9 months ago · cc988596a2
--- a/posture/serialnumber_stub.go
+++ b/posture/serialnumber_stub.go
@@ -1,13 +1,12 @@
 
				 // Copyright (c) Tailscale Inc & AUTHORS
			
 
				 // SPDX-License-Identifier: BSD-3-Clause
			
 
				 
			
 
				-// android: not implemented
			
 
				 // js: not implemented
			
 
				 // plan9: not implemented
			
 
				 // solaris: currently unsupported by go-smbios:
			
 
				 // https://github.com/digitalocean/go-smbios/pull/21
			
 
				 
			
 
				-//go:build android || solaris || plan9 || js || wasm || tamago || aix || (darwin && !cgo && !ios)
			
 
				+//go:build solaris || plan9 || js || wasm || tamago || aix || (darwin && !cgo && !ios)
			
 
				 
			
 
				 package posture
			
 
				 
			
--- a/posture/serialnumber_syspolicy.go
+++ b/posture/serialnumber_syspolicy.go
@@ -1,6 +1,8 @@
 
				 // Copyright (c) Tailscale Inc & AUTHORS
			
 
				 // SPDX-License-Identifier: BSD-3-Clause
			
 
				 
			
 
				+//go:build android || ios
			
 
				+
			
 
				 package posture
			
 
				 
			
 
				 import (
			
@@ -10,9 +12,9 @@ import (
 
				 	"tailscale.com/util/syspolicy"
			
 
				 )
			
 
				 
			
 
				-// GetSerialNumbers returns the serial number of the iOS/tvOS device as reported by an
			
 
				+// GetSerialNumbers returns the serial number of the device as reported by an
			
 
				 // MDM solution. It requires configuration via the DeviceSerialNumber system policy.
			
 
				-// This is the only way to gather serial numbers on iOS and tvOS.
			
 
				+// This is the only way to gather serial numbers on iOS, tvOS and Android.
			
 
				 func GetSerialNumbers(_ logger.Logf) ([]string, error) {
			
 
				 	s, err := syspolicy.GetString(syspolicy.DeviceSerialNumber, "")
			
 
				 	if err != nil {
			
--- a/util/syspolicy/policy_keys.go
+++ b/util/syspolicy/policy_keys.go
@@ -126,8 +126,8 @@ const (
 
				 	// The default is "user-decides" unless otherwise stated.
			
 
				 	PostureChecking Key = "PostureChecking"
			
 
				 	// DeviceSerialNumber is the serial number of the device that is running Tailscale.
			
 
				-	// This is used on iOS/tvOS to allow IT administrators to manually give us a serial number via MDM.
			
 
				-	// We are unable to programmatically get the serial number from IOKit due to sandboxing restrictions.
			
 
				+	// This is used on Android, iOS and tvOS to allow IT administrators to manually give us a serial number via MDM.
			
 
				+	// We are unable to programmatically get the serial number on mobile due to sandboxing restrictions.
			
 
				 	DeviceSerialNumber Key = "DeviceSerialNumber"
			
 
				 
			
 
				 	// ManagedByOrganizationName indicates the name of the organization managing the Tailscale