admin unix-socket binds correctly only to a specific path
ygguser opened this issue · comments
If I add the AdminListen
parameter equal to unix:///var/run/yggdrasil.sock
to the configuration file, then the daemon (systemd) cannot be started, an error occurs: Admin socket failed to listen: listen unix /var/run/yggdrasil.sock: bind: read-only file
But with this parameter equal to unix:///var/run/yggdrasil/yggdrasil.sock
, everything works correctly.
What could be the reason for the error in the case of AdminListen: unix:///var/run/yggdrasil.sock
?
Build version: 0.5.1
Debian: bookworm/sid
If you are using the Debian package, it is because of the policies set in the systemd service unit to prevent Yggdrasil from writing to arbitrary locations on the filesystem.
Is there a reason you need to change the path?
It's just that in version 0.4.7 I had the path unix:///var/run/yggdrasil.sock
specified.
When switching to 0.5.1, this parameter disappeared from the configuration file and I specified it as it was before... And faced with this error...
Thanks for the tip about the service policies!
ReadWritePaths=/var/run/yggdrasil/ /run/yggdrasil/
:)
I think there is no need to change anything.