On 04/11/2015 15:49, Tomas Hozza wrote:
If you have some strong technical argument for this behavior I would
be more than glad to hear it. The reason is that similar people will
fight hard against having Unbound as the default DNS resolver in
Fedora, which is our ultimate plan. Ability to spare hundreds of
emails arguing with them would be great :)
Which "behaviour"?
I'm honestly confused. As far as I can tell, everything is working as
designed here.
The code tries to open an IPv6 socket, the kernel tries to load the
module, SELinux denies and logs this. Each of these items is by design.
Which are you suggesting should change?
Is it the audit log that is annoying people? If so, the SELinux policy
should be a dontaudit.
Can we agree that unbound-anchor should not be reading sysctls to change
it's behaviour?
