mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity

unbound: fix boot time and default run directory 

Unbound struggles with boot ifup, so procd triggers changed to push
outside of this noise. Unbound has run in /var/lib/unbound/, so chroot
(jail) protects /etc/, and it can save flash wear. Compiled defaults
reflect this now, so Unbound tools are easier run on the command line.

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
This commit is contained in:
Eric Luehrsen 2018-07-31 22:59:24 -04:00
parent 74c043276a
commit 8830d72bbd
6 changed files with 211 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
net/unbound/Makefile
View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=unbound
PKG_VERSION:=1.7.3
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE
@ -36,7 +36,7 @@ define Package/unbound
SECTION:=net
CATEGORY:=Network
SUBMENU:=IP Addresses and Names
USERID:=unbound=553:unbound=553
USERID:=unbound:unbound
TITLE+= (daemon)
DEPENDS+= +libunbound
endef
@ -117,8 +117,10 @@ CONFIGURE_ARGS += \
--enable-tfo-server \
--with-libexpat="$(STAGING_DIR)/usr" \
--with-ssl="$(STAGING_DIR)/usr" \
--with-pidfile=/var/run/unbound.pid \
--with-user=unbound
--with-user=unbound \
--with-run-dir=/var/lib/unbound \
--with-conf-file=/var/lib/unbound/unbound.conf \
--with-pidfile=/var/run/unbound.pid
define Package/unbound/conffiles
/etc/config/unbound
@ -142,7 +144,7 @@ define Package/unbound/install
$(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/unbound
$(INSTALL_DATA) \
$(PKG_INSTALL_DIR)/etc/unbound/unbound.conf \
$(PKG_INSTALL_DIR)/var/lib/unbound/unbound.conf \
$(1)/etc/unbound/unbound.conf
$(INSTALL_DATA) ./files/root.key $(1)/etc/unbound/root.key
$(INSTALL_DATA) ./files/unbound_ext.conf $(1)/etc/unbound/unbound_ext.conf

3
net/unbound/files/defaults.sh
View File

@ -41,6 +41,7 @@ UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt
UB_RKEY_FILE=$UB_VARDIR/root.key
UB_RHINT_FILE=$UB_VARDIR/root.hints
UB_TIME_FILE=$UB_VARDIR/hotplug.time
UB_SKIP_FILE=$UB_VARDIR/skip.time
# control app keys
UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key
@ -50,7 +51,7 @@ UB_SRVPEM_FILE=$UB_VARDIR/unbound_server.pem
# similar default SOA / NS RR as Unbound uses for private ARPA zones
UB_XSER=$(( $( date +%s ) / 60 ))
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 600"
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300"
UB_XNS="7200 IN NS localhost."
UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\""
UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\""

1
net/unbound/files/dnsmasq.sh
View File

@ -206,6 +206,7 @@ dnsmasq_local_arpa() {
dnsmasq_inactive() {
local record
if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then
# Parasite from the uci.dhcp.domain clauses
DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN"

4
net/unbound/files/odhcpd.sh
View File

@ -43,8 +43,8 @@ odhcpd_zonedata() {
local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile )
if [ -f "$UB_TIME_FILE" -a "$dhcp_link" = "odhcpd" \
-a -f "$dhcp_origin" -a -n "$dhcp_domain" ] ; then
if [ -f "$UB_TOTAL_CONF" -a -f "$dhcp_origin" \
-a "$dhcp_link" = "odhcpd" -a -n "$dhcp_domain" ] ; then
# Capture the lease file which could be changing often
sort $dhcp_origin > $dhcp_ls_new

