Solved: Tor (tor.service) doesn’t start on Ubuntu 16, Linux Mint 18. AppArmor?

Whew. I’m actually a semi-fan of systemctl and systemd and all that. The older /etc/init.d thing was more work to mess with. But holy wow.

This is basically a bug report for the Tor developers, and a workaround for the rest of us. I gave up on talking directly to the Tor people years ago. For all I know they’re much more responsive now, but life is short and I don’t try anymore. The problem lies in their xenial distribution of Tor. Maybe other versions too? Beats me; I didn’t need to check.

The basic issue is that, after you boot, systemctl status tor.service will show that the process exited. Examination of /var/log/syslog will show that AppArmor killed it. I ran into some speculation out there that suggests some future kernel version will fix the problem. But I wouldn’t count on it–I’m already running a (much) more recent kernel. No joy.

I did a couple of things. I tried apt install apparmor-utils, and typed aa-complain system-tor and also aa-complain /usr/bin/tor. So the problem persisted, but the error message (previously “file or directory doesn’t exist”) became identifiable as a file-ownership problem.

Solution: sudo chown debian-tor:debian-tor /var/lib/tor -R

Sheesh. Lots of easily-spotted trouble from a very minor bug. Now, do you need to do the apparmor-utils bit first, to make your system work? If so, do you need both of the commands I gave above? I’m guessing you don’t. But as I said, life is short, I’m not investigating every little thing, and you now know how to do it if you turn out to need it.

