commit 165eb4cec598c8f157b7a608f9a32011f73fe2a2 Author: Juergen Daubert <jue@jue.li> Date: Fri Feb 3 11:56:03 2012 +0100 [notify] unbound: update to 1.4.16 Incompatible configuration change, see README diff --git a/unbound/.footprint b/unbound/.footprint index eef3d15..19dc8f1 100644 --- a/unbound/.footprint +++ b/unbound/.footprint @@ -2,7 +2,6 @@ drwxr-xr-x root/root etc/ drwxr-xr-x root/root etc/rc.d/ -rwxr-xr-x root/root etc/rc.d/unbound drwxr-xr-x root/root etc/unbound/ --rw-r--r-- unbound/root etc/unbound/root.key (EMPTY) -rw-r--r-- root/root etc/unbound/unbound.conf drwxr-xr-x root/root usr/ drwxr-xr-x root/root usr/man/ @@ -22,3 +21,6 @@ drwxr-xr-x root/root usr/sbin/ -rwxr-xr-x root/root usr/sbin/unbound-control -rwxr-xr-x root/root usr/sbin/unbound-control-setup -rwxr-xr-x root/root usr/sbin/unbound-host +drwxr-xr-x root/root var/ +drwxr-xr-x root/root var/lib/ +drwxr-xr-x unbound/unbound var/lib/unbound/ diff --git a/unbound/.md5sum b/unbound/.md5sum index 721a2ba..63a8235 100644 --- a/unbound/.md5sum +++ b/unbound/.md5sum @@ -1,3 +1,3 @@ e7428ed0d19baed02459e2c55660c9b3 ldns-1.6.12.tar.gz 20a8c112ea3ce0049dfe16f92614185e unbound -99173a6548e0e2ec9bfac7a5d025f79e unbound-1.4.15.tar.gz +5158d03d2ab0a8e60925c7a9b9903631 unbound-1.4.16.tar.gz diff --git a/unbound/Pkgfile b/unbound/Pkgfile index 7e72289..2c2c4c1 100644 --- a/unbound/Pkgfile +++ b/unbound/Pkgfile @@ -4,7 +4,7 @@ # Depends on: openssl expat name=unbound -version=1.4.15 +version=1.4.16 release=1 source=(http://www.unbound.net/downloads/$name-$version.tar.gz http://www.nlnetlabs.nl/downloads/ldns/ldns-1.6.12.tar.gz @@ -20,6 +20,7 @@ build () { --mandir=/usr/man \ --sysconfdir=/etc \ --with-pidfile=/var/run/unbound.pid \ + --with-rootkey-file=/var/lib/unbound/root.key \ --disable-shared \ --with-username=unbound \ --with-ldns=../ldns-1.6.12 @@ -29,8 +30,6 @@ build () { rm -r $PKG/usr/{lib,include,man/man3} - touch $PKG/etc/unbound/root.key - chown unbound $PKG/etc/unbound/root.key - + install -d -o unbound -g unbound $PKG/var/lib/unbound/ install -D -m 755 $SRC/unbound $PKG/etc/rc.d/unbound } diff --git a/unbound/README b/unbound/README index 0239d0b..6089402 100644 --- a/unbound/README +++ b/unbound/README @@ -13,8 +13,10 @@ PRE/POST-INSTALL PRECAUTION +To enable DNSSEC validation all you have to do is to enable the +"auto-trust-anchor-file" option in /etc/unbound/unbound.conifg. The effective user unbound is running as (default: unbound) needs -write access for /etc/unbound/root.key to update the trust anchor -for DNSSEC validation. Adjust the user of that file if you run +write access to /var/lib/unbound to update the trust anchor for +DNSSEC validation. Adjust the owner of that directory if you run unbound as a different user.