23
net/unbound/files/unbound.init
View File

@ -54,22 +54,31 @@ stop_service() {
##############################################################################
service_triggers() {
local trigger
local legacy=$( uci_get unbound.@unbound[0].trigger )
local triggers=$( uci_get unbound.@unbound[0].trigger_interface )
local trigger="$triggers $legacy"
triggers="$triggers $legacy"
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound"
. /usr/lib/unbound/defaults.sh
if [ ! -f "$UB_TOTAL_CONF" -o -n "$UB_BOOT" ] ; then
# Unbound is can be a bit heavy, so wait some on first start but any
# interface coming up affects the trigger and delay so guarantee start
procd_add_raw_trigger "interface.*.up" 5000 /etc/init.d/unbound restart
elif [ -n "$triggers" ] ; then
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound" "dhcp"
if [ -n "$triggers" ] ; then
for trigger in $triggers ; do
# due to some netifd/procd interactions with IP6, limit interfaces
# User selected triggers to restart at any other time
procd_add_reload_interface_trigger "$trigger"
done
else
procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/unbound reload
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound" "dhcp"
fi
}

353
net/unbound/files/unbound.sh
View File

@ -61,6 +61,9 @@ UB_TXT_HOSTNAME=thisrouter
##############################################################################
# reset as a combo with UB_B_NTP_BOOT and some time stamp files
UB_B_READY=1
# keep track of assignments during inserted resource records
UB_LIST_NETW_ALL=""
UB_LIST_NETW_LAN=""
@ -219,7 +222,7 @@ unbound_mkdir() {
# Debian-like package dns-root-data
cp -p /usr/share/dns/root.hints $UB_RHINT_FILE
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default root hints (built in root-servers.net)"
fi
fi
@ -233,7 +236,7 @@ unbound_mkdir() {
elif [ -x $UB_ANCHOR ] ; then
$UB_ANCHOR -a $UB_RKEY_FILE
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default trust anchor (built in root DS record)"
fi
fi
@ -285,9 +288,21 @@ unbound_mkdir() {
fi
if [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
# time is considered okay on this device (skip /etc/hotplug/ntpd/unbound)
if [ -f "$UB_TIME_FILE" ] ; then
# NTP is done so its like you actually had an RTC
UB_B_READY=1
UB_B_NTP_BOOT=0
elif [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
# time is considered okay on this device (ignore /etc/hotplug/ntpd/unbound)
date -Is > $UB_TIME_FILE
UB_B_READY=0
UB_B_NTP_BOOT=0
else
# DNSSEC-TIME will not reconcile
UB_B_READY=0
UB_B_NTP_BOOT=1
fi
}
@ -407,8 +422,8 @@ unbound_zone() {
case $zone_type in
auth_zone)
if [ -n "$UB_LIST_ZONE_NAMES" ] \
&& [ -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" ] ; then
if [ -n "$UB_LIST_ZONE_NAMES" \
-a \( -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" \) ] ; then
for zone_name in $UB_LIST_ZONE_NAMES ; do
if [ "$zone_name" = "." ] ; then
zone_sym=.
@ -626,7 +641,7 @@ unbound_conf() {
;;
*)
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default protocol configuration"
fi
@ -686,7 +701,7 @@ unbound_conf() {
echo
} >> $UB_CORE_CONF
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default memory configuration"
fi
@ -696,7 +711,7 @@ unbound_conf() {
if [ "$UB_B_DNSSEC" -gt 0 ] ; then
if [ ! -f "$UB_TIME_FILE" -a "$UB_B_NTP_BOOT" -gt 0 ] ; then
if [ "$UB_B_NTP_BOOT" -gt 0 ] ; then
# DNSSEC chicken and egg with getting NTP time
echo " val-override-date: -1" >> $UB_CORE_CONF
fi
@ -777,7 +792,7 @@ unbound_conf() {
;;
*)
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default recursion configuration"
fi
;;
@ -898,8 +913,8 @@ unbound_hostname() {
echo
} >> $UB_HOST_CONF
elif [ -n "$UB_TXT_DOMAIN" ] \
&& [ "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 ] ; then
elif [ -n "$UB_TXT_DOMAIN" \
-a \( "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 \) ] ; then
case "$UB_D_DOMAIN_TYPE" in
deny|inform_deny|refuse|static)
{
@ -947,180 +962,178 @@ unbound_hostname() {
