Unbound log not created

Dysmas · February 14, 2023, 5:40pm

I installed Openwrt in a lxd container, and I installed Unbound.
Unbound runs fine, as indicated by logread. But there is no log of its activity.
Worse : I cannot configure it in the normal way (/etc/unbound), because it seems to use /var/lib/unbound/unbound.conf, and it overwrites my changes in this file at each start of the daemon

Where can I disable this strange behaviour, so that I can make tests to understand the log problem ?

I need also to have my own configuration, generated by my scripts, and I do not want to use the web interface.

anomeome · February 14, 2023, 5:43pm

readme

lleachii · February 14, 2023, 5:45pm

Is there a config file located at /etc/config/unbound

(That's the normal way in OpenWrt.)

Dysmas · February 14, 2023, 6:18pm

Thanks for the reference. It will help to understand how the configuration works. Unfortunately there is nothing which explains the lack of log file (or log data in logread).

Dysmas · February 14, 2023, 6:25pm

Yes, there is a config file here, but it is surely a config file for the gui, it is not in the normal format of unbound configuration file which I find in /etc/unbound/ after installation. My configuration is generated by a different process and it must continue like that. But I will study more closely the link given above.
Thanks

lleachii · February 14, 2023, 6:28pm

No, it's for the Unified Configuration Interface (UCI). The web GUI uses the UCI. You can also edit UCI via command prompt (and also via the files themselves).

This is why you're having that issue. Use /etc/config/unbound

Makes sense.

Dysmas · February 14, 2023, 6:51pm

Well, there are two files which allow to add personal configurations. I think the problem can be solved.
But it is difficult without the log and I cannot understand why it does not work, even with the default configuration which sets directory to /var/lib/unbound, as expected from the readme file.

lleachii · February 14, 2023, 7:02pm

???

Do you mean this?

The UCI also provides an escape option and works at the raw unbound.conf level.

Dysmas · February 14, 2023, 7:19pm

No I mean this (from the readme) :

Hybrid Manual/UCI

You like the UCI. Yet, you need to add some difficult to standardize options, or just are not ready to make a UCI request yet. The files /etc/unbound/unbound_srv.conf and /etc/unbound/unbound_ext.conf will be copied to Unbounds chroot directory and included during auto generation.

The file unbound_srv.conf will be added into the server: clause. The file unbound_ext.conf will be added to the end of all configuration. It is for extended forward-zone:, stub-zone:, auth-zone:, and view: clauses. You can also disable unbound-control in the UCI which only allows "localhost" connections unencrypted, and then add an encrypted remote control: clause.

Dysmas · February 14, 2023, 7:24pm

It is also possible to disable UCI for unbound :

/etc/config/unbound:

config unbound
  option manual_conf '1'
  option root_age '9'
  # end

lleachii · February 14, 2023, 7:30pm

This is what I was referencing. Did it work for you?

Dysmas · February 14, 2023, 7:33pm

Yes I think it works, because now unbound does not start, which I expected, because there are certainly some configuration to modify in the new environment, and my configuration is probably invalid. But without any log message about the errors it is difficult to find what is wrong.
I am still trying to understand. Thanks for your interest