[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#68621] [PATCH 0/2] Provide default DNSSEC trust anchors for knot-re
|
From: |
Leo Nikkilä |
|
Subject: |
[bug#68621] [PATCH 0/2] Provide default DNSSEC trust anchors for knot-resolver |
|
Date: |
Sat, 20 Jan 2024 23:23:42 +0200 |
The default DNSSEC trust anchors for knot-resolver are currently
disabled through a build phase, but configured when you use the default
kresd.conf file provided by Guix.
If you write your own configuration, you might expect kresd to have
DNSSEC enabled by default since this is what upstream does [1]. On Guix,
DNSSEC is disabled unless you provide the same custom path in your own
configuration and install the file into the appropriate location.
This set updates the package to be built with the correct path as the
default, and the service to use that path and install the default trust
anchors at activation time when missing.
[1]: https://knot-resolver.readthedocs.io/en/stable/config-dnssec.html
Leo Nikkilä (2):
gnu: knot-resolver: Re-enable default DNSSEC trust anchors.
services: knot-resolver: Use default DNSSEC trust anchors.
gnu/packages/dns.scm | 20 +++++++++++++-------
gnu/services/dns.scm | 17 +++++++++++++----
2 files changed, 26 insertions(+), 11 deletions(-)
base-commit: 9072f27f5d3514be22c6af208f2ad56ef4e112f4
--
2.41.0
- [bug#68621] [PATCH 0/2] Provide default DNSSEC trust anchors for knot-resolver,
Leo Nikkilä <=