GraphDumpFile

Sven-Haegar Koch haegar at sdinet.de
Tue Dec 28 22:54:30 CET 2021


On Tue, 28 Dec 2021, Erich Eckner wrote:

> Though, it seems to behave strangely, when called from host-up and host-down -
> but I still have to investigate that one further.
> 
> On a side note: Would it make sense / would it be possible to expose some
> similar feature for a less-privileged user than root (which is running the
> tinc daemon on my host)?

While a bit hacky, this is possible.

I use the following in the tinc-up script:

#!/bin/sh
# allow access for haegar
chmod 640 /var/run/tinc.networkname.pid
chown root:haegar /var/run/tinc.networkname.pid
chmod 660 /var/run/tinc.networkname.socket
chown root:haegar /var/run/tinc.networkname.socket


(replace 'networkname' with the name of your network)

And then (in my case) as a user in the group haegar I can just execute

tinc -n networkname --pidfile /var/run/tinc.networkname.pid dump subnets

(in my usage I execute the tinc client from cron as a non-priv user, and 
generate my own graphs)

c'ya
sven-haegar

-- 
Three may keep a secret, if two of them are dead.
- Ben F.


More information about the tinc mailing list