unbound: Make dhcp-leases.conf readable for everyone

unbound runs as nobody and cannot reload its configuration when this file is only readable for root. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2026-04-09 18:45:54 +02:00 · 2020-01-13 21:43:27 +01:00
parent 04b7a78140
commit 7be4822f3d
2 changed files with 7 additions and 0 deletions
--- a/config/unbound/unbound-dhcp-leases-bridge
+++ b/config/unbound/unbound-dhcp-leases-bridge
@@ -28,6 +28,7 @@ import logging.handlers
 import os
 import re
 import signal
+import stat
 import subprocess
 import tempfile

@@ -528,6 +529,9 @@ class UnboundConfigWriter(object):
 				for rr in l.rrset:
 					f.write("local-data: \"%s\"\n" % " ".join(rr))

+			# Make file readable for everyone
+			os.fchmod(f.fileno(), stat.S_IRUSR|stat.S_IWUSR|stat.S_IRGRP|stat.S_IROTH)
+
 		os.rename(filename, self.path)

 	def _control(self, *args):
--- a/src/scripts/convert-dns-settings
+++ b/src/scripts/convert-dns-settings
@@ -87,6 +87,9 @@ main() {

 	# Set correct ownership.
 	chown nobody:nobody /var/ipfire/dns/servers
+
+	# Make DHCP leases readable for nobody
+	chown 644 /etc/unbound/dhcp-leases.conf
 }

 main "$@" || exit $?