diff options
| author |   sthen <sthen@openbsd.org> | 2015-07-19 17:31:21 +0000 |
|---|---|---|
| committer | sthen <sthen@openbsd.org> | 2015-07-19 17:31:21 +0000 |
| commit | c5f028573bc96ba10f4e28401fb9e50f3ea47fbe (patch) | |
| tree | aaf28394b76e481a053c114922dd752caa64cb4e | |
| parent | change default unbound config to enable the control socket, without using (diff) | |
| download | wireguard-openbsd-c5f028573bc96ba10f4e28401fb9e50f3ea47fbe.tar.xz wireguard-openbsd-c5f028573bc96ba10f4e28401fb9e50f3ea47fbe.zip | |
remove code from unbound's rc script that generates control keys/certs if
control-enable is used, our standard configuration is using unix domain sockets
without certs. existing setups with already-created certificates are ok, if
somebody needs remote+certs they can generate keys themself. ok florian@
| -rw-r--r-- | etc/rc.d/unbound | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/etc/rc.d/unbound b/etc/rc.d/unbound index c591b0b1b45..378031b90e0 100644 --- a/etc/rc.d/unbound +++ b/etc/rc.d/unbound @@ -1,6 +1,6 @@ #!/bin/sh # -# $OpenBSD: unbound,v 1.2 2014/12/29 11:17:43 ajacoutot Exp $ +# $OpenBSD: unbound,v 1.3 2015/07/19 17:31:21 sthen Exp $ daemon="/usr/sbin/unbound" daemon_flags="-c /var/unbound/etc/unbound.conf" @@ -10,14 +10,6 @@ daemon_flags="-c /var/unbound/etc/unbound.conf" pexp="unbound${daemon_flags:+ ${daemon_flags}}" rc_pre() { - if grep '^[[:space:]]*control-enable:[[:space:]]*yes' \ - /var/unbound/etc/unbound.conf > /dev/null 2>&1 && \ - ! [[ -f /var/unbound/etc/unbound_server.key || - -f /var/unbound/etc/unbound_server.pem || - -f /var/unbound/etc/unbound_control.key || - -f /var/unbound/etc/unbound_control.pem ]]; then - /usr/sbin/unbound-control-setup 2> /dev/null - fi if grep '^[[:space:]]*auto-trust-anchor-file:' \ /var/unbound/etc/unbound.conf > /dev/null 2>&1; then /usr/sbin/unbound-anchor -v || true |