TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-29 04:55:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
d2480fd508
tailscale/net/netns
History
Denton Gentry d2480fd508 net/netns: support !CAP_NET_ADMIN 
netns_linux checked whether "ip rule" could run to determine
whether to use SO_MARK for network namespacing. However in
Linux environments which lack CAP_NET_ADMIN, such as various
container runtimes, the "ip rule" command succeeds but SO_MARK
fails due to lack of permission. SO_BINDTODEVICE would work in
these environments, but isn't tried.

In addition to running "ip rule" check directly whether SO_MARK
works or not. Among others, this allows Microsoft Azure App
Service and AWS App Runner to work.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2021-07-14 10:01:14 -07:00
..
netns_android.go net/netns: add Android implementation, allowing registration of JNI hook 2021-06-24 12:50:47 -07:00
netns_darwin_tailscaled.go net/{interfaces,netns}: change which build tag means mac/ios Network/System Extension 2021-06-03 08:29:22 -07:00
netns_default.go net/{interfaces,netns}: change which build tag means mac/ios Network/System Extension 2021-06-03 08:29:22 -07:00
netns_linux_test.go net/netns: support !CAP_NET_ADMIN 2021-07-14 10:01:14 -07:00
netns_linux.go net/netns: support !CAP_NET_ADMIN 2021-07-14 10:01:14 -07:00
netns_macios.go net/dns{,/resolver}: refactor DNS forwarder, send out of right link on macOS/iOS 2021-06-23 16:04:10 -07:00
netns_test.go netns_linux: No namespace for localhost. 2021-07-14 10:01:14 -07:00
netns_windows.go net/netns: remove use of unsafe on Windows 2020-11-14 19:53:10 -08:00
netns.go netns_linux: No namespace for localhost. 2021-07-14 10:01:14 -07:00
socks.go net/netns: move SOCKS dialing to netns for now 2020-06-01 11:00:03 -07:00