summaryrefslogtreecommitdiff
path: root/src/or/connection.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-02-02 15:45:00 -0500
committerNick Mathewson <nickm@torproject.org>2014-02-02 15:45:00 -0500
commitfd8947afc2815cc3316513fe4461d8d8096eddea (patch)
treecdc6d28292a882b2afe1285bbf8ecfa379344fc7 /src/or/connection.c
parent09ccc4c4a3b67695295ad95f24b2f102d5f2fa1a (diff)
downloadtor-fd8947afc2815cc3316513fe4461d8d8096eddea.tar.gz
tor-fd8947afc2815cc3316513fe4461d8d8096eddea.zip
Move the friendly warning about TPROXY and root to EPERM time
I'm doing this because: * User doesn't mean you're running as root, and running as root doesn't mean you've set User. * It's possible that the user has done some other capability-based hack to retain the necessary privileges.
Diffstat (limited to 'src/or/connection.c')
-rw-r--r--src/or/connection.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/or/connection.c b/src/or/connection.c
index 7d8feeb95c..6dbba668c6 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1039,9 +1039,13 @@ connection_listener_new(const struct sockaddr *listensockaddr,
if (options->TransTPROXY && type == CONN_TYPE_AP_TRANS_LISTENER) {
int one = 1;
if (setsockopt(s, SOL_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0) {
+ const char *extra = "";
int e = tor_socket_errno(s);
- log_warn(LD_NET, "Error setting IP_TRANSPARENT flag: %s",
- tor_socket_strerror(e));
+ if (e == EPERM)
+ extra = "TransTPROXY requires root privileges or similar"
+ " capabilities.";
+ log_warn(LD_NET, "Error setting IP_TRANSPARENT flag: %s.%s",
+ tor_socket_strerror(e), extra);
}
}
#endif