If we move the polypath comm before the tun netlink, the tun will
already have been set up by the time polypath spawns its privsep
helper. (Since the entries are processed in reverse order.) This
means that the CHILDPERSIST phase hook ends up closing the tun fd,
which we can see in strace.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
+comm polypath {
+ port 16910;
+ buffer sysbuffer(4096);
+ monitor-command "./polypath-interface-monitor-linux";
+ interfaces "!secnet-test*";
+ permit-loopback True;
+};
netlink tun {
name "netlink-tun"; # Printed in log messages from this netlink
local-address "172.18.232.9";
buffer sysbuffer(2048);
interface "secnet-test-i";
};
-comm polypath {
- port 16910;
- buffer sysbuffer(4096);
- monitor-command "./polypath-interface-monitor-linux";
- interfaces "!secnet-test*";
- permit-loopback True;
-};
local-name "test-example/inside/inside";
local-key rsa-private("test-example/inside.key");
local-mobile True;