HomeFreeBSD
Diffusion FreeBSD src repository 058a4e341942

Prevent resolvconf from updating /etc/resolv.conf. As Jakob Schlyter
058a4e341942
Actions

Description

Prevent resolvconf from updating /etc/resolv.conf. As Jakob Schlyter
pointed out, having additional nameservers listed in /etc/resolv.conf
can break DNSSEC verification by providing a false positive if unbound
returns SERVFAIL due to an invalid signature. The downside is that
the domain / search path won't get updated either, but we can live
with that.

Approved by: re (blanket)

Details

Provenance
desAuthored on Sep 23 2013, 8:06 PM
Parents
rG3f32c6fb5646: Move local_unbound up in the rc order.
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (1)

PathSize
usr.sbin/
unbound/
local-setup/

rG058a4e341942

View Options

usr.sbin/unbound/local-setup/local-unbound-setup.sh

Loading...