|
Lines 22-28
Link Here
|
| 22 |
# You could set alternative config with |
22 |
# You could set alternative config with |
| 23 |
# unbound_config="/path/to/config" |
23 |
# unbound_config="/path/to/config" |
| 24 |
# |
24 |
# |
|
|
25 |
# A fib can be set for unbound with |
| 26 |
# unbound_fib=1 |
| 25 |
# |
27 |
# |
|
|
28 |
# Chroot dir is read from unbound_config by default but can be |
| 29 |
# overriden with |
| 30 |
# unbound_chrootdir="/my/own/path" |
| 31 |
# |
| 26 |
# Multiple profiles are supported with |
32 |
# Multiple profiles are supported with |
| 27 |
# |
33 |
# |
| 28 |
# unbound_profiles="name1 name2" |
34 |
# unbound_profiles="name1 name2" |
|
Lines 34-39
Link Here
|
| 34 |
# A fib can be set for each profile as in |
40 |
# A fib can be set for each profile as in |
| 35 |
# unbound_name1_fib=1 |
41 |
# unbound_name1_fib=1 |
| 36 |
# |
42 |
# |
|
|
43 |
# Specify custom chroot dir for each profile |
| 44 |
# unbound_name1_chrootdir="/path/to/chroot1" |
| 45 |
# |
| 46 |
# |
| 47 |
# N.B. unbound runs in chrooted enviroment with logs being sent to syslog(2) |
| 48 |
# Be sure to enable alternative log socket to allow continous log flow. |
| 49 |
# For syslogd(8) additional sockets can be configured with |
| 50 |
# altlog_proglist="${altlog_proglist} unbound" |
| 51 |
# unbound_chrootdir="%%PREFIX%%/etc/unbound" |
| 52 |
# |
| 53 |
# Please note that setting unbound_chrootdir is a MUST in this case. |
| 54 |
# |
| 37 |
|
55 |
|
| 38 |
. /etc/rc.subr |
56 |
. /etc/rc.subr |
| 39 |
|
57 |
|
|
Lines 55-63
Link Here
|
| 55 |
esac |
73 |
esac |
| 56 |
} |
74 |
} |
| 57 |
|
75 |
|
|
|
76 |
unbound_mount_devfs() { |
| 77 |
if [ -z "${unbound_chrootdir}" ]; then |
| 78 |
return; |
| 79 |
fi |
| 80 |
echo "Mounting devfs for chroot environment ${unbound_chrootdir}" |
| 81 |
umount "${unbound_chrootdir}/dev" 2>/dev/null |
| 82 |
mkdir -p ${unbound_chrootdir}/dev |
| 83 |
devfs_domount ${unbound_chrootdir}/dev devfsrules_hide_all |
| 84 |
devfs_apply_ruleset devfsrules_unhide_basic ${unbound_chrootdir}/dev |
| 85 |
} |
| 86 |
|
| 87 |
unbound_poststop() { |
| 88 |
if [ -z "${unbound_chrootdir}" ]; then |
| 89 |
return; |
| 90 |
fi |
| 91 |
umount "${unbound_chrootdir}/dev" 2>/dev/null |
| 92 |
} |
| 93 |
|
| 94 |
unbound_check_syslog_socket() { |
| 95 |
[ "xyes" = "x$(%%PREFIX%%/sbin/unbound-checkconf -o use-syslog ${unbound_config})" ] || return; |
| 96 |
syslog_socket_path="${unbound_chrootdir}/var/run/log" |
| 97 |
if ! [ -S "${syslog_socket_path}" ]; then |
| 98 |
echo "Unbound is configured for logging via syslog(3) and $syslog_socket_path is not a socket" |
| 99 |
fi |
| 100 |
} |
| 101 |
|
| 58 |
start_precmd() |
102 |
start_precmd() |
| 59 |
{ |
103 |
{ |
| 60 |
unbound_startfib |
104 |
unbound_startfib |
|
|
105 |
unbound_mount_devfs |
| 106 |
unbound_check_syslog_socket |
| 61 |
|
107 |
|
| 62 |
echo -n "Obtaining a trust anchor.." |
108 |
echo -n "Obtaining a trust anchor.." |
