I would like to run a second non-exit relay instance on my server. However, there seems to be no way to let my second instance log notices into a file within the /var/log/tor folder.
Removing the “Log notice file /var/log/tor/notices2.log” parameter and replacing it with “Log notice syslog” or removing the Log notice option entirely allows the second instance to start.
I’d still like to log notices to a file separate of the first instance. I am running Ubuntu 20.04.
Here is what I’ve tried:
I’ve tried chmod-ing the /var/log/tor directory to 777 (for debugging, not permanently). This turned it into a read-only file system.
I’ve tried chown-ing the /var/log/tor/notices2.log file (after I created a blank file) to the second instance user, which is _tor-instance2.
I’ve tried adding the _tor-instance2 user to the group debian-tor, and giving the group debian-tor ownership of /var/log/tor (which is chmodd’ed to 660 Owner Read/Write Group Read/Write).
journalctl -xe output:
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [warn] Couldn't open file for 'Log notice file /var/log/tor/notices2.log': Permission denied
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [notice] Closing partially-constructed Control listener connection (ready) on 127.0.0.1:9052
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [notice] Closing partially-constructed OR listener connection (ready) on 0.0.0.0:9001
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [notice] Closing partially-constructed OR listener connection (ready) on [::]:9001
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [notice] Closing partially-constructed Directory listener connection (ready) on 0.0.0.0:9030
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [warn] Failed to parse/validate config: Failed to init Log options. See logs for details.
May 01 04:03:19 f8n301ns tor[20762]: May 01 04:03:19.000 [err] Reading config failed--see warnings above.
May 01 04:03:19 f8n301ns systemd[1]: tor@instance2.service: Main process exited, code=exited, status=1/FAILURE
You may need to specify this new user “_tor-instance2” in the torrc file of your 2nd instance :
User _tor-instance2
Before you restart the service, change the owner of the notices2.log file to _tor-instance2.
About chmod bytes, you could use those :
tor folder : rwxr-xr-x
notices.log : rw-r-----
If this fix doesn’t work, please specify the following details to help you more :
Can you do a “ls -lh” in the /var/log/tor folder please ?
And can you also print your torrc file of your 2nd instance ? (please remove confidential info)
So in order, I added the specified user parameter into the torrc of Instance2, created the instance2.log file and set the owner to _tor-instance2. I changed the chmod bytes into rwxr-xr-x for the folder and rw-r----- for instance2.log.
Sadly, the solution did not work, but thank you very much for trying! It’s not a huge dealbreaker for me but definitely an odd issue!
posse@possy:/var/log/tor# ls -lh
total 32K
-rw-rw---- 1 _tor-instance2 debian-tor 3 May 10 01:42 instance2.log
-rw-rw---- 1 debian-tor debian-tor 366 May 10 01:32 notices.log
-rw-rw---- 1 debian-tor debian-tor 6.3K May 10 00:00 notices.log.1
-rw-rw---- 1 debian-tor debian-tor 1.3K May 9 00:00 notices.log.2.gz
-rw-rw---- 1 debian-tor debian-tor 1.2K May 8 00:00 notices.log.3.gz
-rw-rw---- 1 debian-tor debian-tor 1.1K May 7 00:00 notices.log.4.gz
-rw-rw---- 1 debian-tor debian-tor 1.1K May 6 00:00 notices.log.5.gz
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.906 [notice] Opened Directory listener connection (ready) on 0.0.0.0:9030
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [warn] Couldn't open file for 'Log notice file /var/log/tor/instance2.log': Permission denied
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [notice] Closing partially-constructed Control listener connection (ready) on 127.0.0.1:9052
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [notice] Closing partially-constructed OR listener connection (ready) on 0.0.0.0:9001
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [notice] Closing partially-constructed OR listener connection (ready) on [::]:9001
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [notice] Closing partially-constructed Directory listener connection (ready) on 0.0.0.0:9030
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [warn] Failed to parse/validate config: Failed to init Log options. See logs for details.
May 10 01:57:08 temp-measure2 tor[77700]: May 10 01:57:08.000 [err] Reading config failed--see warnings above.
May 10 01:57:08 temp-measure2 systemd[1]: tor@instance2.service: Main process exited, code=exited, status=1/FAILURE
You could try to create a new folder for your 2nd instance :
mkdir /var/log/tor2
Then edit your torrc file to specify this new folder.
Log notice file /var/log/tor2/notices.log
Before restarting the service, apply the chmod and chown like I specified earlier in this post.
By the way, don’t forget to choose a Nickname and a contact info, they are optional but could help you a lot when the tor network team needs to contact you.
So you will keep the folder tor for your first instance with debian-tor user and your tor2 folder for the 2nd instance with the _tor-instance2 user.
It should works after the changes are applied and the service restarted.
It’s not a huge dealbreaker for me but definitely an odd issue!