getting Unbound started, keeping it going

Anand Buddhdev anandb at ripe.net
Tue May 22 07:18:35 UTC 2018


On 20/05/2018 23:16, Adam Gold via Unbound-users wrote:

Hi Adam,

> Here's my systemd:
> 
> [Unit]
> Description=Unbound DNS server
> Documentation=man:unbound(8)
> After=network.target
>  
> [Service]
> LimitNOFILE = 65536
> ExecStart = /usr/local/sbin/unbound -c /etc/unbound/unbound.conf
> ExecReload = /bin/kill -HUP $MAINPID
> User = unbound

^^^

This makes systemd switch to user "unbound" (non-privileged user)
*before* starting unbound, and so it cannot bind to port 53. Remove this
line so that systemd can start unbound can start as root and bind to
port 53. After that, unbound drops privileges by itself (as directed by
the "username" option in unbound.conf).

Regards,
Anand



More information about the Unbound-users mailing list