003 File Manager
Current Path:
/usr/src/contrib/unbound/contrib
usr
/
src
/
contrib
/
unbound
/
contrib
/
📁
..
📄
README
(3.49 KB)
📄
aaaa-filter-iterator.patch
(14.98 KB)
📁
android
📄
build-unbound-localzone-from-hosts.pl
(1.18 KB)
📄
create_unbound_ad_servers.cmd
(1.1 KB)
📄
create_unbound_ad_servers.sh
(1.02 KB)
📄
drop-tld.diff
(3.13 KB)
📄
drop2rpz
(1009 B)
📄
fastrpz.patch
(106.8 KB)
📁
ios
📄
libunbound.pc.in
(416 B)
📄
libunbound.so.conf
(2.03 KB)
📄
metrics.awk
(10.13 KB)
📄
parseunbound.pl
(5.58 KB)
📄
patch_rsamd5_enable.diff
(542 B)
📄
rc_d_unbound
(586 B)
📄
redirect-bogus.patch
(12.57 KB)
📁
selinux
📄
unbound-fuzzers.tar.bz2
(1.61 KB)
📄
unbound-fuzzme.patch
(6.43 KB)
📄
unbound-host.nagios.patch
(3.17 KB)
📄
unbound-querycachedb.py
(2.71 KB)
📄
unbound.init
(3.45 KB)
📄
unbound.init_fedora
(2.77 KB)
📄
unbound.plist
(926 B)
📄
unbound.service.in
(3.43 KB)
📄
unbound.socket.in
(142 B)
📄
unbound.spec
(3.79 KB)
📄
unbound.spec_fedora
(14.83 KB)
📄
unbound_cache.cmd
(2.56 KB)
📄
unbound_cache.sh
(3.38 KB)
📄
unbound_cacti.tar.gz
(71.5 KB)
📄
unbound_munin_
(17.57 KB)
📄
unbound_portable.service.in
(1.38 KB)
📄
unbound_smf23.tar.gz
(4.54 KB)
📄
update-anchor.sh
(4.25 KB)
📄
validation-reporter.sh
(2.27 KB)
📄
warmup.cmd
(2.47 KB)
📄
warmup.sh
(2.13 KB)
Editing: unbound.service.in
; For further details about the directives used in this unit file, including ; the below, please refer to systemd's official documentation, available at ; https://www.freedesktop.org/software/systemd/man/systemd.exec.html. ; ; ; - `ProtectSystem=strict` implies we mount the entire file system hierarchy ; read-only for the processes invoked by the unit except for the API file ; system subtrees /dev, /proc and /sys (which are protected by ; PrivateDevices=, ProtectKernelTunables=, ProtectControlGroups=). ; ; - `PrivateTmp=yes` secures access to temporary files of the process, and ; makes sharing between processes via /tmp or /var/tmp impossible. ; ; - `ProtectHome=yes` makes the directories /home, /root, and /run/user ; inaccessible and empty for processes invoked by the unit. ; ; - `ProtectControlGroups=yes` makes the Linux Control Groups hierarchies ; (accessible through /sys/fs/cgroup) read-only to all processes invoked by ; the unit. It also implies `MountAPIVFS=yes`. ; ; - `RuntimeDirectory=unbound` creates a /run/unbound directory, owned by the ; unit User and Group with read-write permissions (0755) as soon as the ; unit starts. This allows unbound to store its pidfile. The directory and ; its content are automatically removed by systemd when the unit stops. ; ; - `NoNewPrivileges=yes` ensures that the service process and all its ; children can never gain new privileges through execve(). ; ; - `RestrictSUIDSGID=yes` ensures that any attempts to set the set-user-ID ; (SUID) or set-group-ID (SGID) bits on files or directories will be denied. ; ; - `RestrictRealTime=yes` ensures that any attempts to enable realtime ; scheduling in a process invoked by the unit will be denied. ; ; - `RestrictNamespaces=yes` ensures that access to any kind of namespacing ; is prohibited. ; ; - `LockPersonality=yes` locks down the personality system call so that the ; kernel execution domain may not be changed from the default. ; ; [Unit] Description=Validating, recursive, and caching DNS resolver Documentation=man:unbound(8) After=network-online.target Before=nss-lookup.target Wants=network-online.target nss-lookup.target [Install] WantedBy=multi-user.target [Service] ExecReload=+/bin/kill -HUP $MAINPID ExecStart=@UNBOUND_SBIN_DIR@/unbound -d -p NotifyAccess=main Type=notify CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_SYS_RESOURCE CAP_NET_RAW MemoryDenyWriteExecute=true NoNewPrivileges=true PrivateDevices=true PrivateTmp=true ProtectHome=true ProtectControlGroups=true ProtectKernelModules=true ProtectSystem=strict RuntimeDirectory=unbound ConfigurationDirectory=unbound StateDirectory=unbound RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX RestrictRealtime=true SystemCallArchitectures=native SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module mount @obsolete @resources RestrictNamespaces=yes LockPersonality=yes RestrictSUIDSGID=yes ReadWritePaths=@UNBOUND_RUN_DIR@ @UNBOUND_CHROOT_DIR@ # Below rules are needed when chroot is enabled (usually it's enabled by default). # If chroot is disabled like chroot: "" then they may be safely removed. TemporaryFileSystem=@UNBOUND_CHROOT_DIR@/dev:ro TemporaryFileSystem=@UNBOUND_CHROOT_DIR@/run:ro BindReadOnlyPaths=-/run/systemd/notify:@UNBOUND_CHROOT_DIR@/run/systemd/notify BindReadOnlyPaths=-/dev/urandom:@UNBOUND_CHROOT_DIR@/dev/urandom BindPaths=-/dev/log:@UNBOUND_CHROOT_DIR@/dev/log
Upload File
Create Folder