My config is:
remote-control:
control-enable: yes
control-interface: /var/run/unbound.ctl
The socket created, but then, unbound can't properly change the owner to
unbound:unbound.
Feb 21 13:08:21 linux-agent systemd[1]: Starting Unbound DNS server...
Feb 21 13:08:22 linux-agent unbound[6486]: [1519214902] unbound[6486:0] error:
cannot chown 114.125 /var/run/unbound.ctl: Operation not permitted
If the apparmor profile is changed to allow chown, it raise a second issue
which is that unbound can't properly set permissions on the socket:
Feb 21 13:10:37 linux-agent audit[6788]: AVC apparmor="DENIED"
operation="capable" profile="/usr/sbin/unbound" pid=6788 comm="unbound"
capability=3 capname="fowner"
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1749931
Title:
unbound-control local socket broken by apparmor
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1749931/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
