Unable to read / write : permission denied

dy1977 at orange.fr dy1977 at orange.fr
Mon Nov 9 12:37:19 UTC 2020


Thanks for the answer, George,

In the models given for python scripts, this question was mentioned and 
for this reason, my configuration contains chroot: "":

  # python scripts are not compatible with chroot
     chroot: ""
     module-config: "validator python iterator"

python:
     python-script: "/usr/lib/idefix/unbound-filter.py"

  The python script is correctly read, but when it wants to read a file, 
it is not possible, access denied.

I stopped the apparmor service, but this did not change the situation.

Thanks

Dysmas



Le 09/11/2020 à 13:00, unbound-users-request at lists.nlnetlabs.nl a écrit :
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 8 Nov 2020 20:51:01 +0100
> From: dy1977 at orange.fr
> Cc: unbound-users at nlnetlabs.nl
> Subject: Unable to read / write : permission denied
> Message-ID: <72d15488-71cd-a12c-69d0-979bd9a34ccd at orange.fr>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> Hello,
>
> I have used Unbound on several machines. I just installed my normal
> configuration on an APU2 with Debian Buster.
>
> Unbound is unable to open the log file, although it is set to
> unbound|unbound 777 (for test) : permission denied
> It can read the configuration files in /etc/unbound and
> /etc/unbound/unbound.conf.d, but not elsewhere (in /etc/idefix)? :
> permission denied
>
> The python script is unable to read /proc/net/arp, although any user car
> read this pseudo file.
>
> Is there any reason inside Unbound which can explain that, or does it
> surely come from some external component ?
>
> I see apparmor is not configured for any program.
>
> Thanks if you have ideas.
>
> Dysmas
>
>
> Message: 4
> Date: Mon, 9 Nov 2020 11:25:48 +0100
> From: George Thessalonikefs<george at nlnetlabs.nl>
> To:unbound-users at lists.nlnetlabs.nl
> Subject: Re: Unable to read / write : permission denied
> Message-ID:<ae50982a-d3d3-74bb-3746-43124ef4fc86 at nlnetlabs.nl>
> Content-Type: text/plain; charset=utf-8; format=flowed
>
> Hi Dysmas,
>
> Maybe the `chroot:` option is set in your configuration file?
> If that is so, you would either need to make the files you want to
> access available inside the chroot, or disable the feature with `chroot:
> ""`.
>
> Best regards,
> -- George

-- 
L'absence de virus dans ce courrier électronique a été vérifiée par le logiciel antivirus Avast.
https://www.avast.com/antivirus



More information about the Unbound-users mailing list