{"id":4568,"date":"2025-05-20T19:38:37","date_gmt":"2025-05-20T10:38:37","guid":{"rendered":"https:\/\/matoken.org\/blog\/?p=4568"},"modified":"2025-05-20T19:38:38","modified_gmt":"2025-05-20T10:38:38","slug":"oniux-tor-separation-tool-using-linux-namespace","status":"publish","type":"post","link":"https:\/\/matoken.org\/blog\/2025\/05\/20\/oniux-tor-separation-tool-using-linux-namespace\/","title":{"rendered":"Linux Namespace\u3092\u4f7f\u3063\u305fTor\u5206\u96e2\u30c4\u30fc\u30eb\u306eoniux"},"content":{"rendered":"<p><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"48\" height=\"48\" viewBox=\"0 0 32 32\"><path fill=\"currentColor\" d=\"M23.438 16.266c-1.016-.922-2.297-1.667-3.604-2.411c-.594-.328-2.417-1.755-1.786-3.781l-1.135-.479c1.786-2.771 4.115-5.51 6.969-8.073c-2.292.771-4.318 1.964-5.839 4.078c.896-1.875 2.354-3.724 3.964-5.599c-2.203 1.578-4.109 3.365-5.302 5.75l.833-3.339c-1.193 2.146-2.026 4.323-2.354 6.495l-1.755-.714l-.297.24c1.547 2.771.745 4.229-.031 4.74c-1.547 1.042-3.781 2.38-4.917 3.542c-2.146 2.208-2.771 4.292-2.563 7.063c.208 3.547 2.802 6.495 6.229 7.656c1.521.51 2.917.568 4.469.568c2.5 0 5.063-.656 6.943-2.234a8.73 8.73 0 0 0 3.156-6.703a9.17 9.17 0 0 0-2.979-6.797zm-4.74 11.833c-.12.536-.505 1.193-.979 1.786c.177-.328.328-.656.417-1.016c.745-2.651 1.073-3.87.714-6.792c-.057-.297-.177-1.25-.625-2.292c-.625-1.583-1.578-3.073-1.698-3.401c-.208-.505-.505-2.651-.536-4.109c.031 1.25.12 3.542.448 4.438c.089.302.953 1.641 1.578 3.276c.417 1.135.505 2.177.594 2.474c.302 1.344-.057 3.609-.531 5.75c-.151.776-.568 1.672-1.104 2.354c.297-.417.536-.953.714-1.578c.359-1.25.505-2.859.474-3.875c-.026-.594-.297-1.875-.745-3.036c-.266-.625-.656-1.281-.922-1.729c-.297-.448-.297-1.427-.417-2.563c.026 1.224-.089 1.849.208 2.714c.177.505.833 1.219 1.01 1.906c.271.922.536 1.938.51 2.563c0 .714-.031 2.026-.359 3.458c-.208 1.068-.688 1.995-1.458 2.589a3 3 0 0 0 .594-1.25c.12-.625.151-1.224.208-1.969a8 8 0 0 0-.146-2.292c-.24-1.073-.625-2.146-.807-2.891c.031.833.359 1.875.51 2.979c.115.807.057 1.609.026 2.323c-.026.833-.297 2.297-.656 3.01c-.359-.151-.474-.359-.714-.656c-.302-.385-.479-.802-.656-1.281a7 7 0 0 1-.391-1.219a4.1 4.1 0 0 1 .745-2.953c.625-.896.75-.953.953-1.995c-.297.922-.505 1.01-1.161 1.786c-.745.865-.859 2.115-.859 3.13c0 .417.177.896.328 1.344c.177.474.354.948.594 1.307c.177.297.417.505.625.656c-.776-.208-1.578-.505-2.083-.922c-1.25-1.078-2.354-2.891-2.505-4.5c-.12-1.313 1.073-3.219 2.771-4.172c1.432-.833 1.76-1.76 2.057-3.281c-.417 1.313-.833 2.448-2.208 3.13c-1.964 1.073-2.979 2.802-2.885 4.469c.146 2.115.979 3.578 2.682 4.74c.385.271.922.536 1.49.745c-2.12-.505-2.385-.802-3.099-1.635c0-.063-.182-.182-.182-.208c-.953-1.073-2.141-2.922-2.563-4.62c-.146-.594-.297-1.219-.115-1.818c.771-2.802 2.469-3.875 4.167-5.031c.422-.302.839-.568 1.224-.865c.953-.75 1.193-2.682 1.401-3.786c-.385 1.344-.807 3.01-1.552 3.547c-.385.297-.865.536-1.25.802c-1.755 1.193-3.516 2.328-4.318 5.214c-.182.75-.063 1.286.115 2c.448 1.755 1.641 3.661 2.656 4.797l.177.177a4.3 4.3 0 0 0 1.698 1.161a8 8 0 0 1-1.729-.625c-2.771-1.339-4.615-4.229-4.734-6.583c-.24-4.797 2.057-6.198 4.198-7.958c1.193-.979 2.865-1.458 3.818-3.214c.177-.391.297-1.224.057-2.12c-.089-.297-.536-1.37-.714-1.609l2.651 1.167c-.057 1.25-.089 2.26.146 3.188c.271 1.01 1.583 2.469 2.12 4.172c1.042 3.214.776 7.411.026 10.693z\"\/><\/svg><!