Date: Mon, 8 Feb 2016 21:45:04 -0800 From: Kevin Oberman <rkoberman@gmail.com> To: "William A. Mahaffey III" <wam@hiwaay.net> Cc: "FreeBSD Questions !!!!" <freebsd-questions@freebsd.org>, "FreeBSD ports list !!!!" <freebsd-ports@freebsd.org> Subject: Re: tor logging Message-ID: <CAN6yY1udG_QM%2BGTXrTNzk8jOZzhesmpua_-hkYn_aAx2TrZEFg@mail.gmail.com> In-Reply-To: <56B97687.8050703@hiwaay.net> References: <56B90930.3000802@hiwaay.net> <20160208224644.f696fce2.freebsd@edvax.de> <56B97687.8050703@hiwaay.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 8, 2016 at 9:16 PM, William A. Mahaffey III <wam@hiwaay.net> wrote: > On 02/08/16 15:52, Polytropon wrote: > >> On Mon, 8 Feb 2016 15:36:58 -0553.75, William A. Mahaffey III wrote: >> >>> My torrc >>> files seems to indicate logging to /usr/local/var/log/tor, but no such >>> file or directory. >>> >> Create this directory subtree and an empty log file. Then check >> if it will actually be used for logging - if that is what the >> torrc file indicates. Otherwise, set a different logging file, >> but make sure it does actually exist. >> >> >> > > Further review seems to indicate use of the built-in syslog system: > > [root@kabini1, /etc, 11:17:03pm] 477 % grep log /usr/local/etc/tor/torrc > ## may provide sensitive information to an attacker who obtains the logs. > ## Send all messages of level 'notice' or higher to > /usr/local/var/log/tor/notices.log > #Log notice file /usr/local/var/log/tor/notices.log > ## Send every possible message to /usr/local/var/log/tor/debug.log > #Log debug file /usr/local/var/log/tor/debug.log > ## Use the system log instead of Tor's logfiles > #Log notice syslog > [root@kabini1, /etc, 11:17:08pm] 478 % grep log > /usr/local/etc/tor/torrc.default > ## may provide sensitive information to an attacker who obtains the logs. > ## Send all messages of level 'notice' or higher to > /usr/local/var/log/tor/notices.log > #Log notice file /usr/local/var/log/tor/notices.log > ## Send every possible message to /usr/local/var/log/tor/debug.log > #Log debug file /usr/local/var/log/tor/debug.log > ## Use the system log instead of Tor's logfiles > Log notice syslog > [root@kabini1, /etc, 11:17:10pm] 479 % lltr /var/log/tor* > -rw-r----- 1 _tor _tor 230140 Jan 21 2015 /var/log/tor.4.bz2 > -rw-r----- 1 _tor _tor 122109 Feb 23 2015 /var/log/tor.3.bz2 > -rw-r----- 1 _tor _tor 126723 Mar 30 2015 /var/log/tor.2.bz2 > -rw-r----- 1 _tor _tor 147674 May 28 2015 /var/log/tor.1.bz2 > -rw-r----- 1 _tor _tor 166094 Dec 3 00:06 /var/log/tor.0.bz2 > [root@kabini1, /etc, 11:17:19pm] 480 % > > In the past (before last upgrade) tor logged to a file in /var/log, see > above. Afterward, ???? There was a directory named /var/log/tor, owned > _tor:_tor, but it was empty & I removed it after a week or so & re-created > it & restarted tor. It restarts OK & seems to be working OK, just no > logging. Has the amount of logging changed from a couple of months ago ? > > -- > > William A. Mahaffey III See UPDATING 20160119: AFFECTS: users of security/tor, security/tor-devel -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkoberman@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1udG_QM%2BGTXrTNzk8jOZzhesmpua_-hkYn_aAx2TrZEFg>