[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Tor controller GUI (tor-control-panel)

Enable / Disable Tor, which may set the future of Anon Connection Wizard.

https://github.com/troubadoour/tor-control-panel/commit/7c5bcf27583207a24387092c73757e57f4420afb

2 Likes

https://github.com/troubadoour/tor-control-panel/commit/9049a822e798a30eb43e4ec494c55e56850bb174#diff-726bb3557b421f756087d90d5d1787d5R28

Did you change back to (hardcoded) path /etc/torrc.d/40_tor_control_panel.conf by mistake?

if not log_exists:
    with open('/usr/share/tor/tor-service-defaults-torrc', 'a') as f:
        f.write('Log notice file /var/log/tor/log\n')

This makes the package unfit for inclusion into packages.debian.org.

If we need a guaranteed setting Log notice file /var/log/tor/log then we could add it to torrc_text.

1 Like

No, 40_tor_control_panel.conf is used in non Whonix distributons.

Yes, I forgot that /usr/share/tor/tor-service-defaults-torrc belongs to Tor.

https://github.com/troubadoour/tor-control-panel/commit/00a5c9b3cbfb0dd580c42c47569f3646614042f2

Tested in plain Debian, OK.

A couple of cosmetic commits, too.

2 Likes

Regarding tor-control-panel vs anon-connection-wizard, I modified whonix-setup-wizard to run the former if torrc does not exist or if the Tor network is disabled.

In either case, tor-control-panel is started on reboot, with instructions on how to enable the network. If torrc does not exist, the template being created by anon-gw-anonymiser-config without the DisableNetwork line, the user should also enable the network (first boot configuration, I believe).

1 Like

I find it problematic to use different config file names in Whonix vs non-Whonix. This makes documentation needlessly more complex. If we want to change the name of the config file, why not just use the same config name everywhere?

Could you please make it consistently use 40_tor_control_panel.conf everywhere? Then I will add code to https://github.com/Whonix/whonix-legacy to migrate to the new config file name.


'''repair_torrc() function will be called when we want to gurantee the existence of:
1. /etc/torrc.d/95_whonix.conf
2. /etc/tor/torrc
3. "%include /etc/torrc.d/95_whonix.conf" line in /etc/tor/torrc file
In addition, we create 40_anon_connection_wizard.conf
and 50_user.conf here if they do not exist.
'''

So in simple words repair_torrc() is a helper function, safe to call at any time.
But on the other hand torrc_text contains DisableNetwork 0 which enables networking which leads to connecting to the public Tor network. That’s a bug?

1 Like

troubadour:

Regarding tor-control-panel vs anon-connection-wizard, I modified whonix-setup-wizard to run the former if torrc does not exist or if the Tor network is disabled.

That indicates that anon-connection-wizard still gets run in some cases?

Did you push that commit? Didn’t find it.

In either case, tor-control-panel is started on reboot, with instructions on how to enable the network. If torrc does not exist, the template being created by anon-gw-anonymiser-config without the DisableNetwork line, the user should also enable the network (first boot configuration, I believe).

Yes, using tor-control-panel (or anon-connection-wizard depending on
how we move forward) will be very popular but we won’t make it a hard
dependency. Users are still able to do everything manually. Would be
very unclean otherwise.

1 Like

No, only manually as far as it was tested.

I was just about to do it, but there is a discrepancy between the installed whonix-setup-wizard and the one cloned from Whonix. An diff excerpt:

-        self.im_checkbox = QtWidgets.QCheckBox(self.group)
+        self.kbd_checkbox = QtWidgets.QCheckBox(self.group)

Done here.

https://github.com/troubadoour/tor-control-panel/commit/7768ba66dcf679675a35668d4585ce8d411623e1

Related to the new torrc path: on booting, regardless of /etc/torrc.d state, 95_whonix.conf is created with a %include /usr/local/etc/torrc.d/40_anon_connection_wizard.conf line before tor-control-panel is run. Just wondering where it comes from (bind-dirs ?). No change after disabling anon-gw-anonymizer-config service in whonix-gw-14.

Yes and no. It was in the pipeline. I guess users in Debian or other should expect to connect directly to the public Tor network, without performing the Enable network step required in Whonix.

https://github.com/troubadoour/tor-control-panel/commit/ea30c674d7f75accff29433bf4fc79d0c80d51d4

troubadour:

Related to the new torrc path: on booting, regardless of /etc/torrc.d state, 95_whonix.conf is created with a %include /usr/local/etc/torrc.d/40_anon_connection_wizard.conf line before tor-control-panel is run. Just wondering where it comes from (bind-dirs ?). No change after disabling anon-gw-anonymizer-config service in whonix-gw-14.

Yes and no. It was in the pipeline. I guess users in Debian or other should expect to connect directly to the public Tor network, without performing the Enable network step required in Whonix.

