Maintained by: NLnet Labs

[Unbound-users] unbound and hobbit / xymon

W.C.A. Wijngaards
Mon May 18 09:01:42 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Gabriel,

It is very simply really, unbound-control complains that it cannot open
a file.   This file is created by unbound-control-setup ; but by default
that probably put it in /usr/local/etc/ like the system defaults, and
not in /var/unbound like in your tutorial.

Copy or symlink the files unbound_control.pem (*pem and *key) from where
they are now.

If you set chroot: "" in your config; some pathname mangling is
disabled, and this may make things work.  The right thing is to copy the
files, though.

Best regards,
   Wouter

Gabriel Petrescu wrote:
> Hi:)
> 
> I used unbound-control-setup  to generate the keys; they are located in:
> /usr/local/etc/unbound/
> 
> using the tutorial from:
> http://www.howtoforge.com/installing-using-unbound-nameserver-on-debian-etch
> 
> i've noticed the installed unbound.conf file is in
> /usr/local/etc/unbound/unbound.conf ; which is used by the system
> 
> and in tutorial shpould be in /var/unbound/unbound.conf
> 
> at this momemnt I have no clue what's woring.. no info in logs..
> 
> Gabi
> 
> On Sun, May 17, 2009 at 10:34 PM, W.C.A. Wijngaards <wouter at nlnetlabs.nl
> <mailto:wouter at nlnetlabs.nl>> wrote:
> 
> Hi Gabriel,
> 
> Did you run unbound-control-setup  to generate the key files?
> 
> It seems like it cannot read
> /var/unbound/usr/local/etc/unbound/unbound_control.pem.  Could this be
> due to a chroot: "/var/unbound" setting; do you have that?  Can the
> unbound server read the keys?
> 
> Where are the key files on your system?   What is the config file that
> unbound-control uses (unbound-control -h shows the name)?  Is that the
> correct config file?
> 
> Best regards,
>   Wouter
> 
> Gabriel Petrescu wrote:
>> about running unbound-control stat command
> 
>> here I get several errors:
> 
>> root at unbound3:~# unbound-control start
>> root at unbound3:~# unbound-control stats
>> error: Error setting up SSL_CTX client key and cert
>> 4281:error:02001002:system library:fopen:No such file or
> 
> directory:bss_file.c:352:fopen('/var/unbound/usr/local/etc/unbound/unbound_control.pem','r')
>> 4281:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
>> 4281:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system
>> lib:ssl_rsa.c:470:
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkoRB9YACgkQkDLqNwOhpPhqMQCfYDq293iPNmLnjt+l60ngH7o5
v94An3cH3wWwDWDbsqwi5v+gZUB5CP+M
=wiNe
-----END PGP SIGNATURE-----