cherry-pick: 3157 excessive ptrs
Merge in DNS/adguard-home from 3157-excessive-ptrs to master Updates #3157. Squashed commit of the following: commit 6803988240dca2f147bb80a5b3f78d7749d2fa14 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 19 14:50:01 2022 +0300 aghnet: and again commit 1a7f4d1dbc8fd4d3ae620349917526a75fa71b47 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 19 14:49:20 2022 +0300 aghnet: docs again commit d88da1fc7135f3cd03aff10b02d9957c8ffdfd30 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 19 14:47:36 2022 +0300 aghnet: imp docs commit c45dbc7800e882c6c4110aab640c32b03046f89a Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 19 14:41:19 2022 +0300 aghnet: keep alphabetical order commit b61781785d096ef43f60fb4f1905a4ed3cdf7c68 Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 19 13:50:56 2022 +0300 aghnet: imp code quality commit 578dbd71ed2f2089c69343d7d4bf8bbc29150ace Author: Eugene Burkov <E.Burkov@AdGuard.COM> Date: Tue Apr 12 17:02:38 2022 +0300 aghnet: imp arp container
This commit is contained in:
Eugene Burkov
committed by
Ainar Garipov
Ainar Garipov
parent
723279121a
commit
c4a13b92d2
@@ -518,44 +518,31 @@ func StartMods() error {
|
||||
func checkPermissions() {
|
||||
log.Info("Checking if AdGuard Home has necessary permissions")
|
||||
|
||||
if runtime.GOOS == "windows" {
|
||||
// On Windows we need to have admin rights to run properly
|
||||
|
||||
admin, _ := aghos.HaveAdminRights()
|
||||
if admin {
|
||||
return
|
||||
}
|
||||
|
||||
if ok, err := aghnet.CanBindPrivilegedPorts(); !ok || err != nil {
|
||||
log.Fatal("This is the first launch of AdGuard Home. You must run it as Administrator.")
|
||||
}
|
||||
|
||||
// We should check if AdGuard Home is able to bind to port 53
|
||||
ok, err := aghnet.CanBindPort(53)
|
||||
|
||||
if ok {
|
||||
log.Info("AdGuard Home can bind to port 53")
|
||||
return
|
||||
}
|
||||
|
||||
if errors.Is(err, os.ErrPermission) {
|
||||
msg := `Permission check failed.
|
||||
|
||||
err := aghnet.CheckPort("tcp", net.IP{127, 0, 0, 1}, defaultPortDNS)
|
||||
if err != nil {
|
||||
if errors.Is(err, os.ErrPermission) {
|
||||
log.Fatal(`Permission check failed.
|
||||
AdGuard Home is not allowed to bind to privileged ports (for instance, port 53).
|
||||
Please note, that this is crucial for a server to be able to use privileged ports.
|
||||
|
||||
You have two options:
|
||||
1. Run AdGuard Home with root privileges
|
||||
2. On Linux you can grant the CAP_NET_BIND_SERVICE capability:
|
||||
https://github.com/AdguardTeam/AdGuardHome/wiki/Getting-Started#running-without-superuser`
|
||||
https://github.com/AdguardTeam/AdGuardHome/wiki/Getting-Started#running-without-superuser`)
|
||||
}
|
||||
|
||||
log.Fatal(msg)
|
||||
log.Info(
|
||||
"AdGuard failed to bind to port 53: %s\n\n"+
|
||||
"Please note, that this is crucial for a DNS server to be able to use that port.",
|
||||
err,
|
||||
)
|
||||
}
|
||||
|
||||
msg := fmt.Sprintf(`AdGuard failed to bind to port 53 due to %v
|
||||
|
||||
Please note, that this is crucial for a DNS server to be able to use that port.`, err)
|
||||
|
||||
log.Info(msg)
|
||||
log.Info("AdGuard Home can bind to port 53")
|
||||
}
|
||||
|
||||
// Write PID to a file
|
||||
|
||||
@@ -16,18 +16,17 @@ type RDNS struct {
|
||||
exchanger dnsforward.RDNSExchanger
|
||||
clients *clientsContainer
|
||||
|
||||
// usePrivate is used to store the state of current private RDNS
|
||||
// resolving settings and to react to it's changes.
|
||||
// usePrivate is used to store the state of current private RDNS resolving
|
||||
// settings and to react to it's changes.
|
||||
usePrivate uint32
|
||||
|
||||
// ipCh used to pass client's IP to rDNS workerLoop.
|
||||
ipCh chan net.IP
|
||||
|
||||
// ipCache caches the IP addresses to be resolved by rDNS. The resolved
|
||||
// address stays here while it's inside clients. After leaving clients
|
||||
// the address will be resolved once again. If the address couldn't be
|
||||
// resolved, cache prevents further attempts to resolve it for some
|
||||
// time.
|
||||
// address stays here while it's inside clients. After leaving clients the
|
||||
// address will be resolved once again. If the address couldn't be
|
||||
// resolved, cache prevents further attempts to resolve it for some time.
|
||||
ipCache cache.Cache
|
||||
}
|
||||
|
||||
|
||||
@@ -314,12 +314,13 @@ func (s *openbsdRunComService) runCom(cmd string) (out string, err error) {
|
||||
// TODO(e.burkov): It's possible that os.ErrNotExist is caused by
|
||||
// something different than the service script's non-existence. Keep it
|
||||
// in mind, when replace the aghos.RunCommand.
|
||||
_, out, err = aghos.RunCommand(scriptPath, cmd)
|
||||
var outData []byte
|
||||
_, outData, err = aghos.RunCommand(scriptPath, cmd)
|
||||
if errors.Is(err, os.ErrNotExist) {
|
||||
return "", service.ErrNotInstalled
|
||||
}
|
||||
|
||||
return out, err
|
||||
return string(outData), err
|
||||
}
|
||||
|
||||
// Status implements service.Service interface for *openbsdRunComService.
|
||||
|
||||
Reference in New Issue
Block a user