TheArchive/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-12-02 16:51:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
75d2080e53d8b2e98fb471bcc4e561d08ad7f7bc
yggdrasil-go/src
History
Klemens Nanni 834680045a Create admin socket synchronously before privdrop (#1201) 
Creating UNIX sockets the listen() goroutine that races against the main
one dropping to an unprivileged user may cause startup failure when
privdrop happens before privileged filesystem access.

Setup or fail in New() and only do listen(2) in listen() to avoid this.

```
# yggdrasil -autoconf -user nobody
2024/11/03 21:15:27 Build name: yggdrasil-go
2024/11/03 21:15:27 Build version: 0.5.9
...
2024/11/03 21:15:27 Admin socket failed to listen: listen unix /var/run/yggdrasil.sock: bind: permission denied
```

Rerun, now the order is flipped:
```
# yggdrasil -autoconf -user nobody
2024/11/03 21:15:34 Build name: yggdrasil-go
2024/11/03 21:15:34 Build version: 0.5.9
[...]
2024/11/03 21:15:34 UNIX admin socket listening on /var/run/yggdrasil.sock
[...]
```

Fixes #927.
2024-11-11 19:27:02 +00:00
..
address
Use Go 1.21 in CI, update minimum version to Go 1.20, lint fixes, update quic-go
2023-08-12 18:12:58 +01:00
admin
Create admin socket synchronously before privdrop (#1201)
2024-11-11 19:27:02 +00:00
config
Update comments in default configuration file
2024-10-27 20:59:05 +00:00
core
Raise link error when SNI supplied on unsupported link type
2024-10-27 21:06:56 +00:00
ipv6rwc
update to ironwood v0.0.0-20230513191034-495699d87ae4 with API changes
2023-05-13 14:44:38 -05:00
multicast
The AllowedPublicKeys option should not apply to multicast listeners
2024-09-29 21:38:56 +01:00
tun
When IfName is none, start queue goroutine, otherwise iprwc blocks and some handlers don't run
2024-10-20 21:28:04 +01:00
version
yggdrasil: buildName should report unknown
2019-11-11 00:24:50 -05:00