} >> $UB_HOST_CONF
if [ -f "$UB_TIME_FILE" ] ; then
if [ -n "$UB_LIST_NETW_WAN" ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifarpa=$( host_ptr_any "$ifaddr" )
if [ -n "$UB_LIST_NETW_WAN" ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifarpa=$( host_ptr_any "$ifaddr" )
if [ -n "$ifarpa" ] ; then
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
{
# Create a static zone for WAN host record only (singular)
echo " domain-insecure: $ifarpa"
echo " private-address: $ifaddr"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_MTXT'"
echo
} >> $UB_HOST_CONF
if [ -n "$ifarpa" ] ; then
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
{
# Create a static zone for WAN host record only (singular)
echo " domain-insecure: $ifarpa"
echo " private-address: $ifaddr"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_MTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -gt 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
elif [ "$zonetype" -gt 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
done
fi
fi
done
fi
if [ -n "$UB_LIST_NETW_LAN" ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
if [ -n "$UB_LIST_NETW_LAN" ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
if [ -n "$ifarpa" ] ; then
if [ "$zonetype" -eq 2 ] ; then
{
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
echo " domain-insecure: $ifarpa"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_XTXT'"
echo
} >> $UB_HOST_CONF
if [ -n "$ifarpa" ] ; then
if [ "$zonetype" -eq 2 ] ; then
{
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
echo " domain-insecure: $ifarpa"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_XTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
done
fi
fi
done
fi
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
ulaprefix=${ulaprefix%%:/*}
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
ulaprefix=${ulaprefix%%:/*}
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
if [ -z "$ulaprefix" ] ; then
# Nonsense so this option isn't globbed below
ulaprefix="fdno:such:addr::"
fi
if [ -z "$ulaprefix" ] ; then
# Nonsense so this option isn't globbed below
ulaprefix="fdno:such:addr::"
fi
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
;;
esac
done
echo >> $UB_HOST_CONF
done
fi
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
esac
done
echo >> $UB_HOST_CONF
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
;;
esac
done
fi
fi # end if time file
echo >> $UB_HOST_CONF
done
fi
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
;;
esac
done
echo >> $UB_HOST_CONF
done
fi
fi # end if uci valid
}
@ -1178,7 +1191,7 @@ unbound_uci() {
UB_D_DHCP_LINK=dnsmasq
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "Please use 'dhcp_link' selector instead"
fi
fi
@ -1193,7 +1206,7 @@ unbound_uci() {
fi
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
logger -t unbound -s "cannot forward to dnsmasq"
fi
fi
@ -1207,7 +1220,7 @@ unbound_uci() {
fi
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
logger -t unbound -s "cannot receive records from odhcpd"
fi
fi
@ -1220,8 +1233,8 @@ unbound_uci() {
fi
if [ "$UB_N_RX_PORT" -ne 53 ] \
&& [ "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" ] ; then
if [ "$UB_N_RX_PORT" -ne 53 \
-a \( "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" \) ] ; then
logger -t unbound -s "privileged port or in 5 digits, using default"
UB_N_RX_PORT=53
fi
@ -1264,7 +1277,7 @@ unbound_include() {
fi
if [ -f "$UB_TIME_FILE" -a -f "$UB_DHCP_CONF" ] ; then
if [ -f "$UB_DHCP_CONF" ] ; then
{
# Seed DHCP records because dhcp scripts trigger externally
# Incremental Unbound restarts may drop unbound-control records
@ -1274,8 +1287,8 @@ unbound_include() {
fi
if [ ! -f "$UB_TIME_FILE" -o -z "$adb_files" \
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
if [ -z "$adb_files" \
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
adb_enabled=0
elif /etc/init.d/adblock enabled ; then