File service-install-cli-change.patch of Package netbird
From 2611672a1c8f399fedaa51e9bbc99bf24f3c4484 Mon Sep 17 00:00:00 2001
From: Johannes Kastl <git@johannes-kastl.de>
Date: Thu, 5 Jun 2025 19:50:00 +0200
Subject: [PATCH] Basic modifications to error reporting to prevent confusion.
E.g.: Removing recommendations to use `netbird service install` and related
commands, as we're using a hardened service file as per
Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
---
client/cmd/login.go | 15 +++--
client/cmd/root.go | 13 +++-
client/cmd/service_installer.go | 113 ++++----------------------------
client/cmd/status.go | 15 +++--
client/cmd/up.go | 15 +++--
5 files changed, 56 insertions(+), 115 deletions(-)
diff --git a/client/cmd/login.go b/client/cmd/login.go
index 14abcd03..07c94b34 100644
--- a/client/cmd/login.go
+++ b/client/cmd/login.go
@@ -85,10 +85,17 @@ var loginCmd = &cobra.Command{
conn, err := DialClientGRPCServer(ctx, daemonAddr)
if err != nil {
- return fmt.Errorf("failed to connect to daemon error: %v\n"+
- "If the daemon is not running please run: "+
- "\nnetbird service install \nnetbird service start\n", err)
- }
+ return fmt.Errorf("failed to connect to daemon error: %v\n\n" +
+ "The daemon may not be running. Try restarting the service:\n" +
+ " sudo systemctl restart netbird.service\n\n" +
+ "To check the service status, use:\n" +
+ " sudo systemctl status netbird.service\n\n" +
+ "Unless you are manually overriding with a custom drop-in file, " +
+ "you should see the default openSUSE service at:\n" +
+ " /usr/lib/systemd/system/netbird.service\n\n" +
+ "If you see the service is disabled, you can run:\n" +
+ " sudo systemctl enable netbird.service --now\n", err)
+ }
defer conn.Close()
client := proto.NewDaemonServiceClient(conn)
diff --git a/client/cmd/root.go b/client/cmd/root.go
index 16e445f4..0b45ae0d 100644
--- a/client/cmd/root.go
+++ b/client/cmd/root.go
@@ -401,9 +401,16 @@ func getClient(cmd *cobra.Command) (*grpc.ClientConn, error) {
conn, err := DialClientGRPCServer(cmd.Context(), daemonAddr)
if err != nil {
- return nil, fmt.Errorf("failed to connect to daemon error: %v\n"+
- "If the daemon is not running please run: "+
- "\nnetbird service install \nnetbird service start\n", err)
+ return nil, fmt.Errorf("failed to connect to daemon error: %v\n\n" +
+ "The daemon may not be running. Try restarting the service:\n" +
+ " sudo systemctl restart netbird.service\n\n" +
+ "To check the service status, use:\n" +
+ " sudo systemctl status netbird.service\n\n" +
+ "Unless you are manually overriding with a custom drop-in file, " +
+ "you should see the default openSUSE service at:\n" +
+ " /usr/lib/systemd/system/netbird.service\n\n" +
+ "If you see the service is disabled, you can run:\n" +
+ " sudo systemctl enable netbird.service --now\n", err)
}
return conn, nil
diff --git a/client/cmd/service_installer.go b/client/cmd/service_installer.go
index c1d6308c..70bb6ec3 100644
--- a/client/cmd/service_installer.go
+++ b/client/cmd/service_installer.go
@@ -1,119 +1,32 @@
package cmd
import (
- "context"
- "os"
- "path/filepath"
- "runtime"
+ "fmt"
"github.com/spf13/cobra"
)
+var disabledMessage = "Feature disabled by maintainer. \n\n" +
+ "Have you heard the word? openSUSE is secure by design. \n" +
+ "Please use a drop-in file for any needed modifications. \n\n" +
+ "You can view the default service file at: \n" +
+ " /usr/lib/systemd/system/netbird.service \n\n" +
+ "More on systemd hardening: \n" +
+ "https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort \n"
+
var installCmd = &cobra.Command{
Use: "install",
Short: "installs Netbird service",
RunE: func(cmd *cobra.Command, args []string) error {
- SetFlagsFromEnvVars(rootCmd)
-
- cmd.SetOut(cmd.OutOrStdout())
-
- err := handleRebrand(cmd)
- if err != nil {
- return err
- }
-
- svcConfig := newSVCConfig()
-
- svcConfig.Arguments = []string{
- "service",
- "run",
- "--config",
- configPath,
- "--log-level",
- logLevel,
- "--daemon-addr",
- daemonAddr,
- }
-
- if managementURL != "" {
