From 990dedff8af004dec891c56a61b15fd43993808b Mon Sep 17 00:00:00 2001 From: Paul Wouters Date: Oct 09 2009 02:41:00 +0000 Subject: updated init script. --- diff --git a/unbound.init b/unbound.init index 3df6048..9fb6a8e 100644 --- a/unbound.init +++ b/unbound.init @@ -11,6 +11,8 @@ # Provides: unbound # Required-Start: $network $local_fs # Required-Stop: $network $local_fs +# Default-Start: +# Default-Stop: 0 1 2 3 4 5 6 # Should-Start: $syslog # Should-Stop: $syslog # Short-Description: unbound recursive Domain Name Server. @@ -25,28 +27,46 @@ exec="/usr/sbin/unbound" config="/etc/unbound/unbound.conf" rootdir="/var/lib/unbound" pidfile="/var/run/unbound/unbound.pid" +piddir=`dirname $pidfile` [ -e /etc/sysconfig/unbound ] && . /etc/sysconfig/unbound +[ -e /etc/sysconfig/dnssec ] && . /etc/sysconfig/dnssec lockfile=/var/lock/subsys/unbound +[ -x /usr/sbin/dnssec-configure ] && [ -r "$config" ] && + [ /etc/sysconfig/dnssec -nt "$config" ] && \ + /usr/sbin/dnssec-configure -u --norestart --dnssec="$DNSSEC" --dlv="$DLV" + start() { [ -x $exec ] || exit 5 [ -f $config ] || exit 6 + # /var/run could (and should) be tmpfs + [ -d $piddir ] || mkdir $piddir if [ ! -f /etc/unbound/unbound_control.key ] then echo -n $"Generating unbound control key and certificate: " /usr/sbin/unbound-control-setup -d /etc/unbound/ > /dev/null 2> /dev/null + chgrp unbound /etc/unbound/unbound_*key /etc/unbound/unbound_*pem [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled && \ [ -x /sbin/restorecon ] && /sbin/restorecon /etc/unbound/* echo + else + # old init script created these as root instead of unbound. + if [ -G /etc/unbound/unbound_control.key ] + then + chgrp unbound /etc/unbound/unbound_*key /etc/unbound/unbound_*pem + [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled && \ + [ -x /sbin/restorecon ] && /sbin/restorecon /etc/unbound/* + echo + fi fi echo -n $"Starting unbound: " # if not running, start it up here - daemon $exec + daemon --pidfile=$pidfile $exec retval=$? [ $retval -eq 0 ] && touch $lockfile echo