From 82f21d03274d6a25bb63951d294f69cf7b1052f2 Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Sun, 26 Jun 2016 15:43:16 +0200
Subject: modules/gnupg: Don't close/remove sockets on stop

When using systemctl restart or systemctl stop on any of the GnuPG
services, the sockets were closed and removed.

However we are using socket activation, so a simple restart of for
example the agent would cause the socket to be closed and removed and
afterwards the gpg-agent service is unable to pick up the socket again,
thus failing to start.

This in turn has led to GnuPG starting the agent by its own, entirely
bypassing socket activation and our shiny service module.

In order to cope with this, we need to provide LD_PRELOAD wrappers also
for remove() and close(), so that we can prevent GnuPG from closing the
systemd file descriptors.

I've also added a small subtest to ensure this won't happen again in the
future.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 tests/programs/gnupg/default.nix | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'tests')

diff --git a/tests/programs/gnupg/default.nix b/tests/programs/gnupg/default.nix
index 5e91d1c9..7d0059b6 100644
--- a/tests/programs/gnupg/default.nix
+++ b/tests/programs/gnupg/default.nix
@@ -102,8 +102,14 @@ in {
       $machine->succeed("test -e /i_still_have_thu_powarr");
     };
 
+    subtest "socket persists after restart", sub {
+      $machine->succeed(ssh 'test -e "$SSH_AUTH_SOCK"');
+      $machine->succeed(ssh 'systemctl --user stop gpg-agent.service');
+      $machine->succeed(ssh 'test -e "$SSH_AUTH_SOCK"');
+    };
+
     subtest "test from SSH", sub {
-      $machine->succeed(ssh "systemctl --user reload gpg-agent");
+      $machine->execute(ssh "systemctl --user reload gpg-agent");
       $machine->succeed(ssh "${cliTestWithPassphrase ''
         echo encrypt me > to_encrypt
         gpg2 -sea -r ECC15FE1 to_encrypt
@@ -115,7 +121,7 @@ in {
     };
 
     subtest "test from X", sub {
-      $machine->succeed(ssh "systemctl --user reload gpg-agent");
+      $machine->execute(ssh "systemctl --user reload gpg-agent");
       my $pid = $machine->succeed(xsu
         'echo encrypt me | gpg2 -sea -r ECC15FE1 > encrypted_x.asc & echo $!'
       );
-- 
cgit 1.4.1