https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232555
Bug ID: 232555 Summary: local_unbound fails to start if root.key is empty. Product: Base System Version: 11.1-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: b...@freebsd.org Reporter: a...@stonepile.fi Created attachment 198487 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=198487&action=edit Patch for /etc/rc.d/local_unbound It seems to be possible that local_unbound gets into state where /var/unbound/root.key exists but is empty as a result of unclean shutdown. The command that regenerates the file is unbound-anchor, which rebuilds it if it doesn't exist or it is empty (stated in man page). However, /etc/rc.d/local_unbound doesn't invoke it if root.key exists, even as zero-length file. This results in situation where the local_unbound service no longer starts, it is also unable to recover from such condition automatically. This leaves the machine without working DNS service: Oct 23 09:08:39 local-unbound-test unbound: [947:0] notice: init module 0: validator Oct 23 09:08:39 local-unbound-test unbound: [947:0] error: failed to read /root.key Oct 23 09:08:39 local-unbound-test unbound: [947:0] error: error reading auto-trust-anchor-file: /var/unbound/root.key Oct 23 09:08:39 local-unbound-test unbound: [947:0] error: validator: error in trustanchors config Oct 23 09:08:39 local-unbound-test unbound: [947:0] error: validator: could not apply configuration settings. Oct 23 09:08:39 local-unbound-test unbound: [947:0] error: module init for module validator failed Oct 23 09:08:39 local-unbound-test unbound: [947:0] fatal error: failed to setup modules Simple fix to solution would be the change the rc.d script so that it has same logic as unbound-anchor, ie. run it if the file does not exist OR it is empty. Patch attached. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"