They will. This is the case in Debian anyhow. Debian doesn’t have anon-gw-anonymizer-config installed by default. Therefore no custom https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/usr/share/tor/tor-service-defaults-torrc.anondist which sets Whonix’c custom Torrc setting DisableNetwork 1.

In other words Debian’s default is DisableNetwork 0 anyhow. (That setting is Tor’s default so Debian’s default config has no need to set DisableNetwork 0 explicitly.

No need to change DisableNetwork setting in tor-control-panel in Debian unless we want to disable Tor.

Related:
Adapt Tor installer to allow users to avoid connecting to the public tor network
https://trac.torproject.org/projects/tor/ticket/7197

if not whonix:
    torrc_text = (torrc_text +
        'DisableNetwork 0\n' +
        'Log notice file /var/log/tor/log\n')

There is no need for either one.

  • DisableNetwork 0 as explained above.
  • No need for Log notice file /var/log/tor/log either since /usr/share/tor/tor-service-defaults-torrc by Debian default contains Log notice file /var/log/tor/log already anyhow.

additional /var/run/tor/log default log
https://trac.torproject.org/projects/tor/ticket/16821
(This is for Debian.)


If running in Whonix, why not use /var/run/tor/log by default? Better since more relevant/up to date information?

If not running in Whonix, fall back to be using /var/log/tor/log if/until https://trac.torproject.org/projects/tor/ticket/16821 gets implemented by Debian.

Btw tor-control-panel doesn’t crash if that files doesn’t exist either?

https://github.com/Whonix/anon-gw-anonymizer-config/commit/478c7819a43a10d05fa8ff32df2c71d338b1c315

Could you please adapt analogous to above commit?

https://github.com/Whonix/anon-gw-anonymizer-config/commit/3ca95116c5b2eef6dea8e3fc5f2ecfbc697e18c7

https://github.com/Whonix/anon-gw-anonymizer-config/commit/6c61b7d9d7f57ba258f632c5f9fbe9b6b81af6c0

Fixed mime type.

No, there is just no Tor log.

Makes sense. Done, along with the HTML log file /var/run/tor/html-log (it was written to /home/user).

In Debian Tor 3.3.9, there is only Log notice syslog in tor-service-defaults-torrc. According to https://trac.torproject.org/projects/tor/ticket/16821#comment:9, this is not likely to change. Using /var/run/tor/log in Debian too.

Also, we have to set the torrc files before tor-control-panel is run for te first time after installation. The easiest solution I found is to install tor-control-panel own anonymizer-config, a clone of anon-gw-anonymizer-config just running repair_torrc. This should be required in whonix too, as anon-gw-anonymizer-config guarantees torrc for anon-connection-wizard only.

https://github.com/troubadoour/tor-control-panel/commit/0a4fc8a90f4f916ee2091d84d7da24690cce0d36

Thanks for the clarification. I was mislead because tor-control-panel was checking Tor status enabled only, implying that a DisableNetwork line exists. A crude fix that may have to be refined.

https://github.com/troubadoour/tor-control-panel/commit/d8651ab20d7d387a816e6f44980a46a660c17b32

1 Like

Do we need any Log notice file anyhow? Can’t we read from syslog? Using journalctl -u or some python lib?


  • ExecStart=/usr/lib/other-anonymizer-config/torrc-parser path may be wrong for packages.debian.org. Should be tor-control-panel.
  • Same for systemd unit file name.
  • A systemd unit modifying config files in /etc may be unacceptable by packages.debian.org.
  • torrc-parser - well, it doesn’t really parse anything. It’s more like make-sure-torrc-exists.

Would be best/easiest if anon-connection-wizard should used the same config file names as tor-control-gui?

anon-gw-anonymizer-config should be updated to the new config file name.

https://github.com/Whonix/anon-gw-anonymizer-config/commit/5fbde9c6656ea849a94635b5af5e9ec1349a0d2d

https://github.com/Whonix/anon-gw-anonymizer-config/commit/b3a65995636440e60bd19e1d0fe57d4adc07e8ba

https://github.com/Whonix/whonix-legacy/commit/31b1ce3694162ea8e9095fb5f7f2f36343708424

https://github.com/Whonix/anon-connection-wizard/commit/f83bcf0d3f892b66dc93beb93e6d4ca5195135b8

All merged.

Since we don’t use any command line options…

https://github.com/Whonix/tor-control-panel/commit/e7f2f227f82ac5e72ad60445cb064607122d573f

(And if we were using command line options we should still avoid asterix * and list each of them.)

Bug on Debian:

kdesudo tor-control-panel
kdesudo(24116) KDESu::KDESuPrivate::KCookie::getXCookie: No X authentication info set for display  ":0" 

QLayout: Attempting to add QLayout "" to QFrame "", which already has a layout
tail: cannot open '/var/run/tor/log' for reading: No such file or directory
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/tor_control_panel/tor_control_panel.py", line 637, in refresh_logs
    with open(self.tor_log_html, 'w') as fw:
FileNotFoundError: [Errno 2] No such file or directory: '/var/run/tor/html-log'
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]