dnstap error: could not open dnstap-socket-path

George Thessalonikefs george at nlnetlabs.nl
Mon Oct 14 09:38:06 UTC 2019 

Hi Anthony,

This seems like a chroot issue.
By default unbound will run in a chrooted environment.
You have 3 options:
1. Disable it if you don't need it with
	chroot: ""
2. Bind mount the `/var/log/unbound/` directory in the chrooted environment
3. Create the socket inside the chroot.

`man unbound.conf` lists the default location of the chroot.

Best regards,
-- George

On 14/10/2019 10:27, DECROIX Anthony (EXT) via Unbound-users wrote:
> Hello guys,
> 
>  
> 
> I’m posting a message because I lost few hours to try to configure and
> use dnstap without positive success.
> 
>  
> 
> I compiled unbound with no issues.
> 
> I installed all the dependencies to perform the unbound compilation with
> dnstap option (protocol buffer, fstrm…)
> 
>  
> 
> I used the following configure command:
> 
>  
> 
> ./configure --prefix=/etc/unbound/unbound-1.9.4 --enable-dnstap
> --with-pthreads
> 
> make
> 
> make install
> 
>  
> 
> Then I created the unbound user, because if I have well understood,
> unbound try to run the daemon automatically with this user.
> 
>  
> 
> My unbound.conf.options content:
> 
>  
> 
> remote-control:
> 
>   control-enable: yes
> 
>   control-interface: 0.0.0.0
> 
>   control-port: 8953
> 
>  
> 
> server:
> 
>   access-control: 0.0.0.0/0 allow
> 
>   interface: 0.0.0.0
> 
>   hide-identity: yes
> 
>   hide-version: yes
> 
>   prefetch: yes
> 
>   rrset-roundrobin: yes
> 
>   minimal-responses: no
> 
>   serve-expired: yes
> 
>   use-syslog: yes
> 
>   logfile: "/var/log/unbound/unbound.log"
> 
>  
> 
> dnstap:
> 
>     dnstap-enable: yes
> 
>     dnstap-socket-path: "/var/log/unbound/unbound-dnstap.sock"
> 
>     dnstap-send-identity: yes
> 
>     dnstap-send-version: yes
> 
>     dnstap-log-client-query-messages: yes
> 
>     dnstap-log-client-response-messages: yes
> 
>     dnstap-log-forwarder-query-messages: yes
> 
>     dnstap-log-forwarder-response-messages: yes
> 
>     dnstap-log-resolver-query-messages: yes
> 
>     dnstap-log-resolver-response-messages: yes
> 
>  
> 
> Note that the /var/log/unbound folder has the good right with unbound
> user as owner and group.
> 
>  
> 
> Then, before to start the unbound service, I run the fstrm socket with
> the command below:
> 
>  
> 
> sudo -u unbound /usr/local/bin/fstrm_capture -t protobuf:dnstap.Dnstap
> -u /var/log/unbound/unbound-dnstap.sock -w /var/log/unbound/unbound.dnstap
> 
> fstrm_capture: opening Unix socket path /var/log/unbound/unbound-dnstap.sock
> 
> fstrm_capture: opened output file /var/log/unbound/unbound.dnstap
> 
>  
> 
> And seems OK when I check with netstat command:
> 
>  
> 
> unix  2      [ ACC ]     STREAM     LISTENING     17808855
> /var/log/unbound/unbound-dnstap.sock
> 
>  
> 
> Finally, when I start the unbound daemon, I have the warning related to
> dnstap socket below:
> 
>  
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] *warning: could not open dnstap-socket-path:
> /var/log/unbound/unbound-dnstap.sock, No such file or directory*
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap identity field set to "ddnflxbuild001"
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap version field set to "unbound 1.9.4"
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/RESOLVER_QUERY enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/RESOLVER_RESPONSE enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/CLIENT_QUERY enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/CLIENT_RESPONSE enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/FORWARDER_QUERY enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] notice: dnstap Message/FORWARDER_RESPONSE enabled
> 
> Oct 11 18:25:51 ddnflxbuild001 unbound[70926]: [1570811151]
> unbound[70926:0] info: start of service (unbound 1.9.4).
> 
>  
> 
> I tried another folder like the same where unbound is installed. No more
> better result and I have no more ideas…
> 
>  
> 
> Also, please note that I configured Bind with dnstap on the same machine
> and it works well.
> 
> / /
> 
> Thanks a lot for your help.
> 
>  
> 
>  
> 
> =========================================================
> 
> Ce message et toutes les pieces jointes (ci-apres le "message")
> sont confidentiels et susceptibles de contenir des informations
> couvertes par le secret professionnel. Ce message est etabli
> a l'intention exclusive de ses destinataires. Toute utilisation
> ou diffusion non autorisee interdite.
> Tout message electronique est susceptible d'alteration. La SOCIETE GENERALE
> et ses filiales declinent toute responsabilite au titre de ce message
> s'il a ete altere, deforme falsifie.
> 
> =========================================================
> 
> This message and any attachments (the "message") are confidential,
> intended solely for the addresses, and may contain legally privileged
> information. Any unauthorized use or dissemination is prohibited.
> E-mails are susceptible to alteration. Neither SOCIETE GENERALE nor any
> of its subsidiaries or affiliates shall be liable for the message
> if altered, changed or falsified.
> 
> =========================================================
>

More information about the Unbound-users mailing list