TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn/ipnlocal: check operator user via osuser package

Browse Source 
So non-local users (e.g. Kerberos on FreeIPA) on Linux can be looked
up. Our default binaries are built with pure Go os/user which only
supports the classic /etc/passwd and not any libc-hooked lookups.

Updates #12601

Change-Id: I9592db89e6ca58bf972f2dcee7a35fbf44608a4f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2024-06-25 06:33:38 -07:00 committed by Brad Fitzpatrick
parent 94415e8029
commit d5e692f7e7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipn/ipnlocal/local.go
View File

@ -22,7 +22,6 @@
"net/url" "net/url"
"os" "os"
"os/exec" "os/exec"
"os/user"
"path/filepath" "path/filepath"
"runtime" "runtime"
"slices" "slices"
@ -96,6 +95,7 @@
"tailscale.com/util/mak" "tailscale.com/util/mak"
"tailscale.com/util/multierr" "tailscale.com/util/multierr"
"tailscale.com/util/osshare" "tailscale.com/util/osshare"
"tailscale.com/util/osuser"
"tailscale.com/util/rands" "tailscale.com/util/rands"
"tailscale.com/util/set" "tailscale.com/util/set"
"tailscale.com/util/syspolicy" "tailscale.com/util/syspolicy"
@ -5290,7 +5290,7 @@ func (b *LocalBackend) OperatorUserID() string {
if opUserName == "" { if opUserName == "" {
return "" return ""
} }
u, err := user.Lookup(opUserName) u, err := osuser.LookupByUsername(opUserName)
if err != nil { if err != nil {
b.logf("error looking up operator %q uid: %v", opUserName, err) b.logf("error looking up operator %q uid: %v", opUserName, err)
return "" return ""