From owner-freebsd-net@freebsd.org Tue Nov 21 06:45:32 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 347A2DE4E95 for ; Tue, 21 Nov 2017 06:45:32 +0000 (UTC) (envelope-from alex@zagrebin.ru) Received: from mail.zagrebin.ru (srv0.zagrebin.ru [IPv6:2001:470:1f15:30e::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DFF142A9A; Tue, 21 Nov 2017 06:45:31 +0000 (UTC) (envelope-from alex@zagrebin.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zagrebin.ru ; s=mail; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=EOmFyD/ACsjWHsgrhzaj0BjE6XCtBfeFUAuMQtezTfY=; b=fSgxyHcsqnS/BgMQSU8jK0r6ru UYrAtS/se15tcpYPsA9/5eDLsliK+R5WEnOMJuKHQZdJPuGb5xqu8wrWIvZkSK359fGc9q0WE0yyh 5tUyD6cxR+nN49R0WuA/WnH4FuZ1R0Wskec+g0BGqzHsMtM6SsdrflEMWFI57Yt0WkfjqClFHinYe ltOVJCr3Jwq9fNF3lgp9A41sEK4+afxK8eczzJ5tKaFT+5koJSsFCnXsW5bGW1sIwdKnfeW00vXUC bVvaIT+QzGikFEJapuVp9Ae1rWZitIlVJOC+687Y/jVEon8q5urwRmExqaKvUyKUOhOwcKyQVn8dN G+ZloAFw==; Received: from [2001:470:1f15:30e::2] (helo=vm2.home.zagrebin.ru) by mail.zagrebin.ru with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89 (FreeBSD)) (envelope-from ) id 1eH2JD-000LCg-Iw; Tue, 21 Nov 2017 09:45:27 +0300 Date: Tue, 21 Nov 2017 09:45:27 +0300 From: Alexander Zagrebin To: freebsd-net@freebsd.org Cc: Dag-Erling =?UTF-8?B?U23DuHJncmF2?= , Andriy Gapon Subject: Re: local_unbound, resolvconf, vpn Message-ID: <20171121094527.0952f3b9@vm2.home.zagrebin.ru> In-Reply-To: <86tvxp6jja.fsf@desk.des.no> References: <5689438f-6734-6b57-b700-d70ee2b7578a@FreeBSD.org> <86a7zq8er7.fsf@desk.des.no> <8a098542-9f04-3a41-76f1-e463e3e89c99@FreeBSD.org> <86y3n16mez.fsf@desk.des.no> <37f97bc5-5187-2700-5811-a9cf173eeb10@FreeBSD.org> <86tvxp6jja.fsf@desk.des.no> X-Mailer: Claws Mail 3.15.1 (GTK+ 2.24.31; amd64-portbld-freebsd11.1) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Nov 2017 06:45:32 -0000 Hi! Also I have to notice that there is another issue with the default local_unbound setup: by default unbound uses syslog for logging, but usually the local_unbound service starts before syslogd and so logging doesn't work until local_unbound will be reloaded. So it's looks reasonable to use logging to file by default. As unbound runs in chroot, the log file has to be inside of the /var/unbound directory, but now this directory contains a config files. I suggest to change the /var/unbound structure to be more hier(7) friendly. For example, /var /unbound /etc - unbound configuration files /conf.d - additional configuration files /var /log - unbound log files -- Alexander Zagrebin