[pkg-gnupg-maint] Bug#860745: Bug#860745: Please suggest a fix for "server $SOMETHING is older than us" message
Werner Koch
wk at gnupg.org
Sun Apr 23 16:52:11 UTC 2017
On Sun, 23 Apr 2017 11:09, enrico at debian.org said:
> Technically it sounds like the right thing. I had no idea I could get
> hints with --verbose, though, so I wouldn't have seen it.
Isn't it the first thing with Unix tools to add -v when you wonder what
is going on ;-).
> Could gpg tell dirmngr/gpg-agent to kill themselves the next time they
> are idle and not servicing anyone? I imagine that would do the restart
Well, correct installation of a software update is the task of the
sysadmin or the distribution. This is the same as an update of libc or
other libraries; something(tm) must happen to restart all processes
using an updated library.
We print the notice only to help in debugging for those who build the
software on their own and forget a task.
> cosmetic thing, or could there be a malfunction, like an ABI mismatch,
> or an attack vector, like a security issue having been fixed in the new
> server version, and needing a restart to take effect?
Most things keep on on working even with an older versions. We try to
make sure not to break things. However, you won't have access to bug
fixes and new features. People sometimes wonder why they didn't notice
a change after updating to a new gpg version and continue to complain -
that is why we have this warning. Make the life easer for the
maintainers.
> If it's just cosmetic, I'd suggest to move the warning to --verbose
> hints as well. If there is a danger, I'd like the danger to be spelled
> out clearly, like:
>
> gpg: WARNING: server 'dirmngr' is older than us (2.1.17 < 2.1.18). Run with --verbose for details.
> gpg: further info: Outdated servers may lack important security fixes.
> gpg: further info: A restart can be forced using "gpgconf --kill all"
Hmmm. Can you file a report to bugs.gnupg.org ?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20170423/d73fc221/attachment.sig>
More information about the pkg-gnupg-maint
mailing list