Problem with pidfile and permission...

Unbound unbound at tacomawireless.net
Tue Jan 4 20:37:57 UTC 2022 

On 2022-01-04 07:57, Dimitri via Unbound-users wrote:
> Thanks for your answers.
You're welcome. :-)
> 
>> is it enough to:
>> 
>> % cd /test/unbound
>> % sudo chown -Rh unbound:unbound .
>> 
>> Then try to start it again?
> 
> Unfortunately no. Like i wrote in my question, the installation folder is 
> already
> owned by the user "test_unbound" wich also set in the config.
> 
>> FWIW all the systems I run that create pidfiles, either put them in
>> 
>> /var/run
>> 
>> or
>> 
>> /tmp
> 
> If i use this directories the error turns to "Read-only file system".
> I already thought, that the permission-error is not a "real" permission 
> thing, but
> a specific option in the service-file which is unlikely causing the 
> restriction.
> 
> That also confirms by the fact that if i manually start with "sudo 
> sbin/unbound -d
> -vvvv" the output is:
> 
> ===================================
> [1641309759] unbound[10544:0] notice: Start of unbound 1.14.0.
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: chdir to /test/unbound
> [1641309759] unbound[10544:0] debug: chroot to /test/unbound
> [1641309759] unbound[10544:0] debug: drop user privileges, run as 
> test_unbound
> [1641309759] unbound[10544:0] debug: switching log to /test/unbound/log.log
> ===================================
> 
> while the output (systemctl status unbound) from the start via the 
> service-file is:
> 
> ===================================
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug:
> creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug:
> creating udp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug:
> creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug:
> creating udp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug:
> creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] error:
> cannot open pidfile /test/unbound/unbound.pid: Permission denied
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: 
> chdir
> to /test/unbound
> ===================================
I'm going out on a limb here, as I'm running unbound on *BSD systems. But 
after you
encounter the failure here. What permissions does /test/unbound/ && /test/ 
have?
IOW does the unbound user own them? Is /test/unbound/unbound.pid owned by the
unbound user? The answer to these questions should help you narrow the 
systemd
setup. Last, but not least (I know this may sound stupid) the unbound user 
was
created, right? Has the necessary perms? Sorry. Just trying to cover all the
bases. :-)

Good luck! :-)

-- Chris
> 
> I shall look what exactly each of the options in the service-file means...

More information about the Unbound-users mailing list