diff options
Diffstat (limited to 'main/unbound/conf.patch')
-rw-r--r-- | main/unbound/conf.patch | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/main/unbound/conf.patch b/main/unbound/conf.patch index f7ad7515dcb..e92cc373652 100644 --- a/main/unbound/conf.patch +++ b/main/unbound/conf.patch @@ -1,20 +1,17 @@ ---- a/doc/example.conf.in -+++ b/doc/example.conf.in -@@ -308,12 +308,9 @@ - # timetoresolve, fromcache and responsesize. - # log-replies: no +diff -upr unbound-1.13.0.orig/doc/example.conf.in unbound-1.13.0/doc/example.conf.in +--- unbound-1.13.0.orig/doc/example.conf.in 2020-12-21 09:58:04.154390497 +0100 ++++ unbound-1.13.0/doc/example.conf.in 2020-12-21 09:58:53.094583255 +0100 +@@ -355,9 +355,6 @@ server: + # print log lines that say why queries return SERVFAIL to clients. + # log-servfail: no - # the pid file. Can be an absolute path outside of chroot/work dir. - # pidfile: "@UNBOUND_PIDFILE@" - # file to read root hints from. # get one from https://www.internic.net/domain/named.cache -- # root-hints: "" -+ root-hints: /usr/share/dns-root-hints/named.root - - # enable to not answer id.server and hostname.bind queries. - # hide-identity: no -@@ -450,7 +447,7 @@ + # root-hints: "" +@@ -507,7 +504,7 @@ server: # you start unbound (i.e. in the system boot scripts). And enable: # Please note usage of unbound-anchor root anchor is at your own risk # and under the terms of our LICENSE (see that file in the source). @@ -23,7 +20,7 @@ # trust anchor signaling sends a RFC8145 key tag query after priming. # trust-anchor-signaling: yes -@@ -464,7 +461,7 @@ +@@ -519,7 +516,7 @@ server: # with several entries, one file per entry. # Zone file format, with DS and DNSKEY entries. # Note this gets out of date, use auto-trust-anchor-file please. @@ -32,3 +29,18 @@ # Trusted key for validation. DS or DNSKEY. specify the RR on a # single line, surrounded by "". TTL is ignored. class is IN default. +@@ -900,12 +897,13 @@ dynlib: + remote-control: + # Enable remote control with unbound-control(8) here. + # set up the keys and certificates with unbound-control-setup. +- # control-enable: no ++ control-enable: yes + + # what interfaces are listened to for remote control. + # give 0.0.0.0 and ::0 to listen to all interfaces. + # set to an absolute path to use a unix local name pipe, certificates + # are not used for that, so key and cert files need not be present. ++ control-interface: /run/unbound.control.sock + # control-interface: 127.0.0.1 + # control-interface: ::1 + |