[CentOS] tor and selinux
Mark
mark2015 at openmailbox.org
Mon Jan 30 06:32:24 UTC 2017
On Sun, 2017-01-29 at 15:53 -0800, Gordon Messmer wrote:
> On 01/29/2017 11:59 AM, Mark wrote:
> > As I don't know what dac_override is I don't know if it's a good
> > idea
> > to give it to tor and the confidence seems quite low.
>
>
> dac_override indicates that you're running your process as root, and
> it's trying to do something on the filesystem which is not
> explicitly
> allowed by permissions. DAC is the standard POSIX permission
> system,
> and the process is trying to override it. DAC allows access to the
> toranon user and toranon group only, and the process is trying to
> override that access by way of root access.
That's strange, because I started the tor process simply with
sudo systemctl start tor
The only changes I've really made was to add two lines of configuration
in torrc
Cheers
Mark
More information about the CentOS
mailing list