Comment 3 for bug 498359

I was thinking that the script unbound-control-setup could be called by the postinst script. As unbound-control-setup generates a few certificate files required to use unbound-control it would simplify the setup procedure. That way to make unbound-control work the user would only need to add this to unbound.conf :

remote-control:
    control-enable: yes

The file generated by unbound-control-setup have those permissions :

-rw-r----- 1 root unbound 887 Dec 18 17:30 unbound_control.key
-rw-r----- 1 root unbound 627 Dec 18 17:30 unbound_control.pem
-rw-r----- 1 root unbound 887 Dec 18 17:30 unbound_server.key
-rw-r----- 1 root unbound 619 Dec 18 17:30 unbound_server.pem