>From IRC discussion of http://testing.libreswan.org/results/testing/v3.25-375-g619052a-f28/seccomp-03-updown/OUTPUT/road.console.diff Bleve points out that the failure is because unbound didn't start. The logs show:
Aug 07 16:22:37 road unbound[941]: [941:0] notice: init module 0: subnet Aug 07 16:22:37 road unbound[941]: [941:0] notice: init module 1: validator Aug 07 16:22:37 road unbound[941]: [941:0] error: error opening file /etc/unbound/dlv.isc.org.key: No such file or directory Aug 07 16:22:37 road unbound[941]: [941:0] error: error reading dlv-anchor-file: /etc/unbound/dlv.isc.org.key Aug 07 16:22:37 road unbound[941]: [941:0] error: validator: error in trustanchors config Aug 07 16:22:37 road unbound[941]: [941:0] error: validator: could not apply configuration settings. Aug 07 16:22:37 road unbound[941]: [941:0] error: module init for module validator failed Aug 07 16:22:37 road unbound[941]: [941:0] fatal error: failed to setup modules and it is something being picked up from our custom config. Anyone with an easy fix? Here are some more details. # ls -l /etc/unbound/ total 60 drwxr-xr-x. 2 root unbound 30 Jul 27 16:34 conf.d -rw-r--r--. 1 root root 13026 Jul 18 05:41 icannbundle.pem drwxr-xr-x. 2 root unbound 29 Jul 27 16:34 keys.d drwxr-xr-x. 2 root unbound 36 Jul 27 16:34 local.d -rw-r--r--. 1 root root 939 Jul 18 05:43 root.key -rw-r--r--. 1 root root 21940 Aug 7 16:22 unbound.conf -rw-------. 1 root root 2455 Aug 7 16:22 unbound_control.key -rw-r-----. 1 root root 1330 Aug 7 16:22 unbound_control.pem -rw-------. 1 root root 2459 Aug 7 16:22 unbound_server.key -rw-r-----. 1 root root 1318 Aug 7 16:22 unbound_server.pem # rpm -V unbound S.5....T. c /etc/unbound/unbound.conf .M....G.. g /etc/unbound/unbound_control.key ......G.. g /etc/unbound/unbound_control.pem .M....G.. g /etc/unbound/unbound_server.key ......G.. g /etc/unbound/unbound_server.pem # grep dlv.isc.org.key /etc/unbound/* grep: /etc/unbound/conf.d: Is a directory grep: /etc/unbound/keys.d: Is a directory grep: /etc/unbound/local.d: Is a directory /etc/unbound/unbound.conf: # Downloaded from https://secure.isc.org/ops/dlv/dlv.isc.org.key /etc/unbound/unbound.conf: dlv-anchor-file: "/etc/unbound/dlv.isc.org.key" _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
