* fixup unbound.conf and the service file to use root.key, not root.anchor

2013-05-28 17:51:51 -04:00 · 2013-05-28 17:51:51 -04:00 · 3f230f2522
commit 3f230f2522
parent 593e7abcd8
3 changed files with 4 additions and 3 deletions
--- a/unbound.conf
+++ b/unbound.conf
@ -362,7 +362,7 @@ server:
 	#
 	# trusted-keys-file: /etc/unbound/rootkey.bind
 	trusted-keys-file: /etc/unbound/keys.d/*.key
-	auto-trust-anchor-file: "/var/lib/unbound/root.anchor"
+	auto-trust-anchor-file: "/var/lib/unbound/root.key"
 	# Ignore chain of trust. Domain is treated as insecure.
 	# domain-insecure: "example.com"
--- a/unbound.service
+++ b/unbound.service
@ -9,7 +9,7 @@ Wants=nss-lookup.target
 [Service]
 Type=simple
 EnvironmentFile=-/etc/sysconfig/unbound
-ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.anchor -c /etc/unbound/icannbundle.pem
+ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem
 ExecStartPre=/usr/sbin/unbound-checkconf
 ExecStart=/usr/sbin/unbound -d $UNBOUND_OPTIONS
--- a/unbound.spec
+++ b/unbound.spec
@ -254,7 +254,7 @@ exit 0
 %post libs 
 /sbin/ldconfig
-%{_sbindir}/runuser  --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.anchor -c %{_sysconfdir}/unbound/icannbundle.pem"  --shell /bin/sh unbound ||:
+%{_sbindir}/runuser  --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.key -c %{_sysconfdir}/unbound/icannbundle.pem"  --shell /bin/sh unbound ||:
 %preun
 %systemd_preun unbound.service
@ -282,6 +282,7 @@ exit 0
 %changelog
 * Tue May 28 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-11
 - Enable round-robin (with noths() patch)
 - Change cron and systemd service to use root.key, not root.anchor
 * Sat May 25 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-10
 - Use /var/lib/unbound/root.key (more consistent with other distros)