debian/: make the root trust anchor filename configurable
Robert S. Edmonds
12 years ago
| 0 | 0 |
# If set, the unbound daemon will be started and stopped by the init script.
|
| 1 | 1 |
UNBOUND_ENABLE=true
|
| 2 | 2 |
|
| 3 | |
# Whether to automatically update the root trust anchor file in
|
| 4 | |
# /etc/unbound/root.key.
|
|
3 |
# Whether to automatically update the root trust anchor file.
|
| 5 | 4 |
ROOT_TRUST_ANCHOR_UPDATE=true
|
|
5 |
|
|
6 |
# File in which to store the root trust anchor.
|
|
7 |
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
|
| 6 | 8 |
|
| 7 | 9 |
# If set, the unbound init script will provide unbound's listening
|
| 8 | 10 |
# IP addresses as nameservers to resolvconf.
|
| 19 | 19 |
|
| 20 | 20 |
UNBOUND_ENABLE=true
|
| 21 | 21 |
ROOT_TRUST_ANCHOR_UPDATE=false
|
|
22 |
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
|
| 22 | 23 |
RESOLVCONF=false
|
| 23 | 24 |
RESOLVCONF_FORWARDERS=false
|
| 24 | 25 |
|
|
| 90 | 91 |
start)
|
| 91 | 92 |
if $UNBOUND_ENABLE; then
|
| 92 | 93 |
if $ROOT_TRUST_ANCHOR_UPDATE; then
|
| 93 | |
unbound-anchor -a /etc/unbound/root.key
|
|
94 |
unbound-anchor -a $ROOT_TRUST_ANCHOR_FILE
|
| 94 | 95 |
fi
|
| 95 | 96 |
log_daemon_msg "Starting $DESC" "$NAME"
|
| 96 | 97 |
if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
|
| 0 | 0 |
#!/bin/sh -e
|
|
1 |
|
|
2 |
ROOT_TRUST_ANCHOR_UPDATE=false
|
|
3 |
ROOT_TRUST_ANCHOR_FILE=/var/lib/unbound/root.key
|
|
4 |
|
|
5 |
if [ -f /etc/default/unbound ]; then
|
|
6 |
. /etc/default/unbound
|
|
7 |
fi
|
| 1 | 8 |
|
| 2 | 9 |
if [ "$1" = configure ]; then
|
| 3 | 10 |
if ! getent passwd unbound >/dev/null; then
|
|
| 10 | 17 |
case "x$ROOT_TRUST_ANCHOR_UPDATE" in
|
| 11 | 18 |
xtrue|x1|xyes)
|
| 12 | 19 |
echo "Updating root trust anchor file..."
|
| 13 | |
unbound-anchor -a /etc/unbound/root.key -v || true
|
|
20 |
unbound-anchor -a $ROOT_TRUST_ANCHOR_FILE -v || true
|
| 14 | 21 |
;;
|
| 15 | 22 |
esac
|
| 16 | 23 |
fi
|