From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Egbert Verhage <egbert@eggiecode.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Anonymous Anonymous <admin@hda.me>,
"WireGuard mailing list" <wireguard@lists.zx2c4.com>
Subject: Re: Advising in packages to load new module or reboot
Date: Wed, 09 Aug 2017 13:05:14 -0400 [thread overview]
Message-ID: <87mv78r7sl.fsf@fifthhorseman.net> (raw)
In-Reply-To: <1502277405.1043.2.camel@eggiecode.org>
On Wed 2017-08-09 13:16:45 +0200, Egbert Verhage wrote:
> Ow, that it is a common problem.
> I think your patch is a nice updated.
>
> So I got some time left and build a patch (pull request) on github
> here: https://github.com/EggieCode/wireguard-ppa/pull/24
thanks for writing this notification, Jason, and for including it in
your ubuntu ppa, Egbert.
I'm wondering whether the advice it gives is correct and thorough enough
for non-gentoo users, though.
If i "rmmod wireguard && modprobe wireguard" won't my configuration be
lost? You point out that you might want to tear them down gracefully
first. But then no mention of needing to bring them up again later?
Aren't there additional commands that the admin will have to do to have
a *functional* wireguard implementation, and those commands might
differe based on their userspace layout/configuration/policy?
The simplest instruction for the upgrade (which is probably offensive to
all of us here) is to say "you should reboot your machine for the
wireguard upgrade to take effect" -- that gets us the benefit of any
userspace wireguard configuration that happens during system
initialization to happen, without having to guess/poke/prod at the
user's networking config while live.
Also, for an administrator doing this over ssh, we might want to warn
them that taking these steps will lock them out if they're connecting
via ssh on top of wireguard, right?
--dkg
prev parent reply other threads:[~2017-08-09 19:56 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-08 23:16 Jason A. Donenfeld
2017-08-08 23:27 ` Jonathon Fernyhough
2017-08-08 23:30 ` Jason A. Donenfeld
2017-08-08 23:37 ` Bzzzz
2017-08-08 23:46 ` Jonathon Fernyhough
2017-08-09 11:16 ` Egbert Verhage
2017-08-09 17:05 ` Daniel Kahn Gillmor [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mv78r7sl.fsf@fifthhorseman.net \
--to=dkg@fifthhorseman.net \
--cc=Jason@zx2c4.com \
--cc=admin@hda.me \
--cc=egbert@eggiecode.org \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).