-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Juergen,
On 02/02/2012 01:49 PM, Juergen Daubert wrote: >> Here is unbound 1.4.16, fixes bug in bugfix in 1.4.15: > > thanks for the new release, however I think we have one regression > wrt ownership of the autotrust file, default > /etc/unbound/root.key. > > This file must be owned by the user unbound is running as, e.g. > the user unbound. Starting with version 1.4.15 unbound-anchor > resets the ownership to the user running unbound-anchor, which is > normaly root. That is very inconvenient. This is because it writes to a temp first, then moves it over the first. > Because of that the running unbound cannot longer update the key > file, which leasds to a error message: > > Feb 2 12:33:43 tor unbound: [19568:0] error: could not open > autotrust file for writing, root.key.19568-0: Permission denied No, it is not allowed to create a new file in the directory. It wants to create a tempfile to write to, when that has worked, it'll mv the new over the old. So that failures during the write leave you with a bootable system. That part is working: this error may be inconvenient, but the system still boots. I guess you have to chown unbound /my/keydir or chgrp unbound /my/keydir This sort of solution becomes system specific. What would work for you? Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPKpP9AAoJEJ9vHC1+BF+Ngb4P+QEYh+7+rxr+3Kt1eB2rZp44 LA6G9CdFSG/68ZhMqMhz8UNgBthCp6IxlD2oPmwDamY9Wm9U+nvdeH4To41RGF+i eP1dByDAAzzQf4VgkrKIsCmYSw1mpRxDk4g9NtGp5dSl0l0C7A0ZC26LqdwhXSIZ Kk0WT6zlio1YuLTdZkG+v3Lx/xEBrefDKCHFdagrlYf8hk9Ilx+eHGCxxoc3SmRP va6/G5on8I7H/rbqsxM2qgcSsuEopA9I2Hxw4gUrXy9irzdfbw8V6Dt2yXryY85j 7CKw7521a12E8wVamRvgZ6JOuIFd4UlUu70eE7v3nqNHYo0tUimqbcnTSmtXlO3L IhDZ+5QYca1d/6JfDytlQwX1Qhdil2Xugu/7wzRvH3KPmBVYvIMcJmc/3YWzhBaa 5DHEQaanHIZcRkRIoAD3ki2jTPKa5Z0RgYeu/pO5uoSlLkGCuoh9bkkA/+HDAYXr k8LB8GhgA4OLAVd6t+ihTCJM/Coej6syFVaYOJATpinIvNAMVTfFNadN051heMpC CbZDbdt+I883xi6z9OPO0eAzuoI+1TIeI1smb2rdChDGiFCy6pBI2xTj8ksmO4nh DvRrt47PleqrP3+oNo1XWp3J9fMov8RazWTgsAKp20N5dUj65oPfWdz8ZWXkEM05 U6ZOPyPB6yuDNiwclecR =I1rp -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
