Closed Jimmy-Z closed 11 months ago
There are no change between 0.5 and 0.6 on the handling of Tun files, the capacility is probably not set correctly or you had CAP_NET_ADMIN
set on 0.5 binary but not 0.6. Check it with getcap
to confirm.
Sorry for the delay.
Yes I did forget setcap on the 0.6 binary.
So I fixed it:
# getcap /jails/phantun/bin/*
/jails/phantun/bin/phantun_client_v0.2.5 cap_net_admin=ep
/jails/phantun/bin/phantun_client_v0.5.0 cap_net_admin=ep
/jails/phantun/bin/phantun_client_v0.6.0-gnu cap_net_admin=ep
/jails/phantun/bin/phantun_client_v0.6.0-musl cap_net_admin=ep
the gnu binary still doesn't work after changing this.
But it works if not running in a chroot jail (remove RootDirectory=
from the service file).
the musl binary now works fine in the chroot jail.
and it looks like the 0.5.0 binary I was using is the musl build, so it's likely the gnu variant never worked in chroot.
Sorry for the misleading, and thanks for your time.
The gnu build and musl build experienced different errors:
gnu:
musl:
it works if reverted to 0.5.0, everything else is the same. my systemd unit file runs phantun in a chroot jail if that matters: