Hi Paul, Thanks! Fixed to check it only if ipsecmod is enabled and present in module-config.
Best regards, Wouter
On 02/07/17 13:57, Paul Wouters via Unbound-users wrote:
>
> Hi,
>
> The unbound-checkconf code checks for the ipsecmod hook to exist:
>
> check_chroot_string("ipsecmod-hook", &cfg->ipsecmod_hook,
> cfg->chrootdir
> ,
> cfg);
>
> I want to ship unbound with the ipsecmod module enabled via the
> modules line, but activated via unbound-control. This means that
> the unbound.conf needs no changes when switching from regular mode
> to the mode where it uses the ipsec module for lookups. Currently,
> the ipsecmod hook is checked for, but if people don't have libreswan
> installed, unbound-checkconf fails, and with the systemd service,
> it means unbound won't start.
>
> I've patched this check out to prevent this.
>
> Paul
> ps. minor nit: you should rename check_chroot_string() if you use
> it for multiple things, one of which does not involve chroot :)
signature.asc
Description: OpenPGP digital signature
