<div>Thanks for your answers.<br></div><div><br></div><blockquote><div>is it enough to:<br></div><div><br></div><div>% cd /test/unbound<br></div><div>% sudo chown -Rh unbound:unbound .<br></div><div><br></div><div>Then try to start it again?<br></div></blockquote><div><br></div><div>Unfortunately no. Like i wrote in my question, the installation folder is already owned by the user "test_unbound" wich also set in the config.<br></div><div><br></div><blockquote><div>FWIW all the systems I run that create pidfiles, either put them in
<br></div><div><br></div><div>/var/run
<br></div><div><br></div><div>or
<br></div><div><br></div><div>/tmp<br></div></blockquote><div><br></div><div>If i use this directories the error turns to "Read-only file system".<br></div><div>I already thought, that the permission-error is not a "real" permission thing, but a specific option in the service-file which is unlikely causing the restriction.<br></div><div><br></div><div>That also confirms by the fact that if i manually start with "sudo sbin/unbound -d -vvvv" the output is:<br></div><div><br></div><div>===================================<br></div><div>[1641309759] unbound[10544:0] notice: Start of unbound 1.14.0.<br></div><div>[1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53<br></div><div>[1641309759] unbound[10544:0] debug: chdir to /test/unbound<br></div><div>[1641309759] unbound[10544:0] debug: chroot to /test/unbound<br></div><div>[1641309759] unbound[10544:0] debug: drop user privileges, run as test_unbound<br></div><div>[1641309759] unbound[10544:0] debug: switching log to /test/unbound/log.log<br></div><div>===================================<br></div><div><br></div><div>while the output (systemctl status unbound) from the start via the service-file is:<br></div><div><br></div><div>===================================<br></div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53<br></div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating udp4 socket 127.0.0.1 53</div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53</div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating udp4 socket 127.0.0.1 53</div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53</div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] error: cannot open pidfile /test/unbound/unbound.pid: Permission denied</div><div>Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: chdir to /test/unbound</div><div>===================================<br></div><div><br></div><div>I shall look what exactly each of the options in the service-file means...<br></div><div></div>