diff options
Diffstat (limited to 'network/unbound/doinst.sh')
-rw-r--r-- | network/unbound/doinst.sh | 39 |
1 files changed, 23 insertions, 16 deletions
diff --git a/network/unbound/doinst.sh b/network/unbound/doinst.sh index f7243783f5..a1aece44fe 100644 --- a/network/unbound/doinst.sh +++ b/network/unbound/doinst.sh @@ -26,20 +26,27 @@ preserve_perms etc/rc.d/rc.unbound.new config etc/unbound/unbound.conf.new config etc/logrotate.d/unbound.new -# MD5SUM d837bf4c42abb7048c90d720a579f829 is a file hash from the previous initscript. - -if [ $(md5sum /etc/rc.d/rc.unbound | cut -f 1 -d " ") == "d837bf4c42abb7048c90d720a579f829" ] -then - echo "" - echo "Warning! Red Hat style init script detected at /etc/rc.d/rc.unbound !" - echo "It's likely from your previous Unbound installation." - echo "The init script will probably work just fine but the script has since been rewritten" - echo "as of Unbound version 1.16.2 and it's no longer supported by this SlackBuild." - echo "" - echo "Simply run the following commands to install the new Unbound init script:" - echo "# cd /etc/rc.d && mv rc.unbound.new rc.unbound" - echo "" - echo "...or if you use slackpkg:" - echo "# slackpkg new-config" - echo "" +if [ -r /etc/logrotate.d/unbound ] && [ $(stat -c "%U:%G" "/etc/logrotate.d/unbound") != "root:root" ]; then + echo "Incorrect permissions detected on /etc/logrotate.d/unbound !" + echo "This will prevent Unbound logrotate script from working." + echo "" + echo "Previous Unbound SlackBuild scripts didn't set this correctly." + echo "" + echo "To fix it, simply run:" + echo "# chown root:root /etc/logrotate.d/unbound" fi + +echo "----------------------------" +echo "As of Unbound SlackBuild 1.18.0-2 DNSSEC is enabled by default." +echo +echo "You have two options:" +echo +echo "1) Run the following command to setup the root trust anchor (RECOMMENDED!)" +echo "# sudo -u unbound unbound-anchor -f /etc/resolv.conf -R -a /var/lib/unbound/root.key" +echo +echo "2) Disable DNSSEC and unbound-anchor functionality." +echo "Edit /etc/unbound/unbound.conf, and erase or comment the following line:" +echo 'auto-trust-anchor-file: "/var/lib/unbound/root.key"' +echo +echo "This is a suitable option if you plan to use Unbound simply as a forwarding resolver." +echo "----------------------------" |