Juergen Daubert
e012bd8dd5
includes a fix for the DoS vulnerability CVE-2014-8602. See http://www.unbound.net/downloads/CVE-2014-8602.txt |
||
---|---|---|
.. | ||
.footprint | ||
.md5sum | ||
Pkgfile | ||
pre-install | ||
README | ||
unbound |
README for unbound 1.* REQUIREMENTS PRE/POST-INSTALL 1. Create a user/group unbound with a unused id < 99 or run the provided pre-install script: 'groupadd -g 41 unbound' 'useradd -u 41 -g unbound -d /etc/unbound -s /bin/false unbound' 'passwd -l unbound' PRECAUTION To enable DNSSEC validation all you have to do is to enable the "auto-trust-anchor-file" option in /etc/unbound/unbound.conf. Unbound runs as default within a chroot located at /etc/unbound, therefor the anchor-file has to reside somewhere below the chroot directory. The default is /etc/unbound/anchor/root.key. The effective user unbound is running as (default: unbound) needs write access to /etc/unbound/anchor to update the trust anchor for DNSSEC validation. Adjust the owner of that directory if you run unbound as a different user.