Actions
Bug #15996
closed
pfBlockerNG can clobber unbound file permissions
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
25.03
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
To reproduce:
- Use a ZFS system.
- Install pfBlockerNG-devel and set it up DNSBL in Unbound python mode.
- Set up a RAM Disk; reboot.
- Upgrade the system, e.g. from 24.11 to dev snapshots
- After booting into the upgraded BE, Unbound may fail to start and
/var/unboundmay be set to a file, or a directory with incorrect permissions:
ls -lha /var/unbound total 8226 drwxr-xr-x 3 root wheel 640B Jan 16 20:14 . drwxr-xr-t 16 root wheel 896B Jan 16 19:26 .. -rw-r--r-- 1 root wheel 3.3K Jan 16 20:00 dnsbl_cert.pem -rw-r--r-- 1 root wheel 1.4K Jan 16 20:00 pfb_dnsbl_lighty.conf -rw-r--r-- 1 root wheel 6B Jan 16 20:00 pfb_py_count -rw-r--r-- 1 root wheel 2.1M Jan 16 20:00 pfb_py_data.txt -rw-r--r-- 1 unbound unbound 8.0K Jan 16 20:00 pfb_py_dnsbl.sqlite -rw-r--r-- 1 unbound unbound 12K Jan 16 20:14 pfb_py_resolver.sqlite -rw-r--r-- 1 root wheel 0B Jan 16 20:00 pfb_py_whitelist.txt -rw-r--r-- 1 root wheel 1.9M Jan 16 20:00 pfb_py_zone.txt -rw-r--r-- 1 root wheel 359B Jan 16 20:00 pfb_unbound.ini drwxr-xr-x 3 root wheel 64B Jan 16 19:00 usr
Updated by
Actions