Clean up cleanup in run.sh #949
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rmol
requested review from
sssoleileraaa,
kushaldas and
redshiftzero
as code owners
|
Love the branch name... ;-) |
|
OK... I can confirm this works for me. |
sssoleileraaa
previously approved these changes
Mar 20, 2020
The cleanup function was busier than it needed to be, and because of the exec of the client, was never actually being invoked. This change: - reworks cleanup to use "gpgconf --kill" to stop the agent - invokes it explicitly before the client is run - removes the exec so that "trap cleanup EXIT" works and cleanup happens after the client exits Making sure gpg-agent is stopped should prevent any problems it might have if GNUPGHOME is pulled from under its feet between client runs. This should make run.sh more robust when developers are mucking about with SDC_HOME. We might consider adding similar agent cleanup in production, but since SDC_HOME should be consistent and in normal usage should never be removed, the problems we've seen with the GPG agent should not arise in production use.
rmol
force-pushed
the
all-my-sins-will-be-warshed-away
branch
from
653f465 to
c1404b2
Compare
sssoleileraaa
approved these changes
Mar 20, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
The cleanup function was busier than it needed to be, and because of the exec of the client, was never actually being invoked. This change:
gpgconf --killto stop the agenttrap cleanup EXITworks and cleanup happens after the client exitsMaking sure gpg-agent is stopped should prevent any problems it might have if
GNUPGHOMEis pulled from under its feet between client runs.This should make run.sh more robust when developers are mucking about with
SDC_HOME.We might consider adding similar agent cleanup in production, but since
SDC_HOMEshould be consistent and in normal usage should never be removed, the problems we've seen with the GPG agent should not arise in production use.Fixes #896. Possibly.
Test Plan
Follow any of the STR in #896, if they've worked for you. See if the GPG errors still rear their ugly little heads.
If you're testing in Qubes, please check both normal
run.shusage and with--no-proxyto try to mimic what happens in non-Qubes developer environments.Checklist
If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:
If these changes add or remove files other than client code, packaging logic (e.g., the AppArmor profile) may need to be updated. Please check as applicable: