From 7bdea283bd3ea3b044ed54af751411e322a54f8c Mon Sep 17 00:00:00 2001 From: Maisem Ali Date: Fri, 8 Dec 2023 09:46:32 -0800 Subject: [PATCH] cmd/containerboot: symlink TS_SOCKET to socket expected by CLI `tailscaled` and `tailscale` expect the socket to be at `/var/run/tailscale/tailscaled.sock`, however containerboot would set up the socket at `/tmp/tailscaled.sock`. This leads to a poor UX when users try to use any `tailscale` command as they have to prefix everything with `--socket /tmp/tailscaled.sock`. To improve the UX, this adds a symlink to `/var/run/tailscale/tailscaled.sock` to point to `/tmp/tailscaled.sock`. This approach has two benefits, 1 users are able to continue to use existing scripts without this being a breaking change. 2. users are able to use the `tailscale` CLI without having to add the `--socket` flag. Fixes tailscale/corp#15902 Fixes #6849 Fixes #10027 Signed-off-by: Maisem Ali --- cmd/containerboot/main.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/cmd/containerboot/main.go b/cmd/containerboot/main.go index 18f32bcf1..8e5c8ad0f 100644 --- a/cmd/containerboot/main.go +++ b/cmd/containerboot/main.go @@ -208,6 +208,24 @@ func main() { log.Fatalf("failed to watch tailscaled for updates: %v", err) } + // Now that we've started tailscaled, we can symlink the socket to the + // default location if needed. + const defaultTailscaledSocketPath = "/var/run/tailscale/tailscaled.sock" + if cfg.Socket != "" && cfg.Socket != defaultTailscaledSocketPath { + // If we were given a socket path, symlink it to the default location so + // that the CLI can find it without any extra flags. + // See #6849. + + dir := filepath.Dir(defaultTailscaledSocketPath) + err := os.MkdirAll(dir, 0700) + if err == nil { + err = syscall.Symlink(cfg.Socket, defaultTailscaledSocketPath) + } + if err != nil { + log.Printf("[warning] failed to symlink socket: %v\n\tTo interact with the Tailscale CLI please use `tailscale --socket=%q`", err, cfg.Socket) + } + } + // Because we're still shelling out to `tailscale up` to get access to its // flag parser, we have to stop watching the IPN bus so that we can block on // the subcommand without stalling anything. Then once it's done, we resume