From owner-freebsd-ports-bugs@freebsd.org Thu Mar 5 14:00:51 2020 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 44DE726A72D for ; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 48YC8318jTz47sd for ; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 25BCA26A72B; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 257D426A72A for ; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48YC830Dl0z47sY for ; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 02AF182D2 for ; Thu, 5 Mar 2020 14:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 025E0owH084715 for ; Thu, 5 Mar 2020 14:00:50 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 025E0o3l084714 for ports-bugs@FreeBSD.org; Thu, 5 Mar 2020 14:00:50 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 244600] dns/knot-resolver: [patch] fix critical cache space pre-allocation failure bug and add rc scripts Date: Thu, 05 Mar 2020 14:00:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: yds@Necessitu.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Mar 2020 14:00:51 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244600 --- Comment #3 from yds --- (In reply to Vladim=C3=ADr =C4=8Cun=C3=A1t from comment #2) Vladim=C3=ADr, first of all, thank you so much for fixing the "cache space pre-allocation" bug so quick and taking your time to look over this patch. probably best to remove pkg-message at this point if the links are stale. there's nothing very useful there considering that with the new rc scripts = from this patch, to run as daemon, all that needs to be done is setting /etc/rc.conf: kresd_enable=3D"YES" krescachegc_enable=3D"YES" FWIW, I'm already running kresd with this patch, it works but (as the first comment points out) the Lua dependencies have to be revised for full functionality. Some of the new Lua dependencies need to be ported to FreeBSD first.=20 Re: managed TA: This patch satisfies this requirement from the docs: > In case you want to have automatically managed DNSSEC trust anchors > instead, set -Dmanaged_ta=3Denabled and make sure both keyfile_default > file and its parent directories are writable by kresd process > (after package installation!). if the end user wants to disable managed_ta it's much easier and more secur= e to simply make root.keys not writable by the kresd user in the RUNDIR rather t= han requiring the end user to make ETCDIR writable by the kresd user. It also l= ooks better to not be throwing errors upon startup, IMHO. FWIW, the Unbound port updates its TA via rc script upon startup as well. --=20 You are receiving this mail because: You are the assignee for the bug.=