From 32f808fcfad58c226ed17b729e55fdbf8b0d25ac Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Tue, 7 Apr 2015 12:03:05 +0000 Subject: [PATCH] - Unbound exits with a fatal error when the auto-trust-anchor-file fails to be writable. This is seconds after startup. You can load a readonly auto-trust-anchor-file with trust-anchor-file. The file has to be writable to notice the trust anchor change, without it, a trust anchor change will be unnoticed and the system will then become unoperable. git-svn-id: file:///svn/unbound/trunk@3387 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 6 ++++++ validator/autotrust.c | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/doc/Changelog b/doc/Changelog index cfde10135..e0dd8f96b 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,11 @@ 7 April 2015: Wouter - Libunbound skips dos-line-endings from etc/hosts. + - Unbound exits with a fatal error when the auto-trust-anchor-file + fails to be writable. This is seconds after startup. You can + load a readonly auto-trust-anchor-file with trust-anchor-file. + The file has to be writable to notice the trust anchor change, + without it, a trust anchor change will be unnoticed and the system + will then become unoperable. 2 April 2015: Wouter - Fix #660: Fix interface-automatic broken in the presence of diff --git a/validator/autotrust.c b/validator/autotrust.c index bb5723468..d90eec9eb 100644 --- a/validator/autotrust.c +++ b/validator/autotrust.c @@ -1184,7 +1184,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp) verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf); out = fopen(tempf, "w"); if(!out) { - log_err("could not open autotrust file for writing, %s: %s", + fatal_exit("could not open autotrust file for writing, %s: %s", tempf, strerror(errno)); return; } @@ -1192,11 +1192,11 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp) /* failed to write contents (completely) */ fclose(out); unlink(tempf); - log_err("could not completely write: %s", fname); + fatal_exit("could not completely write: %s", fname); return; } if(fclose(out) != 0) { - log_err("could not complete write: %s: %s", + fatal_exit("could not complete write: %s: %s", fname, strerror(errno)); unlink(tempf); return; @@ -1207,7 +1207,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp) (void)unlink(fname); /* windows does not replace file with rename() */ #endif if(rename(tempf, fname) < 0) { - log_err("rename(%s to %s): %s", tempf, fname, strerror(errno)); + fatal_exit("rename(%s to %s): %s", tempf, fname, strerror(errno)); } } -- 2.47.2