GraphDumpFile
Sven-Haegar Koch
haegar at sdinet.de
Tue Dec 28 22:54:30 CET 2021
On Tue, 28 Dec 2021, Erich Eckner wrote:
> Though, it seems to behave strangely, when called from host-up and host-down -
> but I still have to investigate that one further.
>
> On a side note: Would it make sense / would it be possible to expose some
> similar feature for a less-privileged user than root (which is running the
> tinc daemon on my host)?
While a bit hacky, this is possible.
I use the following in the tinc-up script:
#!/bin/sh
# allow access for haegar
chmod 640 /var/run/tinc.networkname.pid
chown root:haegar /var/run/tinc.networkname.pid
chmod 660 /var/run/tinc.networkname.socket
chown root:haegar /var/run/tinc.networkname.socket
(replace 'networkname' with the name of your network)
And then (in my case) as a user in the group haegar I can just execute
tinc -n networkname --pidfile /var/run/tinc.networkname.pid dump subnets
(in my usage I execute the tinc client from cron as a non-priv user, and
generate my own graphs)
c'ya
sven-haegar
--
Three may keep a secret, if two of them are dead.
- Ben F.
More information about the tinc
mailing list