wg-quick: darwin: support being called from launchd

This causes wg-quick up to wait for the monitor to exit before it exits, so that launchd can correctly wait on it. Reported-by: Cameron Palmer <cameron@promon.no> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-19 13:18:34 +02:00 · 2019-06-19 13:18:34 +02:00 · b30e74b595
parent 15f2e2ef34
commit b30e74b595
3 changed files with 53 additions and 1 deletions
--- a/contrib/launchd/README
+++ b/contrib/launchd/README
@ -0,0 +1,12 @@
+WireGuard for Launchd
+=====================
+
+The example `com.wireguard.wg0.plist` file may be used for running wg-quick(8)
+as a launchd service. Note that the `PATH` variable is modified to point to
+the PATH used by Homebrew or Macports, so that it uses the non-system bash(1).
+
+Usage
+-----
+
+$ sudo cp com.wireguard.wg0.plist /Library/LaunchDaemons
+$ sudo launchctl load /Library/LaunchDaemons/com.wireguard.wg0.plist
--- a/contrib/launchd/com.wireguard.wg0.plist
+++ b/contrib/launchd/com.wireguard.wg0.plist
@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd";>
+<plist version="1.0">
+<dict>
+  <key>Label</key>
+  <string>com.wireguard.wg0</string>
+  <key>ProgramArguments</key>
+  <array>
+    <string>/usr/local/bin/wg-quick</string>
+    <string>up</string>
+    <string>/usr/local/etc/wireguard/wg0.conf</string>
+  </array>
+  <key>OnDemand</key>
+  <false/>
+  <key>RunAtLoad</key>
+  <true/>
+  <key>TimeOut</key>
+  <integer>90</integer>
+  <key>EnvironmentVariables</key>
+  <dict>
+    <key>PATH</key>
+    <string>/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin</string>
+  </dict>
+</dict>
+</plist>
--- a/src/wg-quick/darwin.bash
+++ b/src/wg-quick/darwin.bash
@ -81,6 +81,17 @@ parse_options() {
 	shopt -u nocasematch
 }

+detect_launchd() {
+	unset LAUNCHED_BY_LAUNCHD
+	local line
+	while read -r line; do
+		if [[ $line =~ ^\s*domain\ =\  ]]; then
+			LAUNCHED_BY_LAUNCHD=1
+			break
+		fi
+	done < <(launchctl procinfo $$ 2>/dev/null)
+}
+
 read_bool() {
 	case "$2" in
 	true) printf -v "$1" 1 ;;
@ -308,7 +319,8 @@ monitor_daemon() {
 			set_dns
 			sleep 2 && kill -ALRM $pid 2>/dev/null &
 		fi
-	done < <(route -n monitor)) & disown
+	done < <(route -n monitor)) &
+	[[ -n $LAUNCHED_BY_LAUNCHD ]] || disown
 }

 add_route() {
@ -463,6 +475,7 @@ if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
 	cmd_usage
 elif [[ $# -eq 2 && $1 == up ]]; then
 	auto_su
+	detect_launchd
 	parse_options "$2"
 	cmd_up
 elif [[ $# -eq 2 && $1 == down ]]; then
@ -482,4 +495,6 @@ else
 	exit 1
 fi

+[[ -n $LAUNCHED_BY_LAUNCHD ]] && wait
+
 exit 0