On 5 February 2015 at 16:35, Axel Beckert <a...@debian.org> wrote: > Ondřej Surý wrote: >> There's already a unblock bug filled as well.
Great! >> Then we need to come up with solution that doesn't break resolvconf when >> installing it after dnssec-trigger is already installed. > > Just an idea, but what about resolvconf checking in its postinst if > dnssec-triggerd is available and if so restarting it first? Then > dnssec-triggerd would notice that resolvconf is installed (as > /sbin/resolvconf already exists) and talks to resolvconf instead > making /etc/resolv.conf immutable again. Well, first, if resolvconf is installed then dnssec-trigger should refrain from any further futzing with /etc/resolv.conf. Thus any code in the dnssec-trigger package that futzes with /etc/resolv.conf should be bracketed with the equivalent of "if ! [ -x /sbin/resolvconf ] ; then futz ; fi". It shouldn't be necessary to restart dnssec-trigger for it to behave according to the newfound presence of resolvconf. Second, it might be simpler just for resolvconf to detect that dnssec-triggerd is running and, in that case, to override the immutability attribute when installing the symlink at /etc/resolv.conf. So when dnssec-trigger has been installed and resolvconf is subsequently installed, (1) /sbin/resolvconf appears on the filessystem causing dnssec-trigger to refrain from any further futzing with /etc/resolv.conf; (2) resolvconf's postinst deimmutabilizes /etc/resolv.conf and installs the symlink. On installation, before the next reboot, resolvconf includes existing nameserver information in its database, so the information about the local "unbound" instance will not be lost. However, this information may not be prioritized correctly. So (3) resolvconf should then cause unbound to restart so that unbound notices resolvconf's presence and registers its address with resolvconf. The way to do this is for the unbound package to include a script /usr/lib/resolvconf/dpkg-event.d/unbound which restarts unbound. Resolvconf runs the script /usr/lib/resolvconf/dpkg-event.d/foo at postinst time for each package foo (having such a script) that is already installed at resolvconf preinst time. See dnsmasq for an example of a package which has such a resolvconf packaging event hook script. I don't know dnssec-trigger very well. It it possible that it does other things that conflict with what resolvconf does. -- Thomas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
