Since when I installed Ubuntu Wily (and I suspect the same will apply to the recent 16.04 Xenial) I couldn’t run Tor through an obfs brige (which I run).
The problem, quite common according to Google, is:
[warn] Could not launch managed proxy executable at ‘/usr/bin/obfs4proxy’ (‘Operation not permitted’).
But I didn’t really need it so badly I didn’t care much for long time…
Lately I had few minutes so I managed to dig into a little bit more, which lead me to Ubuntu bug #1568435, stating the culprit is (the not really beloved, at least by me) Apparmor. According to comment #6 the change is for just one line, but it didn’t suffice for me, I still had an error (maybe because I’m not using Ubuntu packaged Tor but 0.2.8.3-alpha):
apparmor=”DENIED” operation=”open” profile=”system_tor” name=”/proc/sys/net/core/somaxconn” pid=6140 comm=”obfs4proxy” requested_mask=”r” denied_mask=”r” fsuid=121 ouid=0
So it needed access to another /proc file. And finally here’s my working /etc/apparmor.d/abstractions/tor:
# vim:syntax=apparmor #include &lt;abstractions/base&gt; #include &lt;abstractions/nameservice&gt; network tcp, network udp, capability chown, capability dac_override, capability fowner, capability fsetid, capability setgid, capability setuid, /usr/bin/tor r, /usr/sbin/tor r, /proc/sys/kernel/random/uuid r, /proc/sys/net/core/somaxconn r, /sys/devices/system/cpu/ r, /sys/devices/system/cpu/** r, /etc/tor/* r, /usr/share/tor/** r, # /usr/bin/obfs4proxy PUx, /usr/bin/obfs4proxy ix,
And just in case the relevant part of /etc/tor/torrc:
UseBridges 1 ClientTransportPlugin obfs3 exec /usr/bin/obfs4proxy Bridge obfs3 18.104.22.168:80