Public bug reported: Immediately after installing Unbound, it starts up normally. However, if you try to restart it afterwards (without changing anything), it fails with the following error message:
Aug 25 10:41:26 ubuntu unbound[6650]: /etc/unbound/unbound.conf:10: error: cannot open include file '/etc/unbound/unbound.conf.d/*.conf': No such file or directory Aug 25 10:41:26 ubuntu unbound[6650]: read /etc/unbound/unbound.conf failed: 1 errors in configuration file Aug 25 10:41:26 ubuntu unbound[6650]: [1566729686] unbound[6650:0] fatal error: Could not read config file: /etc/unbound/unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf There *are* files matching the above glob pattern, however: root@ubuntu:~# echo /etc/unbound/unbound.conf.d/*.conf /etc/unbound/unbound.conf.d/qname-minimisation.conf /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf unbound-checkconf, on the other hand, determines the configuration to be fine: root@ubuntu:~# unbound-checkconf unbound-checkconf: no errors in /etc/unbound/unbound.conf In the kernel log I can see that AppArmor is the probable culprit: Aug 25 10:41:26 ubuntu kernel: audit: type=1400 audit(1566729686.377:239): apparmor="DENIED" operation="open" profile="/usr/sbin/unbound" name="/upper/etc/unbound/unbound.conf.d/" pid=6650 comm="unbound" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Steps to reproduce: 1. Download ubuntu-19.04-desktop-amd64.iso from https://ubuntu.com/download/desktop 2. Boot the downloaded ISO file in a virtual machine 3. Start gnome-terminal 4. sudo -i 5. apt-add-repository universe 6. apt -y install unbound 7. systemctl status unbound # verify that it is runnning 8. systemctl restart unbound 9. systemctl status unbound # verify that it failed to start 10. journalctl -kn1 # display AppArmor error message ** Affects: unbound (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1841364 Title: AppArmor breaks the default Unbound installation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1841364/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
