fork: initialize Mycellium UI Private from Mycell-UI@5229e2c
This repo is a hard fork of mycellium-ui dedicated to the mycelium-private experimental track upstream. The two apps coexist on the same machine via distinct app identifiers, polkit actions, and binary names. Renames - package + crate: mycellium-ui → mycellium-ui-private - bundle identifier: tech.threefold.mycellium-ui-private - daemon binary: mycelium-private (separate upstream release tarball) - bootstrap wrapper: /usr/bin/mycellium-bootstrap-private - polkit policy file + action id Functional changes - SidecarConfig.network_name field (UTF-8, 2..=64 bytes) - start() refuses to spawn without a network name AND a 32-byte key file at app_data_dir/network_key.bin; surfaces a clear error rather than letting mycelium-private fail mid-startup - network_key_status / generate / import / export / delete commands; uses OS RNG (rand) and writes 0600 - empty default peers list (no Threefold seed for private overlays) - new Settings → Private network panel: name input, key generate / reveal-hex / import / delete, status indicator Adapted bootstrap script kills both `mycelium` and `mycelium-private` orphans (cross-clash on UDP/9650 + TCP/8990). CI workflow + sidebar branding updated. The README explains the divergence model and how to cherry-pick upstream fixes.
This commit is contained in:
syoul
@@ -1,27 +0,0 @@
|
||||
#!/bin/sh
|
||||
# /usr/bin/mycellium-bootstrap — installed by mycellium-ui.deb
|
||||
#
|
||||
# Wrapper around the mycelium daemon that guarantees a clean start
|
||||
# every time. Without this, an orphan mycelium left over from a
|
||||
# previous run (which the user-space launcher cannot SIGKILL because
|
||||
# the daemon runs as root via pkexec) would block the next start
|
||||
# with one of:
|
||||
#
|
||||
# * EBUSY on TUN device "mycelium" creation
|
||||
# * "Address in use" on the JSON-RPC port (hardcoded 8990 in 0.6.1)
|
||||
# * "Failed to bind multicast discovery socket" on UDP 9650
|
||||
#
|
||||
# This script runs under the same elevated context as the mycelium
|
||||
# daemon itself (single pkexec call), so polkit's auth_admin_keep
|
||||
# caching only fires one prompt per session.
|
||||
|
||||
set -e
|
||||
|
||||
# Best-effort cleanup. Errors ignored so the exec at the end always
|
||||
# runs even on a clean machine.
|
||||
pkill -9 -x mycelium 2>/dev/null || true
|
||||
sleep 0.3
|
||||
ip link del mycelium 2>/dev/null || true
|
||||
ip link del mycel0 2>/dev/null || true
|
||||
|
||||
exec /usr/bin/mycelium "$@"
|
||||
29
src-tauri/packaging/mycellium-bootstrap-private
Executable file
29
src-tauri/packaging/mycellium-bootstrap-private
Executable file
@@ -0,0 +1,29 @@
|
||||
#!/bin/sh
|
||||
# /usr/bin/mycellium-bootstrap-private — installed by mycellium-ui-private.deb
|
||||
#
|
||||
# Wrapper around the mycelium-private daemon that guarantees a clean
|
||||
# start every time. Without this, an orphan daemon left over from a
|
||||
# previous run (which the user-space launcher cannot SIGKILL because
|
||||
# it runs as root via pkexec) would block the next start with one of:
|
||||
#
|
||||
# * EBUSY on TUN device creation
|
||||
# * "Address in use" on the JSON-RPC port (hardcoded 8990 in 0.6.1)
|
||||
# * "Failed to bind multicast discovery socket" on UDP 9650
|
||||
#
|
||||
# This script runs under the same elevated context as the daemon
|
||||
# itself (single pkexec call), so polkit's auth_admin_keep caching
|
||||
# only fires one prompt per session.
|
||||
|
||||
set -e
|
||||
|
||||
# Best-effort cleanup. Errors ignored so the exec at the end always
|
||||
# runs even on a clean machine. We pkill both `mycelium` and
|
||||
# `mycelium-private` because the public-variant orphan would clash
|
||||
# on UDP/9650 and TCP/8990 just as readily.
|
||||
pkill -9 -x mycelium-private 2>/dev/null || true
|
||||
pkill -9 -x mycelium 2>/dev/null || true
|
||||
sleep 0.3
|
||||
ip link del mycelium 2>/dev/null || true
|
||||
ip link del mycel0 2>/dev/null || true
|
||||
|
||||
exec /usr/bin/mycelium-private "$@"
|
||||
@@ -13,7 +13,7 @@
|
||||
pick this action up; auth_admin_keep then caches the auth for
|
||||
the user's session so subsequent restarts don't re-prompt.
|
||||
-->
|
||||
<action id="tech.threefold.mycellium-ui.bootstrap">
|
||||
<action id="tech.threefold.mycellium-ui-private.bootstrap">
|
||||
<description>Run the Mycelium overlay daemon</description>
|
||||
<description xml:lang="fr">Lancer le démon de l'overlay Mycelium</description>
|
||||
<message>Authentication is required to start the Mycelium overlay daemon.</message>
|
||||
@@ -23,6 +23,6 @@
|
||||
<allow_inactive>auth_admin</allow_inactive>
|
||||
<allow_active>auth_admin_keep</allow_active>
|
||||
</defaults>
|
||||
<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/mycellium-bootstrap</annotate>
|
||||
<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/mycellium-bootstrap-private</annotate>
|
||||
</action>
|
||||
</policyconfig>
|
||||
Reference in New Issue
Block a user