Package: dnssec-trigger Version: 0.17+repack-3 Severity: normal I get errors like the ones below in my systemd journal until I enable the unbound remote-control option using the dnssec-trigger script for that, but the script does that in the wrong way.
Instead, the added line should be in a snippet dropped into the unbound configuration directory so that the config file change doesn't cause dpkg conffile prompts when upgrading unbound. Also the postinst needs to run the script with the -i option so that it installs the unbound config file changes and can thus control unbound by default. $ grep -C2 setup /var/lib/dpkg/info/dnssec-trigger.postinst case "$1" in configure) dnssec-trigger-control-setup ;; $ grep -r remote-control /etc/unbound/unbound.conf* $ sudo dnssec-trigger-control-setup -i $ tail -n 1 /etc/unbound/unbound.conf remote-control: control-enable: yes # linetag-dnssec-trigger $ tail -n1 /etc/unbound/unbound.conf | sudo tee /etc/unbound/unbound.conf.d/dnssec-trigger.conf $ sudo sed -i '/linetag-dnssec-trigger/d' /etc/unbound/unbound.conf Feb 27 08:09:29 dnssec-triggerd[24647]: [1551226169] unbound-control[24859:0] warning: control-enable is 'no' in the config file. Feb 27 08:09:29 dnssec-triggerd[24647]: [1551226169] unbound-control[24859:0] error: connect: Connection refused for 127.0.0.1 port 8953 Feb 27 08:09:29 dnssec-triggerd[24647]: [24647] warning: unbound-control exited with status 256, cmd: /usr/sbin/unbound-control forward fd57:944b:77d7::1 192.168.1.1 Feb 27 08:09:31 dnssec-triggerd[24647]: Traceback (most recent call last): Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/dnssec-trigger/dnssec-trigger-script", line 774, in <module> Feb 27 08:09:31 dnssec-triggerd[24647]: main() Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/dnssec-trigger/dnssec-trigger-script", line 761, in main Feb 27 08:09:31 dnssec-triggerd[24647]: Application(sys.argv).run() Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/dnssec-trigger/dnssec-trigger-script", line 472, in run Feb 27 08:09:31 dnssec-triggerd[24647]: self.method() Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/dnssec-trigger/dnssec-trigger-script", line 556, in run_setup Feb 27 08:09:31 dnssec-triggerd[24647]: self._unbound_set_negative_cache_ttl(UNBOUND_MAX_NEG_CACHE_TTL) Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/dnssec-trigger/dnssec-trigger-script", line 641, in _unbound_set_negative_cache_ttl Feb 27 08:09:31 dnssec-triggerd[24647]: subprocess.check_call(CMD, stdout=DEVNULL, stderr=DEVNULL) Feb 27 08:09:31 dnssec-triggerd[24647]: File "/usr/lib/python3.7/subprocess.py", line 347, in check_call Feb 27 08:09:31 dnssec-triggerd[24647]: raise CalledProcessError(retcode, cmd) Feb 27 08:09:31 dnssec-triggerd[24647]: subprocess.CalledProcessError: Command '['unbound-control', 'set_option', 'cache-max-negative-ttl:', '5']' returned non-zero exit status 1. -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dnssec-trigger depends on: ii gir1.2-nm-1.0 1.14.4-4 ii libc6 2.28-7 ii libgdk-pixbuf2.0-0 2.38.0+dfsg-7 ii libglib2.0-0 2.58.3-1 ii libgtk2.0-0 2.24.32-3 ii libldns2 1.7.0-3.1+b1 ii libssl1.1 1.1.1a-1 ii python3 3.7.2-1 ii python3-gi 3.30.4-1 ii python3-lockfile 1:0.12.2-2 ii sensible-utils 0.0.12 ii unbound 1.9.0-2 dnssec-trigger recommends no packages. dnssec-trigger suggests no packages. -- no debconf information -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part