error: cannot open zonefile No such file or directory
Unbound
unbound at tacomawireless.net
Tue Apr 13 16:56:36 UTC 2021
On 2021-04-13 03:01, George Thessalonikefs via Unbound-users wrote:
> Hi Mark,
>
> I don't understand the need for multiple `directory:` entries. `directory:`
> configures the working directory of the program, I don't see how there could
> be
> more than one.
>
> Maybe what you need is achieved with the `include:` directive where you can
> specify other configuration files to be included. Those files can then live
> in an
> organized directory structure. There is wildcard support to include all the
> contents from a given directory:
> include: /path/to/dir/*
>
> You can also use `include-toplevel:`. Read the manpage of unbound.conf right
> under
> the section "FILE FORMAT" to see how those two are meant to be used.
>
> Best regards,
> -- George
>
> On 12/04/2021 22:09, Mark Abram wrote:
>> Intead of chroot: "" I have specified chroot: /opt/var/lib, one level up.
>> This way unbound is contained under one directory.
>> My zone files will reside in /opt/var/lib/zones.
IF as is default, unbound is in a chroot(ed) directory. Everything below that
dir IS
available to unbound -- SO LONG -- as unbound has permission to READ those
directories.
Is it possible the directories were written by YOU, and, as a result, unbound
is not
permitted to read them?
In *BSD parlance, the following would correct that.
Assuming the user unbound is unbound:
# cd /opt/var/lib
# chown -Rh unbound:unbound .
After performing the equivalent command for YOUR OS. Simply restart unbound.
HTH
--Chris
>>
>> On that point, it would be great if unbound allows to specify multiple
>> entries for directory:
>> This is purely to organize files or user specific extensions to be
>> included in unbound.
>>
>>
>> Mark
>>
>> On Apr 12 2021, at 11:48 am, Mark Abram <marek.w.abram at gmail.com> wrote:
>>
>> Thanks George for the solution. It worked.
>>
>> Mark
>>
>> On Apr 12 2021, at 11:04 am, George Thessalonikefs via Unbound-users
>> <unbound-users at lists.nlnetlabs.nl> wrote:
>>
>> Hi Mark,
>>
>> I suppose you use the chroot option in your configuration file
>> (enabled
>> by default). That will prevent unbound from accessing files
>> outside the
>> configured chroot. Based on your policy you could:
>> - Disable chroot with chroot: "", or
>> - Bind mount the /opt/share/rpz location inside the chroot.
>>
>> Best regards,
>> -- George
>>
>> On 12/04/2021 16:41, Mark Abram via Unbound-users wrote:
>> > When all rpz zone files are located in unbound default dir
>> they work
>> > fine, however if I try to relocate them to a separate
>> location unbound fails
>> > with error: cannot open zonefile
>> /opt/share/rpz/rpz.urlhause.zone for
>> > rpz.urlhause.abuse.ch.zone.: No such file or directory
>> > The new directory is created with chown nobody /opt/share/rpz
>> and the
>> > files so indeed exists in that location.
>> > ls -l /opt/share/rpz Do I need to do anyhting else to get
>> these working
>> > ? I like to keep rpz files separate from unbound default
>> location.
>> >
>> > -rwxrwxrwx 1 admin root 441 Apr 11 22:24
>> rpz-refresh
>> > -rw-rw-rw- 1 admin root 769 Apr 11 22:18
>> rpz.block.hosts.zone
>> > -rw-rw-rw- 1 admin root 2847590 Apr 11 22:18
>> rpz.stevenblack.zone
>> > -rw-rw-rw- 1 admin root 707 Apr 11 22:18
>> rpz.trend.micro.zone
>> > -rw-rw-rw- 1 admin root 125804 Apr 11 22:18
>> rpz.urlhause.zone
>> > -rw-rw-rw- 1 admin root 629 Apr 11 22:24
>> unbound.conf.rpz
>> >
>> >
>> > Mark
>> >
>>
More information about the Unbound-users
mailing list