Maintained by: NLnet Labs

[Unbound-users] Patch: wildcard for include: statement

Valentin Bud
Wed Sep 26 20:51:22 CEST 2012


On Wed, Sep 26, 2012 at 8:33 PM, Paul Wouters <paul at nohats.ca> wrote:
> On Wed, 26 Sep 2012, Robert Edmonds wrote:
>
>> +1 to ".d" style configuration.
>
>
> I build exactly that into rawhide just now:
>
> http://koji.fedoraproject.org/koji/taskinfo?taskID=4529344
>
> It uses /etc/unbound.d/{keys.d,conf.d,local.d}
>
> The split between conf.d and local.d is required because the current
> unbound.conf parser cannot take local-data: statements outside of
> the server: section. It would be nice if these could be merged, as
> the difference might not be very obvious to end users.
>
>
>>  but i think your patch is missing an update to doc/unbound.conf.5.in :)
>
>
> :)
>
> --- unbound-1.4.18-orig/doc/unbound.conf.5.in   2012-08-02
> 03:26:14.000000000 -0400
> +++ unbound-1.4.18/doc/unbound.conf.5.in        2012-09-26
> 13:31:33.651165651 -0400
> @@ -71,7 +71,7 @@
>  .P
>  Files can be included using the
>  .B include:
> -directive. It can appear anywhere, and takes a single filename as an
> argument.
> +directive. It can appear anywhere, and accepts wildcards as an argument.
>  Processing continues as if the text from the included file was copied into
>  the config file at that point.  If also using chroot, using full path names
>  for the included files works, relative pathnames for the included names
> work
>
> Paul
>
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

Hi Paul,

Both patches work. I have built Unbound 1.4.18 on CentOS 6.3 and it
works. Thank you for this.

I use Unbound in a (very) dynamic environment. I use
unbound-control(8) to load zones and data when clients connect to the
network. I plan to save the local zones and local data to files so in
case I restart Unbound or if it crashes some how I have (quite) the
latest information. I plan to write a cron script to do this job on
each Unbound machine.

Do you think it would be useful if Unbound could do this by itself?
For example, whenever local-data gets inserted Unbound could dump it
to the disk. Maybe that's too expensive in terms of resources and
could slow down Unbound. Maybe an unbound-control(8) command that
takes the file name as an argument and dumps local data in that file.

Of course I can use unbound-control list_local_data and redirect the
output to a file on disk. But when I update a remote Unbound server
that's not so easy. Yes, I can use an ssh connection and run
unbound-control, but that's not so nice :).

For me, in my particular use case this would be very useful. Please
share your thoughts on this.

Cheers and Goodwill,
v