-- cib:tor --><\/p>\n<div class=\"paragraph\">\n<p>Tor\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u304b\u3089Linux Namespace\u3067\u4efb\u610f\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092Tor\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u5206\u96e2\u3059\u308boniux\u3068\u3044\u3046\u30c4\u30fc\u30eb\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3057\u305f\uff0e<br \/>\n\u52d5\u4f5c\u3068\u3057\u3066\u306f\u4ee5\u524d\u304b\u3089\u3042\u308btorsocks\u3084torify\u306e\u3088\u3046\u306a\u3082\u306e\u306e\u3088\u3046\u3067\u3059\uff0e<br \/>\n\u5c11\u3057\u8a66\u3057\u3066\u307f\u307e\u3057\u305f\uff0e<\/p>\n<\/div>\n<div class=\"ulist\">\n<ul>\n<li>\n<p><a href=\"https:\/\/blog.torproject.org\/introducing-oniux-tor-isolation-using-linux-namespaces\/\">Introducing oniux: Kernel-level Tor isolation for any Linux app | The Tor Project<\/a><\/p>\n<\/li>\n<li>\n<p><a href=\"https:\/\/gitlab.torproject.org\/tpo\/core\/oniux\">The Tor Project \/ Core \/ oniux \u00b7 GitLab<\/a><\/p>\n<\/li>\n<\/ul>\n<\/div>\n<p><!--more--><\/p>\n<div class=\"paragraph\">\n<p>oniux\u306fRust\u88fd\u3067\u3059\uff0e\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u3057\u3066\u30ea\u30dd\u30b8\u30c8\u30ea\u304b\u3089\u5c0e\u5165\u3067\u304d\u307e\u3059\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ cargo install --git https:\/\/gitlab.torproject.org\/tpo\/core\/oniux oniux@0.4.0<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>option\u306f\u306a\u3055\u305d\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ oniux --help\nUsage: oniux &lt;CMD&gt;...\n\nArguments:\n  &lt;CMD&gt;...  The actual program to execute\n\nOptions:\n  -h, --help  Print help<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>\u65e9\u901f\u8a66\u3057\u3066\u307f\u307e\u3059\uff0eTor\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3092\u4f7f\u3063\u3066\u3044\u308b\u304b\u306e\u30c1\u30a7\u30c3\u30af\u30b5\u30a4\u30c8\u306b\u30a2\u30af\u30bb\u30b9\u3057\u307e\u3059\uff0e<br \/>\n\u30c6\u30ad\u30b9\u30c8\u30d6\u30e9\u30a6\u30b6\u306ew3m\u3067\u76f4\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068 <code>Sorry. You are not using Tor.<\/code><br \/>\noniux\u7d4c\u7531\u3060\u3068 <code>Congratulations. This browser is configured to use Tor.<\/code> \u3068\u306a\u308a\u307e\u3059\uff0e\u826f\u3055\u305d\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ w3m -dump https:\/\/check.torproject.org\/ | grep -e 'Sorry.' -e 'Congratulations.'\nSorry. You are not using Tor.\n$ oniux w3m -dump https:\/\/check.torproject.org\/ | grep -e 'Sorry.' -e 'Congratulations.'\nCongratulations. This browser is configured to use Tor.<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>\u305d\u306e\u4ed6\u306b\u3082shell\u3092\u8d77\u52d5\u3057\u3066Tor\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7528shell\u306a\u3093\u3066\u3053\u3068\u3082\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ oniux bash\n$ w3m -dump https:\/\/check.torproject.org\/ | grep -e 'Sorry.' -e 'Congratulations.'\nCongratulations. This browser is configured to use Tor.