Public bug reported: What happens?
Vanilla install of 20.04, installed bind9 fresh out of the box. Error in summary prevents named from listening on port 53 to service requests. What's expected to happen? named should bind to port 53 to service requests. lsb_release -rd Description: Ubuntu 20.04 LTS Release: 20.04 apt-cache policy bind9 bind9: Installed: 1:9.16.1-0ubuntu2.2 Candidate: 1:9.16.1-0ubuntu2.2 Version table: *** 1:9.16.1-0ubuntu2.2 500 500 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 500 http://us.archive.ubuntu.com/ubuntu focal-security/main amd64 Packages 100 /var/lib/dpkg/status 1:9.16.1-0ubuntu2 500 500 http://us.archive.ubuntu.com/ubuntu focal/main amd64 Packages Relevant log snippet: ----- Jun 29 23:58:29 backupcore named[704]: adjusted limit on open files from 524288 to 1048576 Jun 29 23:58:29 backupcore named[704]: found 4 CPUs, using 4 worker threads Jun 29 23:58:29 backupcore named[704]: using 4 UDP listeners per interface Jun 29 23:58:29 backupcore named[704]: using up to 21000 sockets Jun 29 23:58:29 backupcore named[704]: loading configuration from '/etc/bind/named.conf' Jun 29 23:58:29 backupcore named[704]: /etc/bind/named.conf:21: option 'dnssec-enable' is obsolete and should be removed Jun 29 23:58:29 backupcore named[704]: unable to open '/etc/named.iscdlv.key'; using built-in keys instead Jun 29 23:58:29 backupcore named[704]: looking for GeoIP2 databases in '/usr/share/GeoIP' Jun 29 23:58:29 backupcore named[704]: using default UDP/IPv4 port range: [32768, 60999] Jun 29 23:58:29 backupcore named[704]: using default UDP/IPv6 port range: [32768, 60999] Jun 29 23:58:29 backupcore named[704]: listening on IPv4 interface lo, 127.0.0.1#53 Jun 29 23:58:29 backupcore named[704]: listening on IPv4 interface enp3s0, 10.0.0.6#53 Jun 29 23:58:29 backupcore named[704]: listening on IPv6 interface lo, ::1#53 Jun 29 23:58:29 backupcore named[704]: unable to set effective uid to 0: Operation not permitted Jun 29 23:58:29 backupcore named[704]: generating session key for dynamic DNS Jun 29 23:58:29 backupcore named[704]: unable to set effective uid to 0: Operation not permitted Jun 29 23:58:29 backupcore named[704]: sizing zone task pool based on 7 zones Jun 29 23:58:29 backupcore named[704]: none:100: 'max-cache-size 90%' - setting to 14251MB (out of 15835MB) Jun 29 23:58:29 backupcore named[704]: set up managed keys zone for view _default, file '/var/cache/bind/dynamic/managed-keys.bind' Jun 29 23:58:29 backupcore named[704]: none:100: 'max-cache-size 90%' - setting to 14251MB (out of 15835MB) Jun 29 23:58:29 backupcore named[704]: configuring command channel from '/etc/bind/rndc.key' Jun 29 23:58:30 backupcore named[704]: command channel listening on 127.0.0.1#953 Jun 29 23:58:30 backupcore named[704]: configuring command channel from '/etc/bind/rndc.key' Jun 29 23:58:30 backupcore named[704]: command channel listening on ::1#953 ---- I've tried this on two fresh installs of 20.04. Doesn't happen in previous releases. Recompiled from source with --disable-linux-caps, and the issue goes away, but I'm pretty sure that disabling capabilities isn't a good idea for security reasons. Happy to test any upstream versions/PPAs, if needed. I disabled AppArmor, SELinux, and capabilities, and still had the same issue. ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1886528 Title: BIND9: unable to set effective uid to 0: Operation not permitted To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1886528/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs