TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-12-04 15:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssh/tailssh: fix Tailscale SSH to Linux Arch machines

Browse Source 
See https://github.com/tailscale/tailscale/issues/4924#issuecomment-1168201823

Arch uses a different login binary that makes the -h flag set the PAM
service to "remote". So if they don't have that configured, don't pass -h.

Thanks to @eddiezane for debugging!

Updates #4924

Change-Id: I8d33e0afb2dfb99517bcea2f9d5d0c6247519b3c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
(cherry picked from commit 3b1f99ded1)
This commit is contained in:
Brad Fitzpatrick 2022-06-28 15:16:48 -07:00 committed by Denton Gentry
parent b39592f68a
commit 029508d8be
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ssh/tailssh/incubator_linux.go
View File

@ -17,6 +17,7 @@
"github.com/godbus/dbus/v5" "github.com/godbus/dbus/v5"
"tailscale.com/types/logger" "tailscale.com/types/logger"
"tailscale.com/version/distro"
) )
func init() { func init() {
@ -174,7 +175,20 @@ func maybeStartLoginSessionLinux(logf logger.Logf, ia incubatorArgs) (func() err
return nil, nil return nil, nil
} }
func fileExists(path string) bool {
_, err := os.Stat(path)
return err == nil
}
func (ia *incubatorArgs) loginArgs() []string { func (ia *incubatorArgs) loginArgs() []string {
if distro.Get() == distro.Arch && !fileExists("/etc/pam.d/remote") {
// See https://github.com/tailscale/tailscale/issues/4924
//
// Arch uses a different login binary that makes the -h flag set the PAM
// service to "remote". So if they don't have that configured, don't
// pass -h.
return []string{ia.loginCmdPath, "-f", ia.localUser, "-p"}
}
return []string{ia.loginCmdPath, "-f", ia.localUser, "-h", ia.remoteIP, "-p"} return []string{ia.loginCmdPath, "-f", ia.localUser, "-h", ia.remoteIP, "-p"}
} }