Browse Source

remove code from unbound's rc script that generates control keys/certs if

control-enable is used, our standard configuration is using unix domain sockets
without certs. existing setups with already-created certificates are ok, if
somebody needs remote+certs they can generate keys themself. ok florian@
OPENBSD_5_8
sthen 9 years ago
parent
commit
7d2fd17dc7
1 changed files with 1 additions and 9 deletions
  1. +1
    -9
      src/etc/rc.d/unbound

+ 1
- 9
src/etc/rc.d/unbound View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# $OpenBSD: unbound,v 1.2 2014/12/29 11:17:43 ajacoutot Exp $
# $OpenBSD: unbound,v 1.3 2015/07/19 17:31:21 sthen Exp $
daemon="/usr/sbin/unbound" daemon="/usr/sbin/unbound"
daemon_flags="-c /var/unbound/etc/unbound.conf" daemon_flags="-c /var/unbound/etc/unbound.conf"
@ -10,14 +10,6 @@ daemon_flags="-c /var/unbound/etc/unbound.conf"
pexp="unbound${daemon_flags:+ ${daemon_flags}}" pexp="unbound${daemon_flags:+ ${daemon_flags}}"
rc_pre() { rc_pre() {
if grep '^[[:space:]]*control-enable:[[:space:]]*yes' \
/var/unbound/etc/unbound.conf > /dev/null 2>&1 && \
! [[ -f /var/unbound/etc/unbound_server.key ||
-f /var/unbound/etc/unbound_server.pem ||
-f /var/unbound/etc/unbound_control.key ||
-f /var/unbound/etc/unbound_control.pem ]]; then
/usr/sbin/unbound-control-setup 2> /dev/null
fi
if grep '^[[:space:]]*auto-trust-anchor-file:' \ if grep '^[[:space:]]*auto-trust-anchor-file:' \
/var/unbound/etc/unbound.conf > /dev/null 2>&1; then /var/unbound/etc/unbound.conf > /dev/null 2>&1; then
/usr/sbin/unbound-anchor -v || true /usr/sbin/unbound-anchor -v || true


Loading…
Cancel
Save