Hi, unbound-1.24.0 OS: stable/15-n280740-317a5dd0288e GENERIC amd64 built today (Oct 18th) ports tree @ 722054 (also today) If one invokes % doas service -R this happens: Stopping unbound. Waiting for PIDS: 96734. Obtaining a trust anchor..unbound@HOME.ARPA's Password: This is new. Is it expected? (enter bad passwd to check output) su: krb5_verify_user: unable to reach any KDC in realm HOME.ARPA . Starting unbound. % doas service unbound status unbound is running as pid 48423. To restore previous behaviour, one needs to become root beforehand: # service -R Stopping unbound. Waiting for PIDS: 7300. Obtaining a trust anchor... Starting unbound. This is only with service -R started via doas. % doas service unbound start/stop/restart works as expected The system has never had kerebos client or server configured or knowingly running for anything.
(In reply to void from comment #0) No idea what causes this. It seems to me a problem with doas which I never use. Looking at the man doas, maybe the one should issue the command as "doas -- service -R" to prevent the -R being interpret by doas?
(In reply to Jaap Akkerhuis from comment #1) I dunno. The problem is not present on 14.3-p3. I know there have been changes with MIT/Hemidal/Kerebos in stable/15 of late but I don't know the detail. I think maybe this has something to do with it. The versions of both unbound and doas on both the 14.3 machine and the stable/15 machine are the same. The 14.3 machine is armm64.aarch64 managed with freebsd-update. The stable/15 is source built. /etc/src.conf on the stable/15 box has this: KERNCONF=GENERIC WITH_CCACHE_BUILD= CCACHE_PREFIX=/usr/local/bin # WITHOUT_DEBUG_FILES= WITHOUT_FLOPPY= WITHOUT_FREEBSD_UPDATE= WITHOUT_GOOGLETEST= WITHOUT_GPIO= WITHOUT_HTML= WITHOUT_LPR= WITHOUT_REPRODUCIBLE_BUILD= WITH_SORT_THREADS= WITHOUT_TESTS= # we want unbound from the ports WITHOUT_UNBOUND= WITHOUT_WIRELESS= WITHOUT_WPA_SUPPLICANT_EAPOL=