Control: tag -1 + confirmed On Tue, 13 Jul 2021 01:11:30 +0000 laalaa laalaa <dbpa...@hotmail.com> wrote:
Package: unbound Version: 1.13.1-1 Severity: normal After upgrade from buster to bullseye with same config file, port 127.0.0.1:8953 was additionally listened for.From man page, this is "remote-control" port and the default "control-enable" is "no". When adding extra config section "remote-control" as below, the listening port 127.0.0.1:8953 was gone. remote-control: control-enable: no server: ... The default setting from man page and the observing behavior mismatch.
This is due to a debian-specific patch, debian/patches/0001-Enable-remote-control-by-default.patch, which turns on the default value for remote-control (but does not touch the manpage). This is done as a fix for #923314 "systemctl reload unbound broken.." - but there were 2 changes in there actually, one was to switch from unbound-control reload to sending a SIGHUP, and another was to enable remote-control by default. Either of the two should be sufficient to fix #923314. But I think the second change - switching remote-control to on by default - is not a justified change from upstream here. It is not turned on by default upstream, and upstream documentation says it is not enabled by default, too (and even on Debian we forgot to fix the manpage together with this change). To me it looks like we should flip the default back to the default and remove this patch. Thanks, /mjt
