[Pkg-dns-devel] Bug#790392: unbound chroot accumulates old files
Simon Deziel
simon.deziel at gmail.com
Mon Dec 14 16:17:46 UTC 2015
Hi Robert,
On 12/12/2015 05:08 PM, Robert Edmonds wrote:
> Hi, Simon:
>
> The chroot directory might be configured by a file in
> /etc/unbound/unbound.conf.d/*.conf, rather than in the main unbound.conf
> file.
Good point, this needs to be supported.
> What do you think of setting UNBOUND_CONF like this instead?
>
> CHROOT_DIR="$(unbound-checkconf -o chroot)"
I tried it initially but it doesn't work:
# unbound-checkconf -o chroot
[1450106598] unbound-checkconf[11733:0] fatal error: config file
/etc/unbound/unbound.conf is not inside chroot /var/lib/unbound
Yet the unbound.conf does exist in the chroot:
# ll /var/lib/unbound/etc/unbound/unbound.conf
-rw-r--r-- 1 root root 2737 Nov 25 13:11
/var/lib/unbound/etc/unbound/unbound.conf
So this (bug?) requires to always pass the path to the chrooted config
file to unbound-checkconf when using a chroot.
# unbound-checkconf -o interface
[1450109011] unbound-checkconf[15475:0] fatal error: config file
/etc/unbound/unbound.conf is not inside chroot /var/lib/unbound
# unbound-checkconf /var/lib/unbound/etc/unbound/unbound.conf \
-o interface
127.0.0.1
::1
I've updated the patch to support setting the chroot anywhere in
unbound.conf, not just the main config file. Please let me know what you
think of the proposed workaround.
Regards,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: unbound-fresh-chroot-2.patch
Type: text/x-patch
Size: 1008 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-dns-devel/attachments/20151214/0cd63b1a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 966 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-dns-devel/attachments/20151214/0cd63b1a/attachment.sig>
More information about the pkg-dns-devel
mailing list