rpms/unbound
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Add possibility to disable unbound-anchor by file presence

Browse Source 
Resolves: RHEL-78694
This commit is contained in:
Tomas Korbar 2025-02-10 21:42:34 +01:00
parent 3091864e16
commit fd01a5515d
3 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tmpfiles-unbound.conf
View File

@ -1 +1 @@
D /run/unbound 0755 unbound unbound -
D /run/unbound 0775 unbound root -

2
unbound.service
View File

@ -11,7 +11,7 @@ Wants=nss-lookup.target
Type=notify
EnvironmentFile=-/etc/sysconfig/unbound
ExecStartPre=/usr/sbin/unbound-checkconf
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_UNBOUND_ANCHOR" == "yes" ]; then /usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem -f /etc/resolv.conf -R; else echo "Updates of root keys with unbound-anchor is disabled"; fi'
ExecStartPre=/bin/bash -c 'if [ ! "$DISABLE_UNBOUND_ANCHOR" == "yes" ] && [ ! -f /run/unbound/anchor-disable ]; then /usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem -f /etc/resolv.conf -R; else echo "Updates of root keys with unbound-anchor is disabled"; fi'
ExecStart=/usr/sbin/unbound -d $UNBOUND_OPTIONS
ExecReload=/usr/sbin/unbound-control reload

8
unbound.spec
View File

@ -30,7 +30,7 @@
Summary: Validating, recursive, and caching DNS(SEC) resolver
Name: unbound
Version: 1.16.2
Release: 15%{?extra_version:.%{extra_version}}%{?dist}
Release: 16%{?extra_version:.%{extra_version}}%{?dist}
License: BSD
Url: https://nlnetlabs.nl/projects/unbound/
Source: https://nlnetlabs.nl/downloads/%{name}/%{name}-%{version}%{?extra_version}.tar.gz
@ -401,7 +401,7 @@ popd
%doc doc/CREDITS doc/FEATURES
%{_unitdir}/%{name}.service
%{_unitdir}/%{name}-keygen.service
%attr(0755,unbound,unbound) %dir %{_rundir}/%{name}
%attr(0775,unbound,root) %dir %{_rundir}/%{name}
%attr(0644,root,root) %{_tmpfilesdir}/unbound.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/unbound.conf
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/unbound-local-root.conf
@ -481,6 +481,10 @@ popd
%{_prefix}/lib/dracut/modules.d/99unbound
%changelog
* Mon Feb 10 2025 Tomas Korbar <tkorbar@redhat.com> - 1.16.2-16
- Add possibility to disable unbound-anchor by file presence
- Resolves: RHEL-78694
* Sun Feb 09 2025 Tomas Korbar <tkorbar@redhat.com> - 1.16.2-15
- Add sysusers support needed to propagate user to initramfs
- Resolves: RHEL-77789