ee8b15cad2
If Unbound was disabled and at later time enabled, then it would operate in DNSSEC less-secure mode. When NTP hotplug was called, the timestamp file was not updated. This was found testing Unbound vs other tools (bind, dnsmasq). Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
26 lines
896 B
Bash
Executable file
26 lines
896 B
Bash
Executable file
#!/bin/sh
|
|
##############################################################################
|
|
#
|
|
# Copyright (C) 2016 Eric Luehrsen
|
|
#
|
|
##############################################################################
|
|
#
|
|
# "Restart" Unbound on hotplug NTP ready:
|
|
# - Only do this the first time when no file exists
|
|
# - Some of Unbound conf options to not reload run time
|
|
# - Change the enable flag for DNSSEC date-time checking
|
|
#
|
|
##############################################################################
|
|
|
|
# Common file location definitions
|
|
. /usr/lib/unbound/unbound.sh
|
|
|
|
##############################################################################
|
|
|
|
if [ "$ACTION" = stratum -a ! -f "$UNBOUND_TIMEFILE" ] ; then
|
|
echo "ntpd: $( date )" > $UNBOUND_TIMEFILE
|
|
/etc/init.d/unbound enabled && /etc/init.d/unbound restart
|
|
fi
|
|
|
|
##############################################################################
|
|
|