My config is: remote-control: control-enable: yes control-interface: /var/run/unbound.ctl
The socket created, but then, unbound can't properly change the owner to unbound:unbound. Feb 21 13:08:21 linux-agent systemd[1]: Starting Unbound DNS server... Feb 21 13:08:22 linux-agent unbound[6486]: [1519214902] unbound[6486:0] error: cannot chown 114.125 /var/run/unbound.ctl: Operation not permitted If the apparmor profile is changed to allow chown, it raise a second issue which is that unbound can't properly set permissions on the socket: Feb 21 13:10:37 linux-agent audit[6788]: AVC apparmor="DENIED" operation="capable" profile="/usr/sbin/unbound" pid=6788 comm="unbound" capability=3 capname="fowner" -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1749931 Title: unbound-control local socket broken by apparmor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1749931/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs