From 2ce2b632396801600b057859ae26c4b508f10e57 Mon Sep 17 00:00:00 2001
From: Dmytro Shynkevych <dmytro@tailscale.com>
Date: Wed, 29 Jul 2020 21:09:18 -0400
Subject: [PATCH] router: stop iOS subprocess sandbox violations (#617)

Signed-off-by: Dmytro Shynkevych <dmytro@tailscale.com>
---
 wgengine/router/router_userspace_bsd.go | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/wgengine/router/router_userspace_bsd.go b/wgengine/router/router_userspace_bsd.go
index 5a8655f12..7c2aa1b88 100644
--- a/wgengine/router/router_userspace_bsd.go
+++ b/wgengine/router/router_userspace_bsd.go
@@ -153,7 +153,10 @@ func (r *userspaceBSDRouter) Set(cfg *Config) error {
 }
 
 func (r *userspaceBSDRouter) Close() error {
-	cleanup(r.logf, r.tunname)
+	if err := downDNS(r.tunname); err != nil {
+		r.logf("dns down: %v", err)
+	}
+	// No interface cleanup is necessary during normal shutdown.
 	return nil
 }
 
@@ -161,9 +164,12 @@ func cleanup(logf logger.Logf, interfaceName string) {
 	if err := downDNS(interfaceName); err != nil {
 		logf("dns down: %v", err)
 	}
-
-	ifup := []string{"ifconfig", interfaceName, "down"}
+	// If the interface was left behind, ifconfig down will not remove it.
+	// In fact, this will leave a system in a tainted state where starting tailscaled
+	// will result in "interface tailscale0 already exists"
+	// until the defunct interface is ifconfig-destroyed.
+	ifup := []string{"ifconfig", interfaceName, "destroy"}
 	if out, err := cmd(ifup...).CombinedOutput(); err != nil {
-		logf("ifconfig down: %v\n%s", err, out)
+		logf("ifconfig destroy: %v\n%s", err, out)
 	}
 }