dnstap error: could not open dnstap-socket-path

DECROIX Anthony (EXT) anthony.decroix-ext at socgen.com
Mon Oct 14 08:27:09 UTC 2019 

Hello guys,

I'm posting a message because I lost few hours to try to configure and use dnstap without positive success.

I compiled unbound with no issues.
I installed all the dependencies to perform the unbound compilation with dnstap option (protocol buffer, fstrm...)

I used the following configure command:


./configure --prefix=/etc/unbound/unbound-1.9.4 --enable-dnstap --with-pthreads

make

make install



Then I created the unbound user, because if I have well understood, unbound try to run the daemon automatically with this user.



My unbound.conf.options content:


remote-control:
  control-enable: yes
  control-interface: 0.0.0.0
  control-port: 8953

server:
  access-control: 0.0.0.0/0 allow
  interface: 0.0.0.0
  hide-identity: yes
  hide-version: yes
  prefetch: yes
  rrset-roundrobin: yes
  minimal-responses: no
  serve-expired: yes
  use-syslog: yes
  logfile: "/var/log/unbound/unbound.log"

dnstap:
    dnstap-enable: yes
    dnstap-socket-path: "/var/log/unbound/unbound-dnstap.sock"
    dnstap-send-identity: yes
    dnstap-send-version: yes
    dnstap-log-client-query-messages: yes
    dnstap-log-client-response-messages: yes
    dnstap-log-forwarder-query-messages: yes
    dnstap-log-forwarder-response-messages: yes
    dnstap-log-resolver-query-messages: yes
    dnstap-log-resolver-response-messages: yes



Note that the /var/log/unbound folder has the good right with unbound user as owner and group.



Then, before to start the unbound service, I run the fstrm socket with the command below:


sudo -u unbound /usr/local/bin/fstrm_capture -t protobuf:dnstap.Dnstap -u /var/log/unbound/unbound-dnstap.sock -w /var/log/unbound/unbound.dnstap
fstrm_capture: opening Unix socket path /var/log/unbound/unbound-dnstap.sock
fstrm_capture: opened output file /var/log/unbound/unbound.dnstap


And seems OK when I check with netstat command:

unix  2      [ ACC ]     STREAM     LISTENING     17808855 /var/log/unbound/unbound-dnstap.sock



Finally, when I start the unbound daemon, I have the warning related to dnstap socket below:


Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] warning: could not open dnstap-socket-path: /var/log/unbound/unbound-dnstap.sock, No such file or directory
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap identity field set to "ddnflxbuild001"
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap version field set to "unbound 1.9.4"
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/RESOLVER_QUERY enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/RESOLVER_RESPONSE enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/CLIENT_QUERY enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/CLIENT_RESPONSE enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/FORWARDER_QUERY enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] notice: dnstap Message/FORWARDER_RESPONSE enabled
Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151] unbound[70926:0] info: start of service (unbound 1.9.4).

I tried another folder like the same where unbound is installed. No more better result and I have no more ideas...

Also, please note that I configured Bind with dnstap on the same machine and it works well.

Thanks a lot for your help.


=========================================================

Ce message et toutes les pieces jointes (ci-apres le "message")
sont confidentiels et susceptibles de contenir des informations
couvertes par le secret professionnel. Ce message est etabli
a l'intention exclusive de ses destinataires. Toute utilisation
ou diffusion non autorisee interdite.
Tout message electronique est susceptible d'alteration. La SOCIETE GENERALE
et ses filiales declinent toute responsabilite au titre de ce message
s'il a ete altere, deforme falsifie.

=========================================================

This message and any attachments (the "message") are confidential,
intended solely for the addresses, and may contain legally privileged
information. Any unauthorized use or dissemination is prohibited.
E-mails are susceptible to alteration. Neither SOCIETE GENERALE nor any
of its subsidiaries or affiliates shall be liable for the message
if altered, changed or falsified.

=========================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20191014/0f70e62e/attachment.htm>

More information about the Unbound-users mailing list