PKG_NAME:=unbound
PKG_VERSION:=1.5.9
-PKG_RELEASE:=2
+PKG_RELEASE:=3
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
SUBMENU:=IP Addresses and Names
TITLE+= (daemon)
DEPENDS+= +libunbound
+ USERID:=unbound:unbound
endef
define Package/unbound/description
--with-libexpat="$(STAGING_DIR)/usr" \
--with-ssl="$(STAGING_DIR)/usr" \
--with-pidfile=/var/run/unbound.pid \
+ --with-user=unbound \
--without-pthreads
define Package/unbound/conffiles
USE_PROCD=1
start_service() {
+ find /etc/unbound \! \( -user unbound -group unbound \) \
+ -exec chown unbound:unbound {} \;
+
+ find /etc/unbound \( -perm +027 -o \! -perm -600 \) \
+ -exec chmod u=rwX,g=rX,o= {} \;
+
procd_open_instance
procd_set_param command /usr/sbin/unbound
procd_append_param command -d # don't daemonize
# if given, a chroot(2) is done to the given directory.
# i.e. you can chroot to the working directory, for example,
-@@ -218,6 +233,7 @@ server:
- # and the given username is assumed. Default is user "unbound".
- # If you give "" no privileges are dropped.
- # username: "@UNBOUND_USERNAME@"
-+ username: ""
-
- # the working directory. The relative files in this config are
- # relative to this directory. If you give "" the working directory
@@ -266,12 +284,15 @@ server:
# positive value: fetch that many targets opportunistically.
# Enclose the list of numbers between quotes ("").
projects / feed / packages.git / commitdiff