Solved This file was generated by local-unbound-setup


I run a server who was automatically set up by OVH.
The /etc/rc.conf contains the line


There is no unbound_enable="YES" in the /etc/rc.conf, and the unbound service is not running.

(Edit: Well, actually, I don't know.

# service unbound status
Cannot 'status' unbound. Set unbound_enable to YES in /etc/rc.conf or use 'onestatus' instead of 'status'.


# ps aux | grep [NOPARSE][u][/NOPARSE]nbound
unbound 851 0.0 0.5 26028 9192 - Is 17:18 0:00.05 /usr/sbin/unbound -c /var/unbound/unbound.conf


The local_unbound service, on the other hand appears to be running.

I'd like to modify some settings for local_unbound, to allow the name server currently listening at to also listen on which is the address of the lo1 cloned interface (for my jails).
However, I don't see any config file anywhere that would allow me to change anything.
In all the config files that seem to be related to local_unbound, including the /var/unbound/unbound.conf file, I can read the line:

# This file was generated by local-unbound-setup.
# Modifications will be overwritten.

So what can I do?

Thanks for your help
I think I found the way to customize the set up.
I have to use the -C option of the local-unbound-setup script to pass a custom directory of custom conf files that will be added to the configuration generated by local-unbound-setup.

# local-unbound-setup -C /path/to/my/custom/directory/

I'll try that after dinner.
These changes would probably disappear after reboot, though.
It seems I managed to solve this by doing the following:

# mkdir /path/to/my-local-unbound-directory/

then create a /path/to/my-local-unbound-directory/unbound.conf file with the following content:

    access-control: allow
    access-control: allow

Then run

local-unbound-setup -C /path/to/my-local-unbound-directory/

After that

# host -t A has address has address has address

continues to work from the host, and now works also from inside the jail.
So I guess this shows that name resolution is now working from inside the jail.
Note there is a difference between local_unbound (/usr/sbin/unbound; part of the base OS) and unbound (/usr/local/sbin/unbound; the port dns/unbound). You seem to be confusing those two.
Yes, I see there are two distinct services that could be activated, either unbound or local_unbound. Thanks for pointing out that the binaries, though both called unbound, are actually distinct too. I didn't know that.

This problem is solved to me now. I'm still stuck with this one, though: