include ipnbus so 'tailscale up' waits and prints login URL
Without ipnbus, 'tailscale up' fires config at the daemon and returns
immediately ('built with ts_omit_ipnbus; not waiting for completion')
without printing the auth URL or confirming success. Add it to the
allowlist so interactive 'up' behaves normally.
This commit is contained in:
@@ -69,6 +69,12 @@ WORKDIR /src/tailscale
|
|||||||
# trusted unix socket, so PermitRead/PermitWrite are
|
# trusted unix socket, so PermitRead/PermitWrite are
|
||||||
# always false and EVERY CLI call (status, up, set, ...)
|
# always false and EVERY CLI call (status, up, set, ...)
|
||||||
# returns "access denied" (tailscale/tailscale#17873).
|
# returns "access denied" (tailscale/tailscale#17873).
|
||||||
|
# ipnbus — IPN bus watch. Without it, 'tailscale up' cannot wait
|
||||||
|
# for completion: it fires config at the daemon and
|
||||||
|
# returns immediately ("built with ts_omit_ipnbus; not
|
||||||
|
# waiting for completion") WITHOUT printing the auth URL
|
||||||
|
# or confirming success. Including it makes interactive
|
||||||
|
# 'up' behave normally (blocks, prints login URL).
|
||||||
#
|
#
|
||||||
# Everything else remains omitted, including (rationale):
|
# Everything else remains omitted, including (rationale):
|
||||||
# clientupdate — DELIBERATELY removed. The built-in updater would download
|
# clientupdate — DELIBERATELY removed. The built-in updater would download
|
||||||
@@ -111,6 +117,7 @@ RUN mkdir -p /out && \
|
|||||||
-e 's/ts_omit_health,\{0,1\}//g' \
|
-e 's/ts_omit_health,\{0,1\}//g' \
|
||||||
-e 's/ts_omit_iptables,\{0,1\}//g' \
|
-e 's/ts_omit_iptables,\{0,1\}//g' \
|
||||||
-e 's/ts_omit_unixsocketidentity,\{0,1\}//g' \
|
-e 's/ts_omit_unixsocketidentity,\{0,1\}//g' \
|
||||||
|
-e 's/ts_omit_ipnbus,\{0,1\}//g' \
|
||||||
-e 's/,$//' \
|
-e 's/,$//' \
|
||||||
) && \
|
) && \
|
||||||
echo "Build tags: ${TAGS}" && \
|
echo "Build tags: ${TAGS}" && \
|
||||||
|
|||||||
@@ -143,6 +143,7 @@ that's a separate build, not just a `--platform` change.
|
|||||||
| iptables | Linux iptables support for routing rules |
|
| iptables | Linux iptables support for routing rules |
|
||||||
| osrouter | Configure kernel network stack and routing tables |
|
| osrouter | Configure kernel network stack and routing tables |
|
||||||
| unixsocketidentity | **Required** — without it the localapi denies every CLI call with "access denied" ([tailscale#17873](https://github.com/tailscale/tailscale/issues/17873)) |
|
| unixsocketidentity | **Required** — without it the localapi denies every CLI call with "access denied" ([tailscale#17873](https://github.com/tailscale/tailscale/issues/17873)) |
|
||||||
|
| ipnbus | Lets `tailscale up` wait for completion and print the login URL; without it `up` returns immediately without confirming success |
|
||||||
|
|
||||||
## Features intentionally omitted
|
## Features intentionally omitted
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user