Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 05 Mar 2020 14:00:50 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 244600] dns/knot-resolver: [patch] fix critical cache space pre-allocation failure bug and add rc scripts
Message-ID:  <bug-244600-7788-04tSMvTPOZ@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-244600-7788@https.bugs.freebsd.org/bugzilla/>
References:  <bug-244600-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244600

--- Comment #3 from yds <yds@Necessitu.de> ---
(In reply to Vladim=C3=ADr =C4=8Cun=C3=A1t from comment #2)

Vladim=C3=ADr, first of all, thank you so much for fixing the "cache space
pre-allocation" bug so quick and taking your time to look over this patch.

probably best to remove pkg-message at this point if the links are stale.
there's nothing very useful there considering that with the new rc scripts =
from
this patch, to run as daemon, all that needs to be done is setting
/etc/rc.conf:

    kresd_enable=3D"YES"
    krescachegc_enable=3D"YES"

FWIW, I'm already running kresd with this patch, it works but (as the first
comment points out) the Lua dependencies have to be revised for full
functionality. Some of the new Lua dependencies need to be ported to FreeBSD
first.=20

Re: managed TA: This patch satisfies this requirement from the docs:

> In case you want to have automatically managed DNSSEC trust anchors
> instead, set -Dmanaged_ta=3Denabled and make sure both keyfile_default
> file and its parent directories are writable by kresd process
> (after package installation!).

if the end user wants to disable managed_ta it's much easier and more secur=
e to
simply make root.keys not writable by the kresd user in the RUNDIR rather t=
han
requiring the end user to make ETCDIR writable by the kresd user. It also l=
ooks
better to not be throwing errors upon startup, IMHO.

FWIW, the Unbound port updates its TA via rc script upon startup as well.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-244600-7788-04tSMvTPOZ>