main process exited, code=exited, status=231/APPARMOR
Jul 4 14:26:00 ubuntu systemd[1]: Failed to start Anonymizing overlay network for TCP.
Jul 4 14:26:01 ubuntu systemd[1]: Startup finished in 4.609s (kernel) + 7.756s (userspace) = 12.365s.
Jul 4 14:26:01 ubuntu systemd[1]: <email address hidden>: Unit entered failed state.
Jul 4 14:26:01 ubuntu systemd[1]: <email address hidden>: Failed with result 'exit-code'.
Jul 4 14:26:01 ubuntu systemd[1]: <email address hidden>: Service hold-off time over, scheduling restart.
Jul 4 14:26:01 ubuntu systemd[1]: Stopped Anonymizing overlay network for TCP.

After installing the apparmor package and rebooting, the tor daemon starts.

Either the tor package should be fixed not to require apparmor or apparmor should be added as a dependency for the tor package.

Note: You can ignore any automatically attached system information in this bug report. I've submitted the ticket from a different system due to not being able to submit it on the affected machine.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: tor (not installed)
ProcVersionSignature: Ubuntu 3.16.0-76.98~14.04.1-generic 3.16.7-ckt27
Uname: Linux 3.16.0-76-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.21
Architecture: amd64
CurrentDesktop: XFCE
Date: Mon Jul 4 23:32:13 2016
InstallationDate: Installed on 2012-08-02 (1432 days ago)
InstallationMedia: Xubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
SourcePackage: tor
UpgradeStatus: Upgraded to trusty on 2014-07-27 (708 days ago)

Tags: amd64 tor xenial
Revision history for this message
Jigsaw52 (jigsaw52) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in tor (Ubuntu):
status: New → Confirmed
Alberto Salvia Novella (es20490446e)
Changed in tor (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Simon Déziel (sdeziel) wrote :

@Jigsaw52, I'm unable to reproduce the issue with the recently updated Tor (0.2.9.11-1ubuntu1~16.04.1) version. Would you mind trying to update your machine and see if it works better now? Thanks

Changed in tor (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Alecz20 (alexguzu) wrote :

I am seeing this issue on a VPS running Ubuntu 16.04 on a 3.2.0-24-virtual 32-bit kernel.

The workaround was to rename etc/systemd/system/tor.service and to disable AppArmor for the tor service:

# mkdir /<email address hidden>/
# (echo "[Service]"; echo "AppArmorProfile=") > /<email address hidden>/override.conf
# systemctl daemon-reload

I know mine is an edge case, but maybe this will help others.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for tor (Ubuntu) because there has been no activity for 60 days.]

Changed in tor (Ubuntu):
status: Incomplete → Expired
Revision history for this message
Simon Déziel (sdeziel) wrote :

Should be fixed by the recent SRU for Xenial (0.2.9.14-1ubuntu1~16.04.1) and Artful (0.3.0.13-0ubuntu1~17.10.1). With those package, failure to load the Apparmor profile is considered non-fatal.

Changed in tor (Ubuntu):
status: Expired → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.