Thanks, guys! I'm running chroot on /etc/unbound. I followed this guide to compile unbound on my machine: https://pastebin.com/UUjss5aY Some initial values there made use of /etc/unbound instead of /var/log/unbound so after I compiled unbound-1.13.0, I changed the paths to point to /var/log/unbound
The log file user is set to unbound with write permissions, but seems it's not aware of its location (?) The *unbound-checkconf* command is failing as well. It feels like the solution is not complicated, yet I'm unsure how to fix it or if I should try to compile all over again. I'd rather try to fix it, if it's ok to ask for such type of help over this thread. *pi@raspberrypi:/etc/unbound $* grep chroot unbound.conf *chroot*: "/etc/unbound" *pi@raspberrypi:/etc/unbound $* ls -l /var/log/unbound/unbound.log -rw-r--r-- 1 unbound unbound 5553 Oct 21 00:16 /var/log/unbound/unbound.log *pi@raspberrypi:/etc/unbound $* unbound-checkconf /etc/unbound/var/log/unbound: *No such file or directory* [1609510296] unbound-checkconf[2288:0] *fatal error*: logfile directory does not exist *pi@raspberrypi:/etc/unbound $* sudo systemctl status unbound ● unbound.service - Unbound DNS resolver Loaded: loaded (/lib/systemd/system/unbound.service; enabled; vendor preset: enabled) *Active: active* (running) since Sat 2021-01-02 00:46:44 AEDT; 25min ago Process: 457 ExecStartPre=/usr/sbin/unbound-anchor -r /etc/unbound/root.hints -a /etc/unbound/root.key (code=exited, status=0/SUCCESS) Main PID: 483 (unbound) Tasks: 1 (limit: 2063) CGroup: /system.slice/unbound.service └─483 /usr/sbin/unbound -c /etc/unbound/unbound.conf -d Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 199.7.83.42 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 198.41.0.4 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 199.7.91.13 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 198.97.190.53 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 199.7.91.13 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 193.0.14.129 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 199.7.91.13 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 192.33.4.12 port 53 Jan 02 00:46:49 raspberrypi unbound[483]: [1609508809] unbound[483:0] error: udp connect failed: Network is unreachable for 192.58.128.30 port 53 Jan 02 00:46:50 raspberrypi unbound[483]: [1609508810] unbound[483:0] info: generate keytag query _ta-4f66. NULL IN *pi@raspberrypi:/etc/unbound $* sudo lsof -i :53 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME pihole-FT 829 pihole 4u IPv4 27749 0t0 UDP *:domain pihole-FT 829 pihole 5u IPv4 27750 0t0 TCP *:domain (LISTEN) pihole-FT 829 pihole 6u IPv6 27751 0t0 UDP *:domain pihole-FT 829 pihole 7u IPv6 27752 0t0 TCP *:domain (LISTEN) On Sat, 2 Jan 2021 at 01:05, Jaap Akkerhuis <j...@nlnetlabs.nl> wrote: > Joe Abley via Unbound-users writes: > > > > > > On Jan 1, 2021, at 14:15, Gil Levy via Unbound-users < > unbound-users@lists.nlnetlabs.nl> wrote: > > > > >> Are you running unbound in a chroot(8)? > > > I don't know how to check that. > > > > man chroot > > > > for a better description of what chroot does, and how the > interpretation of > > absolute pathnames differs inside and outside the chroot namespace. > > > > man man > > > > if you're unfamiliar with how manual pages are organised. If you don't > have > > manual pages installed and can't add them as a package, it should not > be hard > > to find collections of manual pages for your particular distribution > if you > > search for them. > > > > grep chroot unbound.conf > > For a running unbound, do > > unbound-control get_option chroot > > to get the value it is using. > > > seems like a reasonable place to start to find configuration options in > your > > environment that relate to chroot. You might also refer to the unbound > > documentation to understand the defaults and the specific meaning of > individual > > parameters. > > Especially take notice what > > man unbound.conf > > tells you about the interaction between chroot and absolute path names. > > > > > Another common error is to try and write log files to places where the > process > > generating them does not have the necessary permissions. Determine the > > user that unbound is running as and check the permissions in the > filesystem. > > Or the directories are missing after the chroot took place... > > jaap > >