diff options
| author | Jonathan Nobels <jonathan@tailscale.com> | 2025-04-02 12:21:59 -0400 |
|---|---|---|
| committer | Jonathan Nobels <jonathan@tailscale.com> | 2025-04-07 12:02:15 -0400 |
| commit | bb04a36c1d5082c89794d11be6e006398695b39b (patch) | |
| tree | dba49df9c5ac0b8f2cb2dc5f5c9aad147a7600bd /version | |
| parent | 6d117d64a256234372f2bb177392b987aa1758af (diff) | |
| download | tailscale-jonathan/dns_loopback.tar.xz tailscale-jonathan/dns_loopback.zip | |
net/netns, version: enable interface binding for loopback addrs on sandboxed macosjonathan/dns_loopback
fixes tailscale/corp#27506
The bootstrapDNS code is unable to resolve log and derp endpoints when if the forward
dns is a local loopback addr while the tunnel is running.
Sandboxed macos requires that we bind to loopback addresses explicitly. tailscaled on mac must not.
Signed-off-by: Jonathan Nobels <jonathan@tailscale.com>
Diffstat (limited to 'version')
| -rw-r--r-- | version/prop.go | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/version/prop.go b/version/prop.go index 9327e6fe6..a3d15b1d5 100644 --- a/version/prop.go +++ b/version/prop.go @@ -147,6 +147,20 @@ func IsAppleTV() bool { }) } +var isMacOSTailscaled lazy.SyncValue[bool] + +// IsMacOSTailscaled reports whether this binary is the tailscaled daemon running on macos +func IsMacOSTailscaled() bool { + // This rules out iOS and tvOS + if runtime.GOOS != "darwin" { + return false + } + return isMacOSTailscaled.Get(func() bool { + // A darwin client that is not sandboxed macOS is tailscaled + return !IsSandboxedMacOS() + }) +} + var isWindowsGUI lazy.SyncValue[bool] // IsWindowsGUI reports whether the current process is the Windows GUI. |