Maintained by: NLnet Labs

[Unbound-users] Patch: wildcard for include: statement

Valentin Bud
Wed Sep 26 20:51:22 CEST 2012

On Wed, Sep 26, 2012 at 8:33 PM, Paul Wouters <paul at> wrote:
> On Wed, 26 Sep 2012, Robert Edmonds wrote:
>> +1 to ".d" style configuration.
> I build exactly that into rawhide just now:
> It uses /etc/unbound.d/{keys.d,conf.d,local.d}
> The split between conf.d and local.d is required because the current
> unbound.conf parser cannot take local-data: statements outside of
> the server: section. It would be nice if these could be merged, as
> the difference might not be very obvious to end users.
>>  but i think your patch is missing an update to doc/ :)
> :)
> --- unbound-1.4.18-orig/doc/   2012-08-02
> 03:26:14.000000000 -0400
> +++ unbound-1.4.18/doc/        2012-09-26
> 13:31:33.651165651 -0400
> @@ -71,7 +71,7 @@
>  .P
>  Files can be included using the
>  .B include:
> -directive. It can appear anywhere, and takes a single filename as an
> argument.
> +directive. It can appear anywhere, and accepts wildcards as an argument.
>  Processing continues as if the text from the included file was copied into
>  the config file at that point.  If also using chroot, using full path names
>  for the included files works, relative pathnames for the included names
> work
> Paul
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at

Hi Paul,

Both patches work. I have built Unbound 1.4.18 on CentOS 6.3 and it
works. Thank you for this.

I use Unbound in a (very) dynamic environment. I use
unbound-control(8) to load zones and data when clients connect to the
network. I plan to save the local zones and local data to files so in
case I restart Unbound or if it crashes some how I have (quite) the
latest information. I plan to write a cron script to do this job on
each Unbound machine.

Do you think it would be useful if Unbound could do this by itself?
For example, whenever local-data gets inserted Unbound could dump it
to the disk. Maybe that's too expensive in terms of resources and
could slow down Unbound. Maybe an unbound-control(8) command that
takes the file name as an argument and dumps local data in that file.

Of course I can use unbound-control list_local_data and redirect the
output to a file on disk. But when I update a remote Unbound server
that's not so easy. Yes, I can use an ssh connection and run
unbound-control, but that's not so nice :).

For me, in my particular use case this would be very useful. Please
share your thoughts on this.

Cheers and Goodwill,