Docker relay stopped working after pull today

Support Relay Operator
1

Hi, I have a tor relay thats been running for years.
Today did a pull and it stops working claiming:

relay_1 | Feb 17 15:56:43.072 [warn] Directory /var/lib/tor cannot be read: Permission denied

Noting has changed on my server, but the image

root@tor [ ~/containers/tor ]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
thetorproject/obfs4-bridge latest 062bae9696c6 3 weeks ago 143MB
thetorproject/obfs4-bridge d0a5213e109d 16 months ago 136MB

does the docker process need more permissions?

1 Like
2

Looks like it.

3

same here.
It’s for sure a permission issue.
Anyone has elegantly solved it?

1 Like
4

My way of fixing it:

New Dockerfile:

FROM thetorproject/obfs4-bridge:0.15
 
USER root
 
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
 
ENTRYPOINT ["/entrypoint.sh"]

entrypoint.sh:

#!/bin/bash
chown -R debian-tor:debian-tor /var/lib/tor || exit 1
# Then switch to debian-tor and run the main command
su debian-tor -s /bin/bash -c "/usr/local/bin/start-tor.sh"

and then use that image in the docker compose file

1 Like
5

thanks edge7, but I think the tor docker maintainers should solve this decently.

1 Like
6

solved it by doing a chown on the data dir

chown -R 100:101 /var/lib/docker/volumes/tor_tordata/
chown -R 100:101 /var/lib/docker/volumes/tor_tordata/_data/
chown -R 100:101 /var/lib/docker/volumes/tor_tordata/_data/keys/

now it works

1 Like
7

Looks like there were changes in debian provoking a change on the UID of the debian-tor user. I created a merge request to fix it:

I’m happy to hear ideas if there is better ways to fix this.

2 Likes
8

There is a new version of the container in dockerhub: Docker

Be aware that the UID:GID are back to 101:101, you might need to change them back in your datadir.

Let me know if you find any more problems with it.
Sorry for the problem.

2 Likes
9

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.