<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>Firefox\u3067\u3082\u8a66\u3057\u3066\u307f\u307e\u3059\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ oniux firefox -P temp --profile `mktemp -d`<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>Tor\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3092\u4f7f\u3048\u3066\u3044\u305d\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n<div class=\"paragraph\">\n<p><span class=\"image\"><img decoding=\"async\" src=\"https:\/\/matoken.org\/blog\/wp-content\/uploads\/2025\/05\/oniux-fx-torcheck.webp\" alt=\"oniux fx torcheck\"><\/span><\/p>\n<\/div>\n<div class=\"paragraph\">\n<p>BBC\u306a\u3093\u304b\u3082\u5229\u7528\u3067\u304d\u307e\u3059\uff0e<\/p>\n<\/div>\n<div class=\"paragraph\">\n<p><span class=\"image\"><img decoding=\"async\" src=\"https:\/\/matoken.org\/blog\/wp-content\/uploads\/2025\/05\/oniux-fx-bbc.webp\" alt=\"oniux fx bbc\"><\/span><\/p>\n<\/div>\n<div class=\"paragraph\">\n<p>\u304c\uff0c\u65e5\u672c\u306eNHK\u306a\u3093\u304b\u306f\u62d2\u5426\u3055\u308c\u307e\u3059\uff0e\u3053\u308c\u306fTorBrowser\u306a\u3069\u3067\u3082\u540c\u3058\u3067\u65e5\u672c\u306e\u30e1\u30c7\u30a3\u30a2\u7cfb\u30b5\u30a4\u30c8\u306f\u5927\u62b5\u62d2\u5426\u3055\u308c\u3061\u3083\u3046\u3093\u3067\u3059\u3088\u306d\u2026\u2026\uff0e<\/p>\n<\/div>\n<div class=\"paragraph\">\n<p><span class=\"image\"><img decoding=\"async\" src=\"https:\/\/matoken.org\/blog\/wp-content\/uploads\/2025\/05\/oniux-fx-nhk.webp\" alt=\"oniux fx nhk\"><\/span><\/p>\n<\/div>\n<div class=\"paragraph\">\n<p>\u5bfe\u3057\u3066BBC\u306a\u3069\u306fonion\u30a2\u30c9\u30ec\u30b9\u3067\u3082\u63d0\u4f9b\u3055\u308c\u3066\u3044\u307e\u3059\uff0e<\/p>\n<\/div>\n<div class=\"paragraph\">\n<p><a href=\"https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/\" class=\"bare\">https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/<\/a><\/p>\n<\/div>\n<div class=\"paragraph\">\n<p>\u3067\u3082oniux\u7d4c\u7531\u306eFirefox\u3060\u3068\u540d\u524d\u304c\u5f15\u3051\u306a\u3044\u3088\u3046\u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u307e\u305b\u3093\uff0e\u4ed6\u306eonion site\u3082\u30c0\u30e1\u305d\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n<div class=\"paragraph\">\n<p><span class=\"image\"><img decoding=\"async\" src=\"https:\/\/matoken.org\/blog\/wp-content\/uploads\/2025\/05\/oniux-fx-onion-ng.webp\" alt=\"oniux fx onion ng\"><\/span><\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ oniux w3m https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/\nw3m: Can't load https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/.\n$ oniux w3m https:\/\/www.facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion\/\nw3m: Can't load https:\/\/www.facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion\/.\n$ oniux curl -v https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/\n* Not resolving .onion address (RFC 7686)\n* Could not resolve host: www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\n* closing connection #0\ncurl: (6) Not resolving .onion address (RFC 7686)\n$ oniux wget https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/\n--2025-05-20 18:57:14--  https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/\nResolving www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion (www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion)... failed: Name or service not known.\nwget: unable to resolve host address \u2018www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\u2019\n$ oniux ssh pi3bddj6lflqdtsfhdlja2zma3m7kqc4rhwpytoa37pbjc63suocj6qd.onion -F \/dev\/null\nssh: Could not resolve hostname pi3bddj6lflqdtsfhdlja2zma3m7kqc4rhwpytoa37pbjc63suocj6qd.onion: Name or service not known<\/pre>\n<\/div>\n<\/div>\n<div class=\"paragraph\">\n<p>\u4eca\u306e\u3068\u3053\u308donion address\u306f\u4f7f\u3048\u306a\u3055\u305d\u3046\u306a\u611f\u3058\u3067\u3059\uff0e<\/p>\n<\/div>\n<div class=\"ulist\">\n<ul>\n<li>\n<p><a