[Cerowrt-devel] DNSSEC & NTP Bootstrapping

Toke Høiland-Jørgensen toke at toke.dk
Fri Mar 28 05:18:41 EDT 2014


Simon Kelley <simon at thekelleys.org.uk> writes:

> Which makes this scheme better, since you don't have to restart
> dnsmasq once the time stabilises, just SIGHUP it.

Yeah, but my concern was the opposite: say the flag is enabled in the
config, it will run at boot in this mode, some script will kick in and
set/verify the time, then SIGHUP dnsmasq. Everything is fine so far.

Now if dnsmasq is restarted later for some reason (manually, config
change, whatever), the flag will be enabled, and there will be no script
to SIGHUP dnsmasq. This is why I suggested having the flag do nothing if
it indeed *is* possible to verify the timestamps. But I can see how from
a debugging perspective that would be an annoying feature.

I suppose special-casing the init script to add the flag only on boot
might be a solution. Will experiment with it once you've added the flag :)

-Toke
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140328/c4d952e6/attachment.sig>


More information about the Cerowrt-devel mailing list