| 63 |
if [ "${unbound_anchorflags}T" = "T" ]; then |
109 |
if [ "${unbound_anchorflags}T" = "T" ]; then |
|
Lines 66-72
Link Here
|
| 66 |
su -m unbound -c "%%PREFIX%%/sbin/unbound-anchor ${unbound_anchorflags}" |
112 |
su -m unbound -c "%%PREFIX%%/sbin/unbound-anchor ${unbound_anchorflags}" |
| 67 |
fi |
113 |
fi |
| 68 |
echo . |
114 |
echo . |
| 69 |
%%PREFIX%%/sbin/unbound-checkconf ${unbound_conf} > /dev/null |
115 |
%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} > /dev/null |
| 70 |
return $? |
116 |
return $? |
| 71 |
} |
117 |
} |
| 72 |
|
118 |
|
|
Lines 76-82
Link Here
|
| 76 |
: ${unbound_config:=%%PREFIX%%/etc/unbound/unbound.conf} |
122 |
: ${unbound_config:=%%PREFIX%%/etc/unbound/unbound.conf} |
| 77 |
|
123 |
|
| 78 |
# Set PID file |
124 |
# Set PID file |
| 79 |
pidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile %%PREFIX%%/etc/unbound/unbound.conf) |
125 |
pidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config}) |
| 80 |
|
126 |
|
| 81 |
required_files=${unbound_config} |
127 |
required_files=${unbound_config} |
| 82 |
command="%%PREFIX%%/sbin/${name}" |
128 |
command="%%PREFIX%%/sbin/${name}" |
|
Lines 84-91
Link Here
|
| 84 |
unbound_anchorflags=${unbound_anchorflags:-""} |
130 |
unbound_anchorflags=${unbound_anchorflags:-""} |
| 85 |
extra_commands="reload" |
131 |
extra_commands="reload" |
| 86 |
start_precmd="start_precmd" |
132 |
start_precmd="start_precmd" |
| 87 |
reload_precmd="%%PREFIX%%/sbin/unbound-checkconf ${unbound_conf} >/dev/null" |
133 |
reload_precmd="%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} >/dev/null" |
|
|
134 |
stop_postcmd=unbound_poststop |
| 88 |
|
135 |
|
|
|
136 |
_cfgchrootdir=$(%%PREFIX%%/sbin/unbound-checkconf -o chroot ${unbound_config}) |
| 137 |
unbound_chrootdir=${unbound_chrootdir:-${_cfgchrootdir}} |
| 138 |
|
| 89 |
load_rc_config "${name}" |
139 |
load_rc_config "${name}" |
| 90 |
|
140 |
|
| 91 |
if [ -n "$2" ]; then |
141 |
if [ -n "$2" ]; then |
|
Lines 101-106
Link Here
|
| 101 |
# Replace default value with profile-based (defined in the config file) |
151 |
# Replace default value with profile-based (defined in the config file) |
| 102 |
_cfgpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config}) |
152 |
_cfgpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config}) |
| 103 |
_defaultpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile /dev/null) |
153 |
_defaultpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile /dev/null) |
|
|
154 |
_cfgchrootdir=$(%%PREFIX%%/sbin/unbound-checkconf -o chroot ${unbound_config}) |
| 155 |
|
| 156 |
eval unbound_chrootdir="\${unbound_${profile}_chrootdir:-${_cfgchrootdir}}" |
| 104 |
|
157 |
|
| 105 |
if [ "x${_cfgpidfile}" = "x" -o "x${_cfgpidfile}" = "x${_defaultpidfile}" ] ; then |
158 |
if [ "x${_cfgpidfile}" = "x" -o "x${_cfgpidfile}" = "x${_defaultpidfile}" ] ; then |
| 106 |
pidfile=${_defaultpidfile} |
159 |
pidfile=${_defaultpidfile} |