Commit Graph

6 Commits (dbac0dc5301e0b7b2adafbf930e3b1b6f5964421)

Author SHA1 Message Date
refi64 dbac0dc530
hostsfile: Copy the SELinux context to the temp file before overwrite (#273)
* hostsfile: Copy the SELinux context to the temp file before overwrite

On SELinux-enabled systems, /etc/hosts has a different type `net_conf_t`
than the other files in /etc, so the temporary file that overwrites it
ends up with the wrong context, resulting in many system services
becoming unable to access the file. To fix this, manually look up the
context /etc/hosts has and copy it to the temporary file before
the rename.

In order to avoid depending on libselinux on systems that don't use it,
this support is gated behind the new "selinux" feature. It *is*
installed and enabled in the Dockerfile, however, in order to ensure
that it still builds.

* Appease clippy

* Add info about selinux feature to README.md

* Remove unused ClientError struct

* Reformatted & repositioned and improved doc about selinux

---------

Co-authored-by: Brian Schwind <brianmschwind@gmail.com>
Co-authored-by: Jürgen Botz <jurgen@botz.org>
2024-07-01 10:16:43 +09:00
Jake McGinty d796cb54bf
hostsfile: safely overwrite hosts file instead of clobbering (#186)
fixes #183
2022-01-22 16:24:44 +09:00
Jake McGinty 5c72592069 meta: rust edition 2018 -> 2021 2022-01-11 01:54:43 -06:00
Jake McGinty 449b4b8278
client: support running as non-root (#94)
shared(wg): use netlink instead of execve calls to "ip"
hostsfile: write to hostsfile in-place
2021-06-10 22:57:47 +09:00
Jake McGinty 4ec2f4099b hostsfile: v1.0.1 2021-04-08 10:46:49 +09:00
Jake McGinty c49f061bb7 kabloomers. public release v1.0.0 2021-03-30 02:47:34 +09:00