- svcConfig.Arguments = append(svcConfig.Arguments, "--management-url", managementURL)
- }
-
- if logFile != "" {
- svcConfig.Arguments = append(svcConfig.Arguments, "--log-file", logFile)
- }
-
- if runtime.GOOS == "linux" {
- // Respected only by systemd systems
- svcConfig.Dependencies = []string{"After=network.target syslog.target"}
-
- if logFile != "console" {
- setStdLogPath := true
- dir := filepath.Dir(logFile)
-
- _, err := os.Stat(dir)
- if err != nil {
- err = os.MkdirAll(dir, 0750)
- if err != nil {
- setStdLogPath = false
- }
- }
-
- if setStdLogPath {
- svcConfig.Option["LogOutput"] = true
- svcConfig.Option["LogDirectory"] = dir
- }
- }
- }
-
- if runtime.GOOS == "windows" {
- svcConfig.Option["OnFailure"] = "restart"
- }
-
- ctx, cancel := context.WithCancel(cmd.Context())
-
- s, err := newSVC(newProgram(ctx, cancel), svcConfig)
- if err != nil {
- cmd.PrintErrln(err)
- return err
- }
-
- err = s.Install()
- if err != nil {
- cmd.PrintErrln(err)
- return err
- }
-
- cmd.Println("Netbird service has been installed")
- return nil
+ return fmt.Errorf("%s", disabledMessage)
},
}
var uninstallCmd = &cobra.Command{
Use: "uninstall",
- Short: "uninstalls Netbird service from system",
+ Short: "uninstalls Netbird service",
RunE: func(cmd *cobra.Command, args []string) error {
- SetFlagsFromEnvVars(rootCmd)
-
- cmd.SetOut(cmd.OutOrStdout())
-
- err := handleRebrand(cmd)
- if err != nil {
- return err
- }
-
- ctx, cancel := context.WithCancel(cmd.Context())
-
- s, err := newSVC(newProgram(ctx, cancel), newSVCConfig())
- if err != nil {
- return err
- }
-
- err = s.Uninstall()
- if err != nil {
- return err
- }
- cmd.Println("Netbird service has been uninstalled")
- return nil
+ return fmt.Errorf("%s", disabledMessage)
},
}
+
diff --git a/client/cmd/status.go b/client/cmd/status.go
index e466f73a..50f52ef7 100644
--- a/client/cmd/status.go
+++ b/client/cmd/status.go
@@ -111,10 +111,17 @@ func statusFunc(cmd *cobra.Command, args []string) error {
func getStatus(ctx context.Context) (*proto.StatusResponse, error) {
conn, err := DialClientGRPCServer(ctx, daemonAddr)
if err != nil {
- return nil, fmt.Errorf("failed to connect to daemon error: %v\n"+
- "If the daemon is not running please run: "+
- "\nnetbird service install \nnetbird service start\n", err)
- }
+ return nil, fmt.Errorf("failed to connect to daemon error: %v\n\n" +
+ "The daemon may not be running. Try restarting the service:\n" +
+ " sudo systemctl restart netbird.service\n\n" +
+ "To check the service status, use:\n" +
+ " sudo systemctl status netbird.service\n\n" +
+ "Unless you are manually overriding with a custom drop-in file, " +
+ "you should see the default openSUSE service at:\n" +
+ " /usr/lib/systemd/system/netbird.service\n\n" +
+ "If you see the service is disabled, you can run:\n" +
+ " sudo systemctl enable netbird.service --now\n", err)
+ }
defer conn.Close()
resp, err := proto.NewDaemonServiceClient(conn).Status(ctx, &proto.StatusRequest{GetFullPeerStatus: true})
diff --git a/client/cmd/up.go b/client/cmd/up.go
index b9781c0d..1a922ba5 100644
--- a/client/cmd/up.go
+++ b/client/cmd/up.go
@@ -161,10 +161,17 @@ func runInDaemonMode(ctx context.Context, cmd *cobra.Command) error {
conn, err := DialClientGRPCServer(ctx, daemonAddr)
if err != nil {
- return fmt.Errorf("failed to connect to daemon error: %v\n"+
- "If the daemon is not running please run: "+
- "\nnetbird service install \nnetbird service start\n", err)
- }
+ return fmt.Errorf("failed to connect to daemon error: %v\n\n" +
+ "The daemon may not be running. Try restarting the service:\n" +
+ " sudo systemctl restart netbird.service\n\n" +
+ "To check the service status, use:\n" +
+ " sudo systemctl status netbird.service\n\n" +
+ "Unless you are manually overriding with a custom drop-in file, " +
+ "you should see the default openSUSE service at:\n" +
+ " /usr/lib/systemd/system/netbird.service\n\n" +
+ "If you see the service is disabled, you can run:\n" +
+ " sudo systemctl enable netbird.service --now\n", err)
+ }
defer func() {
err := conn.Close()
if err != nil {
--
2.49.0
