> On Jun 16, 2015, at 7:55 AM, Paul Wouters <[email protected]> wrote: > > On Tue, 16 Jun 2015, Jarno Huuskonen wrote: > >>> Unbound seems to be running normally, and appears to be answer all queries >>> normally. It is version 1.4.20 on CentOS 7. >> >> Are you running with selinux enabled ? >> >> Check selinux audit log (/var/log/audit/audit.log), denied ports might be >> logged there. Or try with something like this in unbound.conf: >> outgoing-port-avoid: 8953 >> outgoing-port-avoid: 5546 >> >> (I think I got selinux denied for (at least) these two ports). > > the fedora config ships with: > > outgoing-port-permit: 32768-65535 > outgoing-port-avoid: 0-32767 > > I see the rhel7 build is missing those lines. I will file a bug report > for RHEL7. >
I don’t know what else is using those ports of my server (or blocking access to these ports), but adding that config to unbound.conf has eliminated the “Permission denied” errors that I was seeing. Also, any idea what the closest-to-official way to upgrade a RHEL7-like system to Unbound 1.5.x is? Tom _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
