summaryrefslogtreecommitdiffstats
path: root/network/unbound/doinst.sh
diff options
context:
space:
mode:
Diffstat (limited to 'network/unbound/doinst.sh')
-rw-r--r--network/unbound/doinst.sh39
1 files changed, 23 insertions, 16 deletions
diff --git a/network/unbound/doinst.sh b/network/unbound/doinst.sh
index f7243783f5..a1aece44fe 100644
--- a/network/unbound/doinst.sh
+++ b/network/unbound/doinst.sh
@@ -26,20 +26,27 @@ preserve_perms etc/rc.d/rc.unbound.new
config etc/unbound/unbound.conf.new
config etc/logrotate.d/unbound.new
-# MD5SUM d837bf4c42abb7048c90d720a579f829 is a file hash from the previous initscript.
-
-if [ $(md5sum /etc/rc.d/rc.unbound | cut -f 1 -d " ") == "d837bf4c42abb7048c90d720a579f829" ]
-then
- echo ""
- echo "Warning! Red Hat style init script detected at /etc/rc.d/rc.unbound !"
- echo "It's likely from your previous Unbound installation."
- echo "The init script will probably work just fine but the script has since been rewritten"
- echo "as of Unbound version 1.16.2 and it's no longer supported by this SlackBuild."
- echo ""
- echo "Simply run the following commands to install the new Unbound init script:"
- echo "# cd /etc/rc.d && mv rc.unbound.new rc.unbound"
- echo ""
- echo "...or if you use slackpkg:"
- echo "# slackpkg new-config"
- echo ""
+if [ -r /etc/logrotate.d/unbound ] && [ $(stat -c "%U:%G" "/etc/logrotate.d/unbound") != "root:root" ]; then
+ echo "Incorrect permissions detected on /etc/logrotate.d/unbound !"
+ echo "This will prevent Unbound logrotate script from working."
+ echo ""
+ echo "Previous Unbound SlackBuild scripts didn't set this correctly."
+ echo ""
+ echo "To fix it, simply run:"
+ echo "# chown root:root /etc/logrotate.d/unbound"
fi
+
+echo "----------------------------"
+echo "As of Unbound SlackBuild 1.18.0-2 DNSSEC is enabled by default."
+echo
+echo "You have two options:"
+echo
+echo "1) Run the following command to setup the root trust anchor (RECOMMENDED!)"
+echo "# sudo -u unbound unbound-anchor -f /etc/resolv.conf -R -a /var/lib/unbound/root.key"
+echo
+echo "2) Disable DNSSEC and unbound-anchor functionality."
+echo "Edit /etc/unbound/unbound.conf, and erase or comment the following line:"
+echo 'auto-trust-anchor-file: "/var/lib/unbound/root.key"'
+echo
+echo "This is a suitable option if you plan to use Unbound simply as a forwarding resolver."
+echo "----------------------------"