Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tor-wrapper.sh: Permission denied #163

Open
wiligl opened this issue Dec 27, 2024 · 2 comments
Open

tor-wrapper.sh: Permission denied #163

wiligl opened this issue Dec 27, 2024 · 2 comments

Comments

@wiligl
Copy link

wiligl commented Dec 27, 2024
edited
Loading

Dear Thomas,

thank you for providing an uptodate TOR docker image [1].

However, when I composed the container with:

services:
  relay:
    image: leplusorg/tor
    container_name: tor
    init: true
    restart: always
    network_mode: host
    environment:
      TOR_NICKNAME: tor4irc
      CONTACT_EMAIL: [[email protected]](mailto:[email protected])
    volumes:
      - type: bind
        source: /share/homes/username/confs/tor/torrc
        target: /etc/tor/torrc

I got the following error:
/etc/tor/tor-wrapper.sh: line 44: /etc/tor/torrc: Permission denied

How can I mount the torrc file to a volume which is editable on the host?
This means, run the default container and map the default torrc file to a host volume, edit the torrc file on the host, and reload the container with the new configs.

Your advice will be greatly appreciated.

Kr, Wilmar

Refs:
[1] https://hub.docker.com/r/leplusorg/tor
@wiligl
Copy link
Author

wiligl commented Dec 27, 2024

I have found a work around by copying the default torrc file from a running container to the host with:

docker cp tor:/etc/tor/torrc ~/confs/tor/torrc

Then copy the relevant, edited config parts into a separate config file (.conf), which would save in the following mapped volume on the host:

    volumes:
      - ~/confs/tor_conf/:/etc/tor/torrc.d/

Tor will automatically read all .conf files in the torrc.d folder.

@thomasleplus thomasleplus mentioned this issue Dec 28, 2024
Merged
@thomasleplus
Copy link
Member

Hi @wiligl,

I think that I didn't fully take into account the case where someone wants to provide their own torrc file instead of using the templating mechanism run by the wrapper script. So what I did is that I created at new environment variable SKIP_TEMPLATE. If set to any value, the tor-wrapper.sh will skip the templating phase that was generating the torrc file (hence the need for write permission) and instead it will use any existing torrc file verbatim (so only read permission is needed).

You can test this change using the leplusorg/tor:main image (built from the tip of the main branch) and add something like SKIP_TEMPLATE: 1 to your compose file. Let me know if that works for you without the workaround that you found.

Cheers,

Tom

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thomasleplus @wiligl