Hello, I got bitten by a problem where NSD would not start and looks very similar to what it’s reported here. Since I found a way to make it work without fiddling with systemd I felt like reporting back.
In my case, using Debian 11, the service starts correctly when freshly installed. The problem presents itself when using dynamic zones, specifically when the file /var/lib/nsd/zone.list comes into existence. Usually created automatically when using something like this `nsd-control addzone example.com example`. After this the service won’t start with a 'permission denied’ to read the zone.list file. This file gets created with owner nsd and group nsd. What needs to be done is change the ownership of this file to root:root and everything works. Even adding new zones work and the ownership of the file remains root:root. The cause for this could apparently be that the service initially starts as root and then drops to nsd. Not too sure about the cause though. This was discussed here[1]. A definitive solution could be that the package creates that file with the correct ownership “root:root” and no content. Also, please let me know if anyone see any possible problems with this fix. Thanks. [1]: https://www.mail-archive.com/nsd-users@nlnetlabs.nl/msg00078.html
