[unbound] * fixup unbound.conf and the service file to use root.key, not root.anchor
Paul Wouters
pwouters at fedoraproject.org
Tue May 28 22:12:02 UTC 2013
commit 3f230f2522e5d015ed7215dac0598d3215d50bdf
Author: Paul Wouters <pwouters at redhat.com>
Date: Tue May 28 17:51:51 2013 -0400
* fixup unbound.conf and the service file to use root.key, not root.anchor
unbound.conf | 2 +-
unbound.service | 2 +-
unbound.spec | 3 ++-
3 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/unbound.conf b/unbound.conf
index e471a9c..7dc69d7 100644
--- a/unbound.conf
+++ b/unbound.conf
@@ -362,7 +362,7 @@ server:
#
# trusted-keys-file: /etc/unbound/rootkey.bind
trusted-keys-file: /etc/unbound/keys.d/*.key
- auto-trust-anchor-file: "/var/lib/unbound/root.anchor"
+ auto-trust-anchor-file: "/var/lib/unbound/root.key"
# Ignore chain of trust. Domain is treated as insecure.
# domain-insecure: "example.com"
diff --git a/unbound.service b/unbound.service
index 0764365..c79b1ac 100644
--- a/unbound.service
+++ b/unbound.service
@@ -9,7 +9,7 @@ Wants=nss-lookup.target
[Service]
Type=simple
EnvironmentFile=-/etc/sysconfig/unbound
-ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.anchor -c /etc/unbound/icannbundle.pem
+ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem
ExecStartPre=/usr/sbin/unbound-checkconf
ExecStart=/usr/sbin/unbound -d $UNBOUND_OPTIONS
diff --git a/unbound.spec b/unbound.spec
index 30436ec..798a087 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -254,7 +254,7 @@ exit 0
%post libs
/sbin/ldconfig
-%{_sbindir}/runuser --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.anchor -c %{_sysconfdir}/unbound/icannbundle.pem" --shell /bin/sh unbound ||:
+%{_sbindir}/runuser --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.key -c %{_sysconfdir}/unbound/icannbundle.pem" --shell /bin/sh unbound ||:
%preun
%systemd_preun unbound.service
@@ -282,6 +282,7 @@ exit 0
%changelog
* Tue May 28 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-11
- Enable round-robin (with noths() patch)
+- Change cron and systemd service to use root.key, not root.anchor
* Sat May 25 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-10
- Use /var/lib/unbound/root.key (more consistent with other distros)
More information about the scm-commits
mailing list