The status file was not updated when DNSSEC was disabled
before and has been enabled after which always caused
the webif to show that DNSSEC was disabled.
Fixes #11315
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
enable_dnssec() {
local status=$(unbound-control get_option val-permissive-mode)
- # Don't do anything if DNSSEC is already activated
- [ "${status}" = "no" ] && return 0
-
# Log DNSSEC status
echo "on" > /var/ipfire/red/dnssec-status
+ # Don't do anything if DNSSEC is already activated
+ [ "${status}" = "no" ] && return 0
+
# Activate DNSSEC and flush cache with any stale and unvalidated data
unbound-control -q set_option val-permissive-mode: no
unbound-control -q flush_zone .