href=\"https:\/\/gitlab.torproject.org\/tpo\/core\/torspec\/-\/issues\/202\">Formalize toggle override for non-Tor applications that follow RFC 7686 (#202) \u00b7 Issue \u00b7 tpo\/core\/torspec<\/a><\/p>\n<div class=\"ulist\">\n<ul>\n<li>\n<p><a href=\"https:\/\/gitlab.torproject.org\/tpo\/core\/torspec\/-\/issues\/202#note_2959669\">Formalize toggle override for non-Tor applications that follow RFC 7686 (#202) \u00b7 Issue \u00b7 tpo\/core\/torspec<\/a><\/p>\n<\/li>\n<\/ul>\n<\/div>\n<\/li>\n<\/ul>\n<\/div>\n<div class=\"paragraph\">\n<p>oniux\u306f\u307e\u3060\u5b9f\u9a13\u7684\u306a\u30c4\u30fc\u30eb\u306a\u306e\u3067\u3044\u3064\u3082\u306f\u5f93\u6765\u306etorsocks\u306a\u3069\u3092\u5229\u7528\u3057\u3064\u3064\u898b\u5b88\u3063\u3066\u3044\u3053\u3046\u3068\u601d\u3044\u307e\u3059\uff0e<\/p>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"content\">\n<pre>$ torsocks w3m -dump https:\/\/check.torproject.org\/ | grep -e 'Sorry.' -e 'Congratulations.'\nCongratulations. This browser is configured to use Tor.\n$ torsocks w3m -dump https:\/\/www.bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion\/ | head\nBBC Homepage\n\n  \u2022 Skip to content\n  \u2022 Accessibility Help\n\n  \u2022\n    Your account\n\n  \u2022 Home\n  \u2022 News<\/pre>\n<\/div>\n<\/div>\n<div class=\"listingblock\">\n<div class=\"title\">\u74b0\u5883<\/div>\n<div class=\"content\">\n<pre>$ grep ^version ~\/.cargo\/git\/checkouts\/oniux-a37b67fa6132af61\/ff31287\/Cargo.toml\nversion = \"0.4.0\"\n$ dpkg-query -W cargo torsocks tor w3m firefox openssh-client\ncargo\nfirefox 138.0.4-1\nopenssh-client  1:10.0p1-5\ntor     0.4.8.16-1\ntorsocks        2.5.0-1\nw3m     0.5.3+git20230121-2.1\n$ lsb_release -dr\nDescription:    Debian GNU\/Linux 13 (trixie)\nRelease:        13\n$ arch\nx86_64<\/pre>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Tor\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u304b\u3089Linux Namespace\u3067\u4efb\u610f\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092Tor\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u5206\u96e2\u3059\u308boniux\u3068\u3044\u3046\u30c4\u30fc\u30eb\u304c\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3057\u305f\uff0e \u52d5\u4f5c\u3068\u3057\u3066\u306f\u4ee5\u524d\u304b\u3089\u3042\u308btorsocks\u3084torify\u306e\u3088\u3046\u306a\u3082\u306e\u306e [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"webmentions_disabled_pings":false,"webmentions_disabled":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":4,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"federated","footnotes":""},"categories":[7,6,199],"tags":[1207,1208,548],"class_list":["post-4568","post","type-post","status-publish","format-standard","hentry","category-debian-linux","category-linux","category-sid","tag-onion-site","tag-oniux","tag-tor"],"_links":{"self":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts\/4568","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/comments?post=4568"}],"version-history":[{"count":1,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts\/4568\/revisions"}],"predecessor-version":[{"id":4569,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts\/4568\/revisions\/4569"}],"wp:attachment":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/media?parent=4568"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/categories?post=4568"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/tags?post=4568"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}