[pkg-gnupg-maint] Bug#863221: Bug#863221: dirmngr doesn't reload resolv.conf

Stefan Bühler stbuehler at web.de
Wed May 24 14:14:22 UTC 2017


On 05/24/2017 02:14 PM, Werner Koch wrote:
> Hi!
> When you switch the laptop connection you should flush dirmngr anyway
> and thus I do not consider the need to do this just for the resolver.
>  gpgconf --reload dirmngr
> in the ifup script should do that job.  Note that gpgconf won't start a
> component on --reload or --kill if it is not yet started.

1) How would I install an if-up.d hook without being root?
2) The dirmngr package should work out of the box, i.e. install the
   required hooks.
3) There are many network managers.  I'd consider hooking only ifupdown
   not sufficient.
4) Calling "gpgconf --reload dirmngr" as root doesn't reload my user
5) I see no documentation regarding the need for such hook.  The debian
   manpage only says (regarding SIGHUP):

>> This  signal  flushes  all internally cached CRLs as well as any
>> cached certificates.  Then the certificate cache is reinitialized as
>> on startup.  Options are re-read  from  the  configuration  file.

   I don't see why it would be necessary to reload CRLs and
   certificates on network connection changes from this comment.

Also I think this way (adding a hook in a global configuration to reload
user space components) is a very bad design.

How about simply reloading everything when /etc/resolv.conf or friends
were touched?  This also won't cover every scenario (e.g. running a
local resolver and never changing resolv.conf), but it'd be a start.

You could also try to monitor netlink messages for new default routes to
detect network changes, but this is obviously more platform specific
than stat()ing resolv.conf.


More information about the pkg-gnupg-maint mailing list