TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,352 Commits 706 Branches 157 Tags 102 MiB
1355f622be
Commit Graph

62 Commits

Author SHA1 Message Date
Brad Fitzpatrick
5611f290eb ipn, ipnserver: only require sudo on Linux for mutable CLI actions 
This partially reverts d6e9fb1df0, which modified the permissions
on the tailscaled Unix socket and thus required "sudo tailscale" even
for "tailscale status".

Instead, open the permissions back up (on Linux only) but have the
server look at the peer creds and only permit read-only actions unless
you're root.

In the future we'll also have a group that can do mutable actions.

On OpenBSD and FreeBSD, the permissions on the socket remain locked
down to 0600 from d6e9fb1df0.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-01-15 10:13:00 -08:00
Brad Fitzpatrick
d6e9fb1df0 all: adjust Unix permissions for those without umasks 
Fixes tailscale/corp#1165

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2021-01-11 19:24:41 -08:00
Brad Fitzpatrick
d8e67ca2ab safesocket: gofmt 
gofmt differences between versions :(
 2020-07-20 14:40:19 -07:00
Brad Fitzpatrick
f562c35c0d safesocket: support connecting to Mac TCP server from within App Sandbox 2020-07-20 14:23:50 -07:00
Brad Fitzpatrick
5362e952e1 safesocket: gofmt 
Was developed on a random machine without my normal environment.
 2020-03-30 11:23:18 -07:00
Brad Fitzpatrick
fee2d9fad4 safesocket: connect to the macOS network extension on darwin (as last resort) 
(For cmd/tailscale CLI support on macOS)

Signed-off-by: Brad Fitzpatrick <brad@danga.com>
 2020-03-29 22:15:28 -07:00
Brad Fitzpatrick
b3d9eab1fe safesocket: make some effort to create parent directory of sock 2020-03-03 11:47:21 -08:00
Brad Fitzpatrick
04e6b77774 safesocket: delete incorrect build tag 
Leftover from copying one file to another to create safesocket.go
in the earlier documentation change (29f7d64091).
 2020-02-25 09:02:52 -08:00
Brad Fitzpatrick
29f7d64091 safesocket: document 
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
 2020-02-25 08:46:34 -08:00
David Anderson
4460bd638b safesocket: simplify API. 
On unix, we want to provide a full path to the desired unix socket.

On windows, currently we want to provide a TCP port, but someday
we'll also provide a "path-ish" object for a named pipe.

For now, simplify the API down to exactly a path and a TCP port.

Signed-off-by: David Anderson <dave@natulte.net>
 2020-02-18 12:56:19 -08:00
David Anderson
39bc24cb96 safesocket: make test use testing.T correctly. 
Signed-off-by: David Anderson <dave@natulte.net>
 2020-02-11 10:28:11 -08:00
Earl Lee
a8d8b8719a Move Linux client & common packages into a public repo. 2020-02-09 09:32:57 -08:00