Problem with pidfile and permission...
tito
farmatito at tiscali.it
Tue Jan 4 22:14:04 UTC 2022
On Tue, 04 Jan 2022 15:57:41 +0000
Dimitri via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
> Thanks for your answers.
>
> > is it enough to:
> >
> > % cd /test/unbound
> > % sudo chown -Rh unbound:unbound .
> >
> > Then try to start it again?
>
> Unfortunately no. Like i wrote in my question, the installation folder is already owned by the user "test_unbound" wich also set in the config.
>
> > FWIW all the systems I run that create pidfiles, either put them in
> >
> > /var/run
> >
> > or
> >
> > /tmp
>
> If i use this directories the error turns to "Read-only file system".
> I already thought, that the permission-error is not a "real" permission thing, but a specific option in the service-file which is unlikely causing the restriction.
>
> That also confirms by the fact that if i manually start with "sudo sbin/unbound -d -vvvv" the output is:
>
> ===================================
> [1641309759] unbound[10544:0] notice: Start of unbound 1.14.0.
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating udp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: creating tcp4 socket 127.0.0.1 53
> [1641309759] unbound[10544:0] debug: chdir to /test/unbound
> [1641309759] unbound[10544:0] debug: chroot to /test/unbound
> [1641309759] unbound[10544:0] debug: drop user privileges, run as test_unbound
> [1641309759] unbound[10544:0] debug: switching log to /test/unbound/log.log
> ===================================
>
> while the output (systemctl status unbound) from the start via the service-file is:
>
> ===================================
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating udp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating udp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: creating tcp4 socket 127.0.0.1 53
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] error: cannot open pidfile /test/unbound/unbound.pid: Permission denied
> Jan 04 16:23:42 dimitri unbound[10556]: [1641309822] unbound[10556:0] debug: chdir to /test/unbound
> ===================================
>
> I shall look what exactly each of the options in the service-file means...
Hi,
do you use apparmor? if yes check the paths in the apparmor unbound profile file.
Ciao,
Tito
More information about the Unbound-users
mailing list