[dns]
-AUTOSTART = YES
+AUTOSTART = @AUTOSTART@
HOSTNAME = localhost
-HOME = $SERVICEHOME
-CONFIG = $DEFAULTCONFIG
BINARY = gnunet-service-dns
-UNIXPATH = /tmp/gnunet-service-dns.sock
-
+UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-dns.sock
+@UNIXONLY@ PORT = 2122
# Access to this service can compromise all DNS queries in this
# system. Thus access should be restricted to the same UID.
# (see https://gnunet.org/gnunet-access-control-model)
UNIX_MATCH_UID = YES
UNIX_MATCH_GID = YES
-# As there is no sufficiently restrictive access control for TCP,
+# As there is no sufficiently restrictive access control for TCP,
# we never use it, even if @UNIXONLY@ is not set (just to be safe)
@UNIXONLY@ PORT = 0
-# This option should be set to YES to allow the DNS service to
-# perform lookups against the locally configured DNS resolver.
-# (set to "NO" if no normal ISP is locally available and thus
-# requests for normal ".com"/".org"/etc. must be routed via
-# the GNUnet VPN (the GNUNET PT daemon then needs to be configured
-# to intercept and route DNS queries via mesh).
-PROVIDE_EXIT = YES
-
# Name of the virtual interface we use to intercept DNS traffic.
IFNAME = gnunet-dns
# of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely
# NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known
# public DNS resolver or your ISP's resolver from /etc/resolv.conf.
-# DNS_EXIT = 8.8.8.8
+DNS_EXIT = 8.8.8.8