From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2.tohojo.dk (mail2.tohojo.dk [IPv6:2a01:4f8:200:3141::101]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by huchra.bufferbloat.net (Postfix) with ESMTPS id 4A51621F225 for ; Fri, 28 Mar 2014 02:18:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at example.com Received: by alrua-kau.localdomain (Postfix, from userid 1000) id ED6629F070; Fri, 28 Mar 2014 10:18:43 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toke.dk; s=201310; t=1395998325; bh=yDonWbQN+uBXNmRKuA63Gi7Dgd/weoW6raOHIvoSWno=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=riwQ4Qm7mXNozhXVtjo1SEZCKoByzFpTkNcLJnpURH0Kot2Ii9iG2soGAisXPdEM5 EMVYYJ3SC5OFaozf4RhT3HnXAIyfWJlTbo+5Ilf1GOKIpxYB58H1ZgU0YVbtOdTHnx QB9TgDAphMYrSr3DHSh/N2BYU/DSmdrbSZDXSaQc= From: =?utf-8?Q?Toke_H=C3=B8iland-J=C3=B8rgensen?= To: Simon Kelley References: <532DD9DD.8040301@thekelleys.org.uk> <871txut453.fsf@alrua-x1.karlstad.toke.dk> <532DE7A8.3010504@thekelleys.org.uk> <87ppleroks.fsf@alrua-x1.karlstad.toke.dk> <53348C32.4040907@thekelleys.org.uk> <87ha6idabz.fsf@alrua-x1.karlstad.toke.dk> <53353C07.9030000@thekelleys.org.uk> Date: Fri, 28 Mar 2014 10:18:41 +0100 In-Reply-To: <53353C07.9030000@thekelleys.org.uk> (Simon Kelley's message of "Fri, 28 Mar 2014 09:08:23 +0000") Message-ID: <87eh1madfy.fsf@toke.dk> Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] DNSSEC & NTP Bootstrapping X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 09:18:56 -0000 --=-=-= Content-Type: text/plain Simon Kelley writes: > Which makes this scheme better, since you don't have to restart > dnsmasq once the time stabilises, just SIGHUP it. Yeah, but my concern was the opposite: say the flag is enabled in the config, it will run at boot in this mode, some script will kick in and set/verify the time, then SIGHUP dnsmasq. Everything is fine so far. Now if dnsmasq is restarted later for some reason (manually, config change, whatever), the flag will be enabled, and there will be no script to SIGHUP dnsmasq. This is why I suggested having the flag do nothing if it indeed *is* possible to verify the timestamps. But I can see how from a debugging perspective that would be an annoying feature. I suppose special-casing the init script to add the flag only on boot might be a solution. Will experiment with it once you've added the flag :) -Toke --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCAAGBQJTNT5xAAoJEENeEGz1+utPVoQIALGoXCk9XlbI6YZkgnBjLMxl xn59gToz/weXAoJ/IrQQnG8WO/tTPSW9AjLcV6pfxFD7dzqdUBTThh68Uvag8WIl k1w6Oq40Av4aBnD17LodMJP6PNRBt+71NVKkxU+PnNaI/crlpoSatiYXBlUGoniE iJn5ivV7jZ4EY82XQ2boZzylEPFjJg56VmIe1Uj0y/e7iSDBInSj2D3RLtfuFIVt E6x9+82r2I30SFSDFGoW4lNxqDQOgpHyt4M/zwmeejIyWkvR6Cv5JEBWclS6H3Im ews9D4B57xieT3H2cbM6XOQkKvVslfZTLKWPwX1giFYXDN9mVdMunJKU3oisaDA= =m9nr -----END PGP SIGNATURE----- --=-=-=--