[unbound] * fixup unbound.conf and the service file to use root.key, not root.anchor

Paul Wouters pwouters at fedoraproject.org
Tue May 28 22:12:02 UTC 2013 

commit 3f230f2522e5d015ed7215dac0598d3215d50bdf
Author: Paul Wouters <pwouters at redhat.com>
Date:   Tue May 28 17:51:51 2013 -0400

    * fixup unbound.conf and the service file to use root.key, not root.anchor

 unbound.conf    |    2 +-
 unbound.service |    2 +-
 unbound.spec    |    3 ++-
 3 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/unbound.conf b/unbound.conf
index e471a9c..7dc69d7 100644
--- a/unbound.conf
+++ b/unbound.conf
@@ -362,7 +362,7 @@ server:
 	#
 	# trusted-keys-file: /etc/unbound/rootkey.bind
 	trusted-keys-file: /etc/unbound/keys.d/*.key
-	auto-trust-anchor-file: "/var/lib/unbound/root.anchor"
+	auto-trust-anchor-file: "/var/lib/unbound/root.key"
 
 	# Ignore chain of trust. Domain is treated as insecure.
 	# domain-insecure: "example.com"
diff --git a/unbound.service b/unbound.service
index 0764365..c79b1ac 100644
--- a/unbound.service
+++ b/unbound.service
@@ -9,7 +9,7 @@ Wants=nss-lookup.target
 [Service]
 Type=simple
 EnvironmentFile=-/etc/sysconfig/unbound
-ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.anchor -c /etc/unbound/icannbundle.pem
+ExecStartPre=/usr/sbin/unbound-anchor -a /var/lib/unbound/root.key -c /etc/unbound/icannbundle.pem
 ExecStartPre=/usr/sbin/unbound-checkconf
 ExecStart=/usr/sbin/unbound -d $UNBOUND_OPTIONS
 
diff --git a/unbound.spec b/unbound.spec
index 30436ec..798a087 100644
--- a/unbound.spec
+++ b/unbound.spec
@@ -254,7 +254,7 @@ exit 0
 
 %post libs 
 /sbin/ldconfig
-%{_sbindir}/runuser  --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.anchor -c %{_sysconfdir}/unbound/icannbundle.pem"  --shell /bin/sh unbound ||:
+%{_sbindir}/runuser  --command="%{_sbindir}/unbound-anchor -a %{_sharedstatedir}/unbound/root.key -c %{_sysconfdir}/unbound/icannbundle.pem"  --shell /bin/sh unbound ||:
 
 %preun
 %systemd_preun unbound.service
@@ -282,6 +282,7 @@ exit 0
 %changelog
 * Tue May 28 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-11
 - Enable round-robin (with noths() patch)
+- Change cron and systemd service to use root.key, not root.anchor
 
 * Sat May 25 2013 Paul Wouters <pwouters at redhat.com> - 1.4.20-10
 - Use /var/lib/unbound/root.key (more consistent with other distros)

More information about the scm-commits mailing list