1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
// Copyright (c) Tailscale Inc & contributors
// SPDX-License-Identifier: BSD-3-Clause
// Package paths returns platform and user-specific default paths to
// Tailscale files and directories.
package paths
import (
"log"
"os"
"path/filepath"
"runtime"
"tailscale.com/syncs"
"tailscale.com/version/distro"
)
// AppSharedDir is a string set by the iOS or Android app on start
// containing a directory we can read/write in.
var AppSharedDir syncs.AtomicValue[string]
// DefaultTailscaledSocket returns the path to the tailscaled Unix socket
// or the empty string if there's no reasonable default.
func DefaultTailscaledSocket() string {
if runtime.GOOS == "windows" {
return `\\.\pipe\ProtectedPrefix\Administrators\Tailscale\tailscaled`
}
if runtime.GOOS == "darwin" {
return "/var/run/tailscaled.socket"
}
if runtime.GOOS == "plan9" {
return "/srv/tailscaled.sock"
}
switch distro.Get() {
case distro.Synology:
if distro.DSMVersion() == 6 {
return "/var/packages/Tailscale/etc/tailscaled.sock"
}
// DSM 7 (and higher? or failure to detect.)
return "/var/packages/Tailscale/var/tailscaled.sock"
case distro.Gokrazy:
return "/perm/tailscaled/tailscaled.sock"
case distro.QNAP:
return "/tmp/tailscale/tailscaled.sock"
}
if fi, err := os.Stat("/var/run"); err == nil && fi.IsDir() {
return "/var/run/tailscale/tailscaled.sock"
}
return "tailscaled.sock"
}
// Overridden in init by OS-specific files.
var (
stateFileFunc func() string
// ensureStateDirPerms applies a restrictive ACL/chmod
// to the provided directory.
ensureStateDirPerms = func(string) error { return nil }
)
// DefaultTailscaledStateFile returns the default path to the
// tailscaled state file, or the empty string if there's no reasonable
// default value.
func DefaultTailscaledStateFile() string {
if f := stateFileFunc; f != nil {
return f()
}
if runtime.GOOS == "windows" {
return filepath.Join(os.Getenv("ProgramData"), "Tailscale", "server-state.conf")
}
return ""
}
// DefaultTailscaledStateDir returns the default state directory
// to use for tailscaled, for use when the user provided neither
// a state directory or state file path to use.
//
// It returns the empty string if there's no reasonable default.
func DefaultTailscaledStateDir() string {
if runtime.GOOS == "plan9" {
home, err := os.UserHomeDir()
if err != nil {
log.Fatalf("failed to get home directory: %v", err)
}
return filepath.Join(home, "tailscale-state")
}
return filepath.Dir(DefaultTailscaledStateFile())
}
// MakeAutomaticStateDir reports whether the platform
// automatically creates the state directory for tailscaled
// when it's absent.
func MakeAutomaticStateDir() bool {
switch runtime.GOOS {
case "plan9":
return true
case "linux":
if distro.Get() == distro.JetKVM {
return true
}
}
return false
}
// MkStateDir ensures that dirPath, the daemon's configuration directory
// containing machine keys etc, both exists and has the correct permissions.
// We want it to only be accessible to the user the daemon is running under.
func MkStateDir(dirPath string) error {
if err := os.MkdirAll(dirPath, 0700); err != nil {
return err
}
return ensureStateDirPerms(dirPath)
}
// LegacyStateFilePath returns the legacy path to the state file when
// it was stored under the current user's %LocalAppData%.
//
// It is only called on Windows.
func LegacyStateFilePath() string {
if runtime.GOOS == "windows" {
return filepath.Join(os.Getenv("LocalAppData"), "Tailscale", "server-state.conf")
}
return ""
}
|
