I've been meaning to add this patch for a long time, but it's especially important once we add FQDN support to --auto-hosts. Basically, auto-hosts will still discover all the hostnames it can, but we'll only add them to /etc/hosts if their IP address is in one of the routed subnet ranges. That prevents polluting the /etc/hosts file with cruft.
There were still a few conditions under some OSes that would cause firewall.py to terminate without cleaning up the firewall settings. 'pkill sshuttle' was one of them. Ignore a couple more signals to further ensure a correct cleanup. (This only affects sshuttle --firewall, which is a subprocess of the main sshuttle process. The firewall is supposed to exit automatically whenever the client exits, and so far that part seems to work reliably.)
If the expected arch directory doesn't exist, give up and don't specify arch at all. Currently it expands to '*' which fails. [slightly modified by apenwarr]
And make sshuttle exit with a well-defined exit code (111) if it needs to reboot.
This makes it easier (possible?) to generate sshuttle.8 from sshuttle.md on MacOS. We also import the git-enhanced version numbering magic so the generated manpage can have a real version number.
If the subprocess was trying to write to its stdout/stderr, its process would never actually finish because it was blocked waiting for us to read it, but we were blocked on waitpid(). Instead, use waitpid(WNOHANG) and continually read from the subprocess (which should be a blocking operation) until it exits.
Seems to affect Linux servers. Ed Maste says the patch fixes it for him.
I don't have a Mac that can build it. Hopefully ppc will run fine on ppc64.
Just as a quick reminder, in case you're building a fat binary and you don't have all the architectures actually installed.
@objc.accessor isn't the right thing to use for a Core Data Validation function. Yowee, PyObjc sure is non-obvious.
Some people don't have all of them installed, so auto-detect them by looking at the available arches in /usr/libexec.
...and search for those null bytes before looking for the sync string. This helps when people have misconfigured .bashrc to print messages even in non-interactive mode. (On my Debian Lenny system, .bashrc doesn't seem to run when you do 'ssh localhost ls', but on MacOS servers, it does. Hmm...)
This gets rid of an extra intermediate sh process on the server that we were keeping for no good reason, since it would exit as soon as python exited anyway.