unbound in testing currently will fail to start after initial installation (#492243). i'd like to propose the just uploaded 1.0.1-2 for lenny: diff -u unbound-1.0.1/debian/changelog unbound-1.0.1/debian/changelog --- unbound-1.0.1/debian/changelog +++ unbound-1.0.1/debian/changelog @@ -1,3 +1,10 @@ +unbound (1.0.1-2) unstable; urgency=low + + * unbound tries too hard to chroot(); ship a default config that doesn't + fail to start on new installs; closes: #492243. + + -- Robert S. Edmonds <edmonds@debian.org> Sat, 02 Aug 2008 17:46:24 -0400 + unbound (1.0.1-1) unstable; urgency=low * New upstream release. diff -u unbound-1.0.1/debian/unbound.README.Debian unbound-1.0.1/debian/unbound.README.Debian --- unbound-1.0.1/debian/unbound.README.Debian +++ unbound-1.0.1/debian/unbound.README.Debian @@ -7,10 +7,7 @@ to enabled a chrooted unbound on Debian, please -1) tell the init script to populate the chroot at /var/lib/unbound by -setting CHROOT=yes in /etc/default/unbound. - -2) configure your logging daemon to read additional log messages from the +1) configure your logging daemon to read additional log messages from the unix socket /var/lib/unbound/dev/log. for sysklogd, add "-a /var/lib/unbound/dev/log" to the arguments passed to @@ -28,6 +25,6 @@ -3) remove the chroot: "" line from /etc/unbound/unbound.conf that ships in -the default Debian unbound config file. +2) comment out or remove the line chroot: "" and uncomment or add the line +chroot: "/var/lib/unbound" in the config file /etc/unbound/unbound.conf. -4) restart unbound. +3) restart unbound. - -- Robert S. Edmonds <edmonds@debian.org> Sun, 15 Jun 2008 17:25:04 -0400 + -- Robert S. Edmonds <edmonds@debian.org> Sat, 02 Aug 2008 17:51:18 -0400 diff -u unbound-1.0.1/debian/unbound.default unbound-1.0.1/debian/unbound.default --- unbound-1.0.1/debian/unbound.default +++ unbound-1.0.1/debian/unbound.default @@ -4,2 +4,4 @@ # automatic chroot setup in the init script +# set to 'no' to disable +# see /usr/share/doc/unbound/README.Debian #CHROOT=yes diff -u unbound-1.0.1/debian/unbound.init unbound-1.0.1/debian/unbound.init --- unbound-1.0.1/debian/unbound.init +++ unbound-1.0.1/debian/unbound.init @@ -13,7 +13,7 @@ test -f /etc/default/$NAME && . /etc/default/$NAME install_chroot() { - if [ "$CHROOT" = "yes" ]; then + if [ "$CHROOT" != "no" ]; then uninstall_chroot [ -d $CHROOT_DIR/etc ] || mkdir -p $CHROOT_DIR/etc [ -d $CHROOT_DIR/dev ] || mkdir -p $CHROOT_DIR/dev @@ -33,7 +33,7 @@ test -d $CHROOT_DIR/etc/unbound && rm -rf $CHROOT_DIR/etc/unbound } -already_running() { +daemon_stopped() { start-stop-daemon --start --pidfile $PIDFILE \ --startas $DAEMON --test >/dev/null 2>&1 } @@ -41,7 +41,7 @@ case "$1" in start) log_daemon_msg "Starting $DESC" "$NAME" - if ! already_running; then + if daemon_stopped; then install_chroot fi if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then diff -u unbound-1.0.1/debian/patches/series unbound-1.0.1/debian/patches/series --- unbound-1.0.1/debian/patches/series +++ unbound-1.0.1/debian/patches/series @@ -1,0 +2,2 @@ +20_chroot_conf +40_disable_check_chroot_filelist only in patch2: unchanged: --- unbound-1.0.1.orig/debian/patches/20_chroot_conf +++ unbound-1.0.1/debian/patches/20_chroot_conf @@ -0,0 +1,12 @@ +Index: unbound-1.0.1/doc/example.conf.in +=================================================================== +--- unbound-1.0.1.orig/doc/example.conf.in 2008-08-02 17:44:40.022591946 -0400 ++++ unbound-1.0.1/doc/example.conf.in 2008-08-02 17:44:46.429326566 -0400 +@@ -163,6 +163,7 @@ + # + # If you give "" no chroot is performed. The path must not end in a /. + # chroot: "@UNBOUND_CHROOT_DIR@" ++ chroot: "" + + # if given, user privileges are dropped (after binding port), + # and the given username is assumed. Default is user "unbound". -- Robert Edmonds edmonds@debian.org
Attachment:
signature.asc
Description: Digital signature