I've added two patches to the debian package of unbound.
https://salsa.debian.org/dns-team/unbound/-/blob/master/debian/patches/do-not-chown-control-socket.patch This one only does chgrp of the control socket (instead of full chown). https://salsa.debian.org/dns-team/unbound/-/blob/master/debian/patches/do-not-look-at-pidfile.patch This one removes a lot of code to check for the pid in the pid file and to chown the pidfile. Looks like a nice cleanup, and makes unbound behave in a way similar to other daemons. What do you think? /mjt
