diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:55:53 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 00:55:53 +0000 |
| commit | 3d0386f27ca66379acf50199e1d1298386eeeeb8 (patch) | |
| tree | f87bd4a126b3a843858eb447e8fd5893c3ee3882 /distro/deb/patches | |
| parent | Initial commit. (diff) | |
| download | knot-resolver-3d0386f27ca66379acf50199e1d1298386eeeeb8.tar.xz knot-resolver-3d0386f27ca66379acf50199e1d1298386eeeeb8.zip | |
Adding upstream version 3.2.1.upstream/3.2.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'distro/deb/patches')
| -rw-r--r-- | distro/deb/patches/0001-Update-documentation-of-keyfile-ro.patch | 41 | ||||
| -rw-r--r-- | distro/deb/patches/series | 1 |
2 files changed, 42 insertions, 0 deletions
diff --git a/distro/deb/patches/0001-Update-documentation-of-keyfile-ro.patch b/distro/deb/patches/0001-Update-documentation-of-keyfile-ro.patch new file mode 100644 index 0000000..53e6bb3 --- /dev/null +++ b/distro/deb/patches/0001-Update-documentation-of-keyfile-ro.patch @@ -0,0 +1,41 @@ +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Sat, 17 Feb 2018 15:52:20 -0500 +Subject: Update documentation of --keyfile-ro + +On Debian systems, we depend on the OS package management to update +the dns root data. Make the documentation for running with this +option less scary-sounding, as it is the default. +--- + doc/kresd.8.in | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/doc/kresd.8.in b/doc/kresd.8.in +index 266e9f0..6c5195b 100644 +--- a/doc/kresd.8.in ++++ b/doc/kresd.8.in +@@ -123,7 +123,7 @@ file at the default location (\fIconfig\fR). The syntax is + described in \fIdaemon/README.md\fR. + .TP + .B \-k\fI keyfile\fR, \fB\-\-keyfile=\fI<keyfile> +-(Recommended!) Automatically managed root trust anchors file. ++Automatically managed root trust anchors file. + Root trust anchors in this file are managed using standard RFC 5011 (Automated Updates of DNS Security Trust Anchors). + Kresd needs write access to the directory containing the keyfile. + +@@ -134,9 +134,14 @@ The file contains DNSKEY/DS records in presentation format, + and is compatible with Unbound and BIND 9 root key files. + .TP + .B \-K\fI keyfile\fR, \fB\-\-keyfile\-ro=\fI<keyfile> +-(Discouraged) Static root trust anchors file. The file is not updated by kresd. Use of this option is discouraged because it will break your installation when the trust anchor key changes! ++Static root trust anchors file. The file is not updated by ++kresd. Please ensure that any running kresd instances are restarted if ++the trust anchors change. (On Debian, kresd will be restarted ++automatically when the dns-root-data package updates ++/usr/share/dns/root.key, so nothing extra needs to be done unless you ++diverge from the default here.) + +-Default: "@KEYFILE_DEFAULT@" (can be empty if your distribution did not provide one) ++Default: "@KEYFILE_DEFAULT@" + .TP + .B \-m\fI path\fR, \fB\-\-moduledir=\fI<path> + Override the directory that is searched for modules. Default: @MODULEDIR@ diff --git a/distro/deb/patches/series b/distro/deb/patches/series new file mode 100644 index 0000000..5f6f9b5 --- /dev/null +++ b/distro/deb/patches/series @@ -0,0 +1 @@ +0001-Update-documentation-of-keyfile-ro.patch |