diff options
| author |   Marc Schiffbauer <mschiff@gentoo.org> | 2018-02-26 02:07:18 +0100 |
|---|---|---|
| committer | Marc Schiffbauer <mschiff@gentoo.org> | 2018-02-26 02:07:33 +0100 |
| commit | 354cb17ea56d3061812126b826e76a64e918d8a2 (patch) | |
| tree | 854db92ba073bb18348a2eabe4094b13dc04482b | |
| parent | dev-python/urwid: version bump to 2.0.1 (diff) | |
| download | gentoo-354cb17e.tar.gz gentoo-354cb17e.tar.bz2 gentoo-354cb17e.zip | |
net-dns/unbound: add var/ dir for auto-trust-anchor by default
Package-Manager: Portage-2.3.24, Repoman-2.3.6
| -rw-r--r-- | net-dns/unbound/unbound-1.6.8-r2.ebuild (renamed from net-dns/unbound/unbound-1.6.8-r1.ebuild) | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/net-dns/unbound/unbound-1.6.8-r1.ebuild b/net-dns/unbound/unbound-1.6.8-r2.ebuild index 07379f933b5c..8fda5205f209 100644 --- a/net-dns/unbound/unbound-1.6.8-r1.ebuild +++ b/net-dns/unbound/unbound-1.6.8-r2.ebuild @@ -132,4 +132,25 @@ multilib_src_install_all() { exeinto /usr/share/${PN} doexe contrib/update-anchor.sh + + # create space for auto-trust-anchor-file... + keepdir /etc/unbound/var + # ... and point example config to it + sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf" +} + +pkg_postinst() { + # make var/ writable by unbound + if [[ -d "${ROOT}/etc/unbound/var" ]]; then + chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var" + fi + einfo "" + einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" + einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf" + einfo "and run" + einfo "" + einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound" + einfo "" + einfo "as root to create it initially before starting unbound for the first time after enabling this." + einfo "" } |