webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 19:55:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

dnsmasq: Enable DNSSEC timestamp feature

Browse Source 
This disables DNSSEC until the system clock has been set correctly.
There is a circular dependency on working DNS and being able to
resolve DNS records in order to reach a time server. Systems without
a RTC or empty RTC battery will start up with time way in the past
in which all DNSSEC signatures are invalid.
This commit is contained in:
Michael Tremer
2015-03-10 16:22:09 +01:00
parent 6f67121767
commit de7abd2cd5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/initscripts/init.d/dnsmasq
View File

@@ -26,7 +26,7 @@ SHOW_SRV=1
TRUST_ANCHOR=".,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5"
function dnssec_args() {
local cmdline="--dnssec"
local cmdline="--dnssec --dnssec-timestamp"
if [ -n "${TRUST_ANCHOR}" ]; then
cmdline="${cmdline} --trust-anchor=${TRUST_ANCHOR}"