From 8b752e359ec2fdd7e9f6bb737c4506da19161676 Mon Sep 17 00:00:00 2001 From: Ralph Dolmans Date: Mon, 19 Aug 2019 13:27:19 +0200 Subject: [PATCH] - Document limitation of pidfile removal outside of chroot directory. --- doc/Changelog | 3 +++ doc/unbound.conf.5.in | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/Changelog b/doc/Changelog index 0ba7b9a38..2f8946346 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +19 August 2019: Ralph + - Document limitation of pidfile removal outside of chroot directory. + 16 August 2019: Wouter - Fix unittest valgrind false positive uninitialised value report, where if gcc 9.1.1 uses -O2 (but not -O1) then valgrind 3.15.0 diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 083a7c106..b1d8c7900 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -629,7 +629,9 @@ In the last case the path is adjusted to remove the unused portion. The pidfile can be either a relative path to the working directory, or an absolute path relative to the original root. It is written just prior to chroot and dropping permissions. This allows the pidfile to be -/var/run/unbound.pid and the chroot to be /var/unbound, for example. +/var/run/unbound.pid and the chroot to be /var/unbound, for example. Note that +Unbound is not able to remove the pidfile after termination when it is located +outside of the chroot directory. .IP Additionally, unbound may need to access /dev/random (for entropy) from inside the chroot. -- 2.47.3