From 0d972678e7518735d33c1ad1cbf64d1ba51cf36c Mon Sep 17 00:00:00 2001
From: Brad Fitzpatrick <bradfitz@tailscale.com>
Date: Mon, 6 Jun 2022 08:09:51 -0700
Subject: [PATCH] cmd/tailscale/cli: disable 'tailscale ssh' on sandboxed macOS

Updates #3802
Updates #4518
Fixes #4628

Change-Id: I194d2cc30fc8e38b66d4910787efbce14317b0ff
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
---
 cmd/tailscale/cli/ssh.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cmd/tailscale/cli/ssh.go b/cmd/tailscale/cli/ssh.go
index 24fb337f2..92bd42a10 100644
--- a/cmd/tailscale/cli/ssh.go
+++ b/cmd/tailscale/cli/ssh.go
@@ -22,6 +22,7 @@
 	"tailscale.com/envknob"
 	"tailscale.com/ipn/ipnstate"
 	"tailscale.com/net/tsaddr"
+	"tailscale.com/version"
 )
 
 var sshCmd = &ffcli.Command{
@@ -32,6 +33,9 @@
 }
 
 func runSSH(ctx context.Context, args []string) error {
+	if runtime.GOOS == "darwin" && version.IsSandboxedMacOS() && !envknob.UseWIPCode() {
+		return errors.New("The 'tailscale ssh' subcommand is not available on sandboxed macOS builds.\nUse the regular 'ssh' client instead.")
+	}
 	if len(args) == 0 {
 		return errors.New("usage: ssh [user@]<host>")
 	}