UAPI socket for the macOS sandboxed Wireguard app #143
Conversation
Signed-off-by: Jan Noha <nohajc@gmail.com>
|
Great contribution :) I could really use this feature too. It would be great if we could get this merged. |
|
I'm also interested in this. Should I initiate it? That is, sending the patches or perhaps asking for push access to the original repos' feature branches... I understand some of the repositories are only mirrors here on GitHub but I've seen previous pull requests being cherry-picked. Anyway, it would be nice to hear from others whether they think this is useful and also satisfactory in the current form. |
|
Starting a conversation on the mailing list seems like the appropriate place. It's not clear to me how these pieces fit together yet and I'd rather have a plan worked out before merging code here. |
Ok, I sent an email to wireguard@lists.zx2c4.com, awaiting response. I assume it's not required to subscribe. I can't see my message in the archive yet, though I have no idea how often it is updated. I didn't generate the git patches because it looked like I'd have to send one email for each repo which didn't seem very practical to me. Please, let me know if there's anything else I should do. Thanks. |
|
No worries about the patches at the moment. I just want to make sure we get Jason's thoughts on everything and how the pieces fit together. |
|
Question: Do I have to subscribe to the mailing list first? Because I sent an email two weeks ago, haven't got any response and it didn't even show up in the archive. |
|
@mdlayher @zx2c4 Ok, I really don't know what to do here. I sent an email to the mailing list twice. I got no response and it didn't even show up in the archive. To be honest, this mailing list policy and apparent lack of any interest in PRs coming from github is kind of discouraging. |
|
I haven't had a chance to look into this yet. Sorry for the delay. |
I understand it's probably low priority but it's also a fairly small change... |
This change makes it possible to configure tunnels created by the App Store Wireguard UI using
wgandwgctrl-go.It's an implementation of this suggestion: #96 (comment)
Because the app is sandboxed, you cannot create the socket in its usual location (
/var/run/wireguard).It should be possible to configure an exception for the path but in practice it only works with regular files and not Unix domain sockets. That's why I create the socket inside the app's sandbox folder instead (
~/Library/Containers/com.wireguard.macos.network-extension/Data).I'm also submitting pull requests to modify
wireguard-apple,wireguard-goandwireguard-toolsto work with this alternative path.WireGuard/wireguard-apple#27
WireGuard/wireguard-go#89
WireGuard/wireguard-tools#21