New Unbound User - Need help opening Port 53.
Yorgos Thessalonikefs
yorgos at nlnetlabs.nl
Wed Sep 10 11:03:12 UTC 2025
Hi Arnold,
This is because Unbound is *started* as the "unbound" user.
Port 53 needs elevated privileges to open.
I would start Unbound as root in your case, unbound will drop root
privileges at startup right after when not needed anymore (after reading
certain files and opening ports for example) and it will change to the
configured 'username:' user.
The default value of username is "unbound" if you haven't provided
another one during compilation.
The value "" in the configuration file means that Unbound will continue
to operate as the startup user; in your case root but I believe you
don't want that.
Best regards,
-- Yorgos
On 10/09/2025 01:54, Arnold via Unbound-users wrote:
> Hello all. I am new to Unbound. I have it installed on Ubuntu Server
> 22.04 LTS, and I'm attempting to run it, but am having problems getting
> it to run. The primary error I get now is that it attempts to open a
> udp4 circuit on Port 53, but craps out, saying it cannot open the port.
> This, even after I disabled systemd-resolverd, etc., and I ensured
> nothing else was attempting to open the port. The following are my
> support and config files, as well as logs on what happens when i try to
> run it.
>
>
> 1) My standard Unbound Config file - Attachment #1.
>
> 2) Log file: "*Systemctl Status systemd-resolved*" command and result
> - Attachment#2
>
> 3) Result of "*ufw status*" command before starting Unbound - Attachment#3
>
> 4) *Netstat -tulnp | grep :53* result - showing that port 53 is not
> open. Attachment#4 -
>
> 5) Actual command to execute *unbound* and the resultant log/error
> messages - Attachment#5
>
>
> Some Notes:
>
> 1) In my test terminal window, I am logged in as "root." I use "sudo -u
> unbound" before running the command so it runs as "unbound" and not
> "root," since most of the files it needs to access are owned by unbound
> and not root. But I wonder if that might be a factor in the process not
> being able to open port 53.
>
> 2) I do not use localhost (127.0.0.1) in the "interface" command of the
> config file. I use the machine's assigned local IP (197.185.29.10). But
> I do recall switching to the hard IP(127.0.0.1) and it made no
> difference. The port did not open. And I also "allow" it in my access-
> control statements.
>
> 3) All stub resolvers including systemd-resolved are disabled.
>
> 4) It is an older version of Unbound (1.13.1) I know 1.23.1 is current.
> Might the older version be an issue? My packae manager didn't have the
> most recent version. Only this one.If this is a concern, where can I get
> the updated pkg? I currently do not have "make" etc. installed so I
> can't build it at present.
>
> 5) I set "*chroot = "" *" if that means anything.
>
>
> Hopefully, this is enough to get the discussion going. I appreciate any
> assistance offered. If you need further info, please let me know and
> I'll produce it.
>
>
> Thanks very much.
>
> Regards,
>
> Arnold.
>
>
>
>
>
>
More information about the Unbound-users
mailing list