summaryrefslogtreecommitdiff
path: root/doc/tor.1.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/tor.1.txt')
-rw-r--r--doc/tor.1.txt57
1 files changed, 40 insertions, 17 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 1984b05d64..44ac1e892d 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -598,20 +598,26 @@ GENERAL OPTIONS
Otherwise the sandbox will be disabled. The option is currently an
experimental feature. It only works on Linux-based operating systems,
and only when Tor has been built with the libseccomp library. This option
- can not be changed while tor is running.
+ can not be changed while tor is running. +
+
- When the Sandbox is 1, the following options can not be changed when tor
+ When the **Sandbox** is 1, the following options can not be changed when tor
is running:
- Address
- ConnLimit
- CookieAuthFile
- DirPortFrontPage
- ExtORPortCookieAuthFile
- Logs
- ServerDNSResolvConfFile
- Tor must remain in client or server mode (some changes to ClientOnly and
- ORPort are not allowed).
- ClientOnionAuthDir and any files in it won't reload on HUP signal.
+ **Address**,
+ **ConnLimit**,
+ **CookieAuthFile**,
+ **DirPortFrontPage**,
+ **ExtORPortCookieAuthFile**,
+ **Logs**,
+ **ServerDNSResolvConfFile**,
+ **ClientOnionAuthDir** (and any files in it won't reload on HUP signal).
+ +
+ Launching new Onion Services through the control port is not supported
+ with current syscall sandboxing implementation.
+ +
+ Tor must remain in client or server mode (some changes to **ClientOnly**
+ and **ORPort** are not allowed). Currently, if **Sandbox** is 1,
+ **ControlPort** command "GETINFO address" will not work.
+ +
(Default: 0)
[[Socks4Proxy]] **Socks4Proxy** __host__[:__port__]::
@@ -1750,6 +1756,12 @@ The following options are useful only for clients (that is, if
other clients prefer IPv4. Other things may influence the choice. This
option breaks a tie to the favor of IPv6. (Default: auto)
+[[ClientAutoIPv6ORPort]] **ClientAutoIPv6ORPort** **0**|**1**::
+ If this option is set to 1, Tor clients randomly prefer a node's IPv4 or
+ IPv6 ORPort. The random preference is set every time a node is loaded
+ from a new consensus or bridge config. When this option is set to 1,
+ **ClientPreferIPv6ORPort** is ignored. (Default: 0)
+
[[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__::
Tor clients don't build circuits for user traffic until they know
about enough of the network so that they could potentially construct
@@ -1798,11 +1810,20 @@ The following options are useful only for clients (that is, if
Does not affect servers or onion services. Must be at least 10 minutes.
(Default: 24 hours)
-[[DormantTimeoutDisabledByIdleStreams]] **DormantTimeoutDisabledByIdleStreams **0**|**1**::
+[[DormantTimeoutDisabledByIdleStreams]] **DormantTimeoutDisabledByIdleStreams** **0**|**1**::
If true, then any open client stream (even one not reading or writing)
counts as client activity for the purpose of DormantClientTimeout.
If false, then only network activity counts. (Default: 1)
+[[DormantOnFirstStartup]] **DormantOnFirstStartup** **0**|**1**::
+ If true, then the first time Tor starts up with a fresh DataDirectory,
+ it starts in dormant mode, and takes no actions until the user has made
+ a request. (This mode is recommended if installing a Tor client for a
+ user who might not actually use it.) If false, Tor bootstraps the first
+ time it is started, whether it sees a user request or not.
+ +
+ After the first time Tor starts, it begins in dormant mode if it was
+ dormant before, and not otherwise. (Default: 0)
SERVER OPTIONS
--------------
@@ -2816,6 +2837,8 @@ The following options are used to configure a hidden service.
Store data files for a hidden service in DIRECTORY. Every hidden service
must have a separate directory. You may use this option multiple times to
specify multiple services. If DIRECTORY does not exist, Tor will create it.
+ Please note that you cannot add new Onion Service to already running Tor
+ instance if **Sandbox** is enabled.
(Note: in current versions of Tor, if DIRECTORY is a relative path,
it will be relative to the current
working directory of Tor instance, not to its DataDirectory. Do not
@@ -2976,6 +2999,10 @@ Note that once you've configured client authorization, anyone else with the
address won't be able to access it from this point on. If no authorization is
configured, the service will be accessible to anyone with the onion address.
+Revoking a client can be done by removing their ".auth" file, however the
+revocation will be in effect only after the tor process gets restarted even if
+a SIGHUP takes place.
+
See the Appendix G in the rend-spec-v3.txt file of
https://spec.torproject.org/[torspec] for more information.
@@ -3266,10 +3293,6 @@ __CacheDirectory__**/cached-microdescs** and **cached-microdescs.new**::
router. The ".new" file is an append-only journal; when it gets too
large, all entries are merged into a new cached-microdescs file.
-__CacheDirectory__**/cached-routers** and **cached-routers.new**::
- Obsolete versions of cached-descriptors and cached-descriptors.new. When
- Tor can't find the newer files, it looks here instead.
-
__DataDirectory__**/state**::
A set of persistent key-value mappings. These are documented in
the file. These include: