modules/gnupg: Don't close/remove sockets on stop

When using systemctl restart or systemctl stop on any of the GnuPG
services, the sockets were closed and removed.

However we are using socket activation, so a simple restart of for
example the agent would cause the socket to be closed and removed and
afterwards the gpg-agent service is unable to pick up the socket again,
thus failing to start.

This in turn has led to GnuPG starting the agent by its own, entirely
bypassing socket activation and our shiny service module.

In order to cope with this, we need to provide LD_PRELOAD wrappers also
for remove() and close(), so that we can prevent GnuPG from closing the
systemd file descriptors.

I've also added a small subtest to ensure this won't happen again in the
future.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

1 files changed, 8 insertions, 2 deletions

diff --git a/tests/programs/gnupg/default.nix b/tests/programs/gnupg/default.nix
index 5e91d1c9..7d0059b6 100644
--- a/tests/programs/gnupg/default.nix
+++ b/tests/programs/gnupg/default.nix
@@ -102,8 +102,14 @@ in {
       $machine->succeed("test -e /i_still_have_thu_powarr");
     };
 
+    subtest "socket persists after restart", sub {
+      $machine->succeed(ssh 'test -e "$SSH_AUTH_SOCK"');
+      $machine->succeed(ssh 'systemctl --user stop gpg-agent.service');
+      $machine->succeed(ssh 'test -e "$SSH_AUTH_SOCK"');
+    };
+
     subtest "test from SSH", sub {
-      $machine->succeed(ssh "systemctl --user reload gpg-agent");
+      $machine->execute(ssh "systemctl --user reload gpg-agent");
       $machine->succeed(ssh "${cliTestWithPassphrase ''
         echo encrypt me > to_encrypt
         gpg2 -sea -r ECC15FE1 to_encrypt
@@ -115,7 +121,7 @@ in {
     };
 
     subtest "test from X", sub {
-      $machine->succeed(ssh "systemctl --user reload gpg-agent");
+      $machine->execute(ssh "systemctl --user reload gpg-agent");
       my $pid = $machine->succeed(xsu
         'echo encrypt me | gpg2 -sea -r ECC15FE1 > encrypted_x.asc & echo $!'
       );