diff options
Diffstat (limited to 'network/unbound/doinst.sh')
-rw-r--r-- | network/unbound/doinst.sh | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/network/unbound/doinst.sh b/network/unbound/doinst.sh index 2914d5783b..a1aece44fe 100644 --- a/network/unbound/doinst.sh +++ b/network/unbound/doinst.sh @@ -24,3 +24,29 @@ preserve_perms() { preserve_perms etc/rc.d/rc.unbound.new config etc/unbound/unbound.conf.new +config etc/logrotate.d/unbound.new + +if [ -r /etc/logrotate.d/unbound ] && [ $(stat -c "%U:%G" "/etc/logrotate.d/unbound") != "root:root" ]; then + echo "Incorrect permissions detected on /etc/logrotate.d/unbound !" + echo "This will prevent Unbound logrotate script from working." + echo "" + echo "Previous Unbound SlackBuild scripts didn't set this correctly." + echo "" + echo "To fix it, simply run:" + echo "# chown root:root /etc/logrotate.d/unbound" +fi + +echo "----------------------------" +echo "As of Unbound SlackBuild 1.18.0-2 DNSSEC is enabled by default." +echo +echo "You have two options:" +echo +echo "1) Run the following command to setup the root trust anchor (RECOMMENDED!)" +echo "# sudo -u unbound unbound-anchor -f /etc/resolv.conf -R -a /var/lib/unbound/root.key" +echo +echo "2) Disable DNSSEC and unbound-anchor functionality." +echo "Edit /etc/unbound/unbound.conf, and erase or comment the following line:" +echo 'auto-trust-anchor-file: "/var/lib/unbound/root.key"' +echo +echo "This is a suitable option if you plan to use Unbound simply as a forwarding resolver." +echo "----------------------------" |