parcimonie 0.9-3 / usr / bin / parcimonie

This file is indexed.

/usr/bin/parcimonie is in parcimonie 0.9-3.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#!/usr/bin/perl 

eval 'exec /usr/bin/perl  -S $0 ${1+"$@"}'
    if 0; # not running under some shell

=head1 NAME

parcimonie - privacy-friendly helper to refresh a GnuPG keyring

=head1 VERSION

Version 0.9

=head1 SYNOPSIS

B<parcimonie> [options]

=head1 DESCRIPTION

parcimonie is a daemon that slowly refreshes a GnuPG public keyring
from a keyserver.

Its refreshes one key at a time; between every key update, parcimonie
sleeps a random amount of time, long enough for the previously used Tor
circuit to expire.

This process is meant to make it hard for an attacker to correlate the
multiple performed key update operations.

See the design.mdwn document to learn more about the threat and risk
models parcimonie attempts to help coping with.

=head1 USAGE

1. Configure GnuPG to be able to use a keyserver.

You can skip this section if you already have configured a keyserver
in ~/.gnupg/gpg.conf.

Else, add to your gpg.conf something along these lines:

        keyserver hkp://pool.sks-keyservers.net

You obviously can choose your preferred keyserver here; if using
hkps:// (which would be our second choice behind hkpms://), your GnuPG
installation should support HKPS; on Debian systems, enabling such
support is done by installing the gnupg-curl package; see those web
pages for help with GnuPG hkps:// configuration:

	http://sks-keyservers.net/overview-of-pools.php#pool_hkps
        http://keys.indymedia.org/

You may want parcimonie to use a different keyserver than the one your
usual GnuPG invocations do. This can be achieved by passing to
parcimonie a command-line option such as:

        --gnupg-extra-arg "--keyserver=hkps://hkps.pool.sks-keyservers.net"

2. Run "parcimonie --verbose".

3. Check the output for misconfiguration or bugs.

4. Once happy, start the daemon without the --verbose option.
   Note: the Debian package automatically starts the daemon with your X session.
   For example, GNOME users can configure its startup from the
   "System -> Preferences -> Startup Applications" menu.

=head1 OPTIONS

The following command lists available options:

    parcimonie --help

=head2 Tor configuration vs. --minimum-lapse-time

In case you set the Tor MaxCircuitDirtiness setting yourself, you
probably want to pass parcimonie a matching --minimum-lapse-time
option so that subsequent key fetches use different Tor circuits.

Just make sure this remains true:

        minimum-lapse-time >= Tor MaxCircuitDirtiness

=head2 hkpms://

We recommend using hkpms; see http://web.monkeysphere.info/ for
details. When a hkpms:// keyserver is being used, one needs to do two
additional steps since gpgkeys_hkpms does not work in the torsocks
wrapped environment parcimonie uses by default to run gpg.

=head3 Torify gpgkeys_hkpms

Just add the following line to gpg.conf:

    keyserver-options http-proxy=socks://127.0.0.1:9050

=head3 Hey, parcimonie, gpg is already torified

Pass the --gnupg-already-torified switch to the parcimonie daemon
command-line. parcimonie will then rely on the keyserver-options
previously added to gpg.conf, and won't attempt to torify gpg
connections itself.

=head1 AUTHOR

intrigeri <intrigeri@boum.org>

=head1 LICENSE AND COPYRIGHT

Copyright (C) 2010-2013 intrigeri <intrigeri@boum.org>

Licensed under the same terms as Perl itself.

=head1 BUGS

Please report any bugs or feature requests to C<intrigeri at boum.org>.

=head1 SUPPORT

You can find documentation for parcimonie with the man command.

    man parcimonie


You can also look for information at:

=over 4

=item * parcimonie's homepage

L<http://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/>

=back

=cut

use strict;
use warnings;

our $VERSION = '0.9';

use FindBin;
use lib "$FindBin::Bin/../lib";

use Env qw{@PATH};
unshift @PATH, "$FindBin::Bin";

use 5.10.0;

use Carp;
use Try::Tiny;

my $mu;
sub record_memory_usage { 1 }
sub report_memory_usage { 1 }

my @options;

BEGIN {
    if (exists $ENV{REPORT_MEMORY_USAGE}
            && defined $ENV{REPORT_MEMORY_USAGE}
            && $ENV{REPORT_MEMORY_USAGE}) {
        try {
            require Memory::Usage;
        } catch {
            croak "Memory::Usage is needed when REPORT_MEMORY_USAGE is set."
        };
        $mu = Memory::Usage->new();
        no warnings 'redefine';
        *record_memory_usage = sub { $mu->record(shift) };
        *report_memory_usage = sub { $mu->dump() };
        push @options, ('memory_usage' => $mu);
    }
}

$SIG{'INT'}  = $SIG{'TERM'} = sub { report_memory_usage(); exit(0); };
$SIG{'USR1'} = sub { report_memory_usage(); };

record_memory_usage('starting work');
record_memory_usage('before loading App::Parcimonie');
require App::Parcimonie;
App::Parcimonie->import();
record_memory_usage('after loading App::Parcimonie');

record_memory_usage('before loading App::Parcimonie::Daemon');
require App::Parcimonie::Daemon;
App::Parcimonie::Daemon->import();
record_memory_usage('after loading App::Parcimonie::Daemon');

App::Parcimonie::Daemon->new_with_options(@options)->run;

report_memory_usage();

APT Browse - Built by Thomas Orozco.