Unfortunately I still get this errors in NSD 4.1.26 on Debian Buster 10.2:
1) Log file:
> error: Cannot open /var/log/nsd.log for appending (Permission denied), logging to std
When it se the owner of nsd.log to root:root, I don't get an error message on start. However, after this start, NSD will change the owner to nsd:nsd and on the next start I will get this error message.
2) PID file:
> warning: failed to unlink pidfile /run/nsd/nsd.pid: Permission denied
It seems that NSD needs a PID file, because if I change pidfile: "/run/nsd/nsd.pid" to pidfile: "" I get:
> error: cannot open pidfile : No such file or directory
> error: cannot overwrite the pidfile : No such file or directory
From: JoséLuis Artuch <zenbaka...@speedy.com.ar>
Sent: Tuesday, 26. Nov 2019 – 01:03 CET +0100
To: Kaulkwappe <kaulkwa...@prvy.eu>
nsd-users@NLnetLabs.nl
Subject: Re: [nsd-users] Permission error after upgrade to Debian Buster (10.2)
Hi Kaulkwappe, El lun, 25-11-2019 a las 01:34 +0100, Kaulkwappe escribió: > > [...] I'd double check if it's indeed effective with "systemctl > show nsd | grep ReadWritePaths" > > Seems to be effective: > > # systemctl show nsd | grep ReadWritePaths > > ReadWritePaths=/var/lib/nsd /var/log /etc/nsd /run > > The problem with the log file will never stop the NSD service from > working (I believe) but the log file is quite important, so, of > course, NSD should be able to append to it. > > Does anyone already had this problem after an upgrade? > > Kind Regards, > Kaulkwappe >
My knowledge on this subject is very limited, but since you ask I give you my recent experience. I have also upgraded from Debian 9 to Debian 10, two ways, starting from Debian 9 and also from scratch. In both cases I have not got NSD to write the log file. I have tested changes of permissions and/or routes. However, I have not had problems with the start of NSD, but I clarify that I use NSD with a very elementary configuration and without /var/lib/nsd/zone.list defined. A cordial greeting. José Luis > > From: Simon Deziel <si...@sdeziel.info> > Sent: Monday, 25. Nov 2019 – 01:26 CET +0100 > To: nsd-users@NLnetLabs.nl > > Subject: Re: [nsd-users] Permission error after upgrade to Debian > Buster (10.2) > > On 2019-11-24 6:10 p.m., Kaulkwappe wrote: > > Hi Simon, > > > > > I would have expect a permission error instead of a "read-only" > one. It > > > looks as if /var/log was not properly added to be ReadWritePaths > set. > > > > That is what I have used: > > > ReadWritePaths=/var/lib/nsd /var/log /etc/nsd /run > > Not sure what would explain the read-only error then. I'd double > check > if it's indeed effective with "systemctl show nsd | grep > ReadWritePaths" > > > > This unlink failure is expected and AFAICT harmless. > > It should be harmless, but it doesn't look nice. I would consider > this as a bug. > > Agreed. Interestingly, unbound accepts "-p" to skip managing its own > PID. If nsd could get this, it would be handy when managing the > daemon > with systemd. > > > > I believe that xfrd.state should be owned by nsd:nsd as the > daemon needs > > > to write to that file. > > After changing the owner to nsd:nsd I believe this problem is > fixed. Thanks! > > Glad to hear that! > > Regards, > Simon > _______________________________________________ > nsd-users mailing list > nsd-users@NLnetLabs.nl > https://open.nlnetlabs.nl/mailman/listinfo/nsd-users > _______________________________________________ > nsd-users mailing list > nsd-users@NLnetLabs.nl > https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
_______________________________________________ nsd-users mailing list nsd-users@NLnetLabs.nl https://open.nlnetlabs.nl/mailman/listinfo/nsd-users
