On 01/29/2017 11:59 AM, Mark wrote:
As I don't know what dac_override is I don't know if it's a good idea to give it to tor and the confidence seems quite low.
dac_override indicates that you're running your process as root, and it's trying to do something on the filesystem which is not explicitly allowed by permissions. DAC is the standard POSIX permission system, and the process is trying to override it. DAC allows access to the toranon user and toranon group only, and the process is trying to override that access by way of root access.
I'd say that no, giving dac_override is not a good idea, but mostly because that implies that you'd continue running the process as root. You should be running the service as the "toranon" user instead, in which case it will not need dac_override.
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
