some typos courtesy of codespell; ok stsp@

remove a duplicate imsgbuf_clear() call

remove another gotsysd todo item that is done

make gotsys-apply-conf use gotd reload instead of stop + restarting

set close-on-exec flag on more files used during gotd reload

repair build of gotctl and gotsh following the gotd_imsg file split

move duplicated gotd_imsg functions into a single source file

provide imsg-based variants of gotsys check/apply for gotd to use This allows for better inter-process communication, making error reporting easier. It also avoids closing standard output and standard error channels in a freshly forked child process, which seems to be a bad idea.

set close-on-exec flag on gotd socket to avoid it leaking during reloads

avoid double-close of gotd_reload_conf_fd

in gotsys-apply-conf, avoid using a -1 socket fd if gotd is not running

Xr gotctl and document SIGHUP issue

implement reload support in gotd, triggered via gotctl reload Reload must be triggered via 'gotctl reload' rather than SIGHUP because once gotd has dropped root privileges the gotd-secrets.conf file becomes permanently inaccessible. When SIGHUP is received gotd now logs a message which points the user at 'gotctl reload'.

set close-on-exec flag on client connections in gotd parent process Ensures that existing clients will be properly disconnected once the gotd reload feature is introduced.

remove closefrom() in gotd when gotsys is run closefrom doesn't have the desired effect as it may affect unrelated open files in the parent process. The right way to deal with this seems to be setting the close-on-exec flag on file descriptors instead.

drop pointless imsgbuf_allow_fdpass() calls from gotctl

merge two subsequent if (proc_id == GOTD_PROC_GOTD) blocks.

only the gotd parent process is able to drop root privs, make this more obvious

we can now greatly simplify the conditional which guards reading of gotd.conf

send request timeout to session_read so it no longer needs to read gotd.conf Also stop reading gotd.conf in repo_read, which is a trivial no-op.

make gotd session_write actually use the request timeout from gotd.conf

remove duplicate break statement

send notification targets to notify process This removes the need for the notify process to read gotd.conf, ensuring consistent run-time behaviour when gotd.conf is edited while gotd is running.

send notification configuration to the gotd session_write process This allows the session_write process to work without reading gotd.conf. Again, we gain consistent run-time behaviour since changes to the notification configuration in gotd.conf will not take effect until gotd is restarted. However, the notify proccess still needs the same fix.

cache our local repository name, not the name sent by the client