Hide Forgot
Created attachment 1109790 [details] Patch that fixes the problem Description of problem: When starting up unbound the first time it fails. When running unbound-checkconf, it complains about missing /etc/unbound/unbound_server.pem The problem is the setup script /usr/sbin/unbound-control-setup which mistakenly escapes shell characters. Removing the \n fixes the problem. See also upstream bug 729 https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=729 Version-Release number of selected component (if applicable): unbound-1.5.7 How reproducible: Always Steps to Reproduce: 1. dnf -y install unbound 2. systemctl start unbound.service Actual results: ec 27 10:07:42 dns.example.com systemd[1]: Starting Unbound Control Key And Certificate Generator... -- Subject: Unit unbound-keygen.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit unbound-keygen.service has begun starting up. Dec 27 10:07:42 dns.example.com unbound-control-setup[7125]: setup in directory /etc/unbound/ Dec 27 10:07:42 dns.example.com unbound-control-setup[7125]: generating unbound_server.key Dec 27 10:07:42 dns.example.com unbound-control-setup[7125]: Generating RSA private key, 3072 bit long modulus Dec 27 10:07:43 dns.example.com unbound-control-setup[7125]: ...................++ Dec 27 10:07:45 dns.example.com unbound-control-setup[7125]: ..................++ Dec 27 10:07:45 dns.example.com unbound-control-setup[7125]: unable to write 'random state' Dec 27 10:07:45 dns.example.com unbound-control-setup[7125]: e is 65537 (0x10001) Dec 27 10:07:45 dns.example.com unbound-control-setup[7125]: generating unbound_control.key Dec 27 10:07:45 dns.example.com unbound-control-setup[7125]: Generating RSA private key, 3072 bit long modulus Dec 27 10:07:54 dns.example.com unbound-control-setup[7125]: ........................................................... Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: .............................................++ Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: unable to write 'random state' Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: e is 65537 (0x10001) Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: create unbound_server.pem (self signed certificate) Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: error on line 6 of request.cfg Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: 3071420196:error:0E079065:configuration file routines:DEF_L Dec 27 10:07:58 dns.example.com unbound-control-setup[7125]: /usr/sbin/unbound-control-setup fatal error: could not crea Dec 27 10:07:58 dns.example.com systemd[1]: unbound-keygen.service: Main process exited, code=exited, status=1/FAILURE Dec 27 10:07:58 dns.example.com systemd[1]: Failed to start Unbound Control Key And Certificate Generator. -- Subject: Unit unbound-keygen.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit unbound-keygen.service has failed. -- -- The result is failed. Expected results: Self signed certificate gets created and unbound successfully started up Additional info: Same applies for Fedora rawhide.
Ran into this issue as well. The bug report targets fedora-23 but I just wanted to note that it is broken on fedora-22 as well.
unbound-1.5.7-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2016-6cf11cb6b5
unbound-1.5.7-2.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-554095acdd
unbound-1.5.7-2.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-554095acdd
unbound-1.5.7-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-6cf11cb6b5
unbound-1.5.7-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
unbound-1.5.7-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
unbound-1.5.8-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a8f0c9c3c
unbound-1.5.8-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a8f0c9c3c
unbound-